ja.projectunderstood.com Open in urlscan Pro
2606:4700:3031::6815:3e65 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ja.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10
Submission Tags: test
Submission: On April 17 via api (April 17th 2022, 1:15:15 pm UTC) from JP — Scanned from JP

Summary HTTP 339 Redirects Links 45 Behaviour Indicators

Summary

This website contacted 68 IPs in 10 countries across 45 domains to perform 339 HTTP transactions. The main IP is 2606:4700:3031::6815:3e65, located in United States and belongs to CLOUDFLARENET, US. The main domain is ja.projectunderstood.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 28th 2021. Valid for: a year.

This is the only time ja.projectunderstood.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
18	2606:4700:303... 2606:4700:3031::6815:3e65	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	151.101.65.195 151.101.65.195	54113 (FASTLY) (FASTLY)
1	188.166.135.13 188.166.135.13	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	2600:9000:221... 2600:9000:221a:ca00:11:a4de:2580:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	88.212.201.198 88.212.201.198	39134 (UNITEDNET) (UNITEDNET)
1	2404:6800:400... 2404:6800:4004:80c::2010	15169 (GOOGLE) (GOOGLE)
17	142.251.42.162 142.251.42.162	15169 (GOOGLE) (GOOGLE)
2	5.196.106.241 5.196.106.241	16276 (OVH) (OVH)
2	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2620:0:890::100 2620:0:890::100	54113 (FASTLY) (FASTLY)
1	2404:6800:400... 2404:6800:4004:823::2002	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:821::2002	15169 (GOOGLE) (GOOGLE)
5	2404:6800:400... 2404:6800:400a:804::2001	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6814:b844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2404:6800:400... 2404:6800:4004:801::2001	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:4004:821::200a	15169 (GOOGLE) (GOOGLE)
27	2404:6800:400... 2404:6800:4004:808::2001	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:825::2003	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:81d::2002	15169 (GOOGLE) (GOOGLE)
33	2404:6800:400... 2404:6800:4004:801::2002	15169 (GOOGLE) (GOOGLE)
4	2600:140b:400... 2600:140b:400:180::4469	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	2404:6800:400... 2404:6800:4004:813::2002	15169 (GOOGLE) (GOOGLE)
7 20	142.251.42.194 142.251.42.194	15169 (GOOGLE) (GOOGLE)
2 4	23.44.53.47 23.44.53.47	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3 13	103.43.90.19 103.43.90.19	29990 (ASN-APPNEX) (ASN-APPNEX)
5	69.174.120.29 69.174.120.29	36062 (DOUBLE-VE...) (DOUBLE-VERIFY)
3	37.157.4.28 37.157.4.28	198622 (ADFORM) (ADFORM)
2	2606:4700:20:... 2606:4700:20::681a:8a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
3	147.75.38.124 147.75.38.124	54825 (PACKET) (PACKET)
6	51.79.234.100 51.79.234.100	16276 (OVH) (OVH)
24	178.33.50.233 178.33.50.233	16276 (OVH) (OVH)
8	212.77.99.29 212.77.99.29	12827 (WIRTUALNA...) (WIRTUALNAPOLSKA GDANSK)
2	172.217.161.38 172.217.161.38	15169 (GOOGLE) (GOOGLE)
4	2404:6800:400... 2404:6800:4004:810::2004	15169 (GOOGLE) (GOOGLE)
6	172.217.175.98 172.217.175.98	15169 (GOOGLE) (GOOGLE)
8	2404:6800:400... 2404:6800:400a:80e::2006	15169 (GOOGLE) (GOOGLE)
3 4	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1 2	23.206.252.252 23.206.252.252	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2404:6800:400... 2404:6800:4004:826::200a	15169 (GOOGLE) (GOOGLE)
4	151.101.66.133 151.101.66.133	54113 (FASTLY) (FASTLY)
3	54.69.75.135 54.69.75.135	16509 (AMAZON-02) (AMAZON-02)
3	2404:6800:400... 2404:6800:4004:823::2003	15169 (GOOGLE) (GOOGLE)
1 2	54.65.22.229 54.65.22.229	16509 (AMAZON-02) (AMAZON-02)
1 1	2001:df2:a300... 2001:df2:a300:bbbb::136	6336 (TURN-US-ASN) (TURN-US-ASN)
1	50.116.239.150 50.116.239.150	6336 (TURN-US-ASN) (TURN-US-ASN)
1	2600:1f18:612... 2600:1f18:612b:4216:25d9:1223:9f5d:e330	14618 (AMAZON-AES) (AMAZON-AES)
3	2404:6800:400... 2404:6800:4004:823::200e	15169 (GOOGLE) (GOOGLE)
1	64.233.189.156 64.233.189.156	15169 (GOOGLE) (GOOGLE)
1	2600:9000:236... 2600:9000:2363:9800:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2404:6800:400... 2404:6800:4008:c01::9c	15169 (GOOGLE) (GOOGLE)
9	104.244.36.20 104.244.36.20	7415 (ADSAFE-1) (ADSAFE-1)
1	18.136.247.49 18.136.247.49	16509 (AMAZON-02) (AMAZON-02)
3	44.228.154.252 44.228.154.252	16509 (AMAZON-02) (AMAZON-02)
1	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
9	104.120.3.184 104.120.3.184	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2406:2600:4::b 2406:2600:4::b	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
3	23.44.52.227 23.44.52.227	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
23	2001:4860:480... 2001:4860:4802:32::3	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:140b:4::... 2600:140b:4::1732:8179	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	2404:6800:400... 2404:6800:4004:24::9	15169 (GOOGLE) (GOOGLE)
3	212.77.98.32 212.77.98.32	() ()
1	204.79.197.204 204.79.197.204	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	172.217.175.226 172.217.175.226	15169 (GOOGLE) (GOOGLE)
1	182.161.74.11 182.161.74.11	() ()
1	2607:f8b0:402... 2607:f8b0:4023:1009::8a	15169 (GOOGLE) (GOOGLE)
339	68

18 2606:4700:3031::6815:3e65 (United States)

ASN13335 (CLOUDFLARENET, US)

ja.projectunderstood.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
projectunderstood.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
uploads.projectunderstood.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.65.195 (United States)

ASN54113 (FASTLY, US)

cdn.zx-adnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.166.135.13 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

net17.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:221a:ca00:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)

get.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.198 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:80c::2010 (Australia)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 142.251.42.162 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s46-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 5.196.106.241 (France)

ASN16276 (OVH, FR)
PTR: vh11a.eris-p.of.pl

video.onnetwork.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:0:890::100 (United States)

ASN54113 (FASTLY, US)

site2text-2021.web.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:823::2002 (Australia)

ASN15169 (GOOGLE, US)

adservice.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:821::2002 (Australia)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:400a:804::2001 (Osaka, Japan)

ASN15169 (GOOGLE, US)

b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:4004:801::2001 (Australia)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:821::200a (Australia)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2404:6800:4004:808::2001 (Australia)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:825::2003 (Australia)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:81d::2002 (Australia)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2404:6800:4004:801::2002 (Australia)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:140b:400:180::4469 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2404:6800:4004:813::2002 (Australia)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 142.251.42.194 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: nrt12s47-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.44.53.47 (Tokyo, Japan) 2 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-44-53-47.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 103.43.90.19 (Singapore, Singapore) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 69.174.120.29 (United States)

ASN36062 (DOUBLE-VERIFY, US)
PTR: te4-0.cr1.lax1.us.packetexchange.net

rtb0.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtbc-sgc.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpsc-sgc.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.4.28 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 147.75.38.124 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 51.79.234.100 (Singapore, Singapore)

ASN16276 (OVH, FR)
PTR: ip100.ip-51-79-234.net

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 178.33.50.233 (France)

ASN16276 (OVH, FR)
PTR: vh11b.eris-w18.of.pl

cdn.onnetwork.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdnt.onnetwork.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 212.77.99.29 (Poland)

ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL)
PTR: ssp.wp.pl

ssp.wp.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.161.38 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s23-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4004:810::2004 (Australia)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.175.98 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt20s21-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2404:6800:400a:80e::2006 (Osaka, Japan)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.98.64.218 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.206.252.252 (Tokyo, Japan) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-206-252-252.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4004:826::200a (Australia)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.66.133 (United States)

ASN54113 (FASTLY, US)

cdn.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
consumer.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.69.75.135 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-69-75-135.us-west-2.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:823::2003 (Australia)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.65.22.229 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-65-22-229.ap-northeast-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:df2:a300:bbbb::136 (United States) 1 redirects

ASN6336 (TURN-US-ASN, US)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.116.239.150 (United States)

ASN6336 (TURN-US-ASN, US)

d7079319626924959602-t3650225182335709258.id.amgdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4216:25d9:1223:9f5d:e330 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:823::200e (Australia)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.233.189.156 (United States)

ASN15169 (GOOGLE, US)
PTR: tl-in-f156.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2363:9800:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4008:c01::9c (Taipei, Taiwan)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.244.36.20 (United States)

