projectunderstood.com Open in urlscan Pro
2606:4700:3031::6815:3e65 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://projectunderstood.com/
Effective URL:
https://projectunderstood.com/
Submission Tags: falconsandbox
Submission: On December 30 via api (December 30th 2021, 4:36:56 am UTC) from US — Scanned from DE

Summary HTTP 254 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 38 IPs in 8 countries across 30 domains to perform 254 HTTP transactions. The main IP is 2606:4700:3031::6815:3e65, located in United States and belongs to CLOUDFLARENET, US. The main domain is projectunderstood.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 28th 2021. Valid for: a year.

This is the only time projectunderstood.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 13	2606:4700:303... 2606:4700:3031::6815:3e65	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	151.101.1.195 151.101.1.195	54113 (FASTLY) (FASTLY)
1	188.166.135.13 188.166.135.13	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
8	45.133.44.25 45.133.44.25	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2	2600:9000:21f... 2600:9000:21f3:fa00:11:a4de:2580:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	88.212.201.204 88.212.201.204	39134 (UNITEDNET) (UNITEDNET)
2 2	2a01:4f8:252:... 2a01:4f8:252:564d::2	24940 (HETZNER-AS) (HETZNER-AS)
1 1	2a02:128:7:47... 2a02:128:7:4715::2	50245 (SERVEREL-AS) (SERVEREL-AS)
16	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
3 9	2a02:6b8::1:119 2a02:6b8::1:119	208722 (YNDX) (YNDX)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
33	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
1 7	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
3	185.29.134.245 185.29.134.245	30419 (MEDIAMATH...) (MEDIAMATH-INC)
6	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	138.201.64.38 138.201.64.38	24940 (HETZNER-AS) (HETZNER-AS)
1	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1 4	78.46.23.46 78.46.23.46	24940 (HETZNER-AS) (HETZNER-AS)
20	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1 2	52.48.8.1 52.48.8.1	16509 (AMAZON-02) (AMAZON-02)
1 4	54.171.159.234 54.171.159.234	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
2 4	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
2 4	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	37.252.172.45 37.252.172.45	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
3	37.157.3.30 37.157.3.30	198622 (ADFORM) (ADFORM)
5	2600:9000:21f... 2600:9000:21f3:8600:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
24	35.84.213.94 35.84.213.94	16509 (AMAZON-02) (AMAZON-02)
15	37.157.5.71 37.157.5.71	198622 (ADFORM) (ADFORM)
1	172.217.18.102 172.217.18.102	15169 (GOOGLE) (GOOGLE)
28	2a00:1450:400... 2a00:1450:4001:828::2006	15169 (GOOGLE) (GOOGLE)
2	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
254	38

13 2606:4700:3031::6815:3e65 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

projectunderstood.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.1.195 (United States)

ASN54113 (FASTLY, US)

cdn.zx-adnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.166.135.13 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

net17.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 45.133.44.25 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

js.wpadmngr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
na.nawpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
1fb86913c3.7c4d60156c.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.wpushsdk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.cabnnr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.1vag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:21f3:fa00:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)

get.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.204 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host204.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a01:4f8:252:564d::2 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)

rtbbnr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:128:7:4715::2 (Czech Republic) 1 redirects

ASN50245 (SERVEREL-AS, NL)

btds.zog.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN208722 (YNDX, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.134.245 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)

tags.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.64.38 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.38.64.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 78.46.23.46 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.46.23.46.78.clients.your-server.de

hal900023.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.48.8.1 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-8-1.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.171.159.234 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-159-234.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.226 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.172.45 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.3.30 (Denmark)

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:21f3:8600:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 35.84.213.94 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-84-213-94.us-west-2.compute.amazonaws.com

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 37.157.5.71 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.102 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f102.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
51	googlesyndication.com ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	296 KB
35	adsafeprotected.com 2 redirects fw.adsafeprotected.com pixel.adsafeprotected.com static.adsafeprotected.com dt.adsafeprotected.com	232 KB
28	2mdn.net s0.2mdn.net	3 MB
26	doubleclick.net 2 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net ad.doubleclick.net googleads4.g.doubleclick.net	294 KB
20	ampproject.org cdn.ampproject.org	407 KB
18	adform.net track.adform.net s1.adform.net	211 KB
13	projectunderstood.com 1 redirects projectunderstood.com	150 KB
12	gstatic.com www.gstatic.com fonts.gstatic.com	186 KB
9	yandex.ru 3 redirects mc.yandex.ru	2 KB
8	google.com 1 redirects adservice.google.com www.google.com	2 KB
7	googleapis.com fonts.googleapis.com ajax.googleapis.com	36 KB
6	googletagservices.com www.googletagservices.com	157 KB
6	zx-adnet.com cdn.zx-adnet.com	132 KB
5	redintelligence.net 1 redirects hal9000.redintelligence.net hal900023.redintelligence.net	10 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com	5 KB
4	mathtag.com tags.mathtag.com pixel.mathtag.com	3 KB
3	wpadmngr.com js.wpadmngr.com	29 KB
2	adnxs.com 2 redirects ib.adnxs.com	2 KB
2	rtbbnr.com 2 redirects rtbbnr.com	1 KB
2	yadro.ru 1 redirects counter.yadro.ru	1 KB
2	optad360.io get.optad360.io	550 KB
1	google.co.uk adservice.google.co.uk	792 B
1	jsdelivr.net cdn.jsdelivr.net	1 KB
1	1vag.com cdn.1vag.com	334 B
1	zog.link 1 redirects btds.zog.link	222 B
1	cabnnr.com js.cabnnr.com	10 KB
1	wpushsdk.com js.wpushsdk.com	5 KB
1	7c4d60156c.com 1fb86913c3.7c4d60156c.com	199 B
1	nawpush.com na.nawpush.com	556 B
1	net17.biz net17.biz	20 KB
254	30

	Domain	Requested by
33	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com projectunderstood.com googleads.g.doubleclick.net cdn.ampproject.org
28	s0.2mdn.net	projectunderstood.com s0.2mdn.net
24	dt.adsafeprotected.com	ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com
20	cdn.ampproject.org	securepubads.g.doubleclick.net
16	securepubads.g.doubleclick.net	get.optad360.io securepubads.g.doubleclick.net projectunderstood.com
15	s1.adform.net	track.adform.net s1.adform.net projectunderstood.com
14	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com ad.doubleclick.net www.googletagservices.com
13	projectunderstood.com	1 redirects projectunderstood.com
9	fonts.gstatic.com	fonts.googleapis.com
9	mc.yandex.ru	3 redirects projectunderstood.com
7	www.google.com	1 redirects tpc.googlesyndication.com ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com projectunderstood.com
6	fonts.googleapis.com	ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com securepubads.g.doubleclick.net
6	www.googletagservices.com	cdn.zx-adnet.com ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com fw.adsafeprotected.com
6	cdn.zx-adnet.com	projectunderstood.com cdn.zx-adnet.com
5	static.adsafeprotected.com	ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com pixel.adsafeprotected.com
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	2 redirects googleads.g.doubleclick.net
4	pixel.adsafeprotected.com	1 redirects ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com
4	hal900023.redintelligence.net	1 redirects ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com hal900023.redintelligence.net
4	ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	track.adform.net	hal900023.redintelligence.net s1.adform.net
3	googleads.g.doubleclick.net	ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com projectunderstood.com
3	www.gstatic.com	ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com
3	tags.mathtag.com	ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com tags.mathtag.com
3	js.wpadmngr.com	projectunderstood.com js.wpadmngr.com
2	googleads4.g.doubleclick.net	projectunderstood.com
2	ib.adnxs.com	2 redirects
2	fw.adsafeprotected.com	1 redirects ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com
2	rtbbnr.com	2 redirects
2	counter.yadro.ru	1 redirects projectunderstood.com
2	get.optad360.io	projectunderstood.com get.optad360.io
1	ad.doubleclick.net	www.googletagservices.com
1	ajax.googleapis.com	hal900023.redintelligence.net
1	pixel.mathtag.com	tags.mathtag.com
1	hal9000.redintelligence.net	projectunderstood.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.co.uk	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	get.optad360.io
1	cdn.1vag.com	js.cabnnr.com
1	btds.zog.link	1 redirects
1	js.cabnnr.com	js.wpadmngr.com
1	js.wpushsdk.com	js.wpadmngr.com
1	1fb86913c3.7c4d60156c.com	js.wpadmngr.com
1	na.nawpush.com	js.wpadmngr.com
1	net17.biz	projectunderstood.com
254	45

This site contains links to these domains. Also see Links.

Domain
th.projectunderstood.com
id.projectunderstood.com
ja.projectunderstood.com
ko.projectunderstood.com
ar.projectunderstood.com
tr.projectunderstood.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-28` - `2022-09-27`	a year	crt.sh
micuenta.kioscodeseguros.com GTS CA 1D4	`2021-11-11` - `2022-02-09`	3 months	crt.sh
net17.biz R3	`2021-11-10` - `2022-02-08`	3 months	crt.sh
js.wpadmngr.com R3	`2021-11-18` - `2022-02-16`	3 months	crt.sh
*.optad360.io Amazon	`2021-11-17` - `2022-12-15`	a year	crt.sh
na.nawpush.com R3	`2021-12-12` - `2022-03-12`	3 months	crt.sh
1fb86913c3.7c4d60156c.com R3	`2021-12-21` - `2022-03-21`	3 months	crt.sh
js.wpushsdk.com R3	`2021-11-18` - `2022-02-16`	3 months	crt.sh
js.cabnnr.com R3	`2021-12-28` - `2022-03-28`	3 months	crt.sh
cdn.1vag.com R3	`2021-12-02` - `2022-03-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2021-12-22` - `2022-06-03`	5 months	crt.sh
*.google.co.uk GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.mathtag.com DigiCert SHA2 Secure Server CA	`2020-04-15` - `2022-04-22`	2 years	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
redintelligence.net R3	`2021-12-21` - `2022-03-21`	3 months	crt.sh
pixel.mathtag.com DigiCert SHA2 Secure Server CA	`2021-06-29` - `2022-07-07`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2021-08-11` - `2022-09-09`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
static.adsafeprotected.com Amazon	`2021-09-05` - `2022-10-04`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2021-11-19` - `2022-12-18`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh

This page contains 22 frames:

Primary Page: https://projectunderstood.com/
Frame ID: D7B14FFF7522E641D385C99541C27B38
Requests: 54 HTTP requests in this frame

Frame: https://cdn.1vag.com/1x1.png
Frame ID: A6E4348796ECA18DFB72241757D64C65
Requests: 1 HTTP requests in this frame

Frame: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A5FD4EBF455E5DF99B05B63DA54EDF02
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 231EF49975C5FB28335E725EEB5E934E
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BEB7129676DEEE8DDA1F0BE00349948F
Requests: 2 HTTP requests in this frame

Frame: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 23BA470BBCE84368B2DCA60C3A00D399
Requests: 14 HTTP requests in this frame

Frame: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2F276B277568E4507F5FAC2C7412B108
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 1057DCBD36D638D3D6E87B3F659BCA3B
Requests: 7 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Frame ID: D4255957D6281FE9C38E4E9BDFD09875
Requests: 16 HTTP requests in this frame

Frame: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A8ED5135AD442FFB27AB896741D2F321
Requests: 48 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRDwoIKyAhiG8qy9ATAB&v=APEucNVegZ8p2HVZnkswcv3K7CYgzLZIZYSV-KkwRZ3jm19QMQ7vvNPnewTMrCPzGfjA1b6kaMXv90t8zr2ZafPeWSJ4FqG1z7sT3wWmfuVd5B8ufeJtpiyR_Yy023BHGsOIGPFM_g4gMndeKRtDDqAqdzh7fKnJk3CgVYsl5NFwimdD-Usdr0qAyGjXGkJ2vMcBcRVqk_raFdE6c7QW2IoZMfFnAHnGRJArxGUixfFzKgWfk--1Z-tRZD0YuO1DbnK04k0rfnw2d2Vmk-ZzWzVyUJ-XxY1AesdhSUYckPts8nzcwRk_Jg3lMlBhtpNqDOUG9FD0_ypKrl5Hdfokr2vYHqvptc0AA9ZXvsZ747JaCujF7IChoxpt0D7GHmQXqN0HIOKVUyjcwYH1UiIgmS0R4wEFftQQcIzBPr-iygYl3AVHbKrZITn8RsD9Nwz3LeAB6DDgPZl2iuSoageHXn0idnvtFZn69cXkfl6hdeA5oDbkCE6KDxFy619GMZ2864ZerBhnnbGXPeESNGCVd9OzObIqJXQ_0sYnS0xmt5xz4ePQecV4YrxRWD4VJ6n2TfMoKXLIIDsdJbV2xlJvZwaAUXBuqG2GgMnw6To6BxXBW6ymXcLEGeBrylBjKHEh7t86c-_HIpmuYmNiN1rHXS3OMlipgEBDibRAXilwO9czw8LG928IC_aphObbKNghIFMbJr8en71H5-vcY36BCPcAFf_WUEZZxS9psQG7eXgV5BUQ8ivvRz4Dmzvk3umKJiJIftbGxSEJngjVDwEVRgNxHKYOlGUH-CGNq_PAhaF7aYPQCnQ42iN3cDxY78W3rLVqRK9sE_IFryTLBQConbyU9Q6QARRE77bpMc2AyG0Z9ABjKw_BINwNQtIh1jtmQ5gu2smafgZ8-915t9FE8Ng9d_HoiI6D54yeXzCWR7-lO_oOBm_WbqbvZOIs36AxMx54NqcR8_vIAHJ7un1owgzbGoU5_WWWPUyhfb91Q9FE6_cCzeahc8giTEYkFYGQq5z_STX4vNo2C3MELSz8L0QPZCJud9xozg
Frame ID: D657E10F3E3FBDF36E86E7168C429394
Requests: 5 HTTP requests in this frame

Frame: https://hal900023.redintelligence.net/request_content.php?s=77805400025506903912182011824023&a=b0d5eb9b
Frame ID: CDF539704F8B5A1DDB7E99D86DCF6B7A
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8260A7E07D381CCF2C119208A9DC9E17
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 791BDBF6FBB45C450E0828C23E3C1A63
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Frame ID: 9E689FF6380364E5B723BDF085E803A8
Requests: 17 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Frame ID: 7B198681236C80EE28AE42D224D83DF0
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 607D7BAA23F933B378FA4C0DF74587CE
Requests: 3 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Frame ID: EAD21B1994231A07B5DB991788E181DD
Requests: 18 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/index.html
Frame ID: A0D34079C2A33DF654D20CCC53FA6E1F
Requests: 27 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/169192/10676334/10676334.js?ADFassetID=10676334&bv=516
Frame ID: A5B9AB18AB97F2EF19B276AF74BBA1BF
Requests: 13 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 8D10B4A13D0E6653BC8FFA416D720A2B
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 25F9FDD2B1BE01BE3516D09E2BC2DABF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Arahan untuk menggunakan OS Windows

Page URL History Show full URLs

http://projectunderstood.com/ HTTP 301
https://projectunderstood.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

254
Requests

96 %
HTTPS

53 %
IPv6

30
Domains

45
Subdomains

38
IPs

8
Countries

5719 kB
Transfer

9833 kB
Size

26
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://th.projectunderstood.com/

Search URL Search Domain Scan URL

URL: https://id.projectunderstood.com/

Search URL Search Domain Scan URL

URL: https://ja.projectunderstood.com/

Search URL Search Domain Scan URL

URL: https://ko.projectunderstood.com/

Search URL Search Domain Scan URL

URL: https://ar.projectunderstood.com/

Search URL Search Domain Scan URL

URL: https://tr.projectunderstood.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://projectunderstood.com/ HTTP 301
https://projectunderstood.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//projectunderstood.com/;0.15416903488873301 HTTP 302
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//projectunderstood.com/;0.15416903488873301

Request Chain 25

https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxNjk1LCJzcGFjZWlkIjoxNjk1LCJpZHpvbmUiOm51bGwsImFkX3RhZ3MiOiIiLCJsYWJlbHMiOiI0LDUsNiw3LDgsOSwyNiw0Niw0Nyw1NCw1NSw2MSIsInRpdGxlIjoiIiwic3ViaWQiOiIxMzMzNDk2Mzc5IiwidXRtMSI6IiIsInV0bTIiOiIiLCJ1dG00IjoiIiwic3BvdF9pZCI6MTAyODF9LCJiYW5uZXIiOnsidyI6MSwiaCI6MX19XSwic2l0ZSI6eyJpZCI6IjEwMjgxIiwicGFnZSI6Imh0dHBzOi8vcHJvamVjdHVuZGVyc3Rvb2QuY29tLyJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiI3NWY2N2QwMjBhNmMyYzQ1NjFkMWNhNDY3MDM0NWIwYSJ9LCJleHQiOnsiZHQiOjE2NDA4MzkwMDkzNzJ9fQ== HTTP 302
https://rtbbnr.com/banner/in/show/?mid=1145552238&pid=0&site=10281&sc=GB&usage_type=DCH&subid=1333496379&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=projectunderstood.com&hostname=auc-banner-hz-10&site_id=0&spot_id=10281&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&burl=&pop_winurl=&ip=2a0f:9441:11:0:18a::1&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&min_cpm=0&ttl=&space_id=1695&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D10281%26source%3D1333496379%26idzone%3D0%26w%3D1%26h%3D1%26mo%3D%26ve%3D%26site_id%3D10281%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26ad_tags%3D%26spot_id%3D10281%26p%3Dhttps%253A%252F%252Fprojectunderstood.com%252F%26tds_labels%3D4%2C5%2C6%2C7%2C8%2C9%2C26%2C46%2C47%2C54%2C55%2C61 HTTP 302
https://btds.zog.link/in/912/?sid=10281&source=1333496379&idzone=0&w=1&h=1&mo=&ve=&site_id=10281&utm1=&utm2=&utm3=&utm4=&ad_tags=&spot_id=10281&p=https%3A%2F%2Fprojectunderstood.com%2F&tds_labels=4,5,6,7,8,9,26,46,47,54,55,61 HTTP 302
https://cdn.1vag.com/1x1.png

Request Chain 36

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22BRMSL%22:{%22projectunderstood.com%22:{%22https://projectunderstood.com/%22:%22%22}}}&r=0.18986654803592273 HTTP 302
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22BRMSL%22%3A%7B%22projectunderstood.com%22%3A%7B%22https%3A%2F%2Fprojectunderstood.com%2F%22%3A%22%22%7D%7D%7D&r=0.18986654803592273

Request Chain 38

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22BRMSL%22:{%22projectunderstood.com%22:{%22https://projectunderstood.com/%22:%22%22}}}&r=0.2974961165994294 HTTP 302
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22BRMSL%22%3A%7B%22projectunderstood.com%22%3A%7B%22https%3A%2F%2Fprojectunderstood.com%2F%22%3A%22%22%7D%7D%7D&r=0.2974961165994294

Request Chain 40

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22BRMSL%22:{%22projectunderstood.com%22:{%22https://projectunderstood.com/%22:%22%22}}}&r=0.5043213227728451 HTTP 302
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22BRMSL%22%3A%7B%22projectunderstood.com%22%3A%7B%22https%3A%2F%2Fprojectunderstood.com%2F%22%3A%22%22%7D%7D%7D&r=0.5043213227728451

Request Chain 82

https://hal900023.redintelligence.net/request.php?zone=0waha4ezfhrk&nw=20&renderingType=javascript&namespace=cc61818fac&subid=&uid=3979aa2c0cd5dd37&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=CPSBCnUPSBCnUAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D1625795488878178178%26mt_id%3D9696044%26mt_adid%3D226589%26mt_sid%3D9968202%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D1abf61cd-3762-4501-93df-5ca03cfde111%26mt_cid%3D1abf61cd-3762-4501-93df-5ca03cfde111%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCzOjAYjfNYenvB5eI9u8PpNequAPPh46bXMCG2YLGAsCNtwEQASAAYLsGggEXY2EtcHViLTU1MTIzOTA3MDUxMzc1MDfIAQngAgCoAwGqBJgCT9C7BX7UVmAs8uUFwXguEL5Yam8HkQNc_7ZdpjgWAGOVvhApLrkf9iNaA_1j9gAGbaEishhedhjDAVyLh6pyFM-j7PdsVbGImJso4zTrE7Qqou97TsIir-JxNNv8lIC9Ej17dK6RoG7k5xEm3aS3ls0_BqS19-xIo-ayy5NTWRLobhUMFh11XH6dyUYhFfP2FTnwS02Ckhjb2D_TXJgPo4kgrn7P9Rp-PkGcFU6q1BHb085zXzfA6FW_CFk1YwgYZZqvetSlFycXf6Xxr9vhaj4T0E1uBVNh7c-mr8cRR11J2lQkVRFhUdo2ozDMp-M9tbAUFAB7_5xa5BvjO1e5bS5EcF_jLBWmluLaNCCbu5C1nbq-OixbhuAEAYAG-5SAodn857m4AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB8ggbYWR4LXN1YnN5bi05MTYxODYzNjg1ODI2OTU2-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_302jurs5N9L_q4PrxkugoA9vkHKg%2526client%253Dca-pub-5512390705137507%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fprojectunderstood.com%2F&ancestorOrigins=https%3A%2F%2Fprojectunderstood.com&random=8613578762670&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900023.redintelligence.net/request.php?zone=0waha4ezfhrk&nw=20&renderingType=javascript&namespace=cc61818fac&subid=&uid=3979aa2c0cd5dd37&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=CPSBCnUPSBCnUAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D1625795488878178178%26mt_id%3D9696044%26mt_adid%3D226589%26mt_sid%3D9968202%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D1abf61cd-3762-4501-93df-5ca03cfde111%26mt_cid%3D1abf61cd-3762-4501-93df-5ca03cfde111%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCzOjAYjfNYenvB5eI9u8PpNequAPPh46bXMCG2YLGAsCNtwEQASAAYLsGggEXY2EtcHViLTU1MTIzOTA3MDUxMzc1MDfIAQngAgCoAwGqBJgCT9C7BX7UVmAs8uUFwXguEL5Yam8HkQNc_7ZdpjgWAGOVvhApLrkf9iNaA_1j9gAGbaEishhedhjDAVyLh6pyFM-j7PdsVbGImJso4zTrE7Qqou97TsIir-JxNNv8lIC9Ej17dK6RoG7k5xEm3aS3ls0_BqS19-xIo-ayy5NTWRLobhUMFh11XH6dyUYhFfP2FTnwS02Ckhjb2D_TXJgPo4kgrn7P9Rp-PkGcFU6q1BHb085zXzfA6FW_CFk1YwgYZZqvetSlFycXf6Xxr9vhaj4T0E1uBVNh7c-mr8cRR11J2lQkVRFhUdo2ozDMp-M9tbAUFAB7_5xa5BvjO1e5bS5EcF_jLBWmluLaNCCbu5C1nbq-OixbhuAEAYAG-5SAodn857m4AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB8ggbYWR4LXN1YnN5bi05MTYxODYzNjg1ODI2OTU2-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_302jurs5N9L_q4PrxkugoA9vkHKg%2526client%253Dca-pub-5512390705137507%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fprojectunderstood.com%2F&ancestorOrigins=https%3A%2F%2Fprojectunderstood.com&random=8613578762670&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 111

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=1&gdpr_consent=CPSBCnUPSBCnUAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&addtl_consent=1~440.1842.1364.494.415.1878.2572.839.1889.1810.66.253.864.1033.1051.1558.587.1651.2575.2985.817.3154.2072.1716.540.495.1365.1419.1570.272.574.326.1577.2109.2253.2357.1721.1415.491.2526.2202.311.2299.196.2677.1591.149.167.2177.70.1127.449.1276.1929.1186.938.733.323.981.1301.1211.93.1765.89.1290.3052.1031.1092.1725.486.1205.867.1870.2571.317.162.482.1230.1097.1712.2316.338.2628.1201.259.241.108.144.122.1449.1564.2373.1215.780 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPS4u6oE_r-R3ZtLDFJ2dtg&google_cver=1&gdpr=1&gdpr_consent=CPSBCnUPSBCnUAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&addtl_consent=1~440.1842.1364.494.415.1878.2572.839.1889.1810.66.253.864.1033.1051.1558.587.1651.2575.2985.817.3154.2072.1716.540.495.1365.1419.1570.272.574.326.1577.2109.2253.2357.1721.1415.491.2526.2202.311.2299.196.2677.1591.149.167.2177.70.1127.449.1276.1929.1186.938.733.323.981.1301.1211.93.1765.89.1290.3052.1031.1092.1725.486.1205.867.1870.2571.317.162.482.1230.1097.1712.2316.338.2628.1201.259.241.108.144.122.1449.1564.2373.1215.780

Request Chain 112

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=1&gdpr_consent=CPSBCnUPSBCnUAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&addtl_consent=1~440.1842.1364.494.415.1878.2572.839.1889.1810.66.253.864.1033.1051.1558.587.1651.2575.2985.817.3154.2072.1716.540.495.1365.1419.1570.272.574.326.1577.2109.2253.2357.1721.1415.491.2526.2202.311.2299.196.2677.1591.149.167.2177.70.1127.449.1276.1929.1186.938.733.323.981.1301.1211.93.1765.89.1290.3052.1031.1092.1725.486.1205.867.1870.2571.317.162.482.1230.1097.1712.2316.338.2628.1201.259.241.108.144.122.1449.1564.2373.1215.780&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?addtl_consent=1~440.1842.1364.494.415.1878.2572.839.1889.1810.66.253.864.1033.1051.1558.587.1651.2575.2985.817.3154.2072.1716.540.495.1365.1419.1570.272.574.326.1577.2109.2253.2357.1721.1415.491.2526.2202.311.2299.196.2677.1591.149.167.2177.70.1127.449.1276.1929.1186.938.733.323.981.1301.1211.93.1765.89.1290.3052.1031.1092.1725.486.1205.867.1870.2571.317.162.482.1230.1097.1712.2316.338.2628.1201.259.241.108.144.122.1449.1564.2373.1215.780&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgdpr%3D1%26gdpr_consent%3DCPSBCnUPSBCnUAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA%26google_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=1&gdpr_consent=CPSBCnUPSBCnUAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&gdpr_consent=CPSBCnUPSBCnUAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yc03YjmKekv0kOBO4lerowAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPS4u6oE_r-R3ZtLDFJ2dtg&google_cver=1&gdpr=1&gdpr_consent=CPSBCnUPSBCnUAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA

Request Chain 114

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQyMjI1ODI4MTY1NDY5MzA3Mw%3D%3D

Request Chain 123

https://fw.adsafeprotected.com/rfw/www.googletagservices.com/902386/59097919/dcm/dcmads.js?adsafe_url=https%3A%2F%2Fprojectunderstood.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Febfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Febfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:173b4baf-54c4-d7a2-b141-1c085c3aad7b,c:yfEuhG,sl:outOfView,em:true,fr:false,thd:1,mn:app11ie,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,nbld:0,mtim:2,fm:sT33gQi+11%7C12%7C13%7C141%7C151%7C16%7C17*.902386-59097919%7C171%7C172,fm2:sT33gQi+11%7C12%7C13%7C141%7C151%7C16%7C17*.902386-59097919%7C171%7C172,idMap:17*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:14,oid:1b378908-692a-11ec-866f-024bf4a6d028,v:19.8.273,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://www.googletagservices.com/dcm/dcmads.js

Request Chain 163

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 193

https://pixel.adsafeprotected.com/rfw/st/653659/59025458/skeleton.js?ias_dspID=64&adsafe_url=https%3A%2F%2Fprojectunderstood.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Febfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Febfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:28599334-6963-d251-e015-0cd417415093,c:yfEupH,sl:na,em:true,fr:false,thd:1,mn:app13ie,rg:ie,pt:1-5-15,br:c,abv:na,an:n,oam:0,nbld:0,mtim:197,fm:sT33gVb+11%7C12%7C13%7C1411%7C151%7C16%7C17*.653659-59025458%7C171%7C172%7C173%7C174%7C175%7C18%7C19%7C1a,idMap:17*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,tt:rjss,et:209,oid:1b378963-692a-11ec-aa9b-062810ec67f6,v:19.8.273,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js

254 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
projectunderstood.com/
Redirect Chain

http://projectunderstood.com/
https://projectunderstood.com/

32 KB
9 KB

50ms
32ms

Document
text/html

2606:4700:3031::6815:3e65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://projectunderstood.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:3e65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.0.13
Resource Hash: f005872aa18c6c8c2ddd3661b18fafdf7563ad1121ce4575cbb4bd14bea74c1d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Thu, 30 Dec 2021 04:36:49 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/8.0.13
access-control-allow-origin: *
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gj%2BLYcAZKEglUxIc95QeXxgH%2BywkbVZruiVa2zDOyCZWzo3ZY6OQCf9l7UMyZ31SDqXFQeJm%2B%2FtYP2eCQMOeS0PwlEJnVwE5hn1fMd6Du0648g9PuxR8tM%2FFw79feMONQeqRg5O3WKQk7K3yq1AuvokamM4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6c5891be5e954e6d-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Thu, 30 Dec 2021 04:36:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 30 Dec 2021 05:36:48 GMT
Location: https://projectunderstood.com/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ul98psdHWm5r7omv98OCjw%2BhSgKEMdB8mYf1BBh4lP6mb8Hc9x36xjXnWJdDB4V1%2FIrzYJpwaxt02R0AVNfKdCV2edxGzEi7cWBN4KxsqkSnZ3%2F1gmjLaYEemciCSjR5zaWfijz1loIqHnsRp19YPPIDPH8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6c5891be2956c2ea-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 brmsl_19102402.js Show response
cdn.zx-adnet.com/adx/ 145 KB
19 KB 210ms
189ms Script
text/javascript 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/adx/brmsl_19102402.js

Requested by

Host: projectunderstood.com
URL: https://projectunderstood.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

03e3b76234e2e05ac7d5eb68ecb863f4bc4f28206a0d347ce1ac5bf9f2154216

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Thu, 30 Dec 2021 04:36:16 GMT
x-timer: S1640839009.092879,VS0,VE183
etag: "3da7bdbf130cef546e62019fb1176182c7576039bcab024eb292c1ce968f38d0-br"
x-served-by: cache-fra19168-FRA
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600,public
date: Thu, 30 Dec 2021 04:36:49 GMT
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive
content-length: 19679
x-cache-hits: 0

GET
H2 200 / Show response
net17.biz/ 20 KB
20 KB 54ms
16ms Script
application/javascript 188.166.135.13
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://net17.biz/?pu=hbsggmjrge5ha3ddf4ztkobw

Requested by

Host: projectunderstood.com
URL: https://projectunderstood.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.135.13 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

03d5bdd9993410ae3e636c450ef15a72237bb0899c2b92ef379847a1dca2f5e2

Security Headers

Name	Value
Content-Security-Policy	img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 30 Dec 2021 04:36:49 GMT
server: nginx
content-security-policy: img-src https: data:; upgrade-insecure-requests
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=UTF-8

GET
H2 200 adManager.js Show response
js.wpadmngr.com/static/ 451 B
598 B 33ms
6ms Script
application/javascript 45.133.44.25
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpadmngr.com/static/adManager.js
Requested by: Host: projectunderstood.com
URL: https://projectunderstood.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.25 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 2f499c632d806f66b96dda6cbd4cac0363d331885476a8ac1d9e8ac60954d720

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 04:36:49 GMT
content-encoding: gzip
last-modified: Wed, 13 Oct 2021 09:03:43 GMT
server: nginx/1.18.0
etag: W/"6166a0ef-1c3"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Thu, 30 Dec 2021 05:36:49 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

GET
H3 200 wp-emoji-release.min.js Show response
projectunderstood.com/wp-content/themes/basic/js/ 14 KB
5 KB 29ms
29ms Script
application/javascript 2606:4700:3031::6815:3e65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://projectunderstood.com/wp-content/themes/basic/js/wp-emoji-release.min.js
Requested by: Host: projectunderstood.com
URL: https://projectunderstood.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:3e65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 04:36:49 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 28 Sep 2020 14:38:00 GMT
server: cloudflare
etag: W/"37a6-5b0609cf1e200"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BH01prAdH25wQLTuWRjn1WxUKyA7OEKcev6OUi82ACtKBOGHnL2QpUP6uH5Ta%2FAlP4D5U4Psv%2B%2BhWjH7oZcYmcAzykZ1k7HD43GFby4ew4qtiIU75t41XCWDKC9NbBGrzdJNl7EvBEujJDfFbtu757KySXQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6c5891bf0e8c5c74-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 style.min.css
projectunderstood.com/wp-content/themes/basic/css/ 59 KB
9 KB 36ms
34ms Stylesheet
text/css 2606:4700:3031::6815:3e65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://projectunderstood.com/wp-content/themes/basic/css/style.min.css
Requested by: Host: projectunderstood.com
URL: https://projectunderstood.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:3e65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94f2f09efe1f39eb579729aad1ef06f35cdc4376c9c3ce45316fc735c4ad2e05

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 04:36:49 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Fri, 02 Oct 2020 15:57:00 GMT
server: cloudflare
etag: W/"ebfa-5b0b22ed60b00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KEPxN1dDn7jF%2BLVlkcGZIT9t9fPxsfTwv8MRBoAsRb2EeUpfZPEgwtmoQ6K8gBH0D8d8LBJGFmaK3%2FhFBFgutSgvkdiDZyKs8QHa%2Fh7uaERrm2LczTvGp2VT%2BbBBmqJuz2%2FvD2SLK6lGoK3vrRi9WVPg9Vg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6c5891bebeeb4e6d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 css.css
projectunderstood.com/wp-content/themes/basic/css/ 10 KB
1 KB 29ms
27ms Stylesheet
text/css 2606:4700:3031::6815:3e65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://projectunderstood.com/wp-content/themes/basic/css/css.css
Requested by: Host: projectunderstood.com
URL: https://projectunderstood.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:3e65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6a1d72ce09ab03a2e8085c37683f627e0242d1549f5c413730edd75486a85e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 04:36:49 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Fri, 02 Oct 2020 15:56:00 GMT
server: cloudflare
etag: W/"2942-5b0b22b428400"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XIPrHX3pUw8rzT4nwz2RSBuhq7nr7gp3aHe%2FRQWI1H873q75uH2C8qkgt9Sp%2BvutCxfMmNTUER5eg6c%2BVb6qxljW74AXpQ23A4z%2BBSoPOENFL542O0pQT4ezFF3UI259y09zUGQuXiHtaWPznj1TgX%2FLnlM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6c5891bebeec4e6d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 style.css
projectunderstood.com/wp-content/themes/basic/css/ 56 KB
26 KB 31ms
30ms Stylesheet
text/css 2606:4700:3031::6815:3e65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://projectunderstood.com/wp-content/themes/basic/css/style.css
Requested by: Host: projectunderstood.com
URL: https://projectunderstood.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:3e65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfc3639783b53cb6fac8067a01bef53d2f1d98eb83089c2ef7f1805a8a360521

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 04:36:49 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 28 Sep 2020 15:14:00 GMT
server: cloudflare
etag: W/"dfd3-5b0611db0de00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zpZw26NvewtBmF4RuFgbai3YX4sMwGr5SSCUFGLKpU7Eaupv7AzZv%2B2jBj1jt3KE2Y1FOzPOuJ4bptXrFStgJ%2Fv26I0unjQJYJm2X4WZ2E5zrzcNwClsr10FOG2oYBU6JPs5mGN7STIWKXbgykHV%2BMh030w%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6c5891bebeed4e6d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 jquery.js Show response
projectunderstood.com/wp-content/themes/basic/js/ 95 KB
34 KB 37ms
36ms Script
application/javascript 2606:4700:3031::6815:3e65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://projectunderstood.com/wp-content/themes/basic/js/jquery.js
Requested by: Host: projectunderstood.com
URL: https://projectunderstood.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:3e65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 04:36:49 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 28 Sep 2020 14:38:00 GMT
server: cloudflare
etag: W/"17a69-5b0609cf1e200"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gicfQNwPGkZ8zu9Q6FvgaPd6wwEzB0hr%2BSAe%2Fw6YvlbyihbZnP38qwPcuD%2FU74jiU4D3Ex0oxNxfvQP15dnXquaaNkIutbbs%2FTSrkWI%2BD%2Bw%2FbHKKx65AoYBfHCw4vyc%2FeimqszCkYmIjReS89lCyFJ5VEf8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6c5891bebeee4e6d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 plugin.min.js Show response
get.optad360.io/sf/1dfd585c-f546-4b07-a88b-b1ae5aa10171/ 377 KB
89 KB 290ms
252ms Script
application/javascript 2600:9000:21f3:fa00:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/1dfd585c-f546-4b07-a88b-b1ae5aa10171/plugin.min.js
Requested by: Host: projectunderstood.com
URL: https://projectunderstood.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:fa00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d5e093905310d1fe66bdbc3625cb484a9404b0c13d1ba1c42439152900a9d43e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 04:36:50 GMT
content-encoding: gzip
last-modified: Mon, 25 Oct 2021 13:12:51 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: W/"91b453dbf6114c1bc40401a000e7e5b4"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
via: 1.1 2afacc6ad96dbba3f0b477cd95f16459.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-amz-cf-id: EOQ4asUy1b3ufQ9gknGLYIwn_ZeKApmGfIbeUDen-5e6dT1AgVF5nw==

GET
H2 200 functions.js Show response
projectunderstood.com/wp-content/themes/basic/js/ 1 KB
903 B 29ms
28ms Script
application/javascript 2606:4700:3031::6815:3e65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://projectunderstood.com/wp-content/themes/basic/js/functions.js
Requested by: Host: projectunderstood.com
URL: https://projectunderstood.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:3e65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee5d738d637e6ae6e5f7683fa41aadc91e1b9ff9e722d474f2192c66dc955925

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 04:36:49 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 28 Sep 2020 14:38:00 GMT
server: cloudflare
etag: W/"52b-5b0609cf1e200"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cZlOxQLsMPE9vj%2B%2ByCdgcTKTKCJ8z%2FLJz046lc2KPqOb7Uyxl9U4X32hpnfG%2BeX06ryJVPwqP6eSXHtE4Mrtu63r3H79THftySL2%2B1PaNy1KvxK59O26Vj4iYEuHk4KY58mq6Cm8cFBD4RFqGpZy9KMmlAA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6c5891bebeef4e6d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 wp-embed.min.js Show response
projectunderstood.com/wp-content/themes/basic/js/ 1 KB
1 KB 41ms
39ms Script
application/javascript 2606:4700:3031::6815:3e65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://projectunderstood.com/wp-content/themes/basic/js/wp-embed.min.js
Requested by: Host: projectunderstood.com
URL: https://projectunderstood.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:3e65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 04:36:49 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 28 Sep 2020 14:38:00 GMT
server: cloudflare
etag: W/"59a-5b0609cf1e200"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wyhv18C62Dx1CC%2B%2Bkhd5oyPWgT%2BOduwkfHbs%2BGLSQxGvTDn%2B%2Bb9JZw8A%2B6%2Ba7rjvGcUZ9cyU7ZrGZ1HMxkx%2B%2FSLqRvkSWsxMxxhWYSd0K38ONMprJIPK9lHgTc5ZN0kT3dDkfJG8JLPba2QxKDApnLCd5Q8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6c5891bebef04e6d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 lazysizes.min.js Show response
projectunderstood.com/wp-content/themes/basic/js/ 7 KB
3 KB 36ms
35ms Script
application/javascript 2606:4700:3031::6815:3e65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://projectunderstood.com/wp-content/themes/basic/js/lazysizes.min.js
Requested by: Host: projectunderstood.com
URL: https://projectunderstood.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:3e65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1245c1a072bf0abcdebec57d0cbcd07268ebbfb0f67a0a30d8221a786c0537cb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 04:36:49 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 18 Feb 2020 22:00:00 GMT
server: cloudflare
etag: W/"1a80-59ee0cb0c5800"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EjQcZwQsmOFz3ujDyuYXoT2VWVzMqmLhzK0kKWpdxt0RfpIRreelNbbbC8LnSj1BY91%2FxZpJgVjJq0ZxoCmLSK%2BEHyoN6oFzRvnCD5PaMeZiDzC%2FUG637n23751ApuHLjfHb6gVQq5%2BHi9jpawXkscMuVQw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6c5891bebef14e6d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 cookies_gdpr.js Show response
cdn.zx-adnet.com/consent/ 34 KB
10 KB 143ms
143ms Script
text/javascript 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/consent/cookies_gdpr.js?0.9655802204588726

Requested by

Host: projectunderstood.com
URL: https://projectunderstood.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6723ea2989d5cf57335b26d5bd0bcc52feffab866915b917c4cdcae672c99a2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Thu, 30 Dec 2021 04:36:16 GMT
x-timer: S1640839009.129986,VS0,VE137
etag: "e816600dd00bd96b1fef78362730b72e57d5bac88839b4da007d48db85d79519-br"
x-served-by: cache-fra19168-FRA
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
cache-control: no-cache
date: Thu, 30 Dec 2021 04:36:49 GMT
accept-ranges: bytes
x-cache-hits: 0

GET
DATA 200
OK truncated
/ 19 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ae2b3292ce4d22938259dd7e2d411ef3e498276837fbcc0475af40237b608f1f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 EJRSQgYoZZY2vCFuvAnt66qSVys.woff2
projectunderstood.com/wp-content/themes/basic/css/ 29 KB
29 KB 44ms
44ms Font
application/octet-stream 2606:4700:3031::6815:3e65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://projectunderstood.com/wp-content/themes/basic/css/EJRSQgYoZZY2vCFuvAnt66qSVys.woff2
Requested by: Host: projectunderstood.com
URL: https://projectunderstood.com/wp-content/themes/basic/css/css.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:3e65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e548abcd8734bfcf8b4ebbbca1af98f9e8ae1e0ff884c0971f29498a4fc108f4

Request headers

Referer: https://projectunderstood.com/wp-content/themes/basic/css/css.css
Origin: https://projectunderstood.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 04:36:49 GMT
cf-cache-status: MISS
last-modified: Mon, 28 Sep 2020 14:38:00 GMT
server: cloudflare
etag: "72d8-5b0609cf1e200"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dS%2Fk9IBRM3sYkGVqy%2FBIaXG4VPiOKnQ%2FOzqBs95oWD1kX4eKSyQjVW%2FyJjGeSi3w4hq1WMJCo7ubCtUCPnWRf40pyGknkxX84DJjwaUbSjO7Oq0%2BoQib6JaBQmioyFXqu6zTxyDfymJmXUQF0T58j4IJAIY%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6c5891bf1e9d5c74-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 29400

GET
H3 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
projectunderstood.com/wp-content/themes/basic/css/ 14 KB
15 KB 37ms
36ms Font
application/octet-stream 2606:4700:3031::6815:3e65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://projectunderstood.com/wp-content/themes/basic/css/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by: Host: projectunderstood.com
URL: https://projectunderstood.com/wp-content/themes/basic/css/css.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:3e65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52

Request headers

Referer: https://projectunderstood.com/wp-content/themes/basic/css/css.css
Origin: https://projectunderstood.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 04:36:49 GMT
cf-cache-status: MISS
last-modified: Mon, 28 Sep 2020 14:38:00 GMT
server: cloudflare
etag: "382c-5b0609cf1e200"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UtAzVxvb14EGk%2F8Ud1DugH6PUen6%2B3FFcET0ec9XpWprtMZ%2BpdLYSyM18BHMQ%2BexGnsNoMihfab7zaFD1ri3apJajkxgn0iJH7aGzb29VeoHtT4cI7FOm9s8jp0srx5z0qX2znz90XL5vowb9SwS7X9orcE%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6c5891bf1ea05c74-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 14380

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//projectunderstood.com/;0.15416903488873301
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//projectunderstood.com/;0.15416903488873301

43 B
528 B

42ms
41ms

Image
image/gif

88.212.201.204
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//projectunderstood.com/;0.15416903488873301

Requested by

Host: projectunderstood.com
URL: https://projectunderstood.com/

Protocol

HTTP/1.1

Server

88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host204.rax.ru

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 30 Dec 2021 04:37:04 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 29 Dec 2020 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 30 Dec 2021 04:37:04 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//projectunderstood.com/;0.15416903488873301
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Tue, 29 Dec 2020 21:00:00 GMT

GET
H2 200 adManager.m.js Show response
js.wpadmngr.com/static/ 76 KB
29 KB 19ms
6ms Script
application/javascript 45.133.44.25
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpadmngr.com/static/adManager.m.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.25 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 334cc3c08c0a394a62c65ceb78f997df7f3e660ddeeadf82544759c228cb896a

Request headers

Referer: https://projectunderstood.com/
Origin: https://projectunderstood.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 04:36:49 GMT
content-encoding: gzip
last-modified: Fri, 24 Dec 2021 06:57:04 GMT
server: nginx/1.18.0
etag: W/"61c56f40-131af"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Thu, 30 Dec 2021 05:36:49 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

GET
H2 200 5337 Show response
na.nawpush.com/tags/ 650 B
556 B 46ms
18ms XHR
application/json 45.133.44.25
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://na.nawpush.com/tags/5337
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.25 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 780f48ffed09823bfdf9e7b0ad94eede1a41eb20e2f04522784d595a68833512

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 30 Dec 2021 04:36:49 GMT
cache-control: max-age=300, public
content-type: application/json
server: nginx/1.18.0
content-encoding: gzip
x-proxy-cache: EXPIRED

GET
H2 200 wp-banners.js Show response
js.wpadmngr.com/npc/sdk/ 0
238 B 7ms
6ms Script
application/javascript 45.133.44.25
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpadmngr.com/npc/sdk/wp-banners.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.25 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 04:36:49 GMT
last-modified: Fri, 20 Aug 2021 15:14:31 GMT
server: nginx/1.18.0
etag: "611fc6d7-0"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Thu, 30 Dec 2021 05:36:49 GMT
cache-control: max-age=3600
accept-ranges: bytes
content-length: 0
x-proxy-cache: HIT

GET
H2 200 sdk.feda0fd8c5f2191f5c4b299585520859048f3705.js Show response
cdn.zx-adnet.com/consent/ 341 KB
66 KB 325ms
325ms Script
text/javascript 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/consent/sdk.feda0fd8c5f2191f5c4b299585520859048f3705.js

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/consent/cookies_gdpr.js?0.9655802204588726

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

04149c43558d59b2f0f2cc3f679979b915401ca5c94e833479ca9ea754db0b89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Thu, 30 Dec 2021 04:36:16 GMT
x-timer: S1640839009.301590,VS0,VE319
etag: "903d4e9708a69e8cc899413e10c8bd8c12ff0e8553c05df46fc83d843518567b-br"
x-served-by: cache-fra19168-FRA
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=315000
date: Thu, 30 Dec 2021 04:36:49 GMT
accept-ranges: bytes
content-length: 67057
x-cache-hits: 0

GET
H2 200 abs.js Show response
cdn.zx-adnet.com/adx/ 220 B
221 B 136ms
136ms Script
text/javascript 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/adx/abs.js?0.307232313945075

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/brmsl_19102402.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a2862c9e532e9e51ea7ca8d7c96bb602a74e31396f9c5be127dbea7c5adfc227

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Thu, 30 Dec 2021 04:36:16 GMT
x-timer: S1640839009.318191,VS0,VE130
etag: "5fef2687ef3b38d2357073d43abb64a2f46b34fce9295b7d515ee95b7d79cfdb-br"
x-served-by: cache-fra19168-FRA
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600,public
date: Thu, 30 Dec 2021 04:36:49 GMT
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive
content-length: 107
x-cache-hits: 0

GET
H2 200 track Show response
1fb86913c3.7c4d60156c.com/in/ 0
199 B 54ms
28ms XHR
text/plain 45.133.44.25
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://1fb86913c3.7c4d60156c.com/in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiI5NjMxODQxNDkxNDc1NDEwMDAwIiwidGltZXpvbmUiOjAsInZlciI6IjIuMTQuMCIsInRhZ19pZCI6NTMzNywic2NyZWVuX3Jlc29sdXRpb24iOiIxNjAweDEyMDAiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IkV0Yy9Vbmtub3duIiwidXRtX3NvdXJjZSI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fY29udGVudCI6IiIsIm1tIjowfQ==
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.25 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 04:36:49 GMT
server: nginx/1.18.0
vary: Origin
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: *
content-length: 0

GET
H2 200 csub.js Show response
js.wpushsdk.com/npc/sdk/wpu/ 13 KB
5 KB 28ms
6ms Script
application/javascript 45.133.44.25
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpushsdk.com/npc/sdk/wpu/csub.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.25 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: c91a75b4331f5f78cdb3b1264724d73a79d10c83d0bd186261a7f7a2b8d04f1e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 04:36:49 GMT
content-encoding: gzip
last-modified: Thu, 28 Oct 2021 14:05:52 GMT
server: nginx/1.18.0
etag: W/"617aae40-32b9"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Thu, 30 Dec 2021 05:36:49 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

GET
H2 200 build.m.js Show response
js.cabnnr.com/banner-admanager/ 25 KB
10 KB 30ms
8ms Script
application/javascript 45.133.44.25
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.cabnnr.com/banner-admanager/build.m.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.25 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e0b5a4c5a222720eb46c0effe46b2ed52f24f427d99227445011150b4b4b70db

Request headers

Referer: https://projectunderstood.com/
Origin: https://projectunderstood.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 04:36:49 GMT
content-encoding: gzip
last-modified: Tue, 28 Dec 2021 13:38:49 GMT
server: nginx/1.18.0
etag: W/"61cb1369-648a"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Thu, 30 Dec 2021 05:36:49 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

GET
H2

200

1x1.png Show response
cdn.1vag.com/ Frame A6E4
Redirect Chain

https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxNjk1LCJzcGFjZWlkIjoxNjk1LCJpZHpvbmUiOm51bGwsImFkX3RhZ3MiOiIiLCJsYWJlbHMiOiI0LDUsNiw3LDgsOSwyNiw0Niw0Nyw1NCw1NSw2MSIsInR...
https://rtbbnr.com/banner/in/show/?mid=1145552238&pid=0&site=10281&sc=GB&usage_type=DCH&subid=1333496379&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=pro...
https://btds.zog.link/in/912/?sid=10281&source=1333496379&idzone=0&w=1&h=1&mo=&ve=&site_id=10281&utm1=&utm2=&utm3=&utm4=&ad_tags=&spot_id=10281&p=https%3A%2F%2Fprojectunderstood.com%2F&tds_labels=4...
https://cdn.1vag.com/1x1.png

68 B
334 B

35ms
6ms

Document
image/png

45.133.44.25
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.1vag.com/1x1.png
Requested by: Host: js.cabnnr.com
URL: https://js.cabnnr.com/banner-admanager/build.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.25 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/

Response headers

date: Thu, 30 Dec 2021 04:36:49 GMT
content-type: image/png
content-length: 68
server: nginx/1.18.0
last-modified: Wed, 15 Apr 2020 13:30:15 GMT
etag: "5e970c67-44"
cache-control: max-age=3600
x-request-id: 66e2d04290d1bbfa49866f029ad5f6e5
expires: Thu, 30 Dec 2021 05:36:49 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes

Redirect headers

server: nginx/1.17.2
date: Thu, 30 Dec 2021 04:36:49 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://cdn.1vag.com/1x1.png
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
vary: *

GET
H2 200 checkabuse Show response
cdn.zx-adnet.com/ 56 B
371 B 196ms
196ms Script
text/html 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.zx-adnet.com/checkabuse?surl=https%3A%2F%2Fprojectunderstood.com%2F
Requested by: Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/abs.js?0.307232313945075
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 8601386271d3ba06c1135a092613135c5da90b3732a8196e4761faf4b1afdc69

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 04:36:49 GMT
content-encoding: gzip
x-cache: MISS
content-length: 65
x-served-by: cache-fra19168-FRA
x-fh-no-setcookie-unroll: true
server: Google Frontend
x-timer: S1640839009.462294,VS0,VE190
etag: W/"38-qno2VtKrKGrEkeWyGeNb55UMVvo"
vary: cookie,need-authorization, x-fh-requested-host, accept-encoding
content-type: text/html; charset=utf-8
x-cloud-trace-context: 4dda7f3bc0c9013ea301fa652feb157d
cache-control: max-age=3600,public
function-execution-id: 6xg7qyc8ayxd
accept-ranges: bytes
x-orig-accept-language: de-DE,de;q=0.9
x-country-code: DE
x-cache-hits: 0

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 78 KB
27 KB 50ms
15ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/1dfd585c-f546-4b07-a88b-b1ae5aa10171/plugin.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

2be99b99f418219be8ca7a986038e1a94c5df5b2c91a0c0d9ee35552fbb8fde8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 04:36:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1086 / 658 of 1000 / last-modified: 1639397097"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26915
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 30 Dec 2021 04:36:49 GMT

GET
H2 200 prebid5.14.0.js Show response
get.optad360.io/sf/ 460 KB
461 KB 8ms
8ms Script
application/javascript 2600:9000:21f3:fa00:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/prebid5.14.0.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/1dfd585c-f546-4b07-a88b-b1ae5aa10171/plugin.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:fa00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7109518959a6958168f639860050324f4f063fd1697f32677cf9d0180ab02453

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 14:57:40 GMT
via: 1.1 2afacc6ad96dbba3f0b477cd95f16459.cloudfront.net (CloudFront)
last-modified: Thu, 23 Sep 2021 07:59:54 GMT
server: AmazonS3
age: 4887550
etag: "6dd0a13bde35d2daa452bba998871016"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=360000000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 471445
x-amz-cf-id: CFk_zvCWCBPDeLOF3OjA0OTFMGZdeChiegLTGpuwD9WDbTZDR0f7YA==

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 30ms
14ms XHR
application/json 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20211230

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e464945c8fbe2d4e4c6ffa4521bfe712189c765442dd62aa39eea5d0ac2a456

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://projectunderstood.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 30 Dec 2021 04:36:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5737
x-jsd-version: 1.0.1206
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19164-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"698-A2u0q2lSln0umI6SawSrm/P+zQw"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6c5891c23bf72c0d-FRA

GET
H3 200 pubads_impl_2021120601.js Show response
securepubads.g.doubleclick.net/gpt/ 348 KB
117 KB 29ms
15ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 04:36:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119476
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 09:34:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 30 Dec 2021 04:36:49 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 100 B
115 B 30ms
16ms XHR
application/json 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=projectunderstood.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

fba46ebdcd1750405d9a0790654af7bc02727c6478d3ad596aa6ec0d55303a1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Dec 2021 04:36:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 90
x-xss-protection: 0
expires: Thu, 30 Dec 2021 04:36:49 GMT

GET
H2 200 ui-gdpr-en.feda0fd8c5f2191f5c4b299585520859048f3705.js Show response
cdn.zx-adnet.com/consent/ 230 KB
37 KB 190ms
190ms Script
text/javascript 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/consent/ui-gdpr-en.feda0fd8c5f2191f5c4b299585520859048f3705.js

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/consent/sdk.feda0fd8c5f2191f5c4b299585520859048f3705.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ff4b703a37dc11dbca28199ebaa29bfd85fb3793138fdc9bb2b952954d098b68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Thu, 30 Dec 2021 04:36:16 GMT
x-timer: S1640839010.722203,VS0,VE181
etag: "dad5947af947c84745a29032a526f3e68afd9ce38af7f41ee281defb94b29c84-br"
x-served-by: cache-fra19168-FRA
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=315000
date: Thu, 30 Dec 2021 04:36:49 GMT
accept-ranges: bytes
content-length: 37832
x-cache-hits: 0

GET
H3 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
projectunderstood.com/wp-content/themes/basic/css/ 15 KB
15 KB 41ms
40ms Font
application/octet-stream 2606:4700:3031::6815:3e65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://projectunderstood.com/wp-content/themes/basic/css/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
Requested by: Host: projectunderstood.com
URL: https://projectunderstood.com/wp-content/themes/basic/css/css.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:3e65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b

Request headers

Referer: https://projectunderstood.com/wp-content/themes/basic/css/css.css
Origin: https://projectunderstood.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 04:36:49 GMT
cf-cache-status: MISS
last-modified: Mon, 28 Sep 2020 14:38:00 GMT
server: cloudflare
etag: "3ad0-5b0609cf1e200"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2En82TBDxvG%2BX4xu2T2uTVFwJSQOTUPXhBCjdXlISNAKyXsnBpCWGYTR1kp9EYUEo%2FMST0CoS2vaccDH2%2FSL%2F4zyw6YPb2WuzPFxHP1xu5OLIcrmiCH%2BrgkFUxuGtjL%2BoUjIwl4WEGqwpejYhzfjzrguDyg%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6c5891c42d4c5c74-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 15056

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 78 KB
27 KB 52ms
15ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js?zx

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/brmsl_19102402.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2be99b99f418219be8ca7a986038e1a94c5df5b2c91a0c0d9ee35552fbb8fde8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 04:36:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1086 / 522 of 1000 / last-modified: 1639397097"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26915
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 30 Dec 2021 04:36:50 GMT

GET
H2 200 /
mc.yandex.ru/watch/55922638/BRMSL/ 43 B
71 B 99ms
33ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/55922638/BRMSL/?r=0.11611605550693982

Requested by

Host: projectunderstood.com
URL: https://projectunderstood.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 04:36:50 GMT
last-modified: Thu, 30-Dec-2021 04:36:50 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 30-Dec-2021 04:36:50 GMT

GET
H2

200

1
mc.yandex.ru/watch/53428543/
Redirect Chain

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22BRMSL%22:{%22projectunderstood.com%22:{%22https://projectunderstood.com/%22:%22%22}}}&r=0.18986654803592273
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22BRMSL%22%3A%7B%22projectunderstood.com%22%3A%7B%22https%3A%2F%2Fprojectunderstood.com%2F%22%3A%22%22%7D%7D%7D&r=0.18986654803592273

0
0

32ms
32ms

Image
application/json

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22BRMSL%22%3A%7B%22projectunderstood.com%22%3A%7B%22https%3A%2F%2Fprojectunderstood.com%2F%22%3A%22%22%7D%7D%7D&r=0.18986654803592273
Requested by: Host: projectunderstood.com
URL: https://projectunderstood.com/
Protocol: H2
Server: 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Thu, 30 Dec 2021 04:36:50 GMT
last-modified: Thu, 30-Dec-2021 04:36:50 GMT
strict-transport-security: max-age=31536000
location: /watch/53428543/1?wmode=7&site-info=%7B%22BRMSL%22%3A%7B%22projectunderstood.com%22%3A%7B%22https%3A%2F%2Fprojectunderstood.com%2F%22%3A%22%22%7D%7D%7D&r=0.18986654803592273
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Thu, 30-Dec-2021 04:36:50 GMT

GET
H2 200 /
mc.yandex.ru/watch/55922638/BRMSL/ 43 B
92 B 98ms
32ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/55922638/BRMSL/?r=0.08022926541517705

Requested by

Host: projectunderstood.com
URL: https://projectunderstood.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 04:36:50 GMT
last-modified: Thu, 30-Dec-2021 04:36:50 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 30-Dec-2021 04:36:50 GMT

GET
H2

200

1
mc.yandex.ru/watch/53428543/
Redirect Chain

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22BRMSL%22:{%22projectunderstood.com%22:{%22https://projectunderstood.com/%22:%22%22}}}&r=0.2974961165994294
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22BRMSL%22%3A%7B%22projectunderstood.com%22%3A%7B%22https%3A%2F%2Fprojectunderstood.com%2F%22%3A%22%22%7D%7D%7D&r=0.2974961165994294

0
0

33ms
33ms

Image
application/json

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22BRMSL%22%3A%7B%22projectunderstood.com%22%3A%7B%22https%3A%2F%2Fprojectunderstood.com%2F%22%3A%22%22%7D%7D%7D&r=0.2974961165994294
Requested by: Host: projectunderstood.com
URL: https://projectunderstood.com/
Protocol: H2
Server: 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Thu, 30 Dec 2021 04:36:50 GMT
last-modified: Thu, 30-Dec-2021 04:36:50 GMT
strict-transport-security: max-age=31536000
location: /watch/53428543/1?wmode=7&site-info=%7B%22BRMSL%22%3A%7B%22projectunderstood.com%22%3A%7B%22https%3A%2F%2Fprojectunderstood.com%2F%22%3A%22%22%7D%7D%7D&r=0.2974961165994294
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Thu, 30-Dec-2021 04:36:50 GMT

GET
H2 200 /
mc.yandex.ru/watch/55922638/BRMSL/ 43 B
71 B 98ms
33ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/55922638/BRMSL/?r=0.6335049093606273

Requested by

Host: projectunderstood.com
URL: https://projectunderstood.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 04:36:50 GMT
last-modified: Thu, 30-Dec-2021 04:36:50 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 30-Dec-2021 04:36:50 GMT

GET
H2

200

1
mc.yandex.ru/watch/53428543/
Redirect Chain

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22BRMSL%22:{%22projectunderstood.com%22:{%22https://projectunderstood.com/%22:%22%22}}}&r=0.5043213227728451
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22BRMSL%22%3A%7B%22projectunderstood.com%22%3A%7B%22https%3A%2F%2Fprojectunderstood.com%2F%22%3A%22%22%7D%7D%7D&r=0.5043213227728451

0
0

32ms
32ms

Image
application/json

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22BRMSL%22%3A%7B%22projectunderstood.com%22%3A%7B%22https%3A%2F%2Fprojectunderstood.com%2F%22%3A%22%22%7D%7D%7D&r=0.5043213227728451
Requested by: Host: projectunderstood.com
URL: https://projectunderstood.com/
Protocol: H2
Server: 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Thu, 30 Dec 2021 04:36:50 GMT
last-modified: Thu, 30-Dec-2021 04:36:50 GMT
strict-transport-security: max-age=31536000
location: /watch/53428543/1?wmode=7&site-info=%7B%22BRMSL%22%3A%7B%22projectunderstood.com%22%3A%7B%22https%3A%2F%2Fprojectunderstood.com%2F%22%3A%22%22%7D%7D%7D&r=0.5043213227728451
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Thu, 30-Dec-2021 04:36:50 GMT

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 38ms
16ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=projectunderstood.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Dec 2021 04:36:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 38ms
16ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=projectunderstood.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Dec 2021 04:36:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 20 KB
11 KB 566ms
565ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=515439732546233&correlator=235613263230090&output=ldjh&impl=fif&eid=31063821%2C31063899%2C44755509&vrg=2021120601&ptt=17&gdpr_consent=CPSBCnUPSBCnUAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&sc=1&sfv=1-0-38&ecs=20211230&iu_parts=121764058%2Cprojectunderstood.com_adi_W1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x600&cookie_enabled=1&bc=31&abxe=1&lmt=1640839010&dt=1640839010061&dlt=1640839009048&idt=721&frm=20&biw=1600&bih=1200&oid=2&adxs=1012&adys=259&adks=264302228&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fprojectunderstood.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=300x0&ga_vid=1521521750.1640839010&ga_sid=1640839010&ga_hid=1335337420&ga_fc=false&fws=128&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