ASN7415 (ADSAFE-1, US)
PTR: nyidt.adsafeprotected.com

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.136.247.49 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-136-247-49.ap-southeast-1.compute.amazonaws.com

cmp-as-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 44.228.154.252 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-228-154-252.us-west-2.compute.amazonaws.com

ads.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.49 (United States)

ASN54113 (FASTLY, US)

statsf-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.120.3.184 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a104-120-3-184.deploy.static.akamaitechnologies.com

dco-assets.everestads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2406:2600:4::b (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.44.52.227 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-44-52-227.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:140b:4::1732:8179 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:24::9 (Australia) 1 redirects

ASN15169 (GOOGLE, US)

rr4---sn-oguesn6s.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 212.77.98.32 (None, )

ASN- ()

std.wpcdn.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.79.197.204 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0005.a-msedge.net

analyticspixel.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.175.226 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s29-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.161.74.11 (None, )

ASN- ()

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4023:1009::8a (Fort Worth, United States)

ASN15169 (GOOGLE, US)

s.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
70	googlesyndication.com b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 128 pagead2.googlesyndication.com — Cisco Umbrella Rank: 98 ade.googlesyndication.com — Cisco Umbrella Rank: 271	342 KB
49	doubleclick.net 7 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 193 googleads.g.doubleclick.net — Cisco Umbrella Rank: 40 cm.g.doubleclick.net — Cisco Umbrella Rank: 211 ad.doubleclick.net — Cisco Umbrella Rank: 196 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 293 bid.g.doubleclick.net — Cisco Umbrella Rank: 500 stats.g.doubleclick.net — Cisco Umbrella Rank: 95 pubads.g.doubleclick.net — Cisco Umbrella Rank: 487	371 KB
27	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	43 KB
26	onnetwork.tv video.onnetwork.tv — Cisco Umbrella Rank: 47505 cdn.onnetwork.tv — Cisco Umbrella Rank: 47797 cdnt.onnetwork.tv — Cisco Umbrella Rank: 58046	148 KB
18	projectunderstood.com ja.projectunderstood.com projectunderstood.com uploads.projectunderstood.com	687 KB
16	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 248 acdn.adnxs.com — Cisco Umbrella Rank: 597	63 KB
12	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 780 static.adsafeprotected.com — Cisco Umbrella Rank: 565 dt.adsafeprotected.com — Cisco Umbrella Rank: 517	101 KB
9	everestads.net dco-assets.everestads.net — Cisco Umbrella Rank: 9213	191 KB
9	doubleverify.com cdn.doubleverify.com — Cisco Umbrella Rank: 495 rtb0.doubleverify.com — Cisco Umbrella Rank: 697 tps.doubleverify.com — Cisco Umbrella Rank: 494 rtbc-sgc.doubleverify.com — Cisco Umbrella Rank: 19458 tpsc-sgc.doubleverify.com — Cisco Umbrella Rank: 15687	123 KB
8	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 262	251 KB
8	wp.pl ssp.wp.pl — Cisco Umbrella Rank: 25304 Failed	1 KB
8	googleapis.com storage.googleapis.com — Cisco Umbrella Rank: 492 fonts.googleapis.com — Cisco Umbrella Rank: 46 imasdk.googleapis.com — Cisco Umbrella Rank: 417	370 KB
7	krxd.net cdn.krxd.net — Cisco Umbrella Rank: 1448 beacon.krxd.net — Cisco Umbrella Rank: 440 consumer.krxd.net — Cisco Umbrella Rank: 1852	91 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 176	211 KB
6	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 860	3 KB
6	google.com adservice.google.com — Cisco Umbrella Rank: 77 www.google.com — Cisco Umbrella Rank: 4	1 KB
6	zx-adnet.com cdn.zx-adnet.com — Cisco Umbrella Rank: 133493	130 KB
5	everesttech.net cmp-as-tm.everesttech.net — Cisco Umbrella Rank: 13821 ads.everesttech.net — Cisco Umbrella Rank: 8870 statsf-tm.everesttech.net — Cisco Umbrella Rank: 3877	34 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 343	112 KB
4	openx.net 3 redirects us-u.openx.net — Cisco Umbrella Rank: 411	721 B
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 575	4 KB
3	wpcdn.pl std.wpcdn.pl	101 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	20 KB
3	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 1173	238 B
3	creativecdn.com prebid-eu.creativecdn.com — Cisco Umbrella Rank: 5993	558 B
3	adform.net adx.adform.net — Cisco Umbrella Rank: 3977
3	optad360.io get.optad360.io — Cisco Umbrella Rank: 26184	221 KB
2	googlevideo.com 1 redirects rr4---sn-oguesn6s.googlevideo.com — Cisco Umbrella Rank: 235007	2 MB
2	criteo.com gum.criteo.com — Cisco Umbrella Rank: 383 mug.criteo.com Failed
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1031	639 B
2	4dex.io script.4dex.io — Cisco Umbrella Rank: 1879	24 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 436	94 KB
2	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 7696	1 KB
1	youtube.com s.youtube.com — Cisco Umbrella Rank: 581
1	microsoft.com analyticspixel.microsoft.com — Cisco Umbrella Rank: 10923	651 B
1	createjs.com code.createjs.com — Cisco Umbrella Rank: 1365	63 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 238	23 KB
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 355	549 B
1	tremorhub.com partners.tremorhub.com — Cisco Umbrella Rank: 1001	183 B
1	amgdgt.com d7079319626924959602-t3650225182335709258.id.amgdgt.com	283 B
1	turn.com 1 redirects d.turn.com — Cisco Umbrella Rank: 814	425 B
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 809	390 B
1	google.co.jp adservice.google.co.jp — Cisco Umbrella Rank: 44077	792 B
1	web.app site2text-2021.web.app — Cisco Umbrella Rank: 267787	357 B
1	net17.biz net17.biz — Cisco Umbrella Rank: 940078	19 KB
339	45

	Domain	Requested by
33	pagead2.googlesyndication.com	b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com tpc.googlesyndication.com ja.projectunderstood.com ad.doubleclick.net googleads.g.doubleclick.net srcdoc www.googletagservices.com fw.adsafeprotected.com securepubads.g.doubleclick.net
27	tpc.googlesyndication.com	ja.projectunderstood.com b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com securepubads.g.doubleclick.net imasdk.googleapis.com
23	csi.gstatic.com	imasdk.googleapis.com
23	cdn.onnetwork.tv	ja.projectunderstood.com video.onnetwork.tv
13	ib.adnxs.com	3 redirects googleads.g.doubleclick.net get.optad360.io acdn.adnxs.com
13	securepubads.g.doubleclick.net	get.optad360.io securepubads.g.doubleclick.net ja.projectunderstood.com
12	googleads.g.doubleclick.net	b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com ja.projectunderstood.com
12	projectunderstood.com	ja.projectunderstood.com projectunderstood.com
10	cm.g.doubleclick.net	7 redirects googleads.g.doubleclick.net
9	dco-assets.everestads.net	ads.everesttech.net dco-assets.everestads.net
9	dt.adsafeprotected.com	b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com
8	s0.2mdn.net	b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com ja.projectunderstood.com s0.2mdn.net imasdk.googleapis.com
8	ssp.wp.pl	get.optad360.io
7	www.googletagservices.com	b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com cdn.doubleverify.com www.googletagservices.com
6	googleads4.g.doubleclick.net	ad.doubleclick.net ja.projectunderstood.com fw.adsafeprotected.com
6	onetag-sys.com	get.optad360.io
6	cdn.zx-adnet.com	ja.projectunderstood.com cdn.zx-adnet.com
5	ade.googlesyndication.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
5	uploads.projectunderstood.com	ja.projectunderstood.com
4	pubads.g.doubleclick.net	imasdk.googleapis.com
4	imasdk.googleapis.com	video.onnetwork.tv imasdk.googleapis.com
4	us-u.openx.net	3 redirects googleads.g.doubleclick.net
4	www.google.com	b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com tpc.googlesyndication.com
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cdn.doubleverify.com	b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com cdn.doubleverify.com ja.projectunderstood.com
3	std.wpcdn.pl	ssp.wp.pl
3	acdn.adnxs.com	get.optad360.io
3	ads.everesttech.net	cmp-as-tm.everesttech.net ads.everesttech.net dco-assets.everestads.net
3	www.google-analytics.com	ja.projectunderstood.com www.google-analytics.com
3	www.gstatic.com	b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com
3	beacon.krxd.net	b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com cdn.krxd.net
3	cdn.krxd.net	s0.2mdn.net cdn.krxd.net
3	prebid.a-mo.net	get.optad360.io
3	prebid-eu.creativecdn.com	get.optad360.io
3	adx.adform.net	get.optad360.io
3	fonts.googleapis.com	securepubads.g.doubleclick.net b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com
3	get.optad360.io	ja.projectunderstood.com get.optad360.io
2	rr4---sn-oguesn6s.googlevideo.com	1 redirects
2	tpsc-sgc.doubleverify.com	cdn.doubleverify.com
2	fw.adsafeprotected.com	1 redirects b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com
2	sync.teads.tv	1 redirects googleads.g.doubleclick.net
2	ad.doubleclick.net	www.googletagservices.com
2	script.4dex.io	get.optad360.io script.4dex.io
2	adservice.google.com	securepubads.g.doubleclick.net imasdk.googleapis.com
2	cdn.jsdelivr.net	get.optad360.io video.onnetwork.tv
2	video.onnetwork.tv	get.optad360.io video.onnetwork.tv
2	counter.yadro.ru	1 redirects ja.projectunderstood.com
1	s.youtube.com
1	analyticspixel.microsoft.com
1	code.createjs.com	dco-assets.everestads.net
1	cdnjs.cloudflare.com	dco-assets.everestads.net
1	match.adsrvr.org	get.optad360.io
1	mug.criteo.com
1	gum.criteo.com
1	rtbc-sgc.doubleverify.com	cdn.doubleverify.com
1	statsf-tm.everesttech.net	b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com
1	cmp-as-tm.everesttech.net	fw.adsafeprotected.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	static.adsafeprotected.com	b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com
1	bid.g.doubleclick.net	b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com
1	cdnt.onnetwork.tv	ja.projectunderstood.com
1	partners.tremorhub.com	googleads.g.doubleclick.net
1	d7079319626924959602-t3650225182335709258.id.amgdgt.com	googleads.g.doubleclick.net
1	d.turn.com	1 redirects
1	consumer.krxd.net	cdn.krxd.net
1	tps.doubleverify.com	cdn.doubleverify.com
1	rtb0.doubleverify.com	cdn.doubleverify.com
1	fonts.gstatic.com	fonts.googleapis.com
1	geolocation.onetrust.com	cdn.zx-adnet.com
1	adservice.google.co.jp	securepubads.g.doubleclick.net
1	site2text-2021.web.app	storage.googleapis.com
1	storage.googleapis.com	cdn.zx-adnet.com
1	net17.biz	ja.projectunderstood.com
1	ja.projectunderstood.com
339	76