6cbe7a8b19418c290bf5d7f403839bd93c3910e6a92e4cf26797e1718648ad17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 04:36:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11181
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://projectunderstood.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 48 KB
11 KB 1081ms
1081ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=515439732546233&correlator=235613263230090&output=ldjh&impl=fif&eid=31063821%2C31063899%2C44755509&vrg=2021120601&ptt=17&gdpr_consent=CPSBCnUPSBCnUAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&sc=1&sfv=1-0-38&ecs=20211230&iu_parts=121764058%2Cprojectunderstood.com_adi_ATF&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C970x250%7C970x300%7C728x90&cookie_enabled=1&bc=31&abxe=1&lmt=1640839010&dt=1640839010066&dlt=1640839009048&idt=721&frm=20&biw=1600&bih=1200&oid=2&adxs=315&adys=237&adks=2267234050&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fprojectunderstood.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=970x0&ga_vid=1521521750.1640839010&ga_sid=1640839010&ga_hid=1335337420&ga_fc=false&fws=128&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

af702b200aa27251a3f43ca216756d72c7c39a0be3ca45ba7c9d057ad32f3039

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 04:36:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11677
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://projectunderstood.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 49 KB
11 KB 837ms
836ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=515439732546233&correlator=235613263230090&output=ldjh&impl=fif&eid=31063821%2C31063899%2C44755509&vrg=2021120601&ptt=17&gdpr_consent=CPSBCnUPSBCnUAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&sc=1&sfv=1-0-38&ecs=20211230&iu_parts=121764058%2Cprojectunderstood.com_SF&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C750x100%7C970x90&cookie_enabled=1&bc=31&abxe=1&lmt=1640839010&dt=1640839010069&dlt=1640839009048&idt=721&frm=20&biw=1600&bih=1200&oid=2&adxs=436&adys=1200&adks=3976328544&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fprojectunderstood.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=728x-1&ga_vid=1521521750.1640839010&ga_sid=1640839010&ga_hid=1335337420&ga_fc=false&fws=640&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

08e4123ddee794a238bf477c8d38fb10c1db08845aecc81f72dbfd7a177ad76a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 04:36:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11743
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://projectunderstood.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 24 KB
10 KB 272ms
271ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=515439732546233&correlator=235613263230090&output=ldjh&impl=fif&eid=31063821%2C31063899%2C44755509&vrg=2021120601&ptt=17&gdpr_consent=CPSBCnUPSBCnUAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&sc=1&sfv=1-0-38&ecs=20211230&iu_parts=121764058%2Cprojectunderstood.com_adi_W1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x600&cookie_enabled=1&bc=31&abxe=1&lmt=1640839010&dt=1640839010073&dlt=1640839009048&idt=721&frm=20&biw=1600&bih=1200&oid=2&adxs=1040&adys=1546&adks=2765221855&ucis=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fprojectunderstood.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=300x0&ga_vid=1521521750.1640839010&ga_sid=1640839010&ga_hid=1335337420&ga_fc=false&fws=128&ohw=0&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

bcd0ffda31bdb80eb5b5419107d504e1e6ee60181f35c7f3f8c7611b3fe0ef2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 04:36:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10369
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://projectunderstood.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 118 KB
31 KB 295ms
295ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=515439732546233&correlator=235613263230090&output=ldjh&impl=fif&eid=31063821%2C31063899%2C44755509&vrg=2021120601&ptt=17&gdpr_consent=CPSBCnUPSBCnUAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&sc=1&sfv=1-0-38&ecs=20211230&iu_parts=41117126%2CZXNT%2Czxntmx%2Czxntmx_brmsl&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=1x1&ists=1&fas=8&prev_scp=ad_format%3Dinterstitial&cust_params=site_domen%3Dprojectunderstood.com%26site_topdomen%3Dprojectunderstood.com%26site_referrer%3D%26site_hash%3D%26keywords%3DArahan%2520untuk%2520menggunakan%2520OS%2520Windows%2520Arahan%2520untuk%2520menggunakan%2520OS%2520Windows%2520Butiran%2520Tips%2520untuk%2520OS%2520Win&cookie_enabled=1&bc=31&abxe=1&lmt=1640839010&dt=1640839010076&dlt=1640839009048&idt=721&frm=20&biw=1600&bih=1200&oid=2&adks=4202558371&ucis=5&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fprojectunderstood.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=1521521750.1640839010&ga_sid=1640839010&ga_hid=1335337420&ga_fc=false&fws=2&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e9fc90ad28543009c69a1a69dc0b0c3cd08c475274a8db78189248435702be12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 04:36:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31794
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://projectunderstood.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 54 KB
12 KB 802ms
800ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=515439732546233&correlator=235613263230090&output=ldjh&impl=fif&eid=31063821%2C31063899%2C44755509&vrg=2021120601&ptt=17&gdpr_consent=CPSBCnUPSBCnUAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&sc=1&sfv=1-0-38&ecs=20211230&iu_parts=41117126%2CZXNT%2Czxntmx%2Czxntmx_brmsl&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=580x400&cust_params=site_domen%3Dprojectunderstood.com%26site_topdomen%3Dprojectunderstood.com%26site_referrer%3D%26site_hash%3D%26keywords%3DArahan%2520untuk%2520menggunakan%2520OS%2520Windows%2520Arahan%2520untuk%2520menggunakan%2520OS%2520Windows%2520Butiran%2520Tips%2520untuk%2520OS%2520Win%26seg_id%3D21120200%26site_url%3Dhttps%253A%252F%252Fprojectunderstood.com%252F&cookie_enabled=1&bc=31&abxe=1&lmt=1640839010&dt=1640839010078&dlt=1640839009048&idt=721&frm=20&biw=1600&bih=1200&oid=2&adxs=332&adys=3301&adks=578470087&ucis=6&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fprojectunderstood.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=724x-1&msz=724x-1&ga_vid=1521521750.1640839010&ga_sid=1640839010&ga_hid=1335337420&ga_fc=false&fws=0&ohw=0&btvi=3&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

a94ed01966036c2f7c85243fa717c87fe24bb35a89e63d1a871e9cd2357131e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 04:36:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12215
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://projectunderstood.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 53 KB
12 KB 560ms
558ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=515439732546233&correlator=235613263230090&output=ldjh&impl=fif&eid=31063821%2C31063899%2C44755509&vrg=2021120601&ptt=17&gdpr_consent=CPSBCnUPSBCnUAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&sc=1&sfv=1-0-38&ecs=20211230&iu_parts=41117126%2CZXNT%2Czxnt_brmsl&enc_prev_ius=0%2F1%2F2&prev_iu_szs=580x400&cust_params=site_domen%3Dprojectunderstood.com%26site_topdomen%3Dprojectunderstood.com%26site_referrer%3D%26site_hash%3D%26keywords%3DArahan%2520untuk%2520menggunakan%2520OS%2520Windows%2520Arahan%2520untuk%2520menggunakan%2520OS%2520Windows%2520Butiran%2520Tips%2520untuk%2520OS%2520Win%26seg_id%3D21120200%26site_url%3Dhttps%253A%252F%252Fprojectunderstood.com%252F&cookie_enabled=1&bc=31&abxe=1&lmt=1640839010&dt=1640839010079&dlt=1640839009048&idt=721&frm=20&biw=1600&bih=1200&oid=2&adxs=332&adys=6185&adks=471543404&ucis=7&ifi=7&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fprojectunderstood.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=724x-1&msz=724x-1&ga_vid=1521521750.1640839010&ga_sid=1640839010&ga_hid=1335337420&ga_fc=false&fws=0&ohw=0&btvi=4&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

3299bba478f1298f4000659017fc3cd9bf2478e1204d828667a0743b07ce3e2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 04:36:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12084
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://projectunderstood.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A5FD 6 KB
4 KB 64ms
14ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Thu, 30 Dec 2021 04:36:50 GMT
expires: Fri, 30 Dec 2022 04:36:50 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 pubads_impl_page_level_ads_2021120601.js Show response
securepubads.g.doubleclick.net/gpt/ 34 KB
13 KB 14ms
14ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2021120601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

6438deeda87c2438473fc3c887e708b7f23b9c27dbf7df19e2e525f3b299abd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 04:36:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12940
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 09:34:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 30 Dec 2021 04:36:50 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 40ms
18ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021120601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0aeee55c82ac004b3b61fbd69a45886d47266ed2d2c1e22b096090dafd7801ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Dec 2021 04:36:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8526
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 50ms
29ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 04:36:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
expires: Thu, 30 Dec 2021 04:36:50 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 231E 13 KB
5 KB 23ms
7ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
date: Thu, 30 Dec 2021 02:41:26 GMT
expires: Fri, 30 Dec 2022 02:41:26 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 6924
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame BEB7 783 B
1 KB 77ms
55ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2354d2371f2cc954bf15e9fc80afd22df9e17f8a19e9a8748557f675f5460aa8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-g7c+bCV6ZVodUVgTvElE3w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Thu, 30 Dec 2021 04:36:50 GMT
date: Thu, 30 Dec 2021 04:36:50 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-g7c+bCV6ZVodUVgTvElE3w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js Show response
pagead2.googlesyndication.com/bg/ Frame 231E 35 KB
13 KB 21ms
7ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

037b12d07ffce84bbca6821a50f249c54429b20c0f2fd67469a0bb5937113051

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 23:03:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20006
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13610
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 29 Dec 2022 23:03:24 GMT

GET
H3 200 container.html Show response
ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 23BA 6 KB
3 KB 21ms
7ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Thu, 30 Dec 2021 04:36:50 GMT
expires: Fri, 30 Dec 2022 04:36:50 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2F27 6 KB
3 KB 7ms
6ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Thu, 30 Dec 2021 04:36:50 GMT
expires: Fri, 30 Dec 2022 04:36:50 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame BEB7 0
0 18ms
18ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2021120601&jk=515439732546233&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 23BA 0
0 27ms
26ms Fetch
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C4ib3YjfNYenvB5eI9u8PpNequAPPh46bXMCG2YLGAsCNtwEQASAAYLsGggEXY2EtcHViLTU1MTIzOTA3MDUxMzc1MDfIAQngAgCoAwGqBJUCT9C7BX7UVmAs8uUFwXguEL5Yam8HkQNc_7ZdpjgWAGOVvhApLrkf9iNaA_1j9gAGbaEishhedhjDAVyLh6pyFM-j7PdsVbGImJso4zTrE7Qqou97TsIir-JxNNv8lIC9Ej17dK6RoG7k5xEm3aS3ls0_BqS19-xIo-ayy5NTWRLobhUMFh11XH6dyUYhFfP2FTnwS02Ckhjb2D_TXJgPo4kgrn7P9Rp-PkGcFU6q1BHb085zXzfA6FW_CFk1YwgYZZqvetSlFycXf6Xxr9vhaj4T0E1uBVNh7c-mr8cRR11J2lQkVRFhUdo2ozDMp-N_t5GGuLzf-BH-rLA7e_hJcDpOzFXNNPQbVqJ1zoGFl4gbBAa5t-AEAYAG-5SAodn857m4AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB8ggbYWR4LXN1YnN5bi05MTYxODYzNjg1ODI2OTU2gAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTU1MTIzOTA3MDUxMzc1MDcYku8h&sigh=N_Q__EbmY4s&uach_m=[UACH]&cid=CAQSPgCNIrLMzHQbI7ej8Cuyl4PDYMlBDQyTaaoYh2ENVNZF_EiBeXddANpMeR7Y2Whm-LqJv3ajoAYWgrN7TovWGAE&tpd=AGWhJmtWd_fDLwzgjNJHgkYkGstv8btFTUEDYMRlYrufqMeCXs8znMdbQFdhDSq7vwfAXs94osm8pzVbauidiTzEyQWldM_XZaGQMgJFS3bab73VLvuRJRlKt4rxbLgQ1_0Xsj7XWDjj7dhOdc9olc4zNDAu34Cb7m_LnmXSNc5dPES7ovO2L2QWEFNbJulOvVgzUcIPOYOBNUq19vXj9Eut2ZbbFYBG80N3ZkDruYoD6LorZm2fbExmz7Zm8sR0sCRsz6u2x-P35AwyBRH7RwHzTnnRtgfllISLnCuFRBx7wPsZ47Vhjib8Th4WkNXJMgz5cudDhc6R2wDf3KsQj5PrAYpfGgvP7lO4YKGupCxx3cngNDIbKMginPhzUy0ku7uPcloUJ4vCsB1Sq6o29rBX8fICiCm1y97nf7SDzNrS_Ro9rXJYXDgLL-80JZV06AIfdnYJix3Ry0Zp9hXM7HLsxetyfglaR-tiu4EATBL4XqrYniGyLZkSqiegZT5JiqqvsnqrG4uhypdz48NO-TiW5iudlOI_FI9mw0sdFWKMqy-GaJq4gPxynlxUBK23XlfIugpvUmnmsV7TN9uz4alkHqWnNW6RHCA5PPctXDYB-DTY1wRPcC8TMqVe_Yvhf7_b-5VNTl_3-kHPDqDee9z5URSfG2xHX1oWBiU33AY3yKKcFslajO8OrWXm9aopwveOGDg4lVIuqrLleVVIuLvO3A5D7XPrQvB2pI10ER9T0oYnRGdXbvr_WeRui1UtkoZpfYN4rPNJB-H-jnofuq4Sx51q-z0kRnxdTPwA3TpgO-b2BpRQKbrsHmo9VOFdGi-psXAmRbb-AS6pB4x9p9_l0QNcthBNMhlh-wxgwLMmRcqYeTVkcqaG3CptoGpJgdheGXfhHubw8jz0yC2qXtHSzMvjzF6G_bHkBBxGj4OaqUB6-5YUfX63MINHN9iiRs8YWDoJDSGPTZ6gM88s09e2eopigsZ7o4RoER2U54ubO1SEamZN1KKlqJJqFSGKxJx43Dirx56gZdnpsABY9IlLuugc3U6_gcgQukBGi62Zbj6oiQvCyjZJg8q5pn4YZabkUl-MmNL_6Qg_EMFTCss
Requested by: Host: projectunderstood.com
URL: https://projectunderstood.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H/1.1 200
OK js Show response
tags.mathtag.com/notify/ Frame 23BA 3 KB
2 KB 59ms
25ms Script
application/x-javascript 185.29.134.245
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWkdNeU9ETm1ObUl0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzE2MjU3OTU0ODg4NzgxNzgxNzgvOTY5NjA0NC85OTY4MjAyLzQvMGlWYWx4TlNIYjdXM1l6U1lERXB1X2locnd4NWpZdmxkZ2QxNmRLYjhRSS8xLzQvMC8wLzE3NDEzNzkvMTU0MjM0NTIxNi8yMjY1ODkvMTA0MTgwMi8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzE2MjU3OTU0ODg4NzgxNzgxNzgvenJoLzAvOTQ5OS82MS85OTkvMjU4LzkxLjIzOC44Mi4wLzAuMDAwLzE2NDA4MzkwMTAvMTY0MDg1MTYxMC80L3B1Yi01NTEyMzkwNzA1MTM3NTA3Lw/BayucGVyt2-1QHMz4CougeNZviA&nodeid=33&group=zrh&auctionid=1625795488878178178&shardkey=1625795488878178178&sid=9968202&cid=9696044&bp=a_cdhaeg&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.81&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzOjAYjfNYenvB5eI9u8PpNequAPPh46bXMCG2YLGAsCNtwEQASAAYLsGggEXY2EtcHViLTU1MTIzOTA3MDUxMzc1MDfIAQngAgCoAwGqBJgCT9C7BX7UVmAs8uUFwXguEL5Yam8HkQNc_7ZdpjgWAGOVvhApLrkf9iNaA_1j9gAGbaEishhedhjDAVyLh6pyFM-j7PdsVbGImJso4zTrE7Qqou97TsIir-JxNNv8lIC9Ej17dK6RoG7k5xEm3aS3ls0_BqS19-xIo-ayy5NTWRLobhUMFh11XH6dyUYhFfP2FTnwS02Ckhjb2D_TXJgPo4kgrn7P9Rp-PkGcFU6q1BHb085zXzfA6FW_CFk1YwgYZZqvetSlFycXf6Xxr9vhaj4T0E1uBVNh7c-mr8cRR11J2lQkVRFhUdo2ozDMp-M9tbAUFAB7_5xa5BvjO1e5bS5EcF_jLBWmluLaNCCbu5C1nbq-OixbhuAEAYAG-5SAodn857m4AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB8ggbYWR4LXN1YnN5bi05MTYxODYzNjg1ODI2OTU2-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_302jurs5N9L_q4PrxkugoA9vkHKg%26client%3Dca-pub-5512390705137507%26adurl%3D
Requested by: Host: ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com
URL: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.210.4 /
Resource Hash: 2d6c5cc253e5f3b891b2fe1fba27713b1dbc588576c4ff427dce0ab6ee5a1d18

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 30 Dec 2021 04:36:50 GMT
Content-Encoding: gzip
x-mm-bid-request-time: 1640839010
Last-Modified: Thu, 30 Dec 2021 04:36:50 GMT
Server: MMBD/3.210.4
x-mm-latency: 12 (0)
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
x-mm-dbg: Count
Cache-Control: no-cache
x-mm-host: cdg-router-x83, zrh-bidder-x1
Connection: close
Content-Type: application/x-javascript; charset=UTF-8
Expires: Thu, 30 Dec 2021 04:36:49 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 23BA 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Host: ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com
URL: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 04:15:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1258
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Jan 2022 04:15:52 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 23BA 119 KB
36 KB 50ms
36ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com
URL: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 04:36:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 30 Dec 2021 04:36:50 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 23BA 15 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com
URL: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 04:19:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1063
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6464
x-xss-protection: 0
server: cafe
etag: 15715955993838318253
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Jan 2022 04:19:07 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 23BA 0
0 30ms
14ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSI6bhmN9OXI-x_P-YWv-J0CDmEof2ST6F_zysoLxwEs15BAHoHmQfsJ4nnrNAjfuZVseFKIBckuxd9wNnRUY27qjcIOw
Requested by: Host: ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com
URL: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 23BA 22 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com
URL: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 10:10:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66395
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 29 Dec 2022 10:10:15 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 2F27 4 KB
1 KB 37ms
15ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com
URL: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 30 Dec 2021 04:21:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 30 Dec 2021 04:36:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 30 Dec 2021 04:36:50 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 1057 3 KB
652 B 34ms
22ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com
URL: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 30 Dec 2021 03:19:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 30 Dec 2021 04:36:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 30 Dec 2021 04:36:50 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 1057 1 KB
880 B 7ms
6ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com
URL: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 03:13:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5001
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 853
x-xss-protection: 0
server: cafe
etag: 7170004918125193417
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Jan 2022 03:13:29 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame 1057 19 KB
8 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite_fy2019.js

Requested by

Host: ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com
URL: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 03:37:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3555
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7876
x-xss-protection: 0
server: cafe
etag: 5333878705136318229
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Jan 2022 03:37:35 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 1057 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Host: ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com
URL: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 04:15:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1258
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Jan 2022 04:15:52 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1057 119 KB
36 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com
URL: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 04:36:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 30 Dec 2021 04:36:50 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 1057 15 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com
URL: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 04:19:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1063
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6464
x-xss-protection: 0
server: cafe
etag: 15715955993838318253
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Jan 2022 04:19:07 GMT

GET
H2 200 6d065ef8aad4e53a06604e1059b7b7b3.js Show response
www.gstatic.com/mysidia/ Frame 1057 27 KB
12 KB 30ms
6ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6d065ef8aad4e53a06604e1059b7b7b3.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com
URL: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b138f0b28fe44581bebb03d0ff7046e4f8416deeb5d152ede640eaa3dc1c7872

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 14:00:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 138952
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11408
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 07:52:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 28 Mar 2022 14:00:58 GMT

GET
H3 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/ Frame 2F27 19 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com
URL: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc7731959f24eb86dc0127adfa88c91e71d68b5a0c958dae09aab1b34438256c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 23:57:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16766
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8346
x-xss-protection: 0
server: cafe
etag: 3177319193432224586
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Jan 2022 23:57:24 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2F27 205 B
520 B 31ms
10ms Image
image/png 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com
URL: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 10:59:10 GMT
x-content-type-options: nosniff
age: 149860
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 28 Dec 2022 10:59:10 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2F27 604 B
696 B 31ms
11ms Image
image/png 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com
URL: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 13:27:25 GMT
x-content-type-options: nosniff
age: 140965
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 28 Dec 2022 13:27:25 GMT

GET
H/1.1 200
OK 0waha4ezfhrk Show response
hal9000.redintelligence.net/zone/ Frame 23BA 11 KB
4 KB 43ms
12ms Script
text/html 138.201.64.38
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/0waha4ezfhrk?subid=&gdpr=1&gdpr_consent=CPSBCnUPSBCnUAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&rnd=1625795488878178178&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D1625795488878178178%26mt_id%3D9696044%26mt_adid%3D226589%26mt_sid%3D9968202%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D1abf61cd-3762-4501-93df-5ca03cfde111%26mt_cid%3D1abf61cd-3762-4501-93df-5ca03cfde111%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCzOjAYjfNYenvB5eI9u8PpNequAPPh46bXMCG2YLGAsCNtwEQASAAYLsGggEXY2EtcHViLTU1MTIzOTA3MDUxMzc1MDfIAQngAgCoAwGqBJgCT9C7BX7UVmAs8uUFwXguEL5Yam8HkQNc_7ZdpjgWAGOVvhApLrkf9iNaA_1j9gAGbaEishhedhjDAVyLh6pyFM-j7PdsVbGImJso4zTrE7Qqou97TsIir-JxNNv8lIC9Ej17dK6RoG7k5xEm3aS3ls0_BqS19-xIo-ayy5NTWRLobhUMFh11XH6dyUYhFfP2FTnwS02Ckhjb2D_TXJgPo4kgrn7P9Rp-PkGcFU6q1BHb085zXzfA6FW_CFk1YwgYZZqvetSlFycXf6Xxr9vhaj4T0E1uBVNh7c-mr8cRR11J2lQkVRFhUdo2ozDMp-M9tbAUFAB7_5xa5BvjO1e5bS5EcF_jLBWmluLaNCCbu5C1nbq-OixbhuAEAYAG-5SAodn857m4AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB8ggbYWR4LXN1YnN5bi05MTYxODYzNjg1ODI2OTU2-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_302jurs5N9L_q4PrxkugoA9vkHKg%2526client%253Dca-pub-5512390705137507%2526adurl%253D%26redirect%3D
Requested by: Host: projectunderstood.com
URL: https://projectunderstood.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.64.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.38.64.201.138.clients.your-server.de
Software: Apache /
Resource Hash: db8bbdc4aef89d1baa8bc9c953a882eb3ce857a05a215279f38cc9b0684929e2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 30 Dec 2021 04:36:50 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3839
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ck-confirm
tags.mathtag.com/ Frame 23BA 49 B
328 B 51ms
25ms Image
image/gif 185.29.134.245
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/ck-confirm?bid_id=1625795488878178178&node_id=33&exch_id=4
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWkdNeU9ETm1ObUl0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzE2MjU3OTU0ODg4NzgxNzgxNzgvOTY5NjA0NC85OTY4MjAyLzQvMGlWYWx4TlNIYjdXM1l6U1lERXB1X2locnd4NWpZdmxkZ2QxNmRLYjhRSS8xLzQvMC8wLzE3NDEzNzkvMTU0MjM0NTIxNi8yMjY1ODkvMTA0MTgwMi8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzE2MjU3OTU0ODg4NzgxNzgxNzgvenJoLzAvOTQ5OS82MS85OTkvMjU4LzkxLjIzOC44Mi4wLzAuMDAwLzE2NDA4MzkwMTAvMTY0MDg1MTYxMC80L3B1Yi01NTEyMzkwNzA1MTM3NTA3Lw/BayucGVyt2-1QHMz4CougeNZviA&nodeid=33&group=zrh&auctionid=1625795488878178178&shardkey=1625795488878178178&sid=9968202&cid=9696044&bp=a_cdhaeg&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.81&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzOjAYjfNYenvB5eI9u8PpNequAPPh46bXMCG2YLGAsCNtwEQASAAYLsGggEXY2EtcHViLTU1MTIzOTA3MDUxMzc1MDfIAQngAgCoAwGqBJgCT9C7BX7UVmAs8uUFwXguEL5Yam8HkQNc_7ZdpjgWAGOVvhApLrkf9iNaA_1j9gAGbaEishhedhjDAVyLh6pyFM-j7PdsVbGImJso4zTrE7Qqou97TsIir-JxNNv8lIC9Ej17dK6RoG7k5xEm3aS3ls0_BqS19-xIo-ayy5NTWRLobhUMFh11XH6dyUYhFfP2FTnwS02Ckhjb2D_TXJgPo4kgrn7P9Rp-PkGcFU6q1BHb085zXzfA6FW_CFk1YwgYZZqvetSlFycXf6Xxr9vhaj4T0E1uBVNh7c-mr8cRR11J2lQkVRFhUdo2ozDMp-M9tbAUFAB7_5xa5BvjO1e5bS5EcF_jLBWmluLaNCCbu5C1nbq-OixbhuAEAYAG-5SAodn857m4AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB8ggbYWR4LXN1YnN5bi05MTYxODYzNjg1ODI2OTU2-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_302jurs5N9L_q4PrxkugoA9vkHKg%26client%3Dca-pub-5512390705137507%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.210.4 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 30 Dec 2021 04:36:50 GMT
Server: MMBD/3.210.4
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: cdg-router-x50, zrh-bidder-x1
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Thu, 30 Dec 2021 04:36:49 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame 23BA 43 B
405 B 53ms
21ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=1625795488878178178&v3=1041802&v4=9968202&v5=9696044&mt_nsync=1&no_attr=1
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWkdNeU9ETm1ObUl0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzE2MjU3OTU0ODg4NzgxNzgxNzgvOTY5NjA0NC85OTY4MjAyLzQvMGlWYWx4TlNIYjdXM1l6U1lERXB1X2locnd4NWpZdmxkZ2QxNmRLYjhRSS8xLzQvMC8wLzE3NDEzNzkvMTU0MjM0NTIxNi8yMjY1ODkvMTA0MTgwMi8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzE2MjU3OTU0ODg4NzgxNzgxNzgvenJoLzAvOTQ5OS82MS85OTkvMjU4LzkxLjIzOC44Mi4wLzAuMDAwLzE2NDA4MzkwMTAvMTY0MDg1MTYxMC80L3B1Yi01NTEyMzkwNzA1MTM3NTA3Lw/BayucGVyt2-1QHMz4CougeNZviA&nodeid=33&group=zrh&auctionid=1625795488878178178&shardkey=1625795488878178178&sid=9968202&cid=9696044&bp=a_cdhaeg&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.81&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzOjAYjfNYenvB5eI9u8PpNequAPPh46bXMCG2YLGAsCNtwEQASAAYLsGggEXY2EtcHViLTU1MTIzOTA3MDUxMzc1MDfIAQngAgCoAwGqBJgCT9C7BX7UVmAs8uUFwXguEL5Yam8HkQNc_7ZdpjgWAGOVvhApLrkf9iNaA_1j9gAGbaEishhedhjDAVyLh6pyFM-j7PdsVbGImJso4zTrE7Qqou97TsIir-JxNNv8lIC9Ej17dK6RoG7k5xEm3aS3ls0_BqS19-xIo-ayy5NTWRLobhUMFh11XH6dyUYhFfP2FTnwS02Ckhjb2D_TXJgPo4kgrn7P9Rp-PkGcFU6q1BHb085zXzfA6FW_CFk1YwgYZZqvetSlFycXf6Xxr9vhaj4T0E1uBVNh7c-mr8cRR11J2lQkVRFhUdo2ozDMp-M9tbAUFAB7_5xa5BvjO1e5bS5EcF_jLBWmluLaNCCbu5C1nbq-OixbhuAEAYAG-5SAodn857m4AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB8ggbYWR4LXN1YnN5bi05MTYxODYzNjg1ODI2OTU2-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_302jurs5N9L_q4PrxkugoA9vkHKg%26client%3Dca-pub-5512390705137507%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4133 baa842e master zrh-pixel-x29 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 30 Dec 2021 04:36:50 GMT
Server: MT3 4133 baa842e master zrh-pixel-x29 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 30 Dec 2021 04:36:49 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame 23BA 49 B
328 B 62ms
35ms Image
image/gif 185.29.134.245
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=1625795488878178178&st=9968202&time=1640839010&nodeid=33
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWkdNeU9ETm1ObUl0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzE2MjU3OTU0ODg4NzgxNzgxNzgvOTY5NjA0NC85OTY4MjAyLzQvMGlWYWx4TlNIYjdXM1l6U1lERXB1X2locnd4NWpZdmxkZ2QxNmRLYjhRSS8xLzQvMC8wLzE3NDEzNzkvMTU0MjM0NTIxNi8yMjY1ODkvMTA0MTgwMi8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzE2MjU3OTU0ODg4NzgxNzgxNzgvenJoLzAvOTQ5OS82MS85OTkvMjU4LzkxLjIzOC44Mi4wLzAuMDAwLzE2NDA4MzkwMTAvMTY0MDg1MTYxMC80L3B1Yi01NTEyMzkwNzA1MTM3NTA3Lw/BayucGVyt2-1QHMz4CougeNZviA&nodeid=33&group=zrh&auctionid=1625795488878178178&shardkey=1625795488878178178&sid=9968202&cid=9696044&bp=a_cdhaeg&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.81&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzOjAYjfNYenvB5eI9u8PpNequAPPh46bXMCG2YLGAsCNtwEQASAAYLsGggEXY2EtcHViLTU1MTIzOTA3MDUxMzc1MDfIAQngAgCoAwGqBJgCT9C7BX7UVmAs8uUFwXguEL5Yam8HkQNc_7ZdpjgWAGOVvhApLrkf9iNaA_1j9gAGbaEishhedhjDAVyLh6pyFM-j7PdsVbGImJso4zTrE7Qqou97TsIir-JxNNv8lIC9Ej17dK6RoG7k5xEm3aS3ls0_BqS19-xIo-ayy5NTWRLobhUMFh11XH6dyUYhFfP2FTnwS02Ckhjb2D_TXJgPo4kgrn7P9Rp-PkGcFU6q1BHb085zXzfA6FW_CFk1YwgYZZqvetSlFycXf6Xxr9vhaj4T0E1uBVNh7c-mr8cRR11J2lQkVRFhUdo2ozDMp-M9tbAUFAB7_5xa5BvjO1e5bS5EcF_jLBWmluLaNCCbu5C1nbq-OixbhuAEAYAG-5SAodn857m4AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB8ggbYWR4LXN1YnN5bi05MTYxODYzNjg1ODI2OTU2-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_302jurs5N9L_q4PrxkugoA9vkHKg%26client%3Dca-pub-5512390705137507%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.210.4 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 30 Dec 2021 04:36:50 GMT
Server: MMBD/3.210.4
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: cdg-router-x87, zrh-bidder-x1
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Thu, 30 Dec 2021 04:36:49 GMT

GET
H/1.1

200
OK

request.php Show response
hal900023.redintelligence.net/ Frame 23BA
Redirect Chain

https://hal900023.redintelligence.net/request.php?zone=0waha4ezfhrk&nw=20&renderingType=javascript&namespace=cc61818fac&subid=&uid=3979aa2c0cd5dd37&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900023.redintelligence.net/request.php?zone=0waha4ezfhrk&nw=20&renderingType=javascript&namespace=cc61818fac&subid=&uid=3979aa2c0cd5dd37&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

613 B
937 B

74ms
52ms

Script
application/x-javascript

78.46.23.46
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900023.redintelligence.net/request.php?zone=0waha4ezfhrk&nw=20&renderingType=javascript&namespace=cc61818fac&subid=&uid=3979aa2c0cd5dd37&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=CPSBCnUPSBCnUAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D1625795488878178178%26mt_id%3D9696044%26mt_adid%3D226589%26mt_sid%3D9968202%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D1abf61cd-3762-4501-93df-5ca03cfde111%26mt_cid%3D1abf61cd-3762-4501-93df-5ca03cfde111%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCzOjAYjfNYenvB5eI9u8PpNequAPPh46bXMCG2YLGAsCNtwEQASAAYLsGggEXY2EtcHViLTU1MTIzOTA3MDUxMzc1MDfIAQngAgCoAwGqBJgCT9C7BX7UVmAs8uUFwXguEL5Yam8HkQNc_7ZdpjgWAGOVvhApLrkf9iNaA_1j9gAGbaEishhedhjDAVyLh6pyFM-j7PdsVbGImJso4zTrE7Qqou97TsIir-JxNNv8lIC9Ej17dK6RoG7k5xEm3aS3ls0_BqS19-xIo-ayy5NTWRLobhUMFh11XH6dyUYhFfP2FTnwS02Ckhjb2D_TXJgPo4kgrn7P9Rp-PkGcFU6q1BHb085zXzfA6FW_CFk1YwgYZZqvetSlFycXf6Xxr9vhaj4T0E1uBVNh7c-mr8cRR11J2lQkVRFhUdo2ozDMp-M9tbAUFAB7_5xa5BvjO1e5bS5EcF_jLBWmluLaNCCbu5C1nbq-OixbhuAEAYAG-5SAodn857m4AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB8ggbYWR4LXN1YnN5bi05MTYxODYzNjg1ODI2OTU2-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_302jurs5N9L_q4PrxkugoA9vkHKg%2526client%253Dca-pub-5512390705137507%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fprojectunderstood.com%2F&ancestorOrigins=https%3A%2F%2Fprojectunderstood.com&random=8613578762670&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com
URL: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.46.23.46.78.clients.your-server.de
Software: Apache /
Resource Hash: 96b19651128d37581a0513fa770bbd603a81e13ba7e1f1010959fd628fa46709