This site contains links to these domains. Also see Links.

Domain
www.cookiesandyou.com
www.optad360.com
projectunderstood.com
th.projectunderstood.com
id.projectunderstood.com
ko.projectunderstood.com
ar.projectunderstood.com
tr.projectunderstood.com
it.projectunderstood.com
bg.projectunderstood.com
ru.projectunderstood.com
uk.projectunderstood.com
ro.projectunderstood.com
de.projectunderstood.com
fr.projectunderstood.com
pl.projectunderstood.com
sv.projectunderstood.com
es.projectunderstood.com
nl.projectunderstood.com
hr.projectunderstood.com
iw.projectunderstood.com
hu.projectunderstood.com
da.projectunderstood.com
sk.projectunderstood.com
no.projectunderstood.com
sl.projectunderstood.com
el.projectunderstood.com
cs.projectunderstood.com
fi.projectunderstood.com
lt.projectunderstood.com
lv.projectunderstood.com
et.projectunderstood.com
pt.projectunderstood.com
vi.projectunderstood.com
sr.projectunderstood.com
en.projectunderstood.com
bn.projectunderstood.com
ca.projectunderstood.com
hi.projectunderstood.com
ta.projectunderstood.com
te.projectunderstood.com
tl.projectunderstood.com
ur.projectunderstood.com
zh-cn.projectunderstood.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-28` - `2022-09-27`	a year	crt.sh
micuenta.kioscodeseguros.com GTS CA 1D4	`2022-03-08` - `2022-06-06`	3 months	crt.sh
net17.biz R3	`2022-03-11` - `2022-06-09`	3 months	crt.sh
*.optad360.io Amazon	`2021-11-17` - `2022-12-15`	a year	crt.sh
*.storage.googleapis.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
onnetwork.tv R3	`2022-04-04` - `2022-07-03`	3 months	crt.sh
web.app GTS CA 1D4	`2022-04-12` - `2022-07-11`	3 months	crt.sh
*.google.co.jp GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-01-12` - `2023-01-12`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.doubleverify.com DigiCert SHA2 Secure Server CA	`2021-12-23` - `2022-12-23`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-17` - `2023-04-12`	a year	crt.sh
*.a-mo.net R3	`2022-03-08` - `2022-06-06`	3 months	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
*.wp.pl RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-10` - `2023-03-15`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
cdn.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-12-30` - `2022-12-29`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-03` - `2022-11-02`	a year	crt.sh
consumer.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-07-13` - `2022-07-12`	a year	crt.sh
fw.adsafeprotected.com Amazon	`2021-08-11` - `2022-09-09`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
static.adsafeprotected.com Amazon	`2021-09-05` - `2022-10-04`	a year	crt.sh
*.adsafeprotected.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-26` - `2022-06-17`	a year	crt.sh
*.tmogul.com DigiCert SHA2 Secure Server CA	`2020-07-14` - `2022-07-19`	2 years	crt.sh
*.everesttech.net DigiCert TLS RSA SHA256 2020 CA1	`2022-02-17` - `2023-03-20`	a year	crt.sh
www.adobetag.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-05` - `2023-01-05`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-07`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2021-12-10` - `2022-12-09`	a year	crt.sh
tls.adobe.com DigiCert SHA2 Secure Server CA	`2020-06-01` - `2022-06-06`	2 years	crt.sh
*.wpcdn.pl RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-05-14` - `2022-05-15`	a year	crt.sh
g.msn.com Microsoft RSA TLS CA 01	`2022-03-16` - `2022-09-16`	6 months	crt.sh

This page contains 37 frames:

Primary Page: https://ja.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10
Frame ID: 88606BA7C62F0B38DC9B59F4A3B220BC
Requests: 78 HTTP requests in this frame

Frame: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C9CA083A49020CB9661CF86C21645138
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Frame ID: C83C7CB99E1606F25DF7A112C54D1892
Requests: 16 HTTP requests in this frame

Frame: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5B2008F6DD03598AF075D93DE3CE7E72
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQi4Dw4AIYis2CvQEwAQ&v=APEucNUET84u1gAkUO5_uSOovl2u-EvT-9Lily837ZQubyeWnPw7t7sxAl6t4ay9mQiDmtxi08TyVVKSfAerpna9g143fxY4HA
Frame ID: E681ECB34E9299F9C9FBA9B8A15394A9
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0C49B5D2B192FEEA5936729158E3FF6A
Requests: 3 HTTP requests in this frame

Frame: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 4781C53F4715437780ACE1663F598A23
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJeI-AIQxIeEigIY7Ie3wwEwAQ&v=APEucNXZOweT-hPNk1KK2Q7HwxKt0IVQ-EdYsM-gfY0xEgSTCcZ-W2_ztynTru_3cGND9pgCq8PSm6ucqAosW27pBzYsRAX9xQ
Frame ID: 1365318790CC405F51E122F8DC524344
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: CB7164F427A532CF4D4E67F735179414
Requests: 3 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements2576.js
Frame ID: 4BD1A8684857AB8D69AC93BDAC50D481
Requests: 4 HTTP requests in this frame

Frame: https://cdn.onnetwork.tv/css/player86.css?s=1643493341
Frame ID: 625928E6FF8B58AC4A7F427ACF725D15
Requests: 50 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15328689055919431265/1000XM4_mar_300x250/index.html
Frame ID: 9EFCBC88605BB2C8665F50EABAB7924B
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 6FB024B27CBF6EA77ADB46357CB161C0
Requests: 3 HTTP requests in this frame

Frame: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: AA5E432B4545710D63CE62F1859FDE73
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Frame ID: CC436FD093136A84FE6376505DCEB57B
Requests: 8 HTTP requests in this frame

Frame: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: CCD900E9D0B320AC5F50CED6F69B46CA
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIkCEMfclwEY84z8rgEwAQ&v=APEucNX841aC80MUh1-OGyMQjniJl8ws7AjaGCRyLbFbivICHrdSrPRC7yVacm3P2jFSyARSXq0xGSOPQ3ov00Y7dlRSk6V50Q
Frame ID: 415A3C0C8EE39C1F9144B4E541B418A3
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E25E9C4F6400C92A2D6C0EADC348C62D
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.510.1_pl.html
Frame ID: 7D954823880839E7BA622144DBEB947C
Requests: 33 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 243118EB1888937B18897A804FDF2965
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 66E9BF589B518EEC07609ED253F95292
Requests: 1 HTTP requests in this frame