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 30 Dec 2021 04:36:50 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 77805400025506903912182011824023
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 331
Expires: Thu, 30 Dec 2021 04:36:50 +0100

Redirect headers

Pragma: no-cache
Date: Thu, 30 Dec 2021 04:36:50 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=0waha4ezfhrk&nw=20&renderingType=javascript&namespace=cc61818fac&subid=&uid=3979aa2c0cd5dd37&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=CPSBCnUPSBCnUAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D1625795488878178178%26mt_id%3D9696044%26mt_adid%3D226589%26mt_sid%3D9968202%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D1abf61cd-3762-4501-93df-5ca03cfde111%26mt_cid%3D1abf61cd-3762-4501-93df-5ca03cfde111%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCzOjAYjfNYenvB5eI9u8PpNequAPPh46bXMCG2YLGAsCNtwEQASAAYLsGggEXY2EtcHViLTU1MTIzOTA3MDUxMzc1MDfIAQngAgCoAwGqBJgCT9C7BX7UVmAs8uUFwXguEL5Yam8HkQNc_7ZdpjgWAGOVvhApLrkf9iNaA_1j9gAGbaEishhedhjDAVyLh6pyFM-j7PdsVbGImJso4zTrE7Qqou97TsIir-JxNNv8lIC9Ej17dK6RoG7k5xEm3aS3ls0_BqS19-xIo-ayy5NTWRLobhUMFh11XH6dyUYhFfP2FTnwS02Ckhjb2D_TXJgPo4kgrn7P9Rp-PkGcFU6q1BHb085zXzfA6FW_CFk1YwgYZZqvetSlFycXf6Xxr9vhaj4T0E1uBVNh7c-mr8cRR11J2lQkVRFhUdo2ozDMp-M9tbAUFAB7_5xa5BvjO1e5bS5EcF_jLBWmluLaNCCbu5C1nbq-OixbhuAEAYAG-5SAodn857m4AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB8ggbYWR4LXN1YnN5bi05MTYxODYzNjg1ODI2OTU2-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_302jurs5N9L_q4PrxkugoA9vkHKg%2526client%253Dca-pub-5512390705137507%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fprojectunderstood.com%2F&ancestorOrigins=https%3A%2F%2Fprojectunderstood.com&random=8613578762670&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Thu, 30 Dec 2021 04:36:50 +0100

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 17ms
16ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2021120601&jk=515439732546233&bg=!FRalFlLNAAZKWFskSlg7ACkAdvg8Wu44OdU4Ncriylr7dkdWlz_PE5iEibdBjjRMJuG0q87cfLS0TQIAAACqUgAAADdoAQeZArGEoqZjhuXmwTYH0zzgBjg19DHw3Kn3M7CX1n39OhXRudwnDGnBsqQPLJuv9dnQymyBMRqluytKi2ZJd3cOCEWnfHcXHv99C1DWnQXzWTLW-ZU_LJTxILwW8JuZFhxhO5BfC5gT9IvA9WM3UMAH-LZm4J-9ie3thZnyDKwvUU35-s5O23dAQhNeFQm3E3frVkU6K3FyEw1kvSgDeGbVN2CA_HrQmL-pcK4SNrGzoqtcXNmu6C8EqQoogcrT47wfTpMwL7H9-qdlkNT-TWyHOz6oWdNaRV-Xrx_Eyv5WWatBKoRUMLXcSSc00dniwG_m9_K0x-YmDSRhu8WOa0fSxnMmwSxidLqhYeaf3OE_StkRCQ2rZhYM8JatyvRAEYZlPhkqw-8JL5gw8R3vkQbHRWEp1I6fEXKoMnPDTgiDCrT-oy67t0z9iyxZ1bAuihCJsyimdsGB5nUTXckWX3PD-WjP3ptrcGj_mkH02UXID8TZbJhi2VbVdpWbNsuk3F0nfjAGRNmoyz7riButdI5a_D8R08eU2hNLbOi7lmMw6bTFtQzUCwmUtooifs8lcL2E-sd7wZNM2tJYM2PURpMUNqE68Wigh1ZFvvnXe2oXYLW1BH97aTeKBFaVFOlYb_52wv_rmFDd0d_8H0p01jSltskNqz0Wyt7MBTdEgAOmOi9O6uVz1cjpEz3xk7sdpHlRNrdWw2TYdfKUOK02vvElXESVvTzKGzR_7-kyJt4YnnuDVVM4rob1XaYh2-dc_Nucs0Yr5zmcZwG2nFrcbT5K4TKN5fE80XJHG5sHXFY0Py09sIGRpaM_800X_Q4nGZNDdpASqiQiIemFPly_zsVVIJgG-gDgM4HC936snhytFwfDcIjg2YIZBoacEtsXHyL9z6A0WEyeIxaSonzed0fNGN__7A

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 04:36:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012111011823000/ Frame D425 189 KB
54 KB 74ms
9ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 135618
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55592
x-xss-protection: 0
server: sffe
date: Tue, 28 Dec 2021 14:56:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "11dee2040f5fc1d7"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 28 Dec 2022 14:56:32 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame D425 13 KB
6 KB 72ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 135618
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4992
x-xss-protection: 0
server: sffe
date: Tue, 28 Dec 2021 14:56:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "858600ba27ef7413"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 28 Dec 2022 14:56:32 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame D425 89 KB
28 KB 83ms
18ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 135618
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28555
x-xss-protection: 0
server: sffe
date: Tue, 28 Dec 2021 14:56:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a64e482645fd262b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 28 Dec 2022 14:56:32 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame D425 5 KB
2 KB 85ms
20ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 135618
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1731
x-xss-protection: 0
server: sffe
date: Tue, 28 Dec 2021 14:56:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "cb4f0e89d7d37d9b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 28 Dec 2022 14:56:32 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame D425 40 KB
13 KB 82ms
17ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 135618
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12826
x-xss-protection: 0
server: sffe
date: Tue, 28 Dec 2021 14:56:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f02165e023e70703"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 28 Dec 2022 14:56:32 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame D425 3 KB
579 B 30ms
16ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 30 Dec 2021 04:21:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 30 Dec 2021 04:36:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 30 Dec 2021 04:36:50 GMT

GET
H3 200 ms.png
tpc.googlesyndication.com/pagead/images/abg/ Frame D425 3 KB
3 KB 7ms
7ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/ms.png

Requested by

Host: projectunderstood.com
URL: https://projectunderstood.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e21f4e7e88783b14a82c666b81649a49dace8b1fd9a1ec27a8e17b2ae26bbc94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 29 Dec 2021 06:05:51 GMT
x-content-type-options: nosniff
server: cafe
age: 81059
etag: 12948112503563494795
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3020
x-xss-protection: 0
expires: Thu, 30 Dec 2021 06:05:51 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame D425 344 B
368 B 7ms
6ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: projectunderstood.com
URL: https://projectunderstood.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 29 Dec 2021 06:46:14 GMT
x-content-type-options: nosniff
server: cafe
age: 78636
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Thu, 30 Dec 2021 06:46:14 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame D425 0
0 23ms
23ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cw2KZYjfNYcnnFbeT7_UPq5SZiAzGsvHpYqjMh_O2DsPf_vWVDxABIIbhhSpguwagAcixqc0DyAEJ4AIAqAMByAMKqgSJAk_Qhe_a15fo947yf9wgoL-SySN9xOOCIDex-zS60kpR2hr_hFcWtaLe_Ae1Il8diOy95AVjhfBLM7eL3y7kQ3BjxOMG4GBReCa0n7rJ5opR8CITKVVmBrHF0hFm2e_XpZpYIYQCYp0Zv-OIn3sfB7jdBuUt_PsVkgSQVHL5-JJsJIYSZH0Nj1ufCHH4VEiE-D1ScKLxgjZaiQVxq8sEOHiEeD95iqc_BwDZC9qL82XkYB9UwAW66n-lT9a_RUYabEXdcka47Z9pE78oBudDGhex_8xprXXJiYJlEgFv_jJPAB5wMaDF3IcIrzsMBMkZnhL9PkbeGr0-rBawy55D9zEH2O2fGngGSTbABLLUoMiKAuAEAZIFBAgEGAGSBQQIBRgEoAYugAfk6uI1qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQgYYP0ggJCIjhgBAQARgdgAoDyAsBuBOIJ9gTDNAVAYAXAbIXHgocCAASFHB1Yi02NTUwNDEzMzYzNjAyNTg4GP6rHQ&sigh=jEONN2Z_nHM&uach_m=[UACH]&template_id=5000&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by: Host: projectunderstood.com
URL: https://projectunderstood.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 200 container.html Show response
ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A8ED 6 KB
3 KB 7ms
6ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Thu, 30 Dec 2021 04:36:50 GMT
expires: Fri, 30 Dec 2022 04:36:50 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame D657 3 KB
1 KB 55ms
18ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRDwoIKyAhiG8qy9ATAB&v=APEucNVegZ8p2HVZnkswcv3K7CYgzLZIZYSV-KkwRZ3jm19QMQ7vvNPnewTMrCPzGfjA1b6kaMXv90t8zr2ZafPeWSJ4FqG1z7sT3wWmfuVd5B8ufeJtpiyR_Yy023BHGsOIGPFM_g4gMndeKRtDDqAqdzh7fKnJk3CgVYsl5NFwimdD-Usdr0qAyGjXGkJ2vMcBcRVqk_raFdE6c7QW2IoZMfFnAHnGRJArxGUixfFzKgWfk--1Z-tRZD0YuO1DbnK04k0rfnw2d2Vmk-ZzWzVyUJ-XxY1AesdhSUYckPts8nzcwRk_Jg3lMlBhtpNqDOUG9FD0_ypKrl5Hdfokr2vYHqvptc0AA9ZXvsZ747JaCujF7IChoxpt0D7GHmQXqN0HIOKVUyjcwYH1UiIgmS0R4wEFftQQcIzBPr-iygYl3AVHbKrZITn8RsD9Nwz3LeAB6DDgPZl2iuSoageHXn0idnvtFZn69cXkfl6hdeA5oDbkCE6KDxFy619GMZ2864ZerBhnnbGXPeESNGCVd9OzObIqJXQ_0sYnS0xmt5xz4ePQecV4YrxRWD4VJ6n2TfMoKXLIIDsdJbV2xlJvZwaAUXBuqG2GgMnw6To6BxXBW6ymXcLEGeBrylBjKHEh7t86c-_HIpmuYmNiN1rHXS3OMlipgEBDibRAXilwO9czw8LG928IC_aphObbKNghIFMbJr8en71H5-vcY36BCPcAFf_WUEZZxS9psQG7eXgV5BUQ8ivvRz4Dmzvk3umKJiJIftbGxSEJngjVDwEVRgNxHKYOlGUH-CGNq_PAhaF7aYPQCnQ42iN3cDxY78W3rLVqRK9sE_IFryTLBQConbyU9Q6QARRE77bpMc2AyG0Z9ABjKw_BINwNQtIh1jtmQ5gu2smafgZ8-915t9FE8Ng9d_HoiI6D54yeXzCWR7-lO_oOBm_WbqbvZOIs36AxMx54NqcR8_vIAHJ7un1owgzbGoU5_WWWPUyhfb91Q9FE6_cCzeahc8giTEYkFYGQq5z_STX4vNo2C3MELSz8L0QPZCJud9xozg

Requested by

Host: ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com
URL: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

069d369e54f34bbabd5a8532ec638059f5ed54d0a265becd9856f8f21e08fe9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 30 Dec 2021 04:36:50 GMT
server: cafe
cache-control: private
content-length: 877
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 30 Dec 2021 04:36:50 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame A8ED 12 KB
9 KB 75ms
39ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DnVK3z0EJnPg4eN_eXYx9nZi5WEop44WWT_JNvsDsQ91rCSUnWJA8N0gdrSMmRcCjG8uv7cYIMST93d8Sp_H9qxjx4xModNb3h1VsPPLchtpx2OZovzttPwwnDpu4UfN5dqjEc-ZRQP8cOza1VbGMnnrQDVQ&cry=1&dbm_d=AKAmf-DucT9CyKnTaAYNJO63rTUoN5gY5PG_8tVf1yFKjqnpjBY2IS6Kb1KrGG9xXq7za682DzI_zbcdF7AkZvEs41MsHp7Z6ctpSGNofB706NogcqWPyqz6XS8JFMMMrSGVFz9ZekDIcoQjWDWqvN_eTwnLkjbUYpNI277wnAPj9L0sbMgN2tH8seZ-r3K5LQCRgKLgkIA5veMLFBrSwzG0B-sM8y9_My5PVnwE3qWJGXB_aQm-4xOvyXCrtHSWy3jxeJpzPa4QO8bx1OyebmGNfFlymyha5h5nUVtrj4X-daIO0vcFvK9xVk61txMtQ0-fK4PZ4FrcjJQCxf9c6jWq7IZp6OYiHjna7sMYxRN-kvAPcYPitUwQ5TFoYfIqR2VVKYTuHEfK0k-5X6hxvTKrKmPoSvKcCWM6VSrc0airWYnDXGw1fkcI0PZjOVlyZwew3IY6OqPY7XpG3dhVSW5A6QpR3dl_Qfxq_gCtDluX4dQhDbxcU3-JUNkljNP2YqntYsyhxdTDr24mJGBEeRBvp0t10oDgw03O520FGLV7FRASVuESzK3zKK-rdbokVLJ0N9DHKrAjurqjQv3XOGeSPinzcy1ZSUa93TYCdSEqk17m4FIIfdDASgfrODH42e2MqlYS7apYQj6juNsdtfjV46HvY2Qid7i0yVQ1GE14l4lOKdzzu2xMN0ChA4PuSxkQyf7DuPvgTtNLMM2KRWnopdmij68wzQvcwUgd0faFo5HuRcwXG5PtnheZBw-7g6MtrqPCE54vIbFcfRzOL5B-D4RAFcVd1cNUjaS14nCi17iim-0cFYcM-uvDczxSjoY_aYiZirOkYGUBFlUbz-969U-MA1zG-U9FNxnMEJG4fslKRXN9o1K2N3QCGre5Z12zBglhCQN16lO1VpQGWCjzJ_VsyJGjSY8GGdaBYbLeogBOxSFoCw5xsjBqyKVYvpv28TnUZgKnK7mNow-Lv99VLQ_Af94NkoN6uWAMttZuvkW1joqN1aoz47zr7qEOcR8LosAbzH1iFWbHbWjJ8QTTu1ziVGOwvVooCuMoYhzGfoDx3HKhmaBsJhnEEGja1wQTtBV79P6Lx5vyBxPTtUMGv8VyRhmXdsufxEsxbh6yhBKxFnc1MWspWRrq2KlBpzwDEi_U0hBKgiJ7GwvTSN2zNbvjEsl6oBXc2utWgIr_67TPA2hAavmZUiSid0LnG02hCr4d1oDe9kgnsvosCYyq3huhtEMPBOGXbQrNHp_-mwid3B8fwjRFGDO1Fa9BH7SPm0t6UyBFr5zpn3XTK_C4yGCCdi8v-rjHbBd7Akn-cjENYMOlxk5QkFnvaUYE5z-JqdQvs9EPmK2RmxPxgzrXhfLd0NST1lQ8z9_CU1qDCBngVnIBTv_U8tF-Uya6l-Ld3sXunZVP0RfWq50ldKh4Z329OO78Dr37AGC1a8UBFoJ5fiyxY0rBVkAbaG3Z1SKgbcNsktPqPc7FuiYU76pmnIuf8XzmHPZaZZRdbVufSeHTfxJmzHyqyYwIv-yslRik8WI_qxZiKYVImqbIRGOKcboZeNIREwHKTYIi_0FzwNQLMlTW0nxvl0IXT4JTWJfH1pQy5bUOzjkHafofeCzo3L8AOHZ_kXaQQ5gMcXpNpLhMLZBTLiN4nr7wmuVxbOFEQOds0ChPYwGb7HxkdjONv21UAaYBTG0XKDA0D0VrASH8XhNkd_eC6f0ZwsP-ZR0RKC66BAQo-pwFKLpSJL06aM1GKjVDS-NBfMFNKU2B2qfodwaA9sRIny40yBe940qj91flHAexussgP0qP0JNLkhTgNrQ2fK1CRuSj-iRDva6xqNN1qqw4WjnfzsHHwXGk24CeBCslGWSY_mlMo3VNJLz1QMdBg7ocd6kpZ78tuHt8B3VY5mN-_cq6B3LqxyaMvdbrJFPFfccZhaDHvmpGmrXLGX7-PrpNJOrS9hWrO89QvT844wU_jrQvG6W3Qxy4ZlROjVFOi9iQECCUchX2ykHskq-vMQaq_XZiV_DSqARokLG4Lc8i9vMEuFol_ihSHBXS0pnh8RWsoug4IGS7fObNHLvKuR1jQzIokDVbRHC2X0hr-FUIPETJo2MaoNfbZpo4Jwr_kUOgC9SfV-i70AcR1O-gJm9wAvew1A6-4nWz5F0pmU_Gl2kYIHXhm2YEeA2USfM2ivWuf-Zcvlo0FedxZM93yZfH9_Xbu6fsg-5BIREvZvoT9Ps1J5olHJO-hoqRKJG763cdoaAaiB4OfPB4b0jddR7MK2_zbuAp1TQHVlA8ESyWpxF5BpXf2W4xgpFN9PNKCHNR57oSZ1bxP32kPjuRICmCkGGoaulmvDmVZG3ELKHv4Ck0vszkkCVzcrQSKLrFQzHo5POHEwto6fCSckeo8n2ArpW-tdJ55hrBF7L1Eu_9EuRGx8Xy4KjNnDfs8_fxTdO_GKNGHnE-oHuKJAkGRTV0duXU1n61FPdZ8tKzESSVb6Q9x2AVfj1UElYJHO2atHzWUzm65Sr_jR7XG4MJJM5IBh2V-phsh9inV6LXQBzxix4mPKzZ-ZI5iT3A8HDf0AnwbxBJGGVweByIhT1lXP7Uln-th_0LsJxtxLI8rs_xyOWnxqvfq_Jaicn18PqJc-6KJzY9JA6aAsS1Sx5QL2OjviezfZcIE7BXInX2BqWKC701gLkmycHdkN8ZlItdf45khz9ag8azKZfTQOLGO1DBrAWI9BbBVnvQrGt_G9TEt4bWeWmjOA4n5EIpZGFaiScSanJNlM3Qj1AjfHl7c_Sc96ETGrP_ocFRd_F3pnNiQARP76rfLoIPnFbl8HRwFSKtXlz2k_ZGkrj4iieG9e8tno-VtfRv-sJzFXrEP5NPBbS_splEMLqiZOManXH5O6YuF-d3mTfawsjroTVzmuoD013H5dUcx-89I8mhUlEbZBL-d5eYcj1YrIujFxVqEjPVowt5TohQiahVqirudtqtD6gatAIISIntKY8MR0eYfRyFfTwm97jBDCSZhZZYd86Sgc4goLEIH-SvINwwdpM9mBCR4aDhX4AdZ-2jDoCmyuKIiOfpAXVMSmiLnQUMFULK7d314i6-g8LFSUJT4x92vhh5nTTDJBGK36HOFgTxscQgVE82J1rUQKktcG_xwOihMxrZt5VLc5saQjOxFwdmCgO0OZRykKsXFpnHP8SWsNRn_ug4FdLw1HiLOt52Sn4KEdkU1FibNrJlzjHidpjyTROvsHZMaWlxj898J12dRehouETpaSgt4l9py7Z0vCmtwnvubRs7rHN3pj1xEDKvuZIDAtHJsqCbRQztvYR-CXx87jpKHNB47xHgA1Kx9lgYp4DjJR-AUSYErYVZAPCy4l7_9zeUgtVT5ZyLFjsyBElwzp0-4tsNtLQB0LbqgRO5m2ieTdJAuLZ81exBN8JneWglM10ZX2A1b7auxYqSo_InQvBGtO5MHqhqR_QPREn4zxBS2yUkXoygd6RaObGGD4JqQqr8VDaII8PL5XDKGEwtlaf2z8KR7vdw7Mw6b8I6n-4v01lQQuU9Pkywsxdc9NilVmGykCCIU1pwTTa34sLSZQBmzFx2zVTZXdnmIwvu2eU_YsATM-P7DMRwddKow_HX7QIQTY7jQoGSEjtatbVyJv6FwiRfzPc_8HBnbc1uqPmWpjDFWI-EI--iQTq3rTnuoKFkl0o6VmK5FVNYhs94h_yVqyT0JKy2kIkzcAw9rhafcAwzp6etV9bGbmXONgtwYPdms4fBwuYpq9460efrLazlhmhtGX7v2NQw3R6_S80qAtKn-mp6otySxeZj8p0smJS6nr5vZHapmlvf9fFIGlvzEkTEbQ5lK74fHywIbMaenXkDtXf7P9JeeUHGd_5TJDvP11C1plhQlbT_voaztLeedlZ48PG9RG3QD3HGSjFYQF2adceJaYTMluB55qZQpZAzcY9LLOB6mW3o6IYOVNQU4BHyEaYw8W4UPYxvrcexQG5ZgT4npxD6EPHScioJPXN1GeeNECdUH09Kelc9j7otAJfoGyj9DYE_xs_cOCcpePKW_EdwshsN7OUO2D1PMNy7h9hNJ2Y7ypGAymMk-Kp6vzCRWwnRb9feDrSkswA08CY9FLA8AEky_SguxlfDVjiM8AnX7FoYn8v-__BwU863bNBsNR2ktH8rPqnBfiGUV4YmnUSwUC-Hb1paRZIiSlUZhZUk6q67tnLdMZ84FeB-FfVkG1wlt12HveDGd9QH6rOh0TYiqWFFEw&cid=CAASFeRoj420wpByz_RFB-4bwZvgT5gZvw&rfl=1%2Chttps%253A%252F%252Fprojectunderstood.com%252F%240

Requested by

Host: projectunderstood.com
URL: https://projectunderstood.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00b447bfcccae429616bd2845eec428cf3fadccfda944c1fc465cb572a3e03e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 04:36:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8989
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame A8ED 42 B
63 B 15ms
15ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C-y50zmFF7iQFxF2wvl5txuYLmfjQzwxqVnjOjXMVu9b6hs0Yw4ZzOHm__WIMz6O-QXXjmlXM0qpQR-kDP5WHhPMU2ZTFgK5v8Szu4jKT5bw1AtLs

Requested by

Host: ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com
URL: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 04:36:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dcmads.js Show response
fw.adsafeprotected.com/rjss/www.googletagservices.com/902386/59097919/dcm/ Frame A8ED 229 KB
76 KB 135ms
56ms Script
application/javascript 52.48.8.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/www.googletagservices.com/902386/59097919/dcm/dcmads.js
Requested by: Host: ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com
URL: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.8.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-8-1.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 76c189ca479597ff09f1dcb2843db2c459cd3b57e645372c58432cc68e24be21

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 04:36:50 GMT
content-encoding: gzip
x-server-name: app11.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 skeleton.js Show response
pixel.adsafeprotected.com/rjss/st/653659/59025458/ Frame A8ED 46 KB
13 KB 134ms
53ms Script
application/javascript 54.171.159.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/rjss/st/653659/59025458/skeleton.js?ias_dspID=64
Requested by: Host: ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com
URL: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.159.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-159-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 25458710c58dbcd741550edba126286ce69b0896f2f2b93c77faa71de01337ec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 04:36:50 GMT
content-encoding: gzip
x-server-name: app13.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame A8ED 47 KB
14 KB 135ms
55ms Script
application/javascript 54.171.159.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=10933&advId=18517273&campId=47474520&pubId=1&chanId=1184590230446&placementId=397097222&dealId=&adsafe_par&impId=ABAjH0h9z9S1JGdzRAKyOXlhasdi&bidurl=https://projectunderstood.com/
Requested by: Host: ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com
URL: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.159.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-159-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ef3b5249deebad9ff0f54554a3ff8c4db0e21062e4d5644f4f2a9d2e23d22b3d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 04:36:50 GMT
content-encoding: gzip
x-server-name: app22.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame A8ED 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Host: ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com
URL: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 04:15:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1258
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Jan 2022 04:15:52 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A8ED 119 KB
36 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com
URL: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 04:36:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 30 Dec 2021 04:36:50 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame A8ED 15 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com
URL: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 04:19:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1063
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6464
x-xss-protection: 0
server: cafe
etag: 15715955993838318253
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Jan 2022 04:19:07 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame A8ED 0
0 14ms
14ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQUulsNSRiWeiU3Xly2QS17cfUW4fd5mjDqtNnTsEj9V4Ua8FscbM4VOyreSsxAuWJo4TL0nBnOqIIbr-UMnSwjsqQJrA
Requested by: Host: ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com
URL: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/4435035286995157126/ Frame D425 66 KB
66 KB 7ms
7ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4435035286995157126/downsize_200k_v1?w=600&h=314

Requested by

Host: projectunderstood.com
URL: https://projectunderstood.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd7fec251b640af1d9f35f661b46ed5bf67fe3fab2b2cbca0171a659911d9b23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 14:47:55 GMT
x-content-type-options: nosniff
age: 568135
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67117
x-xss-protection: 0
last-modified: Fri, 30 Nov 2018 10:29:06 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 23 Dec 2022 14:47:55 GMT

GET
DATA 200
OK truncated
/ Frame D425 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e5e995f0936d63304195ab72af99edee3c10d218a5d57719b13c94780631127

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame D425 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b8425ac294074c771f441d02cd978a9ca5b3dc44cbeb59e43f735f269b5f805a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame D425 21 KB
22 KB 30ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://projectunderstood.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 10:56:24 GMT
x-content-type-options: nosniff
age: 150026
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21660
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:07:18 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 28 Dec 2022 10:56:24 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame D425 21 KB
21 KB 36ms
13ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://projectunderstood.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 20:07:29 GMT
x-content-type-options: nosniff
age: 116961
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21424
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:08:24 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 28 Dec 2022 20:07:29 GMT

GET
H/1.1 200
OK request_content.php Show response
hal900023.redintelligence.net/ Frame CDF5 7 KB
3 KB 37ms
14ms Document
text/html 78.46.23.46
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900023.redintelligence.net/request_content.php?s=77805400025506903912182011824023&a=b0d5eb9b
Requested by: Host: hal900023.redintelligence.net
URL: https://hal900023.redintelligence.net/request.php?zone=0waha4ezfhrk&nw=20&renderingType=javascript&namespace=cc61818fac&subid=&uid=3979aa2c0cd5dd37&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=CPSBCnUPSBCnUAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D1625795488878178178%26mt_id%3D9696044%26mt_adid%3D226589%26mt_sid%3D9968202%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D1abf61cd-3762-4501-93df-5ca03cfde111%26mt_cid%3D1abf61cd-3762-4501-93df-5ca03cfde111%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCzOjAYjfNYenvB5eI9u8PpNequAPPh46bXMCG2YLGAsCNtwEQASAAYLsGggEXY2EtcHViLTU1MTIzOTA3MDUxMzc1MDfIAQngAgCoAwGqBJgCT9C7BX7UVmAs8uUFwXguEL5Yam8HkQNc_7ZdpjgWAGOVvhApLrkf9iNaA_1j9gAGbaEishhedhjDAVyLh6pyFM-j7PdsVbGImJso4zTrE7Qqou97TsIir-JxNNv8lIC9Ej17dK6RoG7k5xEm3aS3ls0_BqS19-xIo-ayy5NTWRLobhUMFh11XH6dyUYhFfP2FTnwS02Ckhjb2D_TXJgPo4kgrn7P9Rp-PkGcFU6q1BHb085zXzfA6FW_CFk1YwgYZZqvetSlFycXf6Xxr9vhaj4T0E1uBVNh7c-mr8cRR11J2lQkVRFhUdo2ozDMp-M9tbAUFAB7_5xa5BvjO1e5bS5EcF_jLBWmluLaNCCbu5C1nbq-OixbhuAEAYAG-5SAodn857m4AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB8ggbYWR4LXN1YnN5bi05MTYxODYzNjg1ODI2OTU2-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_302jurs5N9L_q4PrxkugoA9vkHKg%2526client%253Dca-pub-5512390705137507%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fprojectunderstood.com%2F&ancestorOrigins=https%3A%2F%2Fprojectunderstood.com&random=8613578762670&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.46.23.46.78.clients.your-server.de
Software: Apache /
Resource Hash: 9fe42305550c4e58581ca1de874eb04edd55d9b2a0fe193e3e0ab6cad3a71b8d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/

Response headers

Date: Thu, 30 Dec 2021 04:36:50 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Thu, 30 Dec 2021 04:36:50 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2314
Connection: close
Content-Type: text/html; charset=utf-8

GET
DATA 200
OK truncated
/ Frame 23BA 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d6a2bd5e862376fb62ec99ddc5e50d561eab3aeedb772996725f65f091867cb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame D657
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=1&gdpr_consent=CPSBCnUPSBCnUAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4...
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPS4u6oE_r-R3ZtLDFJ2dtg&google_cver=1&gdpr=1&gdpr_consent=CPSBCnUPSBCnUAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20z...