Frame: https://ads.everesttech.net/ads/mti/20742/4249?CLK_TR=%2F%2Fstatsf-tm.everesttech.net%2Fstats%2F1%2Fct%3Fcmpo%3Dt%26cmpe%3DH4sIAAAAAAAAAAHAAD__YuhkS6FcJbdaLJTwvNe-jaiImDNU9wvRSQFEPj4d3JdhnkQBEPvGxOU7w3ixoQHda-d98DBN3MdvhQe3_hgPlqZ3st_7SE979DPe7h75MRnkmVqZLSaPuXIjRbg3cs4XyTPxUOaRM_FzVR22oLtZB_b2-2xxpzxD_NJ1tHStYTpCkpArpeWUrE64quUdjNUs6bltapNJ03_kJIcDQqPmTX3_1LRMtwVL2JWa5ih5-Ly5g8dRApjAMteO3YaB88-D1p3qs8AAAAA%26redir%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Fpcs%252Fclick%253Fxai%253DAKAOjsuyTqmsI98m5IwtyzG8LRtP9kc-jEx4P4IN4sDYbiQ_EVh6U3qav5JKxCZSplWWFWPfqCwZKcCOfw_HmFnqne_DGOyUTrCjwUs8T10s2FIuU8G6tZP3An5clcGuosNRUnPizlEFi3L0RlowZruK1JwzKj22csjfcoT-0Lja38F5fkyQJeSJxmkbdjXK0HRIi1n9Qeavg07GH8LWc0a20pz1LIwYWlRitmJoRaUDQzsd4yHnWKMhs7JwdnEHLgCpIp2UE5uH2DbuDFKLEUqJWfLbxTOaAZjAKzO8hcFtSYo4GRxo7d7ZzMa-DEkc6iJsOJxSKp3ta450FOQ0_En9sjRa6zPrMWxQbM4fdfAdk9N4GU-lKqOilMV2riNrFIV64tgKN-7_SClzaz2_p1hyvkKbBzEp_P-gAxWQGKdRV6P7WQcrGLyda8FUyMTiuCjNld4I-ZNiq0exFtO2FB7dZzVuD1hWq2I2LGXusInhsJggsCxftoIDfWgkUsLPlKYCOwOgqPWGobu9qw_m2jBisXp8jL-FYjQsW3rlY7mpkemz6sxbyHeeMLeVP2eooqS7yFbIfzqxcuCvGJ3-JFSRWcKaT31Wf3eZEAYpxebOatjFaoHAuk3bUeSXLIUq2j5-P-LfT4oo1Tv6O9UkWlXf2kKBoZMM6EOVL_qs8RMzGQmEjRo6uIvKM8DRc0R2PGQyNUfCqxQQK06lDZrExY0KG1sd7Y4KwzerZKhjLrpv-gm3pAd1geQCgMiQ3VD24OaqUOBWn2KccU8iQCAWu280dibTfSptnfFLtSexoMVC-sL8GatUoiF2fHdGTcI0k_3P-podkL2mrMSwhc3sgaXcMMsfgQD7J89tNGO2LTxifBmHhphgG68zlicSewgLyXxR2JDf3A3mrb1unUPwVPa7YsUAtH_EprevpDR5B6ie-cBIB2TtksHvt9Ga3H0AsZatA_oqQ5_USHg_Vx9aZ1jACC2Hwob1uS7aR74oRbQfwxeh5afiFFwVd2maXjOKDAjI47yEFrFQcmyFq4EEczNSLQIX7DCpe0j9GLwavhQesdJisoKsLEZRQxLSt0H_ktf9ohZgAnoKjYeJFHNFQXvLcshnrB9HOpEwEWzbOry1yI259KqYlP_g1-ljbWLxxMrQfZgol8MLgJ0ZybYs8jB8gLicoI8D6wdzISFO2lfNHbhQnI2wsfmVLzJ6SlUszWBXegwxtjLzBk9-7CqfKL7iGr4%2526sai%253DAMfl-YRZW-8TcbXWKlpS_DDmnmxi0mhTPEFxQGbVgLLWMi8zEif3fRp9QWdZ5DywnQL4bU3m2j-LS_JIEbBYUjU0hqg-wOgPw6WdWZpxBmZDUBQatbIyX1ECl2hv5SIdSkg95qTRKBF4RVVu-qKQOfa_VyEOohe6PsTYSaZmKiWRYKCbmfW5qy8lWGtvwNEI4_v_Jod_kekoX4-LvEmxCJr2RW_DrQlRL0YddVZf2kX1DvHJ8HS-qNI%2526sig%253DCg0ArKJSzES0Wk8G9X35EAE%2526cry%253D1%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D&CMP_ID=25947223&PLCMT_ID=305934931&AD_ID=498879351&FEED_ID=${TM_FEED_ID_NUM}&Placement_ID=305934931&cachebuster=1650201344&TC_1=2200008&TC_2=25947223&TC_3=305934931&TC_4=137843133&TC_5=dcmadvertiserid|8404942$dcmcampaignid|25947223$dcmadid|498879351$dcmrenderingid|137678428$dcmsiteid|6958819$dcmplacementid|305934931$customer|Microsoft$dv360auctionid|&nr=0.5758039927578036&edge=y&html5=y&loc=https%3A%2F%2Fb94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com%2F
Frame ID: E7CD7D0FA7B07439E56DB02A755A9F29
Requests: 2 HTTP requests in this frame

Frame: https://dco-assets.everestads.net/ics-campaign/static/dco/html5-ad-script_v4.html?data=YlwS3QAABbAy4kJl
Frame ID: 2F2EF33F784C046386334D9C85B6BD8F
Requests: 2 HTTP requests in this frame

Frame: https://dco-assets.everestads.net/ics-campaign//5031/t/7878/6/z728x90.html
Frame ID: 1A73D000DD99F36E49B77221903DA644
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EF6E1DA008AEAF065789A15A0CD59CA5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8370D70707FC3C302BA4C644F1844988
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 032D506374E600467B2815DF2D31A3A3
Requests: 3 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2
Frame ID: 4B193EA470344ECBAF89EAC2238F982A
Requests: 2 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2
Frame ID: 0F60A859190B89ED566BC499A5DEC5F0
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1650201306599&gdpr=0
Frame ID: E5FE89FE4C87CEB21D48B2FCA9553992
Requests: 1 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2
Frame ID: 778852BF714565AAD0343F1C4DEF12E0
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1650201306405&gdpr=0
Frame ID: 877300306CB18AA9D739615DF0EF794D
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1650201306409&gdpr=0
Frame ID: 41B7FA4BBE35E82F69F6B60BBA59D375
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 21FE8CDF879CE58A0FD367A03F270F4F
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 083CF837DC3C3269EBEE34BEAAFFD4FB
Requests: 3 HTTP requests in this frame

Frame: https://dco-assets.everestads.net/ics-campaign//5031/t/7878/6/Bookings/M365_FY20Q4_SMB_USA_728x90_BAN_Bookings_English_NA_NA_ANI_BN_NA_2.htm
Frame ID: 444042D569D163548AC865BF6E7789D9
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Frame ID: 2507D219801A18EE5664243F83C14747
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

WSADキーと矢印キーはWindows10で切り替えられます

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

339
Requests

94 %
HTTPS

49 %
IPv6

45
Domains

76
Subdomains

68
IPs

10
Countries

5632 kB
Transfer

12044 kB
Size

33
Cookies

45 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cookiesandyou.com/
Title: Learn more

Search URL Search Domain Scan URL

URL: https://www.optad360.com/en/?utm_medium=AdsInfo&utm_source=ja.projectunderstood.com
Title: Ads by optAd360

Search URL Search Domain Scan URL

URL: https://www.optad360.com/
Title: Monetized by optAd360

Search URL Search Domain Scan URL

URL: https://projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10

Search URL Search Domain Scan URL

URL: https://th.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10

Search URL Search Domain Scan URL

URL: https://id.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10

Search URL Search Domain Scan URL

URL: https://ko.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10

Search URL Search Domain Scan URL

URL: https://ar.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10

Search URL Search Domain Scan URL

URL: https://tr.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10

Search URL Search Domain Scan URL

URL: https://it.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10

Search URL Search Domain Scan URL

URL: https://bg.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10

Search URL Search Domain Scan URL

URL: https://ru.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10

Search URL Search Domain Scan URL

URL: https://uk.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10

Search URL Search Domain Scan URL

URL: https://ro.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10

Search URL Search Domain Scan URL

URL: https://de.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10

Search URL Search Domain Scan URL

URL: https://fr.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10

Search URL Search Domain Scan URL

URL: https://pl.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10

Search URL Search Domain Scan URL

URL: https://sv.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10

Search URL Search Domain Scan URL

URL: https://es.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10

Search URL Search Domain Scan URL

URL: https://nl.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10

Search URL Search Domain Scan URL

URL: https://hr.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10

Search URL Search Domain Scan URL

URL: https://iw.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10

Search URL Search Domain Scan URL

URL: https://hu.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10

Search URL Search Domain Scan URL

URL: https://da.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10

Search URL Search Domain Scan URL

URL: https://sk.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10

Search URL Search Domain Scan URL

URL: https://no.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10

Search URL Search Domain Scan URL

URL: https://sl.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10

Search URL Search Domain Scan URL

URL: https://el.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10

Search URL Search Domain Scan URL

URL: https://cs.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10

Search URL Search Domain Scan URL

URL: https://fi.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10

Search URL Search Domain Scan URL

URL: https://lt.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10

Search URL Search Domain Scan URL

URL: https://lv.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10

Search URL Search Domain Scan URL

URL: https://et.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10

Search URL Search Domain Scan URL

URL: https://pt.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10

Search URL Search Domain Scan URL

URL: https://vi.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10

Search URL Search Domain Scan URL

URL: https://sr.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10

Search URL Search Domain Scan URL

URL: https://en.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10

Search URL Search Domain Scan URL

URL: https://bn.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10

Search URL Search Domain Scan URL

URL: https://ca.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10

Search URL Search Domain Scan URL

URL: https://hi.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10

Search URL Search Domain Scan URL

URL: https://ta.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10

Search URL Search Domain Scan URL

URL: https://te.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10

Search URL Search Domain Scan URL

URL: https://tl.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10

Search URL Search Domain Scan URL

URL: https://ur.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10

Search URL Search Domain Scan URL

URL: https://zh-cn.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//ja.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10;0.7012257754607416 HTTP 302
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//ja.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10;0.7012257754607416