43 B
894 B

13ms
12ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPS4u6oE_r-R3ZtLDFJ2dtg&google_cver=1&gdpr=1&gdpr_consent=CPSBCnUPSBCnUAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&addtl_consent=1~440.1842.1364.494.415.1878.2572.839.1889.1810.66.253.864.1033.1051.1558.587.1651.2575.2985.817.3154.2072.1716.540.495.1365.1419.1570.272.574.326.1577.2109.2253.2357.1721.1415.491.2526.2202.311.2299.196.2677.1591.149.167.2177.70.1127.449.1276.1929.1186.938.733.323.981.1301.1211.93.1765.89.1290.3052.1031.1092.1725.486.1205.867.1870.2571.317.162.482.1230.1097.1712.2316.338.2628.1201.259.241.108.144.122.1449.1564.2373.1215.780
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRDwoIKyAhiG8qy9ATAB&v=APEucNVegZ8p2HVZnkswcv3K7CYgzLZIZYSV-KkwRZ3jm19QMQ7vvNPnewTMrCPzGfjA1b6kaMXv90t8zr2ZafPeWSJ4FqG1z7sT3wWmfuVd5B8ufeJtpiyR_Yy023BHGsOIGPFM_g4gMndeKRtDDqAqdzh7fKnJk3CgVYsl5NFwimdD-Usdr0qAyGjXGkJ2vMcBcRVqk_raFdE6c7QW2IoZMfFnAHnGRJArxGUixfFzKgWfk--1Z-tRZD0YuO1DbnK04k0rfnw2d2Vmk-ZzWzVyUJ-XxY1AesdhSUYckPts8nzcwRk_Jg3lMlBhtpNqDOUG9FD0_ypKrl5Hdfokr2vYHqvptc0AA9ZXvsZ747JaCujF7IChoxpt0D7GHmQXqN0HIOKVUyjcwYH1UiIgmS0R4wEFftQQcIzBPr-iygYl3AVHbKrZITn8RsD9Nwz3LeAB6DDgPZl2iuSoageHXn0idnvtFZn69cXkfl6hdeA5oDbkCE6KDxFy619GMZ2864ZerBhnnbGXPeESNGCVd9OzObIqJXQ_0sYnS0xmt5xz4ePQecV4YrxRWD4VJ6n2TfMoKXLIIDsdJbV2xlJvZwaAUXBuqG2GgMnw6To6BxXBW6ymXcLEGeBrylBjKHEh7t86c-_HIpmuYmNiN1rHXS3OMlipgEBDibRAXilwO9czw8LG928IC_aphObbKNghIFMbJr8en71H5-vcY36BCPcAFf_WUEZZxS9psQG7eXgV5BUQ8ivvRz4Dmzvk3umKJiJIftbGxSEJngjVDwEVRgNxHKYOlGUH-CGNq_PAhaF7aYPQCnQ42iN3cDxY78W3rLVqRK9sE_IFryTLBQConbyU9Q6QARRE77bpMc2AyG0Z9ABjKw_BINwNQtIh1jtmQ5gu2smafgZ8-915t9FE8Ng9d_HoiI6D54yeXzCWR7-lO_oOBm_WbqbvZOIs36AxMx54NqcR8_vIAHJ7un1owgzbGoU5_WWWPUyhfb91Q9FE6_cCzeahc8giTEYkFYGQq5z_STX4vNo2C3MELSz8L0QPZCJud9xozg
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 30 Dec 2021 04:36:50 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 30 Dec 2021 04:36:50 GMT

Redirect headers

pragma: no-cache
date: Thu, 30 Dec 2021 04:36:50 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPS4u6oE_r-R3ZtLDFJ2dtg&google_cver=1&gdpr=1&gdpr_consent=CPSBCnUPSBCnUAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&addtl_consent=1~440.1842.1364.494.415.1878.2572.839.1889.1810.66.253.864.1033.1051.1558.587.1651.2575.2985.817.3154.2072.1716.540.495.1365.1419.1570.272.574.326.1577.2109.2253.2357.1721.1415.491.2526.2202.311.2299.196.2677.1591.149.167.2177.70.1127.449.1276.1929.1186.938.733.323.981.1301.1211.93.1765.89.1290.3052.1031.1092.1725.486.1205.867.1870.2571.317.162.482.1230.1097.1712.2316.338.2628.1201.259.241.108.144.122.1449.1564.2373.1215.780
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1150
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame D657
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=1&gdpr_consent=CPSBCnUPSBCnUAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkV...
https://dsum-sec.casalemedia.com/rrum?addtl_consent=1~440.1842.1364.494.415.1878.2572.839.1889.1810.66.253.864.1033.1051.1558.587.1651.2575.2985.817.3154.2072.1716.540.495.1365.1419.1570.272.574.32...
https://cm.g.doubleclick.net/pixel?gdpr=1&gdpr_consent=CPSBCnUPSBCnUAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2...
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPS4u6oE_r-R3ZtLDFJ2dtg&google_cver=1&gdpr=1&gdpr_consent=CPSBCnUPSBCnUAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20z...

43 B
894 B

19ms
12ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPS4u6oE_r-R3ZtLDFJ2dtg&google_cver=1&gdpr=1&gdpr_consent=CPSBCnUPSBCnUAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRDwoIKyAhiG8qy9ATAB&v=APEucNVegZ8p2HVZnkswcv3K7CYgzLZIZYSV-KkwRZ3jm19QMQ7vvNPnewTMrCPzGfjA1b6kaMXv90t8zr2ZafPeWSJ4FqG1z7sT3wWmfuVd5B8ufeJtpiyR_Yy023BHGsOIGPFM_g4gMndeKRtDDqAqdzh7fKnJk3CgVYsl5NFwimdD-Usdr0qAyGjXGkJ2vMcBcRVqk_raFdE6c7QW2IoZMfFnAHnGRJArxGUixfFzKgWfk--1Z-tRZD0YuO1DbnK04k0rfnw2d2Vmk-ZzWzVyUJ-XxY1AesdhSUYckPts8nzcwRk_Jg3lMlBhtpNqDOUG9FD0_ypKrl5Hdfokr2vYHqvptc0AA9ZXvsZ747JaCujF7IChoxpt0D7GHmQXqN0HIOKVUyjcwYH1UiIgmS0R4wEFftQQcIzBPr-iygYl3AVHbKrZITn8RsD9Nwz3LeAB6DDgPZl2iuSoageHXn0idnvtFZn69cXkfl6hdeA5oDbkCE6KDxFy619GMZ2864ZerBhnnbGXPeESNGCVd9OzObIqJXQ_0sYnS0xmt5xz4ePQecV4YrxRWD4VJ6n2TfMoKXLIIDsdJbV2xlJvZwaAUXBuqG2GgMnw6To6BxXBW6ymXcLEGeBrylBjKHEh7t86c-_HIpmuYmNiN1rHXS3OMlipgEBDibRAXilwO9czw8LG928IC_aphObbKNghIFMbJr8en71H5-vcY36BCPcAFf_WUEZZxS9psQG7eXgV5BUQ8ivvRz4Dmzvk3umKJiJIftbGxSEJngjVDwEVRgNxHKYOlGUH-CGNq_PAhaF7aYPQCnQ42iN3cDxY78W3rLVqRK9sE_IFryTLBQConbyU9Q6QARRE77bpMc2AyG0Z9ABjKw_BINwNQtIh1jtmQ5gu2smafgZ8-915t9FE8Ng9d_HoiI6D54yeXzCWR7-lO_oOBm_WbqbvZOIs36AxMx54NqcR8_vIAHJ7un1owgzbGoU5_WWWPUyhfb91Q9FE6_cCzeahc8giTEYkFYGQq5z_STX4vNo2C3MELSz8L0QPZCJud9xozg
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 30 Dec 2021 04:36:50 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 30 Dec 2021 04:36:50 GMT

Redirect headers

pragma: no-cache
date: Thu, 30 Dec 2021 04:36:50 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPS4u6oE_r-R3ZtLDFJ2dtg&google_cver=1&gdpr=1&gdpr_consent=CPSBCnUPSBCnUAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 703
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame D657 170 B
502 B 48ms
18ms Image
image/png 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=1&gdpr_consent=CPSBCnUPSBCnUAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&addtl_consent=1~440.1842.1364.494.415.1878.2572.839.1889.1810.66.253.864.1033.1051.1558.587.1651.2575.2985.817.3154.2072.1716.540.495.1365.1419.1570.272.574.326.1577.2109.2253.2357.1721.1415.491.2526.2202.311.2299.196.2677.1591.149.167.2177.70.1127.449.1276.1929.1186.938.733.323.981.1301.1211.93.1765.89.1290.3052.1031.1092.1725.486.1205.867.1870.2571.317.162.482.1230.1097.1712.2316.338.2628.1201.259.241.108.144.122.1449.1564.2373.1215.780

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRDwoIKyAhiG8qy9ATAB&v=APEucNVegZ8p2HVZnkswcv3K7CYgzLZIZYSV-KkwRZ3jm19QMQ7vvNPnewTMrCPzGfjA1b6kaMXv90t8zr2ZafPeWSJ4FqG1z7sT3wWmfuVd5B8ufeJtpiyR_Yy023BHGsOIGPFM_g4gMndeKRtDDqAqdzh7fKnJk3CgVYsl5NFwimdD-Usdr0qAyGjXGkJ2vMcBcRVqk_raFdE6c7QW2IoZMfFnAHnGRJArxGUixfFzKgWfk--1Z-tRZD0YuO1DbnK04k0rfnw2d2Vmk-ZzWzVyUJ-XxY1AesdhSUYckPts8nzcwRk_Jg3lMlBhtpNqDOUG9FD0_ypKrl5Hdfokr2vYHqvptc0AA9ZXvsZ747JaCujF7IChoxpt0D7GHmQXqN0HIOKVUyjcwYH1UiIgmS0R4wEFftQQcIzBPr-iygYl3AVHbKrZITn8RsD9Nwz3LeAB6DDgPZl2iuSoageHXn0idnvtFZn69cXkfl6hdeA5oDbkCE6KDxFy619GMZ2864ZerBhnnbGXPeESNGCVd9OzObIqJXQ_0sYnS0xmt5xz4ePQecV4YrxRWD4VJ6n2TfMoKXLIIDsdJbV2xlJvZwaAUXBuqG2GgMnw6To6BxXBW6ymXcLEGeBrylBjKHEh7t86c-_HIpmuYmNiN1rHXS3OMlipgEBDibRAXilwO9czw8LG928IC_aphObbKNghIFMbJr8en71H5-vcY36BCPcAFf_WUEZZxS9psQG7eXgV5BUQ8ivvRz4Dmzvk3umKJiJIftbGxSEJngjVDwEVRgNxHKYOlGUH-CGNq_PAhaF7aYPQCnQ42iN3cDxY78W3rLVqRK9sE_IFryTLBQConbyU9Q6QARRE77bpMc2AyG0Z9ABjKw_BINwNQtIh1jtmQ5gu2smafgZ8-915t9FE8Ng9d_HoiI6D54yeXzCWR7-lO_oOBm_WbqbvZOIs36AxMx54NqcR8_vIAHJ7un1owgzbGoU5_WWWPUyhfb91Q9FE6_cCzeahc8giTEYkFYGQq5z_STX4vNo2C3MELSz8L0QPZCJud9xozg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 04:36:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame D657
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQyMjI1ODI4MTY1NDY5MzA3Mw%3D%3D

170 B
232 B

15ms
15ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQyMjI1ODI4MTY1NDY5MzA3Mw%3D%3D

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 04:36:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 30 Dec 2021 04:36:50 GMT
X-Proxy-Origin: 91.238.82.153; 91.238.82.153; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 7f1f6a70-0610-414d-a0ce-4d9649503649
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQyMjI1ODI4MTY1NDY5MzA3Mw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.6.2/ Frame CDF5 89 KB
32 KB 45ms
7ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js

Requested by

Host: hal900023.redintelligence.net
URL: https://hal900023.redintelligence.net/request_content.php?s=77805400025506903912182011824023&a=b0d5eb9b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900023.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 15:56:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 218437
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32245
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 27 Dec 2022 15:56:13 GMT

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame CDF5 747 B
941 B 70ms
17ms Script
text/javascript 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=51954937;click=https%3A%2F%2Fhal900023.redintelligence.net%2Fc%2Fpfs909vgiwa2b8u%3Ftprde%3D

Requested by

Host: hal900023.redintelligence.net
URL: https://hal900023.redintelligence.net/request_content.php?s=77805400025506903912182011824023&a=b0d5eb9b

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

1131f28649bad8264539ac314ec45a83494b96bbf0940f2a04c622e99d49a97f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900023.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 04:36:50 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 548
expires: -1

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame A8ED 41 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DnVK3z0EJnPg4eN_eXYx9nZi5WEop44WWT_JNvsDsQ91rCSUnWJA8N0gdrSMmRcCjG8uv7cYIMST93d8Sp_H9qxjx4xModNb3h1VsPPLchtpx2OZovzttPwwnDpu4UfN5dqjEc-ZRQP8cOza1VbGMnnrQDVQ&cry=1&dbm_d=AKAmf-DucT9CyKnTaAYNJO63rTUoN5gY5PG_8tVf1yFKjqnpjBY2IS6Kb1KrGG9xXq7za682DzI_zbcdF7AkZvEs41MsHp7Z6ctpSGNofB706NogcqWPyqz6XS8JFMMMrSGVFz9ZekDIcoQjWDWqvN_eTwnLkjbUYpNI277wnAPj9L0sbMgN2tH8seZ-r3K5LQCRgKLgkIA5veMLFBrSwzG0B-sM8y9_My5PVnwE3qWJGXB_aQm-4xOvyXCrtHSWy3jxeJpzPa4QO8bx1OyebmGNfFlymyha5h5nUVtrj4X-daIO0vcFvK9xVk61txMtQ0-fK4PZ4FrcjJQCxf9c6jWq7IZp6OYiHjna7sMYxRN-kvAPcYPitUwQ5TFoYfIqR2VVKYTuHEfK0k-5X6hxvTKrKmPoSvKcCWM6VSrc0airWYnDXGw1fkcI0PZjOVlyZwew3IY6OqPY7XpG3dhVSW5A6QpR3dl_Qfxq_gCtDluX4dQhDbxcU3-JUNkljNP2YqntYsyhxdTDr24mJGBEeRBvp0t10oDgw03O520FGLV7FRASVuESzK3zKK-rdbokVLJ0N9DHKrAjurqjQv3XOGeSPinzcy1ZSUa93TYCdSEqk17m4FIIfdDASgfrODH42e2MqlYS7apYQj6juNsdtfjV46HvY2Qid7i0yVQ1GE14l4lOKdzzu2xMN0ChA4PuSxkQyf7DuPvgTtNLMM2KRWnopdmij68wzQvcwUgd0faFo5HuRcwXG5PtnheZBw-7g6MtrqPCE54vIbFcfRzOL5B-D4RAFcVd1cNUjaS14nCi17iim-0cFYcM-uvDczxSjoY_aYiZirOkYGUBFlUbz-969U-MA1zG-U9FNxnMEJG4fslKRXN9o1K2N3QCGre5Z12zBglhCQN16lO1VpQGWCjzJ_VsyJGjSY8GGdaBYbLeogBOxSFoCw5xsjBqyKVYvpv28TnUZgKnK7mNow-Lv99VLQ_Af94NkoN6uWAMttZuvkW1joqN1aoz47zr7qEOcR8LosAbzH1iFWbHbWjJ8QTTu1ziVGOwvVooCuMoYhzGfoDx3HKhmaBsJhnEEGja1wQTtBV79P6Lx5vyBxPTtUMGv8VyRhmXdsufxEsxbh6yhBKxFnc1MWspWRrq2KlBpzwDEi_U0hBKgiJ7GwvTSN2zNbvjEsl6oBXc2utWgIr_67TPA2hAavmZUiSid0LnG02hCr4d1oDe9kgnsvosCYyq3huhtEMPBOGXbQrNHp_-mwid3B8fwjRFGDO1Fa9BH7SPm0t6UyBFr5zpn3XTK_C4yGCCdi8v-rjHbBd7Akn-cjENYMOlxk5QkFnvaUYE5z-JqdQvs9EPmK2RmxPxgzrXhfLd0NST1lQ8z9_CU1qDCBngVnIBTv_U8tF-Uya6l-Ld3sXunZVP0RfWq50ldKh4Z329OO78Dr37AGC1a8UBFoJ5fiyxY0rBVkAbaG3Z1SKgbcNsktPqPc7FuiYU76pmnIuf8XzmHPZaZZRdbVufSeHTfxJmzHyqyYwIv-yslRik8WI_qxZiKYVImqbIRGOKcboZeNIREwHKTYIi_0FzwNQLMlTW0nxvl0IXT4JTWJfH1pQy5bUOzjkHafofeCzo3L8AOHZ_kXaQQ5gMcXpNpLhMLZBTLiN4nr7wmuVxbOFEQOds0ChPYwGb7HxkdjONv21UAaYBTG0XKDA0D0VrASH8XhNkd_eC6f0ZwsP-ZR0RKC66BAQo-pwFKLpSJL06aM1GKjVDS-NBfMFNKU2B2qfodwaA9sRIny40yBe940qj91flHAexussgP0qP0JNLkhTgNrQ2fK1CRuSj-iRDva6xqNN1qqw4WjnfzsHHwXGk24CeBCslGWSY_mlMo3VNJLz1QMdBg7ocd6kpZ78tuHt8B3VY5mN-_cq6B3LqxyaMvdbrJFPFfccZhaDHvmpGmrXLGX7-PrpNJOrS9hWrO89QvT844wU_jrQvG6W3Qxy4ZlROjVFOi9iQECCUchX2ykHskq-vMQaq_XZiV_DSqARokLG4Lc8i9vMEuFol_ihSHBXS0pnh8RWsoug4IGS7fObNHLvKuR1jQzIokDVbRHC2X0hr-FUIPETJo2MaoNfbZpo4Jwr_kUOgC9SfV-i70AcR1O-gJm9wAvew1A6-4nWz5F0pmU_Gl2kYIHXhm2YEeA2USfM2ivWuf-Zcvlo0FedxZM93yZfH9_Xbu6fsg-5BIREvZvoT9Ps1J5olHJO-hoqRKJG763cdoaAaiB4OfPB4b0jddR7MK2_zbuAp1TQHVlA8ESyWpxF5BpXf2W4xgpFN9PNKCHNR57oSZ1bxP32kPjuRICmCkGGoaulmvDmVZG3ELKHv4Ck0vszkkCVzcrQSKLrFQzHo5POHEwto6fCSckeo8n2ArpW-tdJ55hrBF7L1Eu_9EuRGx8Xy4KjNnDfs8_fxTdO_GKNGHnE-oHuKJAkGRTV0duXU1n61FPdZ8tKzESSVb6Q9x2AVfj1UElYJHO2atHzWUzm65Sr_jR7XG4MJJM5IBh2V-phsh9inV6LXQBzxix4mPKzZ-ZI5iT3A8HDf0AnwbxBJGGVweByIhT1lXP7Uln-th_0LsJxtxLI8rs_xyOWnxqvfq_Jaicn18PqJc-6KJzY9JA6aAsS1Sx5QL2OjviezfZcIE7BXInX2BqWKC701gLkmycHdkN8ZlItdf45khz9ag8azKZfTQOLGO1DBrAWI9BbBVnvQrGt_G9TEt4bWeWmjOA4n5EIpZGFaiScSanJNlM3Qj1AjfHl7c_Sc96ETGrP_ocFRd_F3pnNiQARP76rfLoIPnFbl8HRwFSKtXlz2k_ZGkrj4iieG9e8tno-VtfRv-sJzFXrEP5NPBbS_splEMLqiZOManXH5O6YuF-d3mTfawsjroTVzmuoD013H5dUcx-89I8mhUlEbZBL-d5eYcj1YrIujFxVqEjPVowt5TohQiahVqirudtqtD6gatAIISIntKY8MR0eYfRyFfTwm97jBDCSZhZZYd86Sgc4goLEIH-SvINwwdpM9mBCR4aDhX4AdZ-2jDoCmyuKIiOfpAXVMSmiLnQUMFULK7d314i6-g8LFSUJT4x92vhh5nTTDJBGK36HOFgTxscQgVE82J1rUQKktcG_xwOihMxrZt5VLc5saQjOxFwdmCgO0OZRykKsXFpnHP8SWsNRn_ug4FdLw1HiLOt52Sn4KEdkU1FibNrJlzjHidpjyTROvsHZMaWlxj898J12dRehouETpaSgt4l9py7Z0vCmtwnvubRs7rHN3pj1xEDKvuZIDAtHJsqCbRQztvYR-CXx87jpKHNB47xHgA1Kx9lgYp4DjJR-AUSYErYVZAPCy4l7_9zeUgtVT5ZyLFjsyBElwzp0-4tsNtLQB0LbqgRO5m2ieTdJAuLZ81exBN8JneWglM10ZX2A1b7auxYqSo_InQvBGtO5MHqhqR_QPREn4zxBS2yUkXoygd6RaObGGD4JqQqr8VDaII8PL5XDKGEwtlaf2z8KR7vdw7Mw6b8I6n-4v01lQQuU9Pkywsxdc9NilVmGykCCIU1pwTTa34sLSZQBmzFx2zVTZXdnmIwvu2eU_YsATM-P7DMRwddKow_HX7QIQTY7jQoGSEjtatbVyJv6FwiRfzPc_8HBnbc1uqPmWpjDFWI-EI--iQTq3rTnuoKFkl0o6VmK5FVNYhs94h_yVqyT0JKy2kIkzcAw9rhafcAwzp6etV9bGbmXONgtwYPdms4fBwuYpq9460efrLazlhmhtGX7v2NQw3R6_S80qAtKn-mp6otySxeZj8p0smJS6nr5vZHapmlvf9fFIGlvzEkTEbQ5lK74fHywIbMaenXkDtXf7P9JeeUHGd_5TJDvP11C1plhQlbT_voaztLeedlZ48PG9RG3QD3HGSjFYQF2adceJaYTMluB55qZQpZAzcY9LLOB6mW3o6IYOVNQU4BHyEaYw8W4UPYxvrcexQG5ZgT4npxD6EPHScioJPXN1GeeNECdUH09Kelc9j7otAJfoGyj9DYE_xs_cOCcpePKW_EdwshsN7OUO2D1PMNy7h9hNJ2Y7ypGAymMk-Kp6vzCRWwnRb9feDrSkswA08CY9FLA8AEky_SguxlfDVjiM8AnX7FoYn8v-__BwU863bNBsNR2ktH8rPqnBfiGUV4YmnUSwUC-Hb1paRZIiSlUZhZUk6q67tnLdMZ84FeB-FfVkG1wlt12HveDGd9QH6rOh0TYiqWFFEw&cid=CAASFeRoj420wpByz_RFB-4bwZvgT5gZvw&rfl=1%2Chttps%253A%252F%252Fprojectunderstood.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 14:56:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 135604
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Dec 2022 14:56:46 GMT

GET
H3 200 ms.png
tpc.googlesyndication.com/pagead/images/abg/ Frame D425 3 KB
3 KB 7ms
7ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/ms.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e21f4e7e88783b14a82c666b81649a49dace8b1fd9a1ec27a8e17b2ae26bbc94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 29 Dec 2021 06:05:51 GMT
x-content-type-options: nosniff
server: cafe
age: 81059
etag: 12948112503563494795
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3020
x-xss-protection: 0
expires: Thu, 30 Dec 2021 06:05:51 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame D425 344 B
368 B 7ms
7ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 29 Dec 2021 06:46:14 GMT
x-content-type-options: nosniff
server: cafe
age: 78636
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Thu, 30 Dec 2021 06:46:14 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 8260 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Tue, 28 Dec 2021 14:56:46 GMT
expires: Wed, 28 Dec 2022 14:56:46 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 135604
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js Show response
pagead2.googlesyndication.com/bg/ Frame 8260 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

037b12d07ffce84bbca6821a50f249c54429b20c0f2fd67469a0bb5937113051

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 23:03:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20006
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13610
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 29 Dec 2022 23:03:24 GMT

GET
H/1.1 200
OK viewability Show response
hal900023.redintelligence.net/ Frame CDF5 0
150 B 34ms
12ms Script
text/html 78.46.23.46
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900023.redintelligence.net/viewability?s=77805400025506903912182011824023&a=1921c7d7&vb=m
Requested by: Host: hal900023.redintelligence.net
URL: https://hal900023.redintelligence.net/request_content.php?s=77805400025506903912182011824023&a=b0d5eb9b
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.46.23.46.78.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900023.redintelligence.net/request_content.php?s=77805400025506903912182011824023&a=b0d5eb9b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 30 Dec 2021 04:36:50 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3

200

dcmads.js Show response
www.googletagservices.com/dcm/ Frame A8ED
Redirect Chain

https://fw.adsafeprotected.com/rfw/www.googletagservices.com/902386/59097919/dcm/dcmads.js?adsafe_url=https%3A%2F%2Fprojectunderstood.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Febfeb50a3c1a878fc...
https://www.googletagservices.com/dcm/dcmads.js

9 KB
4 KB

7ms
6ms

Script
text/javascript

2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com
URL: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c45a7b49c14477cd160a83d4ee1fb8c311e12314e042d0647c68bec62f16fe29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 03:38:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3486
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4486
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 19:29:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 30 Dec 2021 04:38:44 GMT

Redirect headers

pragma: no-cache
date: Thu, 30 Dec 2021 04:36:50 GMT
x-server-name: app15.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://www.googletagservices.com/dcm/dcmads.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame 791B 80 KB
21 KB 52ms
9ms Script
application/javascript 2600:9000:21f3:8600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com
URL: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:8600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 10:01:19 GMT
content-encoding: gzip
age: 3090932
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 debe291145dc27044f50d04bac101cd9.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA2-C2
content-type: application/javascript
x-amz-cf-id: sG8LjZhpfxKgVYbzxyI8wlprKwXDnQmFsoiEHmJdarKcO4ospij13g==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame A8ED 43 B
215 B 506ms
162ms Image
image/gif 35.84.213.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=902386&asId=173b4baf-54c4-d7a2-b141-1c085c3aad7b&tv=%7Bc:yfEui3,pingTime:-3,time:37,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:14%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:38,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:13,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B33~0%5D,as:%5B33~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sT33gQi+11%7C12%7C13%7C141%7C151%7C16%7C17*.902386-59097919%7C171%7C172,fm2:sT33gQi+11%7C12%7C13%7C141%7C151%7C16%7C17*.902386-59097919%7C171%7C172,idMap:17*,rmeas:1,rend:0,renddet:IMG.us%7D&br=c
Requested by: Host: ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com
URL: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.84.213.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-84-213-94.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 04:36:51 GMT
x-server-name: dt06.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame A8ED 43 B
215 B 504ms
162ms Image
image/gif 35.84.213.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=902386&asId=173b4baf-54c4-d7a2-b141-1c085c3aad7b&tv=%7Bc:yfEui5,pingTime:-6,time:39,type:i,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:39,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:13,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B34~0%5D,as:%5B34~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sT33gQi+11%7C12%7C13%7C141%7C151%7C16%7C17*.902386-59097919%7C171%7C172,fm2:sT33gQi+11%7C12%7C13%7C141%7C151%7C16%7C17*.902386-59097919%7C171%7C172,idMap:17*,rmeas:1,rend:0,renddet:IMG.us%7D&tpiLookup=ao:projectunderstood.com*&br=c
Requested by: Host: ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com
URL: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.84.213.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-84-213-94.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 04:36:51 GMT
x-server-name: dt11.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame CDF5 33 KB
16 KB 68ms
17ms Script
text/javascript 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=51954937;click=https%3A%2F%2Fhal900023.redintelligence.net%2Fc%2Fpfs909vgiwa2b8u%3Ftprde%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 30d2143e5e0ad4af94bf25a55ea17ac1451f5f8b91ff96dc4a32b4791aaeeab8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900023.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 04:36:50 GMT
content-encoding: gzip
last-modified: Wed, 01 Dec 2021 14:23:05 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Fri, 31 Dec 2021 08:20:55 GMT

GET
H3 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012111011823000/ Frame 9E68 189 KB
54 KB 24ms
9ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 135618
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55592
x-xss-protection: 0
server: sffe
date: Tue, 28 Dec 2021 14:56:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "11dee2040f5fc1d7"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 28 Dec 2022 14:56:32 GMT

GET
H3 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 9E68 13 KB
5 KB 32ms
18ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 135618
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4992
x-xss-protection: 0
server: sffe
date: Tue, 28 Dec 2021 14:56:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "858600ba27ef7413"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 28 Dec 2022 14:56:32 GMT

GET
H3 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 9E68 89 KB
28 KB 22ms
8ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 135618
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28555
x-xss-protection: 0
server: sffe
date: Tue, 28 Dec 2021 14:56:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a64e482645fd262b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 28 Dec 2022 14:56:32 GMT

GET
H3 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 9E68 5 KB
2 KB 31ms
18ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 135618
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1731
x-xss-protection: 0
server: sffe
date: Tue, 28 Dec 2021 14:56:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "cb4f0e89d7d37d9b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 28 Dec 2022 14:56:32 GMT

GET
H3 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 9E68 40 KB
13 KB 32ms
19ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 135618
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12826
x-xss-protection: 0
server: sffe
date: Tue, 28 Dec 2021 14:56:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f02165e023e70703"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 28 Dec 2022 14:56:32 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 9E68 3 KB
579 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 30 Dec 2021 04:09:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 30 Dec 2021 04:36:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 30 Dec 2021 04:36:50 GMT

GET
H3 200 ms.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 9E68 3 KB
3 KB 7ms
6ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/ms.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e21f4e7e88783b14a82c666b81649a49dace8b1fd9a1ec27a8e17b2ae26bbc94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 29 Dec 2021 06:05:51 GMT
x-content-type-options: nosniff
server: cafe
age: 81059
etag: 12948112503563494795
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3020
x-xss-protection: 0
expires: Thu, 30 Dec 2021 06:05:51 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 9E68 344 B
368 B 7ms
7ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 29 Dec 2021 06:46:14 GMT
x-content-type-options: nosniff
server: cafe
age: 78636
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Thu, 30 Dec 2021 06:46:14 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 9E68 0
0 15ms
14ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTTrUARUa_6j5Ge2wqNBJtqzfDjRA1tjVUL08EGKHojrWWTJjQFR_Lw6kDNXGmch14Lf6PBcJanAQ1qsM7McJeQSGN4bg
Requested by: Host: projectunderstood.com
URL: https://projectunderstood.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 9E68 0
0 28ms
27ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CglfwYjfNYZLfJZvL7_UPrvS-uArGsvHpYtjLh_O2DsPf_vWVDxABIIbhhSpguwagAcixqc0DyAEJ4AIAqAMByAMKqgSJAk_Qbvzj6euQMa9VAVtlkjclyR5PSv2sB3t9MQl6G_mIkzvT78vLtPyNfpwmWlqxrF3eIESeYz11hGHq4RV_O2xfz8CQdDntBn-zMj90G71UU20kilZRPuvBW5sMjsOTs2xhmP8jZoXWVAqJxkaPyGHO9zYoaASz3hszn7lGze34Yd6-1mQ9j-uefCG4s6CcRi0zZQNcNqziJ51mVKjzpdy6qFI1vFjaywWx0UcpWFGiuTLGf01H3-Q3ZGoAiVURr5_hd_bRH-l2zF_j_QE90xYcyDLdNxu7yqUKQoZg8XCp32cyAxHQ0Wx0KMx1YKUbByZmiQtMwhhhjEam6bLY5Hgm1bmjqvIfi7bABLLUoMiKAuAEAZIFBAgEGAGSBQQIBRgEoAYugAfk6uI1qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQrrEd0ggJCIjhgBAQARgdgAoDyAsBuBOIJ9gTDNAVAYAXAbIXHgocCAASFHB1Yi02NTUwNDEzMzYzNjAyNTg4GP6rHQ&sigh=XtL6A-kiFDs&uach_m=[UACH]&template_id=5000&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by: Host: projectunderstood.com
URL: https://projectunderstood.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H2 200 dt
dt.adsafeprotected.com/ Frame A8ED 43 B
215 B 474ms
162ms Image
image/gif 35.84.213.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=902386&asId=173b4baf-54c4-d7a2-b141-1c085c3aad7b&tv=%7Bc:yfEuiA,pingTime:-2,time:70,type:a,im:%7Bsf:0,pom:1,prf:%7BmdA:22,mdZ:183,beA:189,beZ:190,mfA:191,cmA:192,inA:193,inZ:196,prA:196,prZ:199,si:204,poA:204,poZ:220,cmZ:220,mfZ:220,loA:228,loZ:230,ltA:259,ltZ:259%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.600,dom:ins%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:14%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:70,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:13,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B65~0%5D,as:%5B65~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sT33gQi+11%7C12%7C13%7C141%7C151%7C16%7C17*.902386-59097919%7C171%7C172,fm2:sT33gQi+11%7C12%7C13%7C141%7C151%7C16%7C17*.902386-59097919%7C171%7C172,idMap:17*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:IMG.us,sinceFw:54,readyFired:false%7D&br=c
Requested by: Host: ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com
URL: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.84.213.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-84-213-94.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 04:36:51 GMT
x-server-name: dt09.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012111011823000/ Frame 7B19 189 KB
54 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 135618
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55592
x-xss-protection: 0
server: sffe
date: Tue, 28 Dec 2021 14:56:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "11dee2040f5fc1d7"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 28 Dec 2022 14:56:32 GMT

GET
H3 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 7B19 13 KB
5 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 135618
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4992
x-xss-protection: 0
server: sffe
date: Tue, 28 Dec 2021 14:56:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "858600ba27ef7413"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 28 Dec 2022 14:56:32 GMT

GET
H3 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 7B19 89 KB
28 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 135618
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28555
x-xss-protection: 0
server: sffe
date: Tue, 28 Dec 2021 14:56:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a64e482645fd262b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 28 Dec 2022 14:56:32 GMT