Request Chain 73

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELdi9Rhu5R4SqeajUvCXmXA&google_cver=1

Request Chain 74

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YlwS2R1OnrNJwzddQpEKZQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELdi9Rhu5R4SqeajUvCXmXA&google_cver=1

Request Chain 75

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEJSHZP2x8dVlpBb_2xqXtRk&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEJSHZP2x8dVlpBb_2xqXtRk%26google_cver%3D1

Request Chain 76

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzI1MjgzMDgwNDYxMTMzMzI4Nw%3D%3D

Request Chain 129

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELdCEANPJNCdEy_kVpPR_a8&google_cver=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESELdCEANPJNCdEy_kVpPR_a8&google_cver=1

Request Chain 130

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NmY0MzY0YzMtNmMyNS0yZDBlLWVjYjEtNGMxM2FiZDMxNjlk

Request Chain 131

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEEX7_O02sKjmjdyYgpkDbNQ&google_cver=1

Request Chain 132

https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ODRhMzUwODUtZDM3My00NWQ2LTgwZjktZjc4MzI2MzZlZjcw

Request Chain 190

https://cm.g.doubleclick.net/pixel?google_nid=turn_dmp&google_cm HTTP 302
https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI0MTMwODU4/rnd/?mpuid=CAESEIJd7vJknF_cy5XVqzHUq7g&google_cver=1 HTTP 302
https://d7079319626924959602-t3650225182335709258.id.amgdgt.com/img/server/beacon.gif

Request Chain 191

https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm HTTP 302
https://partners.tremorhub.com/sync?UIGL=CAESED7KbBHNBuuLvIbYqpjKUdQ&google_cver=1

Request Chain 207

https://fw.adsafeprotected.com/rfw/bgd/743429/55636121/xbbe/creative/adj?p=APEucNUML_uRTeCyTJ_nn9xXD60bPUjwFKRPCh_ITMUJiPhuU-8ZlTw&d=CnkAoCZ_4OOQVQbKgsJ9rcbPBo1WdnEPb6T6ckIuVunupyVSiOPVMJSY9XbAiyCGYCPeTkifDGWgas4QM_SDeJwrIR9BjfJDruKLPgsQufcmfAGFVhs9GxZ2FcVd0vdbN_Dn7Ziu9tyIkr-F1YghYZRkmRnhjhhyZt6nEpkUAKAmf-DRoFT1yf81VxusRM3Xlva268PQWtY-nHnrzGSttuK88U6_qwFI6_dn8wFuy3_Jmq87qiuvHngJS9RhsPf0KP8WN8Ts-EOfd5shBIRZj_VAGV-D-oXACfZgEmGD8OVHHu65R1bPgKn-mrdQhfKDCssxKtUwlXfebTLr0oRSZxC2Qhwm3__IliQOmeIDYIJdweI_AxWZ8emo2gTjeDuNvZ-qSuQmNSWiD_Or3RJVhCWsdXfqjKRx2YHn2UQhwZRB_Nh_OyOnHuhW6KbbC8FGiax4DsBz_3tzBWlFMW0a11g4DrwZ28baBXl4srWbY9o11fGP7pX8kRmQ_26IR8hhc3675gyevxGM9Dqx95pI2ogOvaEb0pXTp_uVaIiOUq81P6tNpJZSWMitTBKX2hUirUIAGmAV8fHJ1-SGz1mvd436_0bbqxC6r0ambQjup3dnJDcoJPxBzsoLrdd5rUA_DnIaYUhasPn8wURv0tN-ZodFVoddHhaOcaKEfrudgZB0bKuIBa9uVgeY0erZs2nCta7FzG_lxsKn__Pp21XYnCc4PR9xRH0lNNX5vZH6Lk5w1LHQ9KLWjMfYVk_8IAqibpHkb3sKXkcQJrSN5kmG0B-p8MVPrmG8jjuk4P8jFZ7dy4n6H5r6sNJ2BPJkNt9HgJR7FIonlbdwg_y9r2B5BK_yPCRPzWOj29ikzdisP6hMhcs3UaHE9yYyDE4RJeibEJZBLtYH2OY7ubZ1M70VoHPlfSY-7exIONdlgbcDvqfCvkfdINDEPi2HcE1FrxVYejPhatovcCtPOfsWTKxbObSbg29dI1rlUryPbRX3-tgnvgJOEeGChl0vDzjBdfuOn3hQh6xdb-TQMPPrswRwG7b2xK3yMW2T6ziBLgWtAgqcUGJISKMSYMTEa4eLXfsV7BYk7E8N5or3IrocCJtJJm2XBvMPypexNSGnzmq4vtlSexmMwyMd6PXgR1x4JdsjBHxhL3udJ5L48EUBUpUxVlsgXjvFE58QoFRE42O10Bv6SLdeVABNiTei2DFVN9XnDGE56mOGjprCHgWGODeq25n2_xaWUt6MK8b3VXgnsvNcEen1ED_m4YKBTYvvmVJqaOaOo7OOGlI7tN7siz2_Ui76kv3CCAzQuS0Dt9ZAePcJNgIPiZT3pFxspklIIZL0_o6gqQimtZuwvI2ITvhk26vEMc277KKynDQwvM6SX3Zp7wcIS3u23Sy8KsL5SSMElpZRxM5DAALHprwFKiCFuHcorovI3wvsI5sO37nA1B26YVGWDEi3Essm2horVNp0vTPm7JdfrzvCghzfXaibHwraoGVyjWZXT550YuMXddblmvZBo-SAx8ISOeBt9Jh9f_ZZX28NFsYdX22rRi85n7vUa7vOCsp5Wp6PMz--701PDqYpQUZMS8lcuetvOh8FSpy4Gz7W0Aj3eBfY3Z0qEhHqEOOdJdhHvee06U5R0hJMTAHMNc6KQryFRE-SJiCZOP24KbtAomAPZ_xsccJ8UY3EgwJKhl0YNfU86mBPmjDFnIV2e6hD6Kzra_GC5mkofXT9ebpPKiQ1jfYh_QOpvhHxMuAfXYpOfmHOmMJm4x6yYC2iqgE5PbYuAXOrGfrjKcq4Mz62vnzx7PkKrzSxe6-uzK1C95DL_fdQ0Cf2S8weG32JgHZ5q16aRasOZolxAwgVuewG2AgTFQTVKf3PzBQmr7tb807zGLGj2QpwmPFYRQYXV4t4aN8lWdo3zv9yQgtm9W3hD7cOuB8F96yZicFhfdbEAdI_12CDyous7TCWiUojcYEt32SviZzHCeZRiEcbKoQ7N7GTUU4v4W_ZyHeJZI6y-6fWnSuc6GUF0Ah2DOc25LQStikfJbcJiMclQwPRLaWoPNWNMTqMg6aEa-mpVbN-zAwV843nOASCizt-bM5Ut_WbvuXX2lLvhhglUUvz7CjkqhS6lo3X5GS2wTRcfFbo85vX84lJ3cpNYDlLtnpob3krAslkP-iAyqTlPnpHbs4-_pzK7rkrSFqBHdeNbm1sGAPf0jw-ORuLCh7TNfWpyLDj6rwQBYRBkrXTXmDDLDetkCw0vqfBdc4Jn15OtNLOvIjlBKRu3j0EFBOd7UgiOYASgLXEdcvXUhn-YRh3u67M72cdp1iUBunfAWm__a9tDPW9C_OXOCE2LO2v-RKirR5ZuqhcfqUvAebW3ObSlDtVFnRx85jjkUa6GYnZMJAQK_tCt33HKQU8uJTTFncyxRkHj9bBVzyV0GBCGtO_j2sFpfoVe_3FBACN31ISoH9LXvh2kqUd-w59sOQKYvLijbhZ8bn4cBINtXDwPBSpbcATKAm8TUrrP_e7j5hauawGCHN2kULeVuhJ0m8oV6Yz7v5-gEcP_JTDMx9cUTc8uW7M6c-CHvTY4ulz_7yJFYtfHo5cDsozQHt_4uKrL-7Crci4YOUOiv7xHGJl5FAn0nPmEJwJK4-Gx64jJ8PYEawwrTlG8mZc-VbkPmFtj_QmeibtxyDS89qB7hMZL8o-TBUCjbBOCw2kgM6Pstr_aCCNJJhxx4O0wGndCg6rqHfWX7v8UVcMUV9d7eDUJqYj3-j2IS17CG-lHn70DIfJw_mFpinq9q3WmyOU_OUsftskRLiW0Qcj96z1uuu_UzTBwhsomDLW0LhP2qcGofnA2q8ZKSvLdJ0n1hSJDoNPImrgFMSD3vLIVSYaGGIEzPbR6SDOsnmuXyJ96zV1sq380EnBnysSIWxwg-OxDMnOcOWHxkP9q7m4Bc77VPLoioje3SHVnppKkK5DJextY-9A88j74h-wXfY7Ucp-s8nQGCseW56TelQBW1U-AoBAy2haWy9IDYkmFXkDPxN1p_7DDsUMnXrTLRLvV-DSbLsbECvSbLZ6F5okdR2c8hQCLeLqMADri9lG7gBFYzrRVfnmQepQEczSApA4PBcGWaXG0hcgFYGpf-EpKBgaR26LPfLopdRNFdE2ZrN7yhZLGzOvk0bozBw4bTtIe9pMs42hUfi7ztjE-WbPxXK2O-2_NPIRkpssh6plB2PA_p36nz0Rvln-serrDz59uaeh97L8zGPBpDH1XoR1TX78AWp8_pRM0jc0OtqERALtLWr8YrED46AYqKI-TE_Ew49X6XLF3V8piQGvyAWNEU6nU7ntDccSqeqVklLAXODRZF1Ks6RWnZqb-nHpUd_b0wC37uN6uTd7R50W8fWBd-zWDUnqhWazEBZQjdZN4UHTBMbYe228NTpRwu9f6cVtwcn0cbc18cVnxnCeeNWUb4WJCWRbe-pU7aHynAeHFs7UcmpgMqgd4VqvkNC0EzEoBZ9RBY952OP26fwOs4oCvMKo_u-PYeR1dQYnQIvrEV1Ec6-fFm_is0j5C00oPNxakTAmi9ogOB0EXnb2_lwsa3bDp2LOYbJ48RG7h_JJ7UfyXHm4rOo9onuyb_QaMwgEEi0AjSKyzORw5pxX_ckiBmDvEVLc4wJfGCZhplDZ66sVYprVpXr8hyeQBQvT8T4YAWAB&adsafe_url=https%3A%2F%2Fja.projectunderstood.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fb94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fb94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:de7f8326-d6f9-ab17-4ace-efa252cdeb28,c:a31ThJ,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-5965999f9f-ms6zw,rg:jp,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,nbld:0,mtim:2,fm:t3gEw3B+11%7C12%7C131%7C132%7C133%7C134%7C135%7C141%7C1421%7C151%7C152%7C153%7C161%7C17*.743429-55636121%7C171%7C172,idMap:17*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:16,oid:674614f0-be50-11ec-90bb-dac5b56043dc,v:19.8.299,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNUML_uRTeCyTJ_nn9xXD60bPUjwFKRPCh_ITMUJiPhuU-8ZlTw&d=CnkAoCZ_4OOQVQbKgsJ9rcbPBo1WdnEPb6T6ckIuVunupyVSiOPVMJSY9XbAiyCGYCPeTkifDGWgas4QM_SDeJwrIR9BjfJDruKLPgsQufcmfAGFVhs9GxZ2FcVd0vdbN_Dn7Ziu9tyIkr-F1YghYZRkmRnhjhhyZt6nEpkUAKAmf-DRoFT1yf81VxusRM3Xlva268PQWtY-nHnrzGSttuK88U6_qwFI6_dn8wFuy3_Jmq87qiuvHngJS9RhsPf0KP8WN8Ts-EOfd5shBIRZj_VAGV-D-oXACfZgEmGD8OVHHu65R1bPgKn-mrdQhfKDCssxKtUwlXfebTLr0oRSZxC2Qhwm3__IliQOmeIDYIJdweI_AxWZ8emo2gTjeDuNvZ-qSuQmNSWiD_Or3RJVhCWsdXfqjKRx2YHn2UQhwZRB_Nh_OyOnHuhW6KbbC8FGiax4DsBz_3tzBWlFMW0a11g4DrwZ28baBXl4srWbY9o11fGP7pX8kRmQ_26IR8hhc3675gyevxGM9Dqx95pI2ogOvaEb0pXTp_uVaIiOUq81P6tNpJZSWMitTBKX2hUirUIAGmAV8fHJ1-SGz1mvd436_0bbqxC6r0ambQjup3dnJDcoJPxBzsoLrdd5rUA_DnIaYUhasPn8wURv0tN-ZodFVoddHhaOcaKEfrudgZB0bKuIBa9uVgeY0erZs2nCta7FzG_lxsKn__Pp21XYnCc4PR9xRH0lNNX5vZH6Lk5w1LHQ9KLWjMfYVk_8IAqibpHkb3sKXkcQJrSN5kmG0B-p8MVPrmG8jjuk4P8jFZ7dy4n6H5r6sNJ2BPJkNt9HgJR7FIonlbdwg_y9r2B5BK_yPCRPzWOj29ikzdisP6hMhcs3UaHE9yYyDE4RJeibEJZBLtYH2OY7ubZ1M70VoHPlfSY-7exIONdlgbcDvqfCvkfdINDEPi2HcE1FrxVYejPhatovcCtPOfsWTKxbObSbg29dI1rlUryPbRX3-tgnvgJOEeGChl0vDzjBdfuOn3hQh6xdb-TQMPPrswRwG7b2xK3yMW2T6ziBLgWtAgqcUGJISKMSYMTEa4eLXfsV7BYk7E8N5or3IrocCJtJJm2XBvMPypexNSGnzmq4vtlSexmMwyMd6PXgR1x4JdsjBHxhL3udJ5L48EUBUpUxVlsgXjvFE58QoFRE42O10Bv6SLdeVABNiTei2DFVN9XnDGE56mOGjprCHgWGODeq25n2_xaWUt6MK8b3VXgnsvNcEen1ED_m4YKBTYvvmVJqaOaOo7OOGlI7tN7siz2_Ui76kv3CCAzQuS0Dt9ZAePcJNgIPiZT3pFxspklIIZL0_o6gqQimtZuwvI2ITvhk26vEMc277KKynDQwvM6SX3Zp7wcIS3u23Sy8KsL5SSMElpZRxM5DAALHprwFKiCFuHcorovI3wvsI5sO37nA1B26YVGWDEi3Essm2horVNp0vTPm7JdfrzvCghzfXaibHwraoGVyjWZXT550YuMXddblmvZBo-SAx8ISOeBt9Jh9f_ZZX28NFsYdX22rRi85n7vUa7vOCsp5Wp6PMz--701PDqYpQUZMS8lcuetvOh8FSpy4Gz7W0Aj3eBfY3Z0qEhHqEOOdJdhHvee06U5R0hJMTAHMNc6KQryFRE-SJiCZOP24KbtAomAPZ_xsccJ8UY3EgwJKhl0YNfU86mBPmjDFnIV2e6hD6Kzra_GC5mkofXT9ebpPKiQ1jfYh_QOpvhHxMuAfXYpOfmHOmMJm4x6yYC2iqgE5PbYuAXOrGfrjKcq4Mz62vnzx7PkKrzSxe6-uzK1C95DL_fdQ0Cf2S8weG32JgHZ5q16aRasOZolxAwgVuewG2AgTFQTVKf3PzBQmr7tb807zGLGj2QpwmPFYRQYXV4t4aN8lWdo3zv9yQgtm9W3hD7cOuB8F96yZicFhfdbEAdI_12CDyous7TCWiUojcYEt32SviZzHCeZRiEcbKoQ7N7GTUU4v4W_ZyHeJZI6y-6fWnSuc6GUF0Ah2DOc25LQStikfJbcJiMclQwPRLaWoPNWNMTqMg6aEa-mpVbN-zAwV843nOASCizt-bM5Ut_WbvuXX2lLvhhglUUvz7CjkqhS6lo3X5GS2wTRcfFbo85vX84lJ3cpNYDlLtnpob3krAslkP-iAyqTlPnpHbs4-_pzK7rkrSFqBHdeNbm1sGAPf0jw-ORuLCh7TNfWpyLDj6rwQBYRBkrXTXmDDLDetkCw0vqfBdc4Jn15OtNLOvIjlBKRu3j0EFBOd7UgiOYASgLXEdcvXUhn-YRh3u67M72cdp1iUBunfAWm__a9tDPW9C_OXOCE2LO2v-RKirR5ZuqhcfqUvAebW3ObSlDtVFnRx85jjkUa6GYnZMJAQK_tCt33HKQU8uJTTFncyxRkHj9bBVzyV0GBCGtO_j2sFpfoVe_3FBACN31ISoH9LXvh2kqUd-w59sOQKYvLijbhZ8bn4cBINtXDwPBSpbcATKAm8TUrrP_e7j5hauawGCHN2kULeVuhJ0m8oV6Yz7v5-gEcP_JTDMx9cUTc8uW7M6c-CHvTY4ulz_7yJFYtfHo5cDsozQHt_4uKrL-7Crci4YOUOiv7xHGJl5FAn0nPmEJwJK4-Gx64jJ8PYEawwrTlG8mZc-VbkPmFtj_QmeibtxyDS89qB7hMZL8o-TBUCjbBOCw2kgM6Pstr_aCCNJJhxx4O0wGndCg6rqHfWX7v8UVcMUV9d7eDUJqYj3-j2IS17CG-lHn70DIfJw_mFpinq9q3WmyOU_OUsftskRLiW0Qcj96z1uuu_UzTBwhsomDLW0LhP2qcGofnA2q8ZKSvLdJ0n1hSJDoNPImrgFMSD3vLIVSYaGGIEzPbR6SDOsnmuXyJ96zV1sq380EnBnysSIWxwg-OxDMnOcOWHxkP9q7m4Bc77VPLoioje3SHVnppKkK5DJextY-9A88j74h-wXfY7Ucp-s8nQGCseW56TelQBW1U-AoBAy2haWy9IDYkmFXkDPxN1p_7DDsUMnXrTLRLvV-DSbLsbECvSbLZ6F5okdR2c8hQCLeLqMADri9lG7gBFYzrRVfnmQepQEczSApA4PBcGWaXG0hcgFYGpf-EpKBgaR26LPfLopdRNFdE2ZrN7yhZLGzOvk0bozBw4bTtIe9pMs42hUfi7ztjE-WbPxXK2O-2_NPIRkpssh6plB2PA_p36nz0Rvln-serrDz59uaeh97L8zGPBpDH1XoR1TX78AWp8_pRM0jc0OtqERALtLWr8YrED46AYqKI-TE_Ew49X6XLF3V8piQGvyAWNEU6nU7ntDccSqeqVklLAXODRZF1Ks6RWnZqb-nHpUd_b0wC37uN6uTd7R50W8fWBd-zWDUnqhWazEBZQjdZN4UHTBMbYe228NTpRwu9f6cVtwcn0cbc18cVnxnCeeNWUb4WJCWRbe-pU7aHynAeHFs7UcmpgMqgd4VqvkNC0EzEoBZ9RBY952OP26fwOs4oCvMKo_u-PYeR1dQYnQIvrEV1Ec6-fFm_is0j5C00oPNxakTAmi9ogOB0EXnb2_lwsa3bDp2LOYbJ48RG7h_JJ7UfyXHm4rOo9onuyb_QaMwgEEi0AjSKyzORw5pxX_ckiBmDvEVLc4wJfGCZhplDZ66sVYprVpXr8hyeQBQvT8T4YAWAB