GET
H3 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 7B19 5 KB
2 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 135618
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1731
x-xss-protection: 0
server: sffe
date: Tue, 28 Dec 2021 14:56:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "cb4f0e89d7d37d9b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 28 Dec 2022 14:56:32 GMT

GET
H3 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 7B19 40 KB
13 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 135618
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12826
x-xss-protection: 0
server: sffe
date: Tue, 28 Dec 2021 14:56:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f02165e023e70703"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 28 Dec 2022 14:56:32 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 7B19 3 KB
579 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 30 Dec 2021 04:05:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 30 Dec 2021 04:36:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 30 Dec 2021 04:36:50 GMT

GET
H3 200 ms.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 7B19 3 KB
3 KB 7ms
7ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/ms.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e21f4e7e88783b14a82c666b81649a49dace8b1fd9a1ec27a8e17b2ae26bbc94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 29 Dec 2021 06:05:51 GMT
x-content-type-options: nosniff
server: cafe
age: 81059
etag: 12948112503563494795
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3020
x-xss-protection: 0
expires: Thu, 30 Dec 2021 06:05:51 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 7B19 344 B
368 B 9ms
9ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 29 Dec 2021 06:46:14 GMT
x-content-type-options: nosniff
server: cafe
age: 78636
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Thu, 30 Dec 2021 06:46:14 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 7B19 0
0 14ms
14ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSxtJY3HK8sq43xIx2fPfZUHLg8lPXOx4UgW8d6NIw9dPsfqWE5o1DyVQhiQ-tmnTjx7ty3GfkIELVP_nphii8Q2tckgA
Requested by: Host: projectunderstood.com
URL: https://projectunderstood.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 7B19 0
0 23ms
23ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CCLJjYjfNYaCAJ8eM7_UPnNyZuAPd5ZW2Z9qk-LO1D-iqtpWLAxABIKqAwyJguwagAeW1x8sDyAEBqQIt5nWj4Ll9PuACAKgDAaoEhQJP0OX0KmBPQzdORmOldtuDJDNh9mtAbK-aoJxQu3GRfS9WNKR6dtfUzw-TWq_f30TQ96G98ozghtb-h03AIrwRFrudDXdLZ96oqOXI-mFZrKKbmYGS0MyYVQMXMqFbEXTVjRV2nzooRB8CKET0igrs9GvLkf9yuDKH34DmJ-iHQl-dRqGqQDZEB9o6Ux4kiYNzRXwVA_ikKFSFzaMNqcVkQu5RN2QxtpI3GLZ7Er8jGCFaCHkP8HeQS_jWevYNcY_i3jxOlXK3UkuRl207ciRhTl7LjweMcpDqXbgtJ0SNzkW6Cblk02wVQuiy9hTZIFrVH0BpXxvXynH_JQKov14Jx_297aHABJjGw4zrA-AEAZIFBAgEGAGSBQQIBRgEgAeDyrg0qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQnM8O0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi05MTYxODYzNjg1ODI2OTU2gAoDyAsB2BMNiBQD0BUBmBYBgBcBshceChwIABIUcHViLTU1MTIzOTA3MDUxMzc1MDcYku8h&sigh=4Zf6YQisHnA&uach_m=[UACH]&template_id=5001&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by: Host: projectunderstood.com
URL: https://projectunderstood.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/2725279364034001102/ Frame 9E68 25 KB
25 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2725279364034001102/downsize_200k_v1?w=600&h=314

Requested by

Host: projectunderstood.com
URL: https://projectunderstood.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

651197ee85a144be69d79b123a524fd4cffa117d3e53ff5484bc8fef02072987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 11:46:44 GMT
x-content-type-options: nosniff
age: 60606
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25091
x-xss-protection: 0
last-modified: Fri, 06 Mar 2020 14:22:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 29 Dec 2022 11:46:44 GMT

GET
DATA 200
OK truncated
/ Frame 9E68 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e5e995f0936d63304195ab72af99edee3c10d218a5d57719b13c94780631127

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 9E68 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 92471e34d41c4c2deeaa5156fa09353423849a030b3f624b9a5757c6daad68ee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 9E68 21 KB
21 KB 23ms
8ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://projectunderstood.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 10:56:24 GMT
x-content-type-options: nosniff
age: 150026
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21660
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:07:18 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 28 Dec 2022 10:56:24 GMT

GET
H3 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 9E68 21 KB
21 KB 24ms
10ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://projectunderstood.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 20:07:29 GMT
x-content-type-options: nosniff
age: 116961
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21424
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:08:24 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 28 Dec 2022 20:07:29 GMT

GET
H3 200 impl_v81.js Show response
www.googletagservices.com/dcm/ Frame A8ED 41 KB
17 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v81.js

Requested by

Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/www.googletagservices.com/902386/59097919/dcm/dcmads.js?adsafe_url=https%3A%2F%2Fprojectunderstood.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Febfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Febfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:173b4baf-54c4-d7a2-b141-1c085c3aad7b,c:yfEuhG,sl:outOfView,em:true,fr:false,thd:1,mn:app11ie,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,nbld:0,mtim:2,fm:sT33gQi+11%7C12%7C13%7C141%7C151%7C16%7C17*.902386-59097919%7C171%7C172,fm2:sT33gQi+11%7C12%7C13%7C141%7C151%7C16%7C17*.902386-59097919%7C171%7C172,idMap:17*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:14,oid:1b378908-692a-11ec-866f-024bf4a6d028,v:19.8.273,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3be6ad457ba5d4425f4d105688e9cf5a32595ff156bd290c8ccbe0e6ca3a68a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 12:47:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 229757
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17189
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 19:28:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 27 Dec 2022 12:47:33 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/15171244646163757592/ Frame 7B19 7 KB
7 KB 7ms
7ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15171244646163757592/downsize_200k_v1?w=100&h=100

Requested by

Host: projectunderstood.com
URL: https://projectunderstood.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23b644c96a382cf57150c919ff144841600c7c4fbefa68e5368a4ed001a7a50f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 01:39:00 GMT
x-content-type-options: nosniff
age: 356270
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7400
x-xss-protection: 0
last-modified: Tue, 21 Dec 2021 08:26:15 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 26 Dec 2022 01:39:00 GMT

GET
DATA 200
OK truncated
/ Frame 7B19 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d480e8a7a9d951e5d2c82ac84e28683c4d1b138a8bb87a347e8e9572ec8ffc24

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 7B19 21 KB
21 KB 13ms
12ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://projectunderstood.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 10:56:24 GMT
x-content-type-options: nosniff
age: 150026
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21660
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:07:18 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 28 Dec 2022 10:56:24 GMT

GET
H3 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 7B19 21 KB
21 KB 16ms
15ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://projectunderstood.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 20:07:29 GMT
x-content-type-options: nosniff
age: 116961
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21424
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:08:24 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 28 Dec 2022 20:07:29 GMT

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame CDF5 4 KB
3 KB 17ms
17ms Script
text/javascript 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?CC=1&bn=51954937;click=https%3A%2F%2Fhal900023.redintelligence.net%2Fc%2Fpfs909vgiwa2b8u%3Ftprde%3D;js=1;adfxid=1x;4258;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;fd=0|0&CREFURL=https%3A%2F%2Fprojectunderstood.com

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

2f06e764b2fa08c6c80eeaf88765ad910944ac3c06462373278d3a9606414efe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900023.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 04:36:51 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 2063
expires: -1

GET
H2 200 B26880508.322832697;dc_ver=81.236;dc_eid=40004000;sz=300x600;u_sd=1;gdpr_consent=CPSBCnUPSBCnUAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw... Show response
ad.doubleclick.net/ddm/adj/N8714.4053162MIQ_PUBLICIS_UK/ Frame A8ED 65 KB
25 KB 99ms
50ms Script
text/javascript 172.217.18.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N8714.4053162MIQ_PUBLICIS_UK/B26880508.322832697;dc_ver=81.236;dc_eid=40004000;sz=300x600;u_sd=1;gdpr_consent=CPSBCnUPSBCnUAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA;gdpr=1;dc_adk=3047537733;ord=u2ufvz;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCBXLmYjfNYYOaFYWg7_UPu9enmAro2dbyZvfE8fGJD6_m9P0IEAEgqoDDImC7BqABk9-izgHIAQmpArJ0W32RpLY-qAMBqgSHAk_QvQFLpWyVReaWaYnJpc3Q0VmCiTcE6vwz8XDRVvByHYtaRMNsMLqC7J3LN8gkeiR9FYtr3qpmOKTWS9oY315CgMEwyiBnAeVZN6ZtV7bp_69_KrkCehySzF8U3t_lGJ57AW6-RtUYBKl8-ruQxTgH04d2HNyKu2NjRbs9u_DAPgkOhDANbGRuFknSVEH3927Ojc7AHxPulIKddz3Lyd_a1_-kOmi0xMsGuNyIpedo9UpbujymfcAmV2-F6qXS0FaLar-AKyTUV9TSWoLhkmt-3UJ5C_UEuPtis87FcUQzfX6uCzbWL3SRQSsn23wADId2I5pzIMesPGl22bIG08JaaaNGfx6PwATOtYWayAPgBAOQBgGgBk2AB9Wg3bECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi05MTYxODYzNjg1ODI2OTU2gAoDmAsByAsBgAwBsBPN_MYN0BMA2BMN2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASFeRoj420wpByz_RFB-4bwZvgT5gZvw%26sig%3DAOD64_2SE-fqSFuMnC9f3wPGwyjEplW7lQ%26client%3Dca-pub-5512390705137507%26dbm_c%3DAKAmf-Bup5EsZ6Dk65hRLB3weUFYH6R3SlX9ImbCyrcTunALEcK0CIqTL0BZod_0dEzDRmswWi6oXNJmqBmdCqYucKRrcotI3QdLHMSJ5KnG7oMSfDwtYa0R3WmZBm3MvzvTjqGK0Xgs8pGLe-B53t6rnN4dBeojfA%26cry%3D1%26dbm_d%3DAKAmf-BBBdfnLgzP0LOdcOYqATS3-mTp2JRc6w0YePbv7o1UoD-9zaIOG6yw5SZX0UtfY_ADFtdqM_1H5jKTPTnzg6ducJtO8nbYFulw-fNLxo5iym5vYWOzWE0rYzyGIh1AugNl2wVOW7ekOFu2iMdUu0xzkCENak-k0l1EJKAYBuc3xhvkDww8b83kSr-m5SO4FkuAs6HsMB8lwLW85WJCsomzhClEDdAi7pmrvRQhN1FqdKqcZ52SA5W7vUlQS4DU4aEXhJT1hgahU5aH1OXZCnf_piuAYiiccQ9PXmKIIrbExALSVUPVFkIGpVIqHHail1pew6ivXMZ1TZG4DCmsl6yCVl5hs_7XdlckQ2ljeytaKKO7k2jWaNAxgxeS0B_Fv0i9ZO5bq-GmOTaars116MfEhg6g0kkJYrBb4U2wSJqynfEZI21oDgY1M7dhiC8lm0lXyMXSI91Ghi0Vph4SZTd9gMTPWQ%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fprojectunderstood.com%2F$0;xdt=1;crlt=TAKeC*wrJg;gcsr=m;sttr=71;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v81.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f102.1e100.net

Software

cafe /

Resource Hash

3f6c9b05c2a7f4ea54a06138f254c3ce304a50114802594c252e1c829d4ebfbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 04:36:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25422
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ms.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 9E68 3 KB
3 KB 7ms
7ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/ms.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e21f4e7e88783b14a82c666b81649a49dace8b1fd9a1ec27a8e17b2ae26bbc94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 29 Dec 2021 06:05:51 GMT
x-content-type-options: nosniff
server: cafe
age: 81060
etag: 12948112503563494795
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3020
x-xss-protection: 0
expires: Thu, 30 Dec 2021 06:05:51 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 9E68 344 B
374 B 8ms
7ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 29 Dec 2021 06:46:14 GMT
x-content-type-options: nosniff
server: cafe
age: 78637
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Thu, 30 Dec 2021 06:46:14 GMT

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 7B19
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

45ms
31ms

Image
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: projectunderstood.com
URL: https://projectunderstood.com/
Protocol: H3
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Redirect headers

date: Thu, 30 Dec 2021 04:36:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame CDF5 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 dt
dt.adsafeprotected.com/ Frame A8ED 43 B
216 B 274ms
161ms Image
image/gif 35.84.213.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=902386&asId=173b4baf-54c4-d7a2-b141-1c085c3aad7b&tv=%7Bc:yfEulN,time:269,type:e,im:%7Bimprf:%7Bttecl:284,ecd:8,tsecr:36%7D%7D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:269,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:13,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B264~0%5D,as:%5B264~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sT33gQi+11%7C12%7C13%7C141%7C151%7C16%7C17*.902386-59097919%7C171%7C172,fm2:sT33gQi+11%7C12%7C13%7C141%7C151%7C16%7C17*.902386-59097919%7C171%7C172,idMap:17*,rmeas:1,rend:0,renddet:IMG.us%7D&br=c
Requested by: Host: ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com
URL: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.84.213.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-84-213-94.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 04:36:51 GMT
x-server-name: dt08.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8260 0
20 B 16ms
16ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BRn4VYjfNYdjzLMaKjuwPp4Cf-A8AAAAAOAHgBAI&bg=!8fKl8rbNAAZKWFskSlg7ACkAdvg8WusVlf8V8OAx1JCgzmXgHPDi8qalBA-ZlNOlLRSdAgMbmfPSgwIAAAC7UgAAABBoAQeZAvUIM5DigwEy4fOoBDZoOAII-YEVxTYwkxk9cVQdng9BVnDQ90uu7m8kY3vxT4_uwQBV2pW0Hk-yq8AjeRQf4pUP1di3khXWHOHOZS1TbmaURINm_Fhi5gh1x6xrHyLxR2adrNnMDA7DBeMfJTpQ6vEAOPwsexSIzp2_LrpFJSgT3idRSE0l9-2hdyceZckrs8pAlWf3vFL0vp-_CnER1HA4x3lT2oZ3nmPhjyKkAWWHJHltWFRSqLejWoXEehaUUFAXNGiBBmt25biCCbBmrrctKw4aKaOy1WdL8MJVEAYUrKHgGWtfYIlKKiar7syGgsKE_Bmp_mP8NezGnruY_brgMQvMihf7B0MW6H5V0VfhkU7hmrOYpYC_UsJ70UA6wdSS5fgDzz-R1qLe6BAdTxkK0xJK1YNYsldESqg2MChpY4QmImBSsXSCdnOFTOaYOpCsz_eckaLBXc8omECil7ILQD5i0yVBBn0iKuM9XMit4HdPIZjQaR8ugyhmBNUKvmVEH4c_vWwmEPKVSWy7i2BMpZgYbbORSTKP3ybA6wf6avYe5BoeMxGb0NZa8iStEUiQ1qEiokT-uA3pijFpTbv6AadX91XL73FoShKgZSK5D147QyZnydoooWIfoge-cz7D3oU4PwnaEcEWS2bfkvFOyD68i7YA0jyoOOX8lMZ0AkkCgCie9NDkPpjgn8lcUl1HH2Sy4Ir1O9q4wNozt_mFlGGUpctNIibHZfj-dxbCbOtkActvTy-n_sDXbBxsDqm4ay-ovo3PLrwQYc5BN7QtazhEY4Ida7uF9GtlsV_wkA6H4iJhcIBnA6z04r71qehmpKMJg5FbrmXJ6iovJAx0pbiSMzYkNu5Xt1A9dcFskPL7a5_VeMvK41Yl0PPqZDbtbL5XCrWVVYf8503koidkdTKVAH2pNlKH-GAA2Vl7qmnfIWdfwoanDXw9TOOjaHt5Wl4KB21ELl_YaQdvBxBpePHBagMPpF3SBUfttzaiW0QmjaEy

Requested by

Host: ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com
URL: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 04:36:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Standard Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/ Frame CDF5 90 KB
39 KB 23ms
22ms Script
text/javascript 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 81ec37f2f154f27cfde29aa4ea92e319fde0efec6444e6d053b76eb12828afc7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900023.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 04:36:51 GMT
content-encoding: gzip
last-modified: Wed, 01 Dec 2021 14:23:05 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Fri, 31 Dec 2021 08:21:23 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame A8ED 106 KB
38 KB 57ms
7ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: projectunderstood.com
URL: https://projectunderstood.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/
Origin: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 14:56:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49205
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 30 Dec 2021 14:56:46 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/ Frame A8ED 8 KB
3 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N8714.4053162MIQ_PUBLICIS_UK/B26880508.322832697;dc_ver=81.236;dc_eid=40004000;sz=300x600;u_sd=1;gdpr_consent=CPSBCnUPSBCnUAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA;gdpr=1;dc_adk=3047537733;ord=u2ufvz;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCBXLmYjfNYYOaFYWg7_UPu9enmAro2dbyZvfE8fGJD6_m9P0IEAEgqoDDImC7BqABk9-izgHIAQmpArJ0W32RpLY-qAMBqgSHAk_QvQFLpWyVReaWaYnJpc3Q0VmCiTcE6vwz8XDRVvByHYtaRMNsMLqC7J3LN8gkeiR9FYtr3qpmOKTWS9oY315CgMEwyiBnAeVZN6ZtV7bp_69_KrkCehySzF8U3t_lGJ57AW6-RtUYBKl8-ruQxTgH04d2HNyKu2NjRbs9u_DAPgkOhDANbGRuFknSVEH3927Ojc7AHxPulIKddz3Lyd_a1_-kOmi0xMsGuNyIpedo9UpbujymfcAmV2-F6qXS0FaLar-AKyTUV9TSWoLhkmt-3UJ5C_UEuPtis87FcUQzfX6uCzbWL3SRQSsn23wADId2I5pzIMesPGl22bIG08JaaaNGfx6PwATOtYWayAPgBAOQBgGgBk2AB9Wg3bECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi05MTYxODYzNjg1ODI2OTU2gAoDmAsByAsBgAwBsBPN_MYN0BMA2BMN2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASFeRoj420wpByz_RFB-4bwZvgT5gZvw%26sig%3DAOD64_2SE-fqSFuMnC9f3wPGwyjEplW7lQ%26client%3Dca-pub-5512390705137507%26dbm_c%3DAKAmf-Bup5EsZ6Dk65hRLB3weUFYH6R3SlX9ImbCyrcTunALEcK0CIqTL0BZod_0dEzDRmswWi6oXNJmqBmdCqYucKRrcotI3QdLHMSJ5KnG7oMSfDwtYa0R3WmZBm3MvzvTjqGK0Xgs8pGLe-B53t6rnN4dBeojfA%26cry%3D1%26dbm_d%3DAKAmf-BBBdfnLgzP0LOdcOYqATS3-mTp2JRc6w0YePbv7o1UoD-9zaIOG6yw5SZX0UtfY_ADFtdqM_1H5jKTPTnzg6ducJtO8nbYFulw-fNLxo5iym5vYWOzWE0rYzyGIh1AugNl2wVOW7ekOFu2iMdUu0xzkCENak-k0l1EJKAYBuc3xhvkDww8b83kSr-m5SO4FkuAs6HsMB8lwLW85WJCsomzhClEDdAi7pmrvRQhN1FqdKqcZ52SA5W7vUlQS4DU4aEXhJT1hgahU5aH1OXZCnf_piuAYiiccQ9PXmKIIrbExALSVUPVFkIGpVIqHHail1pew6ivXMZ1TZG4DCmsl6yCVl5hs_7XdlckQ2ljeytaKKO7k2jWaNAxgxeS0B_Fv0i9ZO5bq-GmOTaars116MfEhg6g0kkJYrBb4U2wSJqynfEZI21oDgY1M7dhiC8lm0lXyMXSI91Ghi0Vph4SZTd9gMTPWQ%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fprojectunderstood.com%2F$0;xdt=1;crlt=TAKeC*wrJg;gcsr=m;sttr=71;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 04:29:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 420
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Jan 2022 04:29:51 GMT

GET
H2 200 main.gr.19.8.273.js Show response
static.adsafeprotected.com/ Frame A8ED 187 KB
60 KB 8ms
8ms Script
application/javascript 2600:9000:21f3:8600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.273.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/rjss/st/653659/59025458/skeleton.js?ias_dspID=64
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:8600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 00b3b0b438a1a3e7f01112f487ffb01e64db47935eb0e1e2927bdb4811ee935f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 17:46:19 GMT
content-encoding: gzip
age: 1680633
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 10 Dec 2021 17:31:00 GMT
server: AmazonS3
etag: W/"dbbed9b42f871ade260381ef78b0cd71"
vary: Accept-Encoding
x-amz-version-id: RbTKyuj_rScIKJ79M7NB4z2hCQfzt2bN
via: 1.1 debe291145dc27044f50d04bac101cd9.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA2-C2
content-type: application/javascript
x-amz-cf-id: mx7QiQzLsdouwq3jsUi_oT7WMRXYsfmTNqP8AcvD2o9iN_SRVIGX0Q==

GET
DATA 200
OK truncated
/ Frame A8ED 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6f7a4d8a0b2936be3d4e6611af26d28bf31271d00fc4027ab251c6f8629fabaf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 607D 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Tue, 28 Dec 2021 14:56:46 GMT
expires: Wed, 28 Dec 2022 14:56:46 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 135605
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012111011823000/ Frame EAD2 189 KB
54 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 135619
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55592
x-xss-protection: 0
server: sffe
date: Tue, 28 Dec 2021 14:56:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "11dee2040f5fc1d7"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 28 Dec 2022 14:56:32 GMT

GET
H3 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame EAD2 13 KB
5 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 135619
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4992
x-xss-protection: 0
server: sffe
date: Tue, 28 Dec 2021 14:56:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "858600ba27ef7413"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 28 Dec 2022 14:56:32 GMT

GET
H3 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame EAD2 89 KB
28 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 135619
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28555
x-xss-protection: 0
server: sffe
date: Tue, 28 Dec 2021 14:56:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a64e482645fd262b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 28 Dec 2022 14:56:32 GMT

GET
H3 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame EAD2 5 KB
2 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 135619
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1731
x-xss-protection: 0
server: sffe
date: Tue, 28 Dec 2021 14:56:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "cb4f0e89d7d37d9b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 28 Dec 2022 14:56:32 GMT

GET
H3 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame EAD2 40 KB
13 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 135619
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12826
x-xss-protection: 0
server: sffe
date: Tue, 28 Dec 2021 14:56:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f02165e023e70703"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 28 Dec 2022 14:56:32 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame EAD2 6 KB
670 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 30 Dec 2021 04:16:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 30 Dec 2021 04:36:51 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 30 Dec 2021 04:36:51 GMT

GET
H3 200 ms.png
tpc.googlesyndication.com/pagead/images/abg/ Frame EAD2 3 KB
3 KB 10ms
9ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/ms.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e21f4e7e88783b14a82c666b81649a49dace8b1fd9a1ec27a8e17b2ae26bbc94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 29 Dec 2021 06:05:51 GMT
x-content-type-options: nosniff
server: cafe
age: 81060
etag: 12948112503563494795
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3020
x-xss-protection: 0
expires: Thu, 30 Dec 2021 06:05:51 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame EAD2 344 B
374 B 10ms
9ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 29 Dec 2021 06:46:14 GMT
x-content-type-options: nosniff
server: cafe
age: 78637
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Thu, 30 Dec 2021 06:46:14 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame EAD2 0
0 15ms
14ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSLuTU3q9G6fd5PEB8BGPRtGj9-mVIylLtxsGQrOu3ZUJwKu10L_JmWVWf14sCO1tXsjbhVE93Yt9s-QxP-sUwHPmGzVQ
Requested by: Host: projectunderstood.com
URL: https://projectunderstood.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame EAD2 0
0 30ms
30ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CyUTiYjfNYe-oNpiE7_UPmY-jqAjO9b3DZsOb97yoDsiV-cOLDhABIKqAwyJguwagAej84YcDyAEJqQKDMUanYQuzPuACAKgDAcgDCqoEhQJP0FUMcpwd_QEug1X8Mw-I_ZcLcAjaWZwKSl-qDGe8H1WYnNUXErwazP_Qo5qUfkw6Uym_feqImLEfnEk87YYbJW4TkVh8pFiaf9XnA2-BpQJw-gTS_bdrDk8b7kYXEmixOlp12Kamo7ptCb1OHscZpjvoLnu7_VRDBeobq823xlnMEyl_cpJqfm5XHKH7KFH1uGv2WkbM_8LUGMLJwmj_p6Lm4R_dofa8GHOPC7rwccSLsQTCUK5pNT_dxFidSXRFTDZSvn2pZn1pAjp_D7aX_xN5HIj1YrrS5RrylQrabg1rEKt38UOuvygqpsUZ6OSrx5d7k94DPAO_tqiTIfGwrWPigRzABOv9zMrZA-AEAZIFBAgEGAGSBQQIBRgEoAYugAeAg554qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQ7cUL0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi05MTYxODYzNjg1ODI2OTU2gAoDyAsB2BMNiBQB0BUBmBYBgBcBshceChwIABIUcHViLTU1MTIzOTA3MDUxMzc1MDcYku8h&sigh=3oXbWbPBxwg&uach_m=[UACH]&template_id=484&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by: Host: projectunderstood.com
URL: https://projectunderstood.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

POST
H2 200 /
track.adform.net/csimpr/ Frame CDF5 35 B
478 B 17ms
17ms Ping
image/gif 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=51954937&csi=JD0Nt3YPiz9dXZZCpeQ1cTFQ56IYrWXaiF6BsHMqAfnrygPkIxxfkzPT8YeQ6USwa563arijx6UnK8-fVFs-4d6vWmW1dlSa0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://hal900023.redintelligence.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 04:36:51 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://hal900023.redintelligence.net
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/13626248243869552424/ Frame EAD2 20 KB
20 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13626248243869552424/downsize_200k_v1?w=600&h=314

Requested by

Host: projectunderstood.com
URL: https://projectunderstood.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2aa4a78234558a92f1bd40835b3f0d14f392e4573f4162b1880b603459b69a49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 24 Dec 2021 07:27:48 GMT
x-content-type-options: nosniff
age: 508143
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20780
x-xss-protection: 0
last-modified: Wed, 23 Jun 2021 13:30:39 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 24 Dec 2022 07:27:48 GMT

GET
DATA 200
OK truncated
/ Frame EAD2 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6b12a15c68e40bffae787995707cc012ce53b1080cd4296814adb06fdf887fe0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame EAD2 15 KB
15 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://projectunderstood.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 20:07:55 GMT
x-content-type-options: nosniff
age: 116936
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 28 Dec 2022 20:07:55 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame EAD2 15 KB
15 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://projectunderstood.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 11:22:37 GMT
x-content-type-options: nosniff
age: 62054
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:20 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 29 Dec 2022 11:22:37 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame EAD2 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://projectunderstood.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 01:54:06 GMT
x-content-type-options: nosniff
age: 96165
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 29 Dec 2022 01:54:06 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/ Frame A0D3 10 KB
2 KB 22ms
8ms Document
text/html 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59c224727c887c8a437e9084075db7f40be745ecdb9151d0dd4520ec61048af4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 2162
date: Thu, 23 Dec 2021 15:10:25 GMT
expires: Fri, 23 Dec 2022 15:10:25 GMT
last-modified: Tue, 07 Dec 2021 16:40:39 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
age: 566786
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame A8ED 0
524 B 77ms
43ms Ping
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstikgBPzmmMAryg0QbyB0nlslNZ7mdl6tprHJzGoRrPi2_QlxGV2zEBBaMBzBSMx2MJgFd3eiwAlVnAvuLF0oNemUuVGdzbYHXwgiCdbUODBwshEnHZzzVdp30q6rFgcio7dwMkaQt0rKFNC8ssJUJJFgegkFMdmjwnTQODqB0OYAYMs6nn74Y8AnpfDS_KEw&sai=AMfl-YTTBqrdp1EXYdYboJnaJGGop0E3Ez0MQnQwetnfpLeH0O5e7g&sig=Cg0ArKJSzCXXOK4VUoXoEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=141&cbvp=1&cstd=139&cisv=r20211207.29563&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: projectunderstood.com
URL: https://projectunderstood.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Thu, 30 Dec 2021 04:36:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 10676334.js Show response
s1.adform.net/Banners/Elements/Files/169192/10676334/ Frame A5B9 7 KB
2 KB 16ms
16ms Script
application/x-javascript 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.adform.net/Banners/Elements/Files/169192/10676334/10676334.js?ADFassetID=10676334&bv=516

Requested by

Host: projectunderstood.com
URL: https://projectunderstood.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

384e7d6ba5584aa7a47ae22eecedf964719d6541f0c09d1d765c8e1b331f1d9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900023.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 04:36:51 GMT
content-encoding: gzip
last-modified: Wed, 15 Dec 2021 08:51:44 GMT
server: nginx
etag: W/"61b9aca0-1acb"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H2 200 dt
dt.adsafeprotected.com/ Frame A8ED 43 B
215 B 225ms
225ms Image
image/gif 35.84.213.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=902386&asId=173b4baf-54c4-d7a2-b141-1c085c3aad7b&tv=%7Bc:yfEup1,pingTime:-10,time:469,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Ni4wLjQ2NjQuOTMgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1640839011319%7C%7C99934c9ac1c3ae18c6b1c1fd7135f0af%7C%7Ca2fdad25d911a8a4b39828759d282361%7C%7C6f295601ac49e065fecb4451d9b7e2f9%7C%7Ccf22e2eb454b23a7d70e8bbd0f8409c3%7C%7Ca7176916ecd6ad8da2d6a7d3a070a060%7C%7C5e5bdbd208301e644abdcbe0b34a96f8%7C%7Cb240745ca713dd4fc67960c327be5938%7C%7C1629390669%7D
Requested by: Host: ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com
URL: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.84.213.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-84-213-94.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 04:36:51 GMT
x-server-name: dt02.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame A8ED
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/653659/59025458/skeleton.js?ias_dspID=64&adsafe_url=https%3A%2F%2Fprojectunderstood.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Febfeb50a3c1a878fce9eb71dfb...
https://static.adsafeprotected.com/skeleton.js

17 B
463 B

7ms
7ms

Script
application/javascript

2600:9000:21f3:8600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Requested by: Host: ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com
URL: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 2600:9000:21f3:8600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:35:57 GMT
via: 1.1 debe291145dc27044f50d04bac101cd9.cloudfront.net (CloudFront)
age: 15192055
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
cache-control: max-age=315360000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: kCq5H2_v2W-K4ZLseYyODnsHlb-IWIRJMawFzfk72848tLeIOpCWOw==

Redirect headers

pragma: no-cache
date: Thu, 30 Dec 2021 04:36:51 GMT
x-server-name: app19.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame 8D10 80 KB
21 KB 8ms
8ms Script
application/javascript 2600:9000:21f3:8600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com
URL: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:8600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 10:01:19 GMT
content-encoding: gzip
age: 3090933
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 debe291145dc27044f50d04bac101cd9.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA2-C2
content-type: application/javascript
x-amz-cf-id: ylYzKcJd1wQZ8dfBAeDkBUw7kjpCEKFvh4qKjN3Y_zL2oylFZ0hlkg==

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame 25F9 80 KB
21 KB 9ms
9ms Script
application/javascript 2600:9000:21f3:8600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com
URL: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:8600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 10:01:19 GMT
content-encoding: gzip
age: 3090933
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 debe291145dc27044f50d04bac101cd9.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA2-C2
content-type: application/javascript
x-amz-cf-id: oegsw2UuXiswZxFRTs6Nf5-0RCVIAw_Mr3c-_MBPZ5M6mF1WDGHiKw==