Request Chain 244

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fja.projectunderstood.com%2F&domain=ja.projectunderstood.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=peSyxXxOdG03NGlWVzJuUGJvc3ovaDZad0tUQ3NYTmVFRTRSdEdLUW4yb2dIRmsvN05mdGNnV1JtMmtBaERyU1RhdEtzYmEwSUZMVnQ3US9aSjgrMGxXRHhpRk9hRVVYb3NjZTZ3MWpmQjhDNnNZYjhlZHlGblNMdTZxdCtiZG9Scy9HLzg1ckFaeWlXbnNSSmgxVzB3ajBFS3VzOHhlZTVXaERVV0trYVdFbGdxUUJ5S1ppODVGaDQ4UTFXUW12UzZJYjRQbVI0U2QvSUQ4M3FPY0h5eWUraGFxYmJIeFVQN0dFem9jdEVqVno3SFFCVHc4d0lYVytsZjVDcmtSQlZCYmZYfA&cppv=2

Request Chain 273

https://rr4---sn-oguesn6s.googlevideo.com/videoplayback?expire=1650230109&ei=3RJcYqGPIpiw2roPsaWauAw&ip=31.204.145.169&id=013489628b3c9a82&itag=22&source=youtube&requiressl=yes&mh=dy&mm=31&mn=sn-oguesn6s&ms=au&mv=u&mvi=4&pl=24&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=15.116&lmt=1649811104694203&mt=1650200509&txp=5432434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIgGdUhhnVJDuEkXQ-XmYEFieaPgxJvM45_q1BlHUjdBTICIQCSTZ8WRExfFV5qh70zOzsW0oAO9kaYx7u2TOCR9PC8cg==&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAJTTsGwKAWYlQ7wvii6Hx1US_Xwmn8pYv-O5yYhybUPkAiEA30qvZD9y3libqoyoo_RV76sxWLG6_QJ9wEuoTD-O8B8=&cpn=RaB3defASwRYcuF1 HTTP 302
https://rr4---sn-oguesn6s.googlevideo.com/videoplayback?expire=1650230109&ei=3RJcYqGPIpiw2roPsaWauAw&ip=31.204.145.169&id=013489628b3c9a82&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=15.116&lmt=1649811104694203&txp=5432434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIgGdUhhnVJDuEkXQ-XmYEFieaPgxJvM45_q1BlHUjdBTICIQCSTZ8WRExfFV5qh70zOzsW0oAO9kaYx7u2TOCR9PC8cg==&cpn=RaB3defASwRYcuF1&redirect_counter=1&rm=sn-ogue7d7z&req_id=5d8f4aaee2d36e2&cms_redirect=yes&cmsv=e&ipbypass=yes&mh=dy&mip=2a00:1633:128:4::3&mm=31&mn=sn-oguesn6s&ms=au&mt=1650201186&mv=m&mvi=4&pl=32&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAJgGzjzrjvjcV01qwRbKJQJRbAWvp_qIkHqZrf6bExReAiEA2vkJ-6MZbzOKbxZA_-Jgd3kSETcUI63DNJ2IjrfJI3g%3D

339 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10 Show response
ja.projectunderstood.com/ 29 KB
7 KB 526ms
485ms Document
text/html 2606:4700:3031::6815:3e65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ja.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:3e65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.1.5
Resource Hash: e20b08b2e91591365ef36d26feef47c5e0b555fee4579a4b7bbd5605147e1064

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 6fd56d65bf292098-NRT
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 17 Apr 2022 13:15:04 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iY0dJI%2Bqmg%2B3a7kCqLF1bgWoPnCLtmeiw09gCbO2T6pZD%2FEhUG6jETEeZXiTmqyAeo3ioA4vtEnXZHZKKL3xvrR6hfg3H0dh5tRTDTFtEUkAQMAC8T51rqQqfBWIhzcu192D75NEc35xtavhzNMGqxqB5PeEKlQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/8.1.5

GET
H2 200 brmsl_19102402.js Show response
cdn.zx-adnet.com/adx/ 145 KB
19 KB 305ms
91ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/adx/brmsl_19102402.js

Requested by

Host: ja.projectunderstood.com
URL: https://ja.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ae8b4d7614935d2a950ea3ce9f770e3b4f96c509d8475d31edf0d8a5d25152bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Sat, 16 Apr 2022 12:32:22 GMT
x-timer: S1650201305.691386,VS0,VE89
etag: "479707784f2c61268172d3d14a3d95b40ac52053d50217581873cad9d805775b-br"
x-served-by: cache-nrt18327-NRT
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600,public
date: Sun, 17 Apr 2022 13:15:04 GMT
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive
content-length: 19681
x-cache-hits: 0

GET
H2 200 / Show response
net17.biz/ 19 KB
19 KB 702ms
232ms Script
application/javascript 188.166.135.13
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://net17.biz/?pu=hbsggmjrge5ha3ddf4ztkobw

Requested by

Host: ja.projectunderstood.com
URL: https://ja.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.135.13 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

34db9d642bf98c0780595b19851624dc0ad8bf94394265877f623fee6259fc63

Security Headers

Name	Value
Content-Security-Policy	img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 17 Apr 2022 13:15:05 GMT
server: nginx
content-security-policy: img-src https: data:; upgrade-insecure-requests
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=UTF-8

GET
H2 200 wp-emoji-release.min.js Show response
projectunderstood.com/wp-content/themes/basic/js/ 14 KB
5 KB 11ms
10ms Script
application/javascript 2606:4700:3031::6815:3e65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://projectunderstood.com/wp-content/themes/basic/js/wp-emoji-release.min.js
Requested by: Host: ja.projectunderstood.com
URL: https://ja.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:3e65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:15:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2528
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 28 Sep 2020 14:38:00 GMT
server: cloudflare
etag: W/"37a6-5b0609cf1e200"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gmix9wL7PaFsRezMfQPCZkG7DW%2FNLf4IqjKUZ6vMhsmP43UQOzm7sO3%2FqGLtAYNYaDuLG8Ixu%2B4uWSacu3Od1ZZNNEBR%2FxNmpALBEIWDVwV%2BVc%2F2aVZ%2FNCVnT5ut6do5I72pFd%2FnmF%2BKzZGF9eom9a%2F6Sd8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 6fd56d693c662098-NRT