GET
H2 200 mon
pixel.adsafeprotected.com/ Frame A8ED 43 B
216 B 37ms
37ms Image
image/gif 54.171.159.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=10933&advId=18517273&campId=47474520&pubId=1&chanId=1184590230446&placementId=397097222&dealId=&adsafe_par&impId=ABAjH0h9z9S1JGdzRAKyOXlhasdi&bidurl=https://projectunderstood.com/&adsafe_url=https%3A%2F%2Fprojectunderstood.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Febfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Febfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:6af48044-f223-dc5d-33da-eab844f372cd,c:yfEupZ,sl:na,em:true,fr:false,thd:1,mn:app22ie,rg:ie,pt:1-5-15,br:c,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,mtim:219,fm:sT33gVd+11%7C12%7C13%7C1411%7C151%7C16%7C17*.10933%7C171%7C172%7C173%7C174%7C175%7C176%7C18%7C19%7C1a,idMap:17*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:224,oid:1b36ed5b-692a-11ec-bca6-06da572054ee,v:19.8.273,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com
URL: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.159.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-159-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 04:36:51 GMT
x-server-name: app28.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 ms.png
tpc.googlesyndication.com/pagead/images/abg/ Frame EAD2 3 KB
3 KB 7ms
6ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/ms.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e21f4e7e88783b14a82c666b81649a49dace8b1fd9a1ec27a8e17b2ae26bbc94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 29 Dec 2021 06:05:51 GMT
x-content-type-options: nosniff
server: cafe
age: 81060
etag: 12948112503563494795
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3020
x-xss-protection: 0
expires: Thu, 30 Dec 2021 06:05:51 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame EAD2 344 B
374 B 7ms
7ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 29 Dec 2021 06:46:14 GMT
x-content-type-options: nosniff
server: cafe
age: 78637
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Thu, 30 Dec 2021 06:46:14 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame A8ED 43 B
215 B 161ms
161ms Image
image/gif 35.84.213.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=902386&asId=173b4baf-54c4-d7a2-b141-1c085c3aad7b&tv=%7Bc:yfEuqR,pingTime:-2.1,time:583,type:a,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:14%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:583,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:13,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B578~0%5D,as:%5B578~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sT33gQi+11%7C12%7C13%7C141%7C151%7C16%7C17*.902386-59097919%7C171%7C172,fm2:sT33gQi+11%7C12%7C13%7C141%7C151%7C16%7C17*.902386-59097919%7C17.653659-59025458%7C171%7C172,idMap:17.28599334-6963-d251-e015-0cd417415093.76_653659-59025458%7C17*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:IMG.us,sinceFw:54,readyFired:false%7D&br=c
Requested by: Host: ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com
URL: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.84.213.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-84-213-94.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 04:36:51 GMT
x-server-name: dt15.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame A8ED 43 B
215 B 160ms
160ms Image
image/gif 35.84.213.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=653659&asId=28599334-6963-d251-e015-0cd417415093&tv=%7Bc:yfEuqU,pingTime:-3,time:283,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:600,t:208%7D,%7Bpiv:100,vs:i,t:282%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:284,o:0,n:282,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:208,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B83~1%5D,as:%5B83~300.600%5D%7D%7D,%7Bsl:i,t:282,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B2~100%5D,as:%5B2~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sT33gVb+11%7C12%7C13%7C1411%7C151%7C16%7C17*.653659-59025458%7C171%7C172%7C173%7C174%7C175%7C18%7C19%7C1a,idMap:17*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Requested by: Host: ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com
URL: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.84.213.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-84-213-94.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 04:36:51 GMT
x-server-name: dt16.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame A8ED 43 B
215 B 162ms
161ms Image
image/gif 35.84.213.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=653659&asId=28599334-6963-d251-e015-0cd417415093&tv=%7Bc:yfEuqV,pingTime:-6,time:284,type:i,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:284,o:0,n:282,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:208,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B83~1%5D,as:%5B83~300.600%5D%7D%7D,%7Bsl:i,t:282,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B2~100%5D,as:%5B2~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sT33gVb+11%7C12%7C13%7C1411%7C151%7C16%7C17*.653659-59025458%7C171%7C172%7C173%7C174%7C175%7C18%7C19%7C1a,idMap:17*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&tpiLookup=ao:projectunderstood.com*&br=c
Requested by: Host: ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com
URL: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.84.213.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-84-213-94.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 04:36:51 GMT
x-server-name: dt03.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame A8ED 43 B
215 B 162ms
162ms Image
image/gif 35.84.213.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=902386&asId=173b4baf-54c4-d7a2-b141-1c085c3aad7b&tv=%7Bc:yfEuqY,pingTime:-2.2,time:590,type:a,im:%7Bpci:%7Btdr:580%7D%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:14%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:590,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:13,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B585~0%5D,as:%5B585~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sT33gQi+11%7C12%7C13%7C141%7C151%7C16%7C17*.902386-59097919%7C171%7C172,fm2:sT33gQi+11%7C12%7C13%7C141%7C151%7C16%7C17*.902386-59097919%7C17.653659-59025458%7C17.10933%7C171%7C172,idMap:17.28599334-6963-d251-e015-0cd417415093.76_653659-59025458%7C17.6af48044-f223-dc5d-33da-eab844f372cd.64_10933%7C17*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:DIV.qs.sn,sinceFw:54,readyFired:false%7D&br=c
Requested by: Host: ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com
URL: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.84.213.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-84-213-94.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 04:36:51 GMT
x-server-name: dt07.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame A8ED 43 B
215 B 163ms
162ms Image
image/gif 35.84.213.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10933&asId=6af48044-f223-dc5d-33da-eab844f372cd&tv=%7Bc:yfEur0,pingTime:0,time:287,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:600,t:224%7D,%7Bpiv:100,vs:i,t:287%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:287,o:0,n:287,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:224,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B68~1%5D,as:%5B68~300.600%5D%7D%7D,%7Bsl:i,t:287,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B0~100%5D,as:%5B0~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:sT33gVb+11%7C12%7C13%7C1411%7C151%7C16%7C17*.10933%7C171%7C172%7C173%7C174%7C175%7C176%7C18%7C19%7C1a,idMap:17.28599334-6963-d251-e015-0cd417415093.78_653659-59025458%7C17*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Requested by: Host: ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com
URL: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.84.213.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-84-213-94.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 04:36:51 GMT
x-server-name: dt10.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame A8ED 43 B
215 B 162ms
162ms Image
image/gif 35.84.213.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10933&asId=6af48044-f223-dc5d-33da-eab844f372cd&tv=%7Bc:yfEur1,pingTime:-3,time:288,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:600,t:224%7D,%7Bpiv:100,vs:i,t:287%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:288,o:0,n:287,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:224,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B68~1%5D,as:%5B68~300.600%5D%7D%7D,%7Bsl:i,t:287,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1~100%5D,as:%5B1~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:sT33gVb+11%7C12%7C13%7C1411%7C151%7C16%7C17*.10933%7C171%7C172%7C173%7C174%7C175%7C176%7C18%7C19%7C1a,idMap:17.28599334-6963-d251-e015-0cd417415093.78_653659-59025458%7C17*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Requested by: Host: ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com
URL: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.84.213.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-84-213-94.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 04:36:51 GMT
x-server-name: dt12.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame A8ED 43 B
215 B 165ms
165ms Image
image/gif 35.84.213.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10933&asId=6af48044-f223-dc5d-33da-eab844f372cd&tv=%7Bc:yfEur2,pingTime:-6,time:289,type:i,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:289,o:0,n:287,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:224,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B68~1%5D,as:%5B68~300.600%5D%7D%7D,%7Bsl:i,t:287,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B2~100%5D,as:%5B2~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:sT33gVb+11%7C12%7C13%7C1411%7C151%7C16%7C17*.10933%7C171%7C172%7C173%7C174%7C175%7C176%7C18%7C19%7C1a,idMap:17.28599334-6963-d251-e015-0cd417415093.78_653659-59025458%7C17*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&tpiLookup=ao:projectunderstood.com*&br=c
Requested by: Host: ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com
URL: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.84.213.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-84-213-94.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 04:36:51 GMT
x-server-name: dt02.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 Adform.DHTML.js Show response
s1.adform.net/banners/scripts/rmb/ Frame A5B9 30 KB
13 KB 23ms
22ms Script
application/x-javascript 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=626
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900023.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 04:36:51 GMT
content-encoding: gzip
last-modified: Fri, 14 May 2021 12:35:29 GMT
server: nginx
etag: W/"609e6e91-76d9"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H2 200 logo1_linie.png
s1.adform.net/Banners/Elements/Files/169192/10676334/bvpath_516/images/ Frame A5B9 2 KB
2 KB 24ms
21ms Image
image/png 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/169192/10676334/bvpath_516/images/logo1_linie.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

50604a203baaf1edd1b3d350c630499075965d87e6d6887728bab43b100b3713

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900023.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 04:36:51 GMT
last-modified: Wed, 15 Dec 2021 08:51:44 GMT
server: nginx
etag: "61b9aca0-668"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 1640

GET
H2 200 logo1.png
s1.adform.net/Banners/Elements/Files/169192/10676334/bvpath_516/images/ Frame A5B9 4 KB
4 KB 24ms
22ms Image
image/png 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/169192/10676334/bvpath_516/images/logo1.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

1b4a069b868106f39da94ddf6d6d2c8304b0110a70b97e5c747d30d43038b3ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900023.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 04:36:51 GMT
last-modified: Wed, 15 Dec 2021 08:51:43 GMT
server: nginx
etag: "61b9ac9f-f40"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 3904

GET
H2 200 bg.jpg
s1.adform.net/Banners/Elements/Files/169192/10676334/bvpath_516/images/ Frame A5B9 59 KB
60 KB 27ms
24ms Image
image/jpeg 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/169192/10676334/bvpath_516/images/bg.jpg

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e525bd4641ab0e6fd6593456a6e703a0baaf52c8a75aec67bcc8beb5c1c0bd7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900023.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 04:36:51 GMT
last-modified: Wed, 15 Dec 2021 08:51:43 GMT
server: nginx
etag: "61b9ac9f-ed74"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/jpeg
content-length: 60788

GET
H2 200 seite.png
s1.adform.net/Banners/Elements/Files/169192/10676334/bvpath_516/images/ Frame A5B9 2 KB
2 KB 39ms
37ms Image
image/png 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/169192/10676334/bvpath_516/images/seite.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

f6ca36e348cc4c90e5abf129cad38b20193a993c9a8daaa5e8b510cc11f36ced

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900023.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 04:36:51 GMT
last-modified: Wed, 15 Dec 2021 08:51:44 GMT
server: nginx
etag: "61b9aca0-668"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 1640

GET
H2 200 motiv.png
s1.adform.net/Banners/Elements/Files/169192/10676334/bvpath_516/images/ Frame A5B9 45 KB
45 KB 39ms
37ms Image
image/png 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/169192/10676334/bvpath_516/images/motiv.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

d56acbba6e57097f72d8d898cbe780e5401dc37c862e5f1ea44726ab4a574f53

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900023.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 04:36:51 GMT
last-modified: Wed, 15 Dec 2021 08:51:44 GMT
server: nginx
etag: "61b9aca0-b40e"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 46094

GET
H2 200 txt1.png
s1.adform.net/Banners/Elements/Files/169192/10676334/bvpath_516/images/ Frame A5B9 7 KB
7 KB 48ms
46ms Image
image/png 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/169192/10676334/bvpath_516/images/txt1.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8b3c11ab83c56b6ea2ce8e5e5973bc68bc5d11e629791a3bedd95a238562f5ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900023.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 04:36:51 GMT
last-modified: Wed, 15 Dec 2021 08:51:44 GMT
server: nginx
etag: "61b9aca0-1aa2"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 6818

GET
H2 200 sto.png
s1.adform.net/Banners/Elements/Files/169192/10676334/bvpath_516/images/ Frame A5B9 4 KB
4 KB 49ms
47ms Image
image/png 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/169192/10676334/bvpath_516/images/sto.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

6e23aceca491d965f7ea205d1eb1bf44248ac4d9ce69de9388ccbd52a3e94596

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900023.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 04:36:51 GMT
last-modified: Wed, 15 Dec 2021 08:51:44 GMT
server: nginx
etag: "61b9aca0-1076"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 4214

GET
H2 200 legal.png
s1.adform.net/Banners/Elements/Files/169192/10676334/bvpath_516/images/ Frame A5B9 4 KB
4 KB 49ms
47ms Image
image/png 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/169192/10676334/bvpath_516/images/legal.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

b04b6b938994305f5d27fbb8b693efec927dd292d98e9368f9b59cbe913b0b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900023.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 04:36:51 GMT
last-modified: Wed, 15 Dec 2021 08:51:43 GMT
server: nginx
etag: "61b9ac9f-ecb"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 3787

GET
H2 200 logo2.png
s1.adform.net/Banners/Elements/Files/169192/10676334/bvpath_516/images/ Frame A5B9 3 KB
3 KB 49ms
47ms Image
image/png 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/169192/10676334/bvpath_516/images/logo2.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

1d8950354c3360f08bd8bc248df681cb1ec562e2367d8c13d7c159ab6088be19

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900023.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 04:36:51 GMT
last-modified: Wed, 15 Dec 2021 08:51:43 GMT
server: nginx
etag: "61b9ac9f-c0e"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 3086

GET
H2 200 txt2.png
s1.adform.net/Banners/Elements/Files/169192/10676334/bvpath_516/images/ Frame A5B9 3 KB
3 KB 49ms
48ms Image
image/png 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/169192/10676334/bvpath_516/images/txt2.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

32b91cd97069c9017b09cb2e496693a2e752c593307e93fe4a64ac103a3b5c4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900023.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 04:36:51 GMT
last-modified: Wed, 15 Dec 2021 08:51:44 GMT
server: nginx
etag: "61b9aca0-a0b"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 2571

GET
H2 200 cta.png
s1.adform.net/Banners/Elements/Files/169192/10676334/bvpath_516/images/ Frame A5B9 3 KB
3 KB 49ms
48ms Image
image/png 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/169192/10676334/bvpath_516/images/cta.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

89cc9eb7c45ed29f225e731ffa3716fa0fd9999db19348f5fedac6f70c63fa70

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900023.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 04:36:51 GMT
last-modified: Wed, 15 Dec 2021 08:51:44 GMT
server: nginx
etag: "61b9aca0-b21"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 2849

GET
H3 200 b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 607D 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fff2bb01836a52004ece484b97797926280251ccaed72db384f16a7644d4764

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 07:39:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 161856
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13622
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 28 Dec 2022 07:39:15 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame A8ED 43 B
215 B 161ms
161ms Image
image/gif 35.84.213.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=653659&asId=28599334-6963-d251-e015-0cd417415093&tv=%7Bc:yfEurc,pingTime:-2,time:301,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:22,bdZ:157,beA:493,beZ:494,mfA:689,cmA:690,inA:690,inZ:693,prA:693,prZ:696,si:701,poA:702,poZ:713,cmZ:713,mfZ:713,loA:777,loZ:778,ltA:793,ltZ:793%7D%7D,sca:%7Bdfp:%7Bdf:3,sz:300.600,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:600,t:208%7D,%7Bpiv:100,vs:i,t:282%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:301,o:0,n:282,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:208,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B83~1%5D,as:%5B83~300.600%5D%7D%7D,%7Bsl:i,t:282,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B19~100%5D,as:%5B19~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sT33gQi+11%7C12%7C13%7C1411%7C151%7C16%7C17*.653659-59025458%7C171%7C172%7C173%7C174%7C175%7C18%7C19%7C1a,idMap:17.6af48044-f223-dc5d-33da-eab844f372cd.65_10933%7C17.173b4baf-54c4-d7a2-b141-1c085c3aad7b.21_902386-59097919%7C17*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:DIV.qs.sn,sinceFw:92,readyFired:true%7D&br=c
Requested by: Host: ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com
URL: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.84.213.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-84-213-94.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 04:36:51 GMT
x-server-name: dt04.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame A8ED 43 B
215 B 164ms
164ms Image
image/gif 35.84.213.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10933&asId=6af48044-f223-dc5d-33da-eab844f372cd&tv=%7Bc:yfEurd,pingTime:-2,time:300,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:495,beZ:495,mfA:713,cmA:713,inA:713,inZ:714,prA:714,prZ:716,si:719,poA:719,poZ:726,cmZ:726,mfZ:726,loA:783,loZ:784,ltA:794,ltZ:794,idA:726,idZ:764%7D%7D,sca:%7Bdfp:%7Bdf:3,sz:300.600,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:600,t:224%7D,%7Bpiv:100,vs:i,t:287%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:300,o:0,n:287,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:224,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B68~1%5D,as:%5B68~300.600%5D%7D%7D,%7Bsl:i,t:287,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B13~100%5D,as:%5B13~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:sT33gQi+11%7C12%7C13%7C1411%7C151%7C16%7C17*.10933%7C171%7C172%7C173%7C174%7C175%7C176%7C18%7C19%7C1a,idMap:17.28599334-6963-d251-e015-0cd417415093.78_653659-59025458%7C17.173b4baf-54c4-d7a2-b141-1c085c3aad7b.21_902386-59097919%7C17.of121,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:DIV.qs.sn,sinceFw:76,readyFired:true%7D&br=c
Requested by: Host: ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com
URL: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.84.213.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-84-213-94.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 04:36:51 GMT
x-server-name: dt06.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 bannerify.css
s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/ Frame A0D3 18 KB
2 KB 7ms
6ms Stylesheet
text/css 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/bannerify.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1138f085600d0da00dd115276aa9fca108f66749603e4268bb5be9d61e1dee59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 13:29:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 400036
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1852
x-xss-protection: 0
last-modified: Tue, 07 Dec 2021 16:40:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 25 Dec 2022 13:29:35 GMT

GET
H3 200 71472296.jpg
s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/images/ Frame A0D3 134 KB
134 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/images/71472296.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b05cefa2098377acdfde526e3d6e161ed9db3ddbaa6ab9621f420e55c0621cdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 21:21:14 GMT
x-content-type-options: nosniff
age: 371737
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 137274
x-xss-protection: 0
last-modified: Tue, 07 Dec 2021 16:40:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 25 Dec 2022 21:21:14 GMT

GET
H3 200 71472297.svg
s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/images/ Frame A0D3 4 KB
2 KB 11ms
7ms Image
image/svg+xml 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/images/71472297.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

422100009d7e801c8cbf1985cd5e6068c8ee913c65623bb65e1d38bd97f84401

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 15:10:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 566786
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2134
x-xss-protection: 0
last-modified: Tue, 07 Dec 2021 16:40:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 23 Dec 2022 15:10:25 GMT

GET
H3 200 71472308.svg
s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/images/ Frame A0D3 6 KB
2 KB 11ms
7ms Image
image/svg+xml 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/images/71472308.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca5dbba8c62685f269db9d9f8b5cc8bb94552e87d0c083a813e91907948c6a29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 20:51:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 373504
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1690
x-xss-protection: 0
last-modified: Tue, 07 Dec 2021 16:40:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 25 Dec 2022 20:51:47 GMT

GET
H3 200 71472309.png
s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/images/ Frame A0D3 736 KB
736 KB 19ms
15ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/images/71472309.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5cbdd4045f751c2928b4a6aa28ac1363b5655051bc8db7bb8ea9530ef36bf6ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 13:29:35 GMT
x-content-type-options: nosniff
age: 400036
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 753362
x-xss-protection: 0
last-modified: Tue, 07 Dec 2021 16:40:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 25 Dec 2022 13:29:35 GMT

GET
H3 200 71472310.png
s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/images/ Frame A0D3 533 KB
533 KB 20ms
16ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/images/71472310.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97121b76b294d817dbe189f2d76f95af53742046a1c6930d1a15814d71f2d561

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 15:10:25 GMT
x-content-type-options: nosniff
age: 566786
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 545974
x-xss-protection: 0
last-modified: Tue, 07 Dec 2021 16:40:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 23 Dec 2022 15:10:25 GMT

GET
H3 200 71472313.png
s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/images/ Frame A0D3 365 KB
365 KB 15ms
11ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/images/71472313.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5e49a6ce5184d8df4481009f34f8fc0132b40176df5fcd2e7610f0f8b9ddc2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 15:10:25 GMT
x-content-type-options: nosniff
age: 566786
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 373728
x-xss-protection: 0
last-modified: Tue, 07 Dec 2021 16:40:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 23 Dec 2022 15:10:25 GMT

GET
H3 200 71472314.svg
s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/images/ Frame A0D3 374 B
289 B 19ms
15ms Image
image/svg+xml 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/images/71472314.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91a7af5131521ee2d7445285fb33ff534e9c310cf79f175089c736b5fa1eb8f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 19:11:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 379540
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 260
x-xss-protection: 0
last-modified: Tue, 07 Dec 2021 16:40:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 25 Dec 2022 19:11:11 GMT

GET
H3 200 71472315.svg
s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/images/ Frame A0D3 4 KB
2 KB 18ms
14ms Image
image/svg+xml 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/images/71472315.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ee9094ce37ce387fb8c0f11c5abb6f67e5771ca9534f61fcbb4265efc66f57d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 19:11:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 379540
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2134
x-xss-protection: 0
last-modified: Tue, 07 Dec 2021 16:40:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 25 Dec 2022 19:11:11 GMT

GET
H3 200 71472326.svg
s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/images/ Frame A0D3 147 B
171 B 18ms
14ms Image
image/svg+xml 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/images/71472326.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

278c766ff380b16bf0cef0a382be414529b78b9e538b3ea4c4079111e0de160c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 21:21:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 371737
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 142
x-xss-protection: 0
last-modified: Tue, 07 Dec 2021 16:40:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 25 Dec 2022 21:21:14 GMT

GET
H3 200 71472327.svg
s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/images/ Frame A0D3 9 KB
2 KB 17ms
14ms Image
image/svg+xml 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/images/71472327.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f8ae1eebb3ab55d9c9182c02206529426b3a723d246399a78820b8df4bdfb07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 15:10:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 566786
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2333
x-xss-protection: 0
last-modified: Tue, 07 Dec 2021 16:40:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 23 Dec 2022 15:10:25 GMT

GET
H3 200 71472328.png
s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/images/ Frame A0D3 282 KB
282 KB 16ms
13ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/images/71472328.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

496e148c3ddf6ca59ee0ba5f1053b4512b7328e0b263950c502f2750c394ac94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 15:10:25 GMT
x-content-type-options: nosniff
age: 566786
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 288277
x-xss-protection: 0
last-modified: Tue, 07 Dec 2021 16:40:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 23 Dec 2022 15:10:25 GMT

GET
H3 200 71472329.jpg
s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/images/ Frame A0D3 134 KB
134 KB 26ms
22ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/images/71472329.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b05cefa2098377acdfde526e3d6e161ed9db3ddbaa6ab9621f420e55c0621cdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 15:10:25 GMT
x-content-type-options: nosniff
age: 566786
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 137274
x-xss-protection: 0
last-modified: Tue, 07 Dec 2021 16:40:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 23 Dec 2022 15:10:25 GMT

GET
H3 200 71472330.png
s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/images/ Frame A0D3 495 KB
495 KB 23ms
20ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/images/71472330.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4bfba8168795996a76619734f7ec83f524bc8bed1fd6e42d9d35c65c70023a2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 16:51:32 GMT
x-content-type-options: nosniff
age: 387919
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 506494
x-xss-protection: 0
last-modified: Tue, 07 Dec 2021 16:40:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 25 Dec 2022 16:51:32 GMT

GET
H3 200 71472331.svg
s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/images/ Frame A0D3 9 KB
2 KB 32ms
28ms Image
image/svg+xml 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/images/71472331.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20edb42e53ff858d6df3888cc0809773549b0bff0ed9425c1c80acc6642cdfbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 23:30:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 363998
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2086
x-xss-protection: 0
last-modified: Tue, 07 Dec 2021 16:40:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 25 Dec 2022 23:30:13 GMT

GET
H3 200 71472332.svg
s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/images/ Frame A0D3 374 B
289 B 31ms
28ms Image
image/svg+xml 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/images/71472332.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

472b4ff0c315cf72e22207dd2b6bb1118ba53875cc089235b5a4e70e351cc846

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 23:30:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 363997
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 260
x-xss-protection: 0
last-modified: Tue, 07 Dec 2021 16:40:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 25 Dec 2022 23:30:14 GMT

GET
H3 200 71472333.svg
s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/images/ Frame A0D3 4 KB
2 KB 30ms
26ms Image
image/svg+xml 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/images/71472333.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a8733cd7ca4f5b9339eb4a3f2dce0f32bec08c071fa59d12dbcaa0309db5508

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 15:10:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 566786
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2135
x-xss-protection: 0
last-modified: Tue, 07 Dec 2021 16:40:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 23 Dec 2022 15:10:25 GMT

GET
H3 200 71472344.svg
s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/images/ Frame A0D3 4 KB
2 KB 31ms
27ms Image
image/svg+xml 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/images/71472344.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9f4197c3496202f6f4269c143d961d7260c2cca25fead10e369ae528f817621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 19:11:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 379540
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2134
x-xss-protection: 0
last-modified: Tue, 07 Dec 2021 16:40:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 25 Dec 2022 19:11:11 GMT

GET
H3 200 71472355.svg
s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/images/ Frame A0D3 172 B
186 B 30ms
27ms Image
image/svg+xml 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/images/71472355.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0185f8828a8ac9e48899326ee976af2d62f4d7fc9f74ae11247425a7ecd7413

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 13:29:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 400036
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 157
x-xss-protection: 0
last-modified: Tue, 07 Dec 2021 16:40:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 25 Dec 2022 13:29:35 GMT

GET
H3 200 71472356.png
s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/images/ Frame A0D3 49 KB
49 KB 27ms
23ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/images/71472356.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b33443236b9b4c5050d28ffaba44ae967008b7b7604609bb71767f542a02bf88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 20:51:47 GMT
x-content-type-options: nosniff
age: 373504
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50110
x-xss-protection: 0
last-modified: Tue, 07 Dec 2021 16:40:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 25 Dec 2022 20:51:47 GMT

GET
H3 200 71472357.svg
s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/images/ Frame A0D3 4 KB
2 KB 28ms
24ms Image
image/svg+xml 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/images/71472357.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97eda5de4cccaa4e39dba0c0e897a2c9a90292f7c935cb1cbc5bf449b89f8103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 16:51:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 387919
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2153
x-xss-protection: 0
last-modified: Tue, 07 Dec 2021 16:40:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 25 Dec 2022 16:51:32 GMT

GET
H3 200 71472370.png
s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/images/ Frame A0D3 22 KB
22 KB 26ms
23ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/images/71472370.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af858238e073930972d1b4eb95ad26b90dcee6308eeb4f6e56cb605bd115bc9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 10:08:45 GMT
x-content-type-options: nosniff
age: 412086
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22951
x-xss-protection: 0
last-modified: Tue, 07 Dec 2021 16:40:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 25 Dec 2022 10:08:45 GMT

GET
H3 200 71472375.png
s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/images/ Frame A0D3 174 KB
174 KB 21ms
18ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/images/71472375.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13ae5b7b94cdce7ec37f0ceaf0ec5711219153cf735f49ec46355a02b684cf8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 20:51:47 GMT
x-content-type-options: nosniff
age: 373504
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 178039
x-xss-protection: 0
last-modified: Tue, 07 Dec 2021 16:40:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 25 Dec 2022 20:51:47 GMT

GET
H3 200 71472376.svg
s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/images/ Frame A0D3 8 KB
2 KB 28ms
25ms Image
image/svg+xml 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/images/71472376.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e2c92e2dabc6ecff2f5d5d2b63349c09103fd5049e3e335a25ede8d5679984d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 15:10:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 566786
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2345
x-xss-protection: 0
last-modified: Tue, 07 Dec 2021 16:40:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 23 Dec 2022 15:10:25 GMT

GET
H3 200 71472377.svg
s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/images/ Frame A0D3 2 KB
867 B 28ms
25ms Image
image/svg+xml 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/images/71472377.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b3cc3be91b52f43c545618e3e3978b625f5d6df25a0c1d73cae5baa8c29a84d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 15:10:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 566786
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 838
x-xss-protection: 0
last-modified: Tue, 07 Dec 2021 16:40:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 23 Dec 2022 15:10:25 GMT

GET
H3 200 bannerify.js Show response
s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/ Frame A0D3 2 KB
673 B 16ms
16ms Script
application/x-javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/bannerify.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbca9befb7fad8992b0771d1748ab3c489d7040c319f4988595ce5180d3065f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1315617405826892766/MC-2877%20Avast%20One%20%20-%20Award%20Display%20Banner%201%20-%20300x600px_UK/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 15:10:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 566786
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 644
x-xss-protection: 0
last-modified: Tue, 07 Dec 2021 16:40:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 23 Dec 2022 15:10:25 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame A8ED 0
23 B 57ms
43ms Ping
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstikgBPzmmMAryg0QbyB0nlslNZ7mdl6tprHJzGoRrPi2_QlxGV2zEBBaMBzBSMx2MJgFd3eiwAlVnAvuLF0oNemUuVGdzbYHXwgiCdbUODBwshEnHZzzVdp30q6rFgcio7dwMkaQt0rKFNC8ssJUJJFgegkFMdmjwnTQODqB0OYAYMs6nn74Y8AnpfDS_KEw&sai=AMfl-YTTBqrdp1EXYdYboJnaJGGop0E3Ez0MQnQwetnfpLeH0O5e7g&sig=Cg0ArKJSzCXXOK4VUoXoEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=429&vt=11&dtpt=288&dett=3&cstd=139&cisv=r20211207.29563&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: projectunderstood.com
URL: https://projectunderstood.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Thu, 30 Dec 2021 04:36:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 dt
dt.adsafeprotected.com/ Frame A8ED 43 B
215 B 161ms
161ms Image
image/gif 35.84.213.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=653659&asId=28599334-6963-d251-e015-0cd417415093&tv=%7Bc:yfEuu3,time:478,type:e,im:%7Bimprf:%7Bttecl:789,ecd:8,tsecr:15%7D%7D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:478,o:0,n:282,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:208,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B83~1%5D,as:%5B83~300.600%5D%7D%7D,%7Bsl:i,t:282,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B196~100%5D,as:%5B196~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:164,fm:sT33gQi+11%7C12%7C13%7C1411%7C151%7C16%7C17*.653659-59025458%7C171%7C172%7C173%7C174%7C175%7C18%7C19%7C1a,idMap:17.6af48044-f223-dc5d-33da-eab844f372cd.65_10933%7C17.173b4baf-54c4-d7a2-b141-1c085c3aad7b.21_902386-59097919%7C17*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Requested by: Host: ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com
URL: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.84.213.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-84-213-94.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 04:36:51 GMT
x-server-name: dt02.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 607D 0
20 B 23ms
23ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BjlSAYzfNYb3JBtmD7gOB5oHABgAAAAA4AeAEAg&bg=!JiWlJWHNAAZKWFskSlg7ACkAdvg8WiyHSXgk5jcADbW8DQuDNhBkfOdpmitcn4rLdTpYVX7n-GPCbQIAAACcUgAAABdoAQcKAHzvlRCCysab3iy9RN-9ocgP2WrlmOtTbEMS_Pfc8h3xnSqR7ZDkA4rGhgRY87ZYWByGFe-BDDZlNAPPwEaWnTKQL9NlUFXwosqPaOI_5ND1k34r5MHY9ubP84DRg05Vw4z9-56anWOwAPFGns6UH1b6azRjUa3ITPE6x89RmQMQQsMOYppvYQoE442p3zqkXa_T4Qe0kNj3Tho_YujLuBnNmkEwrPS_oce4tY7mwnWLaYeIzGtVwg7YHY30angXy3HrGm999k3EmaNgjuxiS7zP1C0yL-cYJo8oT06u97b-nfH4CWO93f1wD-v-GReqlRdwnXVInZE-o1CdV0R8YZJiOxFKeWd-i9aCL_NE2eAoCIcohcHsdyKD6eHaMu99vzcAO6bcLJfhfmDRwhl00hZWMxCyUcQmWaR4k8rKoYyxTDfL_k-CAaKEoV1PPoLcZ9KLXSNu4oMD_YYHSqygMQhNVEXYrnqjyF2fAYNwpqgL_iSKdmX84xe8i95-f3EDTXXvWSpSurwYn_TzmV7KmUEOg48am1pCbT-aQVujjGxA7ASmq0ScbQ2UQ0rI66RsieXcDYHezCRMM3f-oilfeApLclYzMa4x6kjISNfbRGMgAmaYbke865sh74X_BCVZZEf-TWxw2QG7Dnlg7iDRqPwPVyqYfVHvEPTeeQtgt1NDxx8BHbZGjbbxuVxsYxU8JtqrXaVs7sWi9qPHpRI0x70IRqbH3lNN7yUnluukoo2F7UvSRsRcKx9MOLGPahNrAqUb04Y-x8moZgZDsHx9j6AMiFF9wuBUx2rjEXToMZgjB34ccVDcJmG9ozROTta-WpCTAsA3pn5_pE_vIZDKJtp_CsOxTSYuFBNCtpCL0F7g6-Od2XtiKSfr2SHz0bK4R9QPJfziZfn3p_45nPElXErk_U2JvNy6hssBFPOl_6pRu49B4oHiLhCpzKgJ_MJheWlLYID4v8-q-Qa52mNvEgWAA5fUX4NrFYe-dkedErk8Yeu9vsu_RtXUAJrgWl6088FIuEmoJ9wBJg3muYPrtXnK-2Ylh7WqOX89K2pCuS0mvDsMpor56C1rm4_xye28GH5fXrypFw6do6OX6lGg1DoNvln5ielT54rVDTbtryVDspT-aluKRDQ0r-xkS-soRDV3fH36N-7-XP2NXN0fi8faM9gnZE8ZL5Xv5r3YV7FXZJSqkS4wovqjz2AKx6qaUg

Requested by

Host: ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com
URL: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 04:36:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 7B19 42 B
64 B 17ms
17ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsujkCFh5WMD78IWfOfuRSgutYvo7ITzFPdd2wd34Mo83do2OIiCv5ap7wzcZpV_dRqRbFPUeaTnHEqbUvc_0VzrGIpHtOGzLTvAPwUfhVzCZAZnzfrDug&sai=AMfl-YT-d54ishSmGedo_IDRsflzKSQywNT0fTWZ_8peoc09TVt5tkrXyUMlIg5U1aHg9KDpa0X2wuYD5b182ykjDZuThxEBtF-w93fWnoQHOAAu-pDjJb7uY82JrImV1gXh&sig=Cg0ArKJSzG58YuwtKE91EAE&id=ampim&o=315,1100&d=970,100&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=53&tls=1054&g=100&h=100&tt=1054&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=3976328544

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 04:36:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A8ED 42 B
64 B 33ms
18ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss6uuW5gvs_tbHdM7Q-iya2PTSWKLSDPFPHQo3yog_WIm1LkFaBozaRvp7Ka3CEAimrYBmcBIofYCNQGZhwt7Y6aKpJYIDUDKfGZ0vTU_KXVdXHvh4vZA&sai=AMfl-YSm4Srwcu7B0Q2HMXzhzwwZmIaKFkNNrdPgmGwRux-pVd8pVo-PlGQ6cwJD3adnfhSLtd3LmemFPekBX7YG1meT241DsBbYT9KnuuzvKQ0EtIEJPjExKZ-VZZ_XmOs&sig=Cg0ArKJSzGjSgmRUqxupEAE&cid=CAASFeRoj420wpByz_RFB-4bwZvgT5gZvw&id=lidar2&mcvt=1000&p=520,1012,1120,1312&mtos=875,1000,1000,1000,1000&tos=875,125,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=264302228&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1640839010661&rpt=506&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 04:36:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A8ED 42 B
64 B 17ms
16ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstgjMdwhuTx1GUMFunkcxaym_QyWUeng3xkQCOuI53XN3ZodMZRUrd7OTywgbMIgZ4QEatYAbWt-7oS1nCPLUEFo6nx5RllNvM&sig=Cg0ArKJSzHXDjX06e06vEAE&id=lidar2&mcvt=1000&p=0,0,600,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=34&adk=3047537733&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1640839010661&rpt=684&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 04:36:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame A8ED 43 B
215 B 162ms
161ms Image
image/gif 35.84.213.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=653659&asId=28599334-6963-d251-e015-0cd417415093&tv=%7Bc:yfEuH2,pingTime:1,time:1283,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:600,t:208%7D,%7Bpiv:100,vs:i,t:282%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:1283,o:0,n:282,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:208,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B83~1%5D,as:%5B83~300.600%5D%7D%7D,%7Bsl:i,t:282,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:163,fm:sT33gQi+11%7C12%7C13%7C1411%7C151%7C16%7C17*.653659-59025458%7C171%7C172%7C173%7C174%7C175%7C18%7C19%7C1a,idMap:17.6af48044-f223-dc5d-33da-eab844f372cd.65_10933%7C17.173b4baf-54c4-d7a2-b141-1c085c3aad7b.21_902386-59097919%7C17*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.84.213.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-84-213-94.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 04:36:52 GMT
x-server-name: dt12.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame A8ED 43 B
215 B 161ms
161ms Image
image/gif 35.84.213.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=653659&asId=28599334-6963-d251-e015-0cd417415093&tv=%7Bc:yfEuH3,pingTime:1,time:1284,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:600,t:208%7D,%7Bpiv:100,vs:i,t:282%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:1284,o:0,n:282,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:208,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B83~1%5D,as:%5B83~300.600%5D%7D%7D,%7Bsl:i,t:282,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~100%5D,as:%5B1002~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:163,fm:sT33gQi+11%7C12%7C13%7C1411%7C151%7C16%7C17*.653659-59025458%7C171%7C172%7C173%7C174%7C175%7C18%7C19%7C1a,idMap:17.6af48044-f223-dc5d-33da-eab844f372cd.65_10933%7C17.173b4baf-54c4-d7a2-b141-1c085c3aad7b.21_902386-59097919%7C17*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.84.213.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-84-213-94.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 04:36:52 GMT
x-server-name: dt02.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame A8ED 43 B
215 B 163ms
160ms Image
image/gif 35.84.213.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10933&asId=6af48044-f223-dc5d-33da-eab844f372cd&tv=%7Bc:yfEuH9,pingTime:1,time:1288,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:600,t:224%7D,%7Bpiv:100,vs:i,t:287%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1288,o:0,n:287,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:224,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B68~1%5D,as:%5B68~300.600%5D%7D%7D,%7Bsl:i,t:287,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:177,fm:sT33gQi+11%7C12%7C13%7C1411%7C151%7C16%7C17*.10933%7C171%7C172%7C173%7C174%7C175%7C176%7C18%7C19%7C1a,idMap:17.28599334-6963-d251-e015-0cd417415093.78_653659-59025458%7C17.173b4baf-54c4-d7a2-b141-1c085c3aad7b.21_902386-59097919%7C17.of121,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.84.213.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-84-213-94.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 04:36:52 GMT
x-server-name: dt08.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame A8ED 43 B
215 B 165ms
164ms Image
image/gif 35.84.213.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10933&asId=6af48044-f223-dc5d-33da-eab844f372cd&tv=%7Bc:yfEuHa,pingTime:1,time:1289,type:c,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:600,t:224%7D,%7Bpiv:100,vs:i,t:287%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1289,o:0,n:287,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:224,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B68~1%5D,as:%5B68~300.600%5D%7D%7D,%7Bsl:i,t:287,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~100%5D,as:%5B1002~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:177,fm:sT33gQi+11%7C12%7C13%7C1411%7C151%7C16%7C17*.10933%7C171%7C172%7C173%7C174%7C175%7C176%7C18%7C19%7C1a,idMap:17.28599334-6963-d251-e015-0cd417415093.78_653659-59025458%7C17.173b4baf-54c4-d7a2-b141-1c085c3aad7b.21_902386-59097919%7C17.of121,rmeas:1,rend:1,renddet:DIV.qs.sn,metricId:publ1,cmr:t%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.84.213.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-84-213-94.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 04:36:52 GMT
x-server-name: dt09.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame A8ED 43 B
215 B 165ms
163ms Image
image/gif 35.84.213.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10933&asId=6af48044-f223-dc5d-33da-eab844f372cd&tv=%7Bc:yfEuHa,pingTime:1,time:1289,type:c,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:600,t:224%7D,%7Bpiv:100,vs:i,t:287%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1289,o:0,n:287,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:224,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B68~1%5D,as:%5B68~300.600%5D%7D%7D,%7Bsl:i,t:287,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~100%5D,as:%5B1002~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:177,fm:sT33gQi+11%7C12%7C13%7C1411%7C151%7C16%7C17*.10933%7C171%7C172%7C173%7C174%7C175%7C176%7C18%7C19%7C1a,idMap:17.28599334-6963-d251-e015-0cd417415093.78_653659-59025458%7C17.173b4baf-54c4-d7a2-b141-1c085c3aad7b.21_902386-59097919%7C17.of121,rmeas:1,rend:1,renddet:DIV.qs.sn,metricId:grpm1,cmr:t%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.84.213.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-84-213-94.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 04:36:52 GMT
x-server-name: dt11.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame EAD2 42 B
64 B 17ms
17ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuYi6RdQu7qdDLIL7jax9tKFxWFOTp3e3FEjkvXxbgrm5Ka1OVhUS3D4qSZaUbIpb8G_CBCK4hWKn5mmpTUaoUvu8XNCvRFX2X5n4d38ayNVKnAoepMeA&sai=AMfl-YQ-ZRXZ14gTspYE3pApkZeb2Xg5-IAdxuiS2KTRJ1dv-X_6NrS-7XfC7GCI9JKPDnhbSDUq-QVZO85-yEFhtMKL2k_rDCOJlSOvk_YhrHB1lgiQqDXV3gpQjl0pJ5Pc&sig=Cg0ArKJSzJfF8jzc4F_tEAE&id=ampim&o=315,220&d=970,300&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=167&tls=1167&g=100&h=100&tt=1167&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=2267234050

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 04:36:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame A8ED 43 B
215 B 161ms
161ms Image
image/gif 35.84.213.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=653659&asId=28599334-6963-d251-e015-0cd417415093&tv=%7Bc:yfEuKE,pingTime:-10,time:1507,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Ni4wLjQ2NjQuOTMgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1640839011319%7C%7C99934c9ac1c3ae18c6b1c1fd7135f0af%7C%7Ca2fdad25d911a8a4b39828759d282361%7C%7C6f295601ac49e065fecb4451d9b7e2f9%7C%7Ccf22e2eb454b23a7d70e8bbd0f8409c3%7C%7Ca7176916ecd6ad8da2d6a7d3a070a060%7C%7C5e5bdbd208301e644abdcbe0b34a96f8%7C%7Cb240745ca713dd4fc67960c327be5938%7C%7C1629390669,sca:%7Bspg:173b4baf-54c4-d7a2-b141-1c085c3aad7b%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.84.213.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-84-213-94.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 04:36:52 GMT
x-server-name: dt14.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame A8ED 43 B
215 B 161ms
160ms Image
image/gif 35.84.213.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=902386&asId=173b4baf-54c4-d7a2-b141-1c085c3aad7b&tv=%7Bc:yfEuUY,pingTime:1,time:2451,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:14%7D,%7Bpiv:100,vs:i,r:,t:1449%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1002,o:1449,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:13,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1445~0,0~100%5D,as:%5B1445~300.600%5D%7D%7D,%7Bsl:i,t:1449,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:178,fm:sT33gQi+11%7C12%7C13%7C141%7C151%7C16%7C17*.902386-59097919%7C171%7C172,fm2:sT33gQi+11%7C12%7C13%7C141%7C151%7C16%7C17*.902386-59097919%7C17.653659-59025458%7C17.10933%7C171%7C172,idMap:17.28599334-6963-d251-e015-0cd417415093.76_653659-59025458%7C17.6af48044-f223-dc5d-33da-eab844f372cd.64_10933%7C17*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.84.213.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-84-213-94.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 04:36:53 GMT
x-server-name: dt13.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame A8ED 43 B
215 B 164ms
164ms Image
image/gif 35.84.213.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=902386&asId=173b4baf-54c4-d7a2-b141-1c085c3aad7b&tv=%7Bc:yfEuUZ,pingTime:1,time:2451,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:14%7D,%7Bpiv:100,vs:i,r:,t:1449%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1002,o:1449,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:13,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1445~0,0~100%5D,as:%5B1445~300.600%5D%7D%7D,%7Bsl:i,t:1449,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:178,fm:sT33gQi+11%7C12%7C13%7C141%7C151%7C16%7C17*.902386-59097919%7C171%7C172,fm2:sT33gQi+11%7C12%7C13%7C141%7C151%7C16%7C17*.902386-59097919%7C17.653659-59025458%7C17.10933%7C171%7C172,idMap:17.28599334-6963-d251-e015-0cd417415093.76_653659-59025458%7C17.6af48044-f223-dc5d-33da-eab844f372cd.64_10933%7C17*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.84.213.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-84-213-94.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 04:36:53 GMT
x-server-name: dt14.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame A8ED 43 B
215 B 161ms
161ms Image
image/gif 35.84.213.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10933&asId=6af48044-f223-dc5d-33da-eab844f372cd&tv=%7Bc:yfEuVV,pingTime:-10,time:2204,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Ni4wLjQ2NjQuOTMgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1640839011319%7C%7C99934c9ac1c3ae18c6b1c1fd7135f0af%7C%7Ca2fdad25d911a8a4b39828759d282361%7C%7C6f295601ac49e065fecb4451d9b7e2f9%7C%7Ccf22e2eb454b23a7d70e8bbd0f8409c3%7C%7Ca7176916ecd6ad8da2d6a7d3a070a060%7C%7C5e5bdbd208301e644abdcbe0b34a96f8%7C%7Cb240745ca713dd4fc67960c327be5938%7C%7C1629390669,sca:%7Bspg:173b4baf-54c4-d7a2-b141-1c085c3aad7b%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.84.213.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-84-213-94.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 04:36:53 GMT
x-server-name: dt02.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

Verdicts & Comments Add Verdict or Comment

142 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.net17.biz/	1970-01-20 00:30:31	Name: uuid Value: 8a39b99f-cd5f-469d-b3ce-8b400879395f
.yadro.ru/	1970-01-20 08:32:27	Name: FTID Value: 1XpJTm3wB3uE1XpJTm002Mis
.yadro.ru/	1970-01-20 08:32:27	Name: VID Value: 3kdEwT0iHpuE1XpJTm002Mju
btds.zog.link/	1970-01-19 23:48:45	Name: 912.0 Value: 1
.projectunderstood.com/	1970-01-20 08:32:55	Name: didomi_token Value: eyJ1c2VyX2lkIjoiMTdlMDlhMDUtNTc2Yy02YjgwLTgyOWMtNTJlYzQ4ZDFjMGFlIiwiY3JlYXRlZCI6IjIwMjEtMTItMzBUMDQ6MzY6NDkuOTgzWiIsInVwZGF0ZWQiOiIyMDIxLTEyLTMwVDA0OjM2OjQ5Ljk4M1oiLCJ2ZW5kb3JzIjp7ImVuYWJsZWQiOlsiZ29vZ2xlIl19LCJ2ZW5kb3JzX2xpIjp7ImVuYWJsZWQiOlsiZ29vZ2xlIl19LCJ2ZXJzaW9uIjoyfQ==
.projectunderstood.com/	1970-01-20 08:32:55	Name: euconsent-v2 Value: CPSBCnUPSBCnUAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
.yandex.ru/	1970-01-20 08:32:55	Name: ymex Value: 1672375010.yrts.1640839010#1672375010.yrtsi.1640839010
.yandex.ru/	1970-01-20 08:32:55	Name: yandexuid Value: 8864610241640839010
.yandex.ru/	1970-01-20 08:32:55	Name: yuidss Value: 8864610241640839010
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 2018826811640839010
.yandex.ru/	1970-01-23 15:23:19	Name: i Value: lw14V1dGr/3ewwZ+9GT22Sl++LDiX1sueQpY4XiWd6GjahLA/tFkEtA3FK1DuVeBnpf/2YTeK2HiWxhp6CFtsIOd6fs=
.doubleclick.net/	1970-01-20 09:08:55	Name: IDE Value: AHWqTUnWFyvqTTbHgqF_pNuOkZd4Ri33NRSwvx96V6VUPxTyjPZfxSTvPCf5iZfTz-U
.mathtag.com/	1970-01-20 08:32:55	Name: uuid Value: 1abf61cd-3762-4501-93df-5ca03cfde111
.redintelligence.net/	1970-01-20 01:56:55	Name: 8lcfmzhxc8d6_uid Value: e45b8b47cc599121
.casalemedia.com/	1970-01-20 08:32:55	Name: CMID Value: Yc03YjmKekv0kOBO4lerowAA
.casalemedia.com/	1970-01-20 01:56:55	Name: CMPS Value: 5209
.adnxs.com/	1970-01-20 01:56:55	Name: uuid2 Value: 1422258281654693073
.casalemedia.com/	1970-01-20 01:56:55	Name: CMPRO Value: 1121
.casalemedia.com/	1970-01-19 23:48:45	Name: CMST Value: Yc03YmHNN2IA
.casalemedia.com/	1970-01-20 08:32:55	Name: CMRUM3 Value: 2d61cd37622760CAESEPS4u6oE_r-R3ZtLDFJ2dtg
.adform.net/	1970-01-20 00:31:57	Name: C Value: 1
.adform.net/	1970-01-20 01:13:43	Name: uid Value: 6356744400265653890
.adform.net/	1970-01-19 23:57:23	Name: TPC Value: 1640839011021
.doubleclick.net/	1970-01-19 23:47:22	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-19 23:47:19	Name: test_cookie Value: CheckForPermission
.projectunderstood.com/	1970-01-20 09:08:55	Name: __gads Value: ID=f9aa945117821b17-22591aa111cd00eb:T=1640839010:S=ALNI_MYh9bM3xzohItlv_Lc9PVMMNtkSxQ

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs(Line 2) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs(Line 2) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs(Line 2) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs(Line 2) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1fb86913c3.7c4d60156c.com
ad.doubleclick.net
adservice.google.co.uk
adservice.google.com
ajax.googleapis.com
btds.zog.link
cdn.1vag.com
cdn.ampproject.org
cdn.jsdelivr.net
cdn.zx-adnet.com
cm.g.doubleclick.net
counter.yadro.ru
dsum-sec.casalemedia.com
dt.adsafeprotected.com
ebfeb50a3c1a878fce9eb71dfb10ad0c.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
get.optad360.io
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hal9000.redintelligence.net
hal900023.redintelligence.net
ib.adnxs.com
js.cabnnr.com
js.wpadmngr.com
js.wpushsdk.com
mc.yandex.ru
na.nawpush.com
net17.biz
pagead2.googlesyndication.com
pixel.adsafeprotected.com
pixel.mathtag.com
projectunderstood.com
rtbbnr.com
s0.2mdn.net
s1.adform.net
securepubads.g.doubleclick.net
static.adsafeprotected.com
tags.mathtag.com
tpc.googlesyndication.com
track.adform.net
www.google.com
www.googletagservices.com
www.gstatic.com
138.201.64.38
142.250.184.194
142.250.184.226
142.250.185.66
151.101.1.195
172.217.18.102
185.29.134.245
188.166.135.13
2.18.233.201
2.18.234.21
2600:9000:21f3:8600:8:48e:53c0:93a1
2600:9000:21f3:fa00:11:a4de:2580:93a1
2606:4700:3031::6815:3e65
2606:4700::6810:5714
2a00:1450:4001:802::2002
2a00:1450:4001:808::200a
2a00:1450:4001:80e::2001
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:813::2002
2a00:1450:4001:828::2001
2a00:1450:4001:828::2006
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::200a
2a01:4f8:252:564d::2
2a02:128:7:4715::2
2a02:6b8::1:119
35.84.213.94
37.157.3.30
37.157.5.71
37.252.172.45
45.133.44.25
52.48.8.1
54.171.159.234
78.46.23.46
88.212.201.204
00b3b0b438a1a3e7f01112f487ffb01e64db47935eb0e1e2927bdb4811ee935f
00b447bfcccae429616bd2845eec428cf3fadccfda944c1fc465cb572a3e03e3
037b12d07ffce84bbca6821a50f249c54429b20c0f2fd67469a0bb5937113051
03d5bdd9993410ae3e636c450ef15a72237bb0899c2b92ef379847a1dca2f5e2
03e3b76234e2e05ac7d5eb68ecb863f4bc4f28206a0d347ce1ac5bf9f2154216
04149c43558d59b2f0f2cc3f679979b915401ca5c94e833479ca9ea754db0b89
069d369e54f34bbabd5a8532ec638059f5ed54d0a265becd9856f8f21e08fe9d
08e4123ddee794a238bf477c8d38fb10c1db08845aecc81f72dbfd7a177ad76a
0aeee55c82ac004b3b61fbd69a45886d47266ed2d2c1e22b096090dafd7801ff
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
1131f28649bad8264539ac314ec45a83494b96bbf0940f2a04c622e99d49a97f
1138f085600d0da00dd115276aa9fca108f66749603e4268bb5be9d61e1dee59
1245c1a072bf0abcdebec57d0cbcd07268ebbfb0f67a0a30d8221a786c0537cb
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13ae5b7b94cdce7ec37f0ceaf0ec5711219153cf735f49ec46355a02b684cf8e
1a8733cd7ca4f5b9339eb4a3f2dce0f32bec08c071fa59d12dbcaa0309db5508
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
1b4a069b868106f39da94ddf6d6d2c8304b0110a70b97e5c747d30d43038b3ca
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1d8950354c3360f08bd8bc248df681cb1ec562e2367d8c13d7c159ab6088be19
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
20edb42e53ff858d6df3888cc0809773549b0bff0ed9425c1c80acc6642cdfbf
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
2354d2371f2cc954bf15e9fc80afd22df9e17f8a19e9a8748557f675f5460aa8
23b644c96a382cf57150c919ff144841600c7c4fbefa68e5368a4ed001a7a50f
25458710c58dbcd741550edba126286ce69b0896f2f2b93c77faa71de01337ec
278c766ff380b16bf0cef0a382be414529b78b9e538b3ea4c4079111e0de160c
2aa4a78234558a92f1bd40835b3f0d14f392e4573f4162b1880b603459b69a49
2be99b99f418219be8ca7a986038e1a94c5df5b2c91a0c0d9ee35552fbb8fde8
2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
2d6c5cc253e5f3b891b2fe1fba27713b1dbc588576c4ff427dce0ab6ee5a1d18
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ee9094ce37ce387fb8c0f11c5abb6f67e5771ca9534f61fcbb4265efc66f57d
2f06e764b2fa08c6c80eeaf88765ad910944ac3c06462373278d3a9606414efe
2f499c632d806f66b96dda6cbd4cac0363d331885476a8ac1d9e8ac60954d720
30d2143e5e0ad4af94bf25a55ea17ac1451f5f8b91ff96dc4a32b4791aaeeab8
3299bba478f1298f4000659017fc3cd9bf2478e1204d828667a0743b07ce3e2b
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
32b91cd97069c9017b09cb2e496693a2e752c593307e93fe4a64ac103a3b5c4e
334cc3c08c0a394a62c65ceb78f997df7f3e660ddeeadf82544759c228cb896a
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
384e7d6ba5584aa7a47ae22eecedf964719d6541f0c09d1d765c8e1b331f1d9c
3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5
3f6c9b05c2a7f4ea54a06138f254c3ce304a50114802594c252e1c829d4ebfbd
422100009d7e801c8cbf1985cd5e6068c8ee913c65623bb65e1d38bd97f84401
472b4ff0c315cf72e22207dd2b6bb1118ba53875cc089235b5a4e70e351cc846
496e148c3ddf6ca59ee0ba5f1053b4512b7328e0b263950c502f2750c394ac94
4bfba8168795996a76619734f7ec83f524bc8bed1fd6e42d9d35c65c70023a2a
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4f8ae1eebb3ab55d9c9182c02206529426b3a723d246399a78820b8df4bdfb07
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50604a203baaf1edd1b3d350c630499075965d87e6d6887728bab43b100b3713
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
59c224727c887c8a437e9084075db7f40be745ecdb9151d0dd4520ec61048af4
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5cbdd4045f751c2928b4a6aa28ac1363b5655051bc8db7bb8ea9530ef36bf6ec
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
6438deeda87c2438473fc3c887e708b7f23b9c27dbf7df19e2e525f3b299abd9
651197ee85a144be69d79b123a524fd4cffa117d3e53ff5484bc8fef02072987
65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2
6723ea2989d5cf57335b26d5bd0bcc52feffab866915b917c4cdcae672c99a2a
6b12a15c68e40bffae787995707cc012ce53b1080cd4296814adb06fdf887fe0
6b3cc3be91b52f43c545618e3e3978b625f5d6df25a0c1d73cae5baa8c29a84d
6cbe7a8b19418c290bf5d7f403839bd93c3910e6a92e4cf26797e1718648ad17
6e23aceca491d965f7ea205d1eb1bf44248ac4d9ce69de9388ccbd52a3e94596
6e2c92e2dabc6ecff2f5d5d2b63349c09103fd5049e3e335a25ede8d5679984d
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
6f7a4d8a0b2936be3d4e6611af26d28bf31271d00fc4027ab251c6f8629fabaf
6fff2bb01836a52004ece484b97797926280251ccaed72db384f16a7644d4764
7109518959a6958168f639860050324f4f063fd1697f32677cf9d0180ab02453
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
76c189ca479597ff09f1dcb2843db2c459cd3b57e645372c58432cc68e24be21
780f48ffed09823bfdf9e7b0ad94eede1a41eb20e2f04522784d595a68833512
81ec37f2f154f27cfde29aa4ea92e319fde0efec6444e6d053b76eb12828afc7
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8601386271d3ba06c1135a092613135c5da90b3732a8196e4761faf4b1afdc69
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
89cc9eb7c45ed29f225e731ffa3716fa0fd9999db19348f5fedac6f70c63fa70
8b3c11ab83c56b6ea2ce8e5e5973bc68bc5d11e629791a3bedd95a238562f5ea
8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e
8d6a2bd5e862376fb62ec99ddc5e50d561eab3aeedb772996725f65f091867cb
91a7af5131521ee2d7445285fb33ff534e9c310cf79f175089c736b5fa1eb8f3
92471e34d41c4c2deeaa5156fa09353423849a030b3f624b9a5757c6daad68ee
94f2f09efe1f39eb579729aad1ef06f35cdc4376c9c3ce45316fc735c4ad2e05
96b19651128d37581a0513fa770bbd603a81e13ba7e1f1010959fd628fa46709
97121b76b294d817dbe189f2d76f95af53742046a1c6930d1a15814d71f2d561
97eda5de4cccaa4e39dba0c0e897a2c9a90292f7c935cb1cbc5bf449b89f8103
98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf
9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
9e464945c8fbe2d4e4c6ffa4521bfe712189c765442dd62aa39eea5d0ac2a456
9e5e995f0936d63304195ab72af99edee3c10d218a5d57719b13c94780631127
9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b
9fe42305550c4e58581ca1de874eb04edd55d9b2a0fe193e3e0ab6cad3a71b8d
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a2862c9e532e9e51ea7ca8d7c96bb602a74e31396f9c5be127dbea7c5adfc227
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5e49a6ce5184d8df4481009f34f8fc0132b40176df5fcd2e7610f0f8b9ddc2b
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a94ed01966036c2f7c85243fa717c87fe24bb35a89e63d1a871e9cd2357131e6
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
ae2b3292ce4d22938259dd7e2d411ef3e498276837fbcc0475af40237b608f1f
af702b200aa27251a3f43ca216756d72c7c39a0be3ca45ba7c9d057ad32f3039
af858238e073930972d1b4eb95ad26b90dcee6308eeb4f6e56cb605bd115bc9a
b04b6b938994305f5d27fbb8b693efec927dd292d98e9368f9b59cbe913b0b5f
b05cefa2098377acdfde526e3d6e161ed9db3ddbaa6ab9621f420e55c0621cdf
b138f0b28fe44581bebb03d0ff7046e4f8416deeb5d152ede640eaa3dc1c7872
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b33443236b9b4c5050d28ffaba44ae967008b7b7604609bb71767f542a02bf88
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
b8425ac294074c771f441d02cd978a9ca5b3dc44cbeb59e43f735f269b5f805a
bc7731959f24eb86dc0127adfa88c91e71d68b5a0c958dae09aab1b34438256c
bcd0ffda31bdb80eb5b5419107d504e1e6ee60181f35c7f3f8c7611b3fe0ef2f
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a
c45a7b49c14477cd160a83d4ee1fb8c311e12314e042d0647c68bec62f16fe29
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
c91a75b4331f5f78cdb3b1264724d73a79d10c83d0bd186261a7f7a2b8d04f1e
ca5dbba8c62685f269db9d9f8b5cc8bb94552e87d0c083a813e91907948c6a29
cbca9befb7fad8992b0771d1748ab3c489d7040c319f4988595ce5180d3065f5
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cd7fec251b640af1d9f35f661b46ed5bf67fe3fab2b2cbca0171a659911d9b23
cfc3639783b53cb6fac8067a01bef53d2f1d98eb83089c2ef7f1805a8a360521
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
d480e8a7a9d951e5d2c82ac84e28683c4d1b138a8bb87a347e8e9572ec8ffc24
d56acbba6e57097f72d8d898cbe780e5401dc37c862e5f1ea44726ab4a574f53
d5e093905310d1fe66bdbc3625cb484a9404b0c13d1ba1c42439152900a9d43e
d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf
db8bbdc4aef89d1baa8bc9c953a882eb3ce857a05a215279f38cc9b0684929e2
e0185f8828a8ac9e48899326ee976af2d62f4d7fc9f74ae11247425a7ecd7413
e0b5a4c5a222720eb46c0effe46b2ed52f24f427d99227445011150b4b4b70db
e21f4e7e88783b14a82c666b81649a49dace8b1fd9a1ec27a8e17b2ae26bbc94
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e525bd4641ab0e6fd6593456a6e703a0baaf52c8a75aec67bcc8beb5c1c0bd7d
e548abcd8734bfcf8b4ebbbca1af98f9e8ae1e0ff884c0971f29498a4fc108f4
e6a1d72ce09ab03a2e8085c37683f627e0242d1549f5c413730edd75486a85e3
e9fc90ad28543009c69a1a69dc0b0c3cd08c475274a8db78189248435702be12
ee5d738d637e6ae6e5f7683fa41aadc91e1b9ff9e722d474f2192c66dc955925
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef3b5249deebad9ff0f54554a3ff8c4db0e21062e4d5644f4f2a9d2e23d22b3d
f005872aa18c6c8c2ddd3661b18fafdf7563ad1121ce4575cbb4bd14bea74c1d
f3be6ad457ba5d4425f4d105688e9cf5a32595ff156bd290c8ccbe0e6ca3a68a
f6ca36e348cc4c90e5abf129cad38b20193a993c9a8daaa5e8b510cc11f36ced
f9f4197c3496202f6f4269c143d961d7260c2cca25fead10e369ae528f817621
fba46ebdcd1750405d9a0790654af7bc02727c6478d3ad596aa6ec0d55303a1e
ff4b703a37dc11dbca28199ebaa29bfd85fb3793138fdc9bb2b952954d098b68
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

projectunderstood.com Open in urlscan Pro 2606:4700:3031::6815:3e65 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

254 Requests

96 %HTTPS

53 %IPv6

30 Domains

45 Subdomains

38 IPs

8 Countries

5719 kBTransfer

9833 kBSize

26 Cookies

6 Outgoing links

Page URL History

Redirected requests

254 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

projectunderstood.com Open in urlscan Pro
2606:4700:3031::6815:3e65 Public Scan

Screenshot
Live screenshot

Full Image

254
Requests

96 %
HTTPS

53 %
IPv6

30
Domains

45
Subdomains

38
IPs

8
Countries

5719 kB
Transfer

9833 kB
Size

26
Cookies

254 HTTP transactions
10 data transactions