GET
H2 200 style.min.css
projectunderstood.com/wp-content/themes/basic/css/ 59 KB
9 KB 20ms
14ms Stylesheet
text/css 2606:4700:3031::6815:3e65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://projectunderstood.com/wp-content/themes/basic/css/style.min.css
Requested by: Host: ja.projectunderstood.com
URL: https://ja.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:3e65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94f2f09efe1f39eb579729aad1ef06f35cdc4376c9c3ce45316fc735c4ad2e05

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:15:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 79
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 02 Oct 2020 15:57:00 GMT
server: cloudflare
etag: W/"ebfa-5b0b22ed60b00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qRbuOY%2Fj8BWYKicVH1FRKU21Jm%2FsJcG2K4M6XkpIs%2BhrXoIOQuAXXJYJ9MrDx5hR7GumIjzhMdh75MjK8qH%2F6gSYuQrMtVo68eF4DGU4rRvPtuXoMYxjs8lYhRaX91hJUyN%2FPoD6l25UIwkIrsquD6j7cVc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 6fd56d68fc232098-NRT

GET
H2 200 css.css
projectunderstood.com/wp-content/themes/basic/css/ 10 KB
1 KB 22ms
16ms Stylesheet
text/css 2606:4700:3031::6815:3e65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://projectunderstood.com/wp-content/themes/basic/css/css.css
Requested by: Host: ja.projectunderstood.com
URL: https://ja.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:3e65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6a1d72ce09ab03a2e8085c37683f627e0242d1549f5c413730edd75486a85e3

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:15:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5673
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 02 Oct 2020 15:56:00 GMT
server: cloudflare
etag: W/"2942-5b0b22b428400"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cW4XiOw3B6GZesgaTRT6pvujcQ7nL5ZmjprG303IacVbYNRan6zk7y031Llpgnss2KfAwtoeCfiC2QInE9EG2sH5PjUDqLi8fNAdKp5PA0qA5VXUa62g%2FHdVvUmBMbD8WHS5bE5eePaL6xG1b%2FSomtjzvg4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 6fd56d68fc252098-NRT

GET
H2 200 style.css
projectunderstood.com/wp-content/themes/basic/css/ 56 KB
26 KB 17ms
11ms Stylesheet
text/css 2606:4700:3031::6815:3e65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://projectunderstood.com/wp-content/themes/basic/css/style.css
Requested by: Host: ja.projectunderstood.com
URL: https://ja.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:3e65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfc3639783b53cb6fac8067a01bef53d2f1d98eb83089c2ef7f1805a8a360521

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:15:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5673
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 28 Sep 2020 15:14:00 GMT
server: cloudflare
etag: W/"dfd3-5b0611db0de00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cp0wmhFPDuFossjq%2B%2F5AF2AvrlhGQysYKO4hjs1nMG%2BO652yWoUpbxYT75elBp67k%2BeKGrZiV2AqnMKCLxu%2BmMeHRgKgD3FVRlrXFgQKBMKVoLFCJRbGDV4UM1%2BQPQrjT13IoZCH1TF77wihprVipzphzT0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 6fd56d68fc262098-NRT

GET
H2 200 jquery.js Show response
projectunderstood.com/wp-content/themes/basic/js/ 95 KB
34 KB 22ms
17ms Script
application/javascript 2606:4700:3031::6815:3e65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://projectunderstood.com/wp-content/themes/basic/js/jquery.js
Requested by: Host: ja.projectunderstood.com
URL: https://ja.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:3e65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:15:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 541
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 28 Sep 2020 14:38:00 GMT
server: cloudflare
etag: W/"17a69-5b0609cf1e200"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PUjv5uBxm9hPbJApP2qJwSUL8KRJ7tXRLBFRtJWm6uSxDMKlisBPuvYpEWGC1FFxQxDdlP9a2l0DyVTGekqPf42IbU3pWmfaXaT4x8AEOW%2FvtDuS1U5j2UDHpQaBddLg1IvUBo%2BCkBMv1DjjoYAw1v%2FAq2w%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 6fd56d68fc272098-NRT

GET
H2 200 plugin.min.js Show response
get.optad360.io/sf/1dfd585c-f546-4b07-a88b-b1ae5aa10171/ 272 KB
58 KB 97ms
8ms Script
application/javascript 2600:9000:221a:ca00:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/1dfd585c-f546-4b07-a88b-b1ae5aa10171/plugin.min.js
Requested by: Host: ja.projectunderstood.com
URL: https://ja.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:221a:ca00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2140806c6263b5b322eaba870045087b1d5b14c5ac188704d24ac4a77daa4e56

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 12:41:20 GMT
content-encoding: gzip
last-modified: Fri, 04 Mar 2022 10:54:47 GMT
server: AmazonS3
age: 2025
etag: W/"eaf9ff49bb6e1c2755d5df14e8d778ab"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 2bbc1f6dd26fc38478c686763c4fd1c8.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-amz-cf-pop: NRT57-P2
x-amz-cf-id: X75-WbMBbR1bf3eaHDbDlCIsBM1QwMi5xGkRabIwWxpbUemKOa0AJA==

GET
H2 200 btsjsp9k4k.jpg
uploads.projectunderstood.com/wp-content/uploads/guides/744/ 40 KB
41 KB 686ms
681ms Image
image/jpeg 2606:4700:3031::6815:3e65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.projectunderstood.com/wp-content/uploads/guides/744/btsjsp9k4k.jpg
Requested by: Host: ja.projectunderstood.com
URL: https://ja.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:3e65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ae6e5775130b64d110001cf19fb259b3ae69290b8f78f90e6e976bbde293759

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:15:05 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 41397
last-modified: Thu, 29 Oct 2020 17:21:04 GMT
server: cloudflare
etag: "a1b5-5b2d281328000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K0JtcIADlZQqEx8r2wctghNY3FhbBPy72cOoDSjJ5Q%2BMw22rgfXq6XP0O5PNMGk1pjFy7k3S3PPl%2F9G0j68phAF8Fe33EqEmjikLSBBKw88pOTJ5hZAAemLR0G5ko8eAdbpTfATFSI438CX76ikFxqFcgtPe1eQ8RjetBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6fd56d693c6e2098-NRT

GET
H2 200 cookies_gdpr.js Show response
cdn.zx-adnet.com/consent/ 26 KB
7 KB 238ms
63ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/consent/cookies_gdpr.js?0.6177424799483171

Requested by

Host: ja.projectunderstood.com
URL: https://ja.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1afb7470999e7042ed6d937973232a0116a8b2967c936cc37aff91be89435558

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Sat, 16 Apr 2022 12:32:22 GMT
x-timer: S1650201305.691532,VS0,VE61
etag: "136bfff1f290532cc0074a184a93a41336eb53dcdba45e16d34e03a106c160eb-br"
x-served-by: cache-nrt18327-NRT
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
cache-control: no-cache
date: Sun, 17 Apr 2022 13:15:04 GMT
accept-ranges: bytes
x-cache-hits: 0

GET
H3 200 EJRSQgYoZZY2vCFuvAnt66qSVys.woff2
projectunderstood.com/wp-content/themes/basic/css/ 29 KB
29 KB 17ms
9ms Font
application/octet-stream 2606:4700:3031::6815:3e65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://projectunderstood.com/wp-content/themes/basic/css/EJRSQgYoZZY2vCFuvAnt66qSVys.woff2
Requested by: Host: projectunderstood.com
URL: https://projectunderstood.com/wp-content/themes/basic/css/css.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:3e65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e548abcd8734bfcf8b4ebbbca1af98f9e8ae1e0ff884c0971f29498a4fc108f4

Request headers

Referer: https://projectunderstood.com/wp-content/themes/basic/css/css.css
Origin: https://ja.projectunderstood.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:15:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4230
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29400
last-modified: Mon, 28 Sep 2020 14:38:00 GMT
server: cloudflare
etag: "72d8-5b0609cf1e200"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ehZz%2FewJbZQIXvomd5TwkK4IWdre6j7q4cDa8pF4BqLZT8RLYp7uH79YBFLJH48GGRRh0wy9GHP7D9s31UQUDGETWOh%2F1N8ZpBtgies1RS671yqWfujsdnRtHsNfJFJUF0X5Id5iJANF60vE5qDvInHc38c%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6fd56d6949311d9b-NRT

GET
H3 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
projectunderstood.com/wp-content/themes/basic/css/ 15 KB
15 KB 19ms
11ms Font
application/octet-stream 2606:4700:3031::6815:3e65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://projectunderstood.com/wp-content/themes/basic/css/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
Requested by: Host: projectunderstood.com
URL: https://projectunderstood.com/wp-content/themes/basic/css/css.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:3e65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b

Request headers

Referer: https://projectunderstood.com/wp-content/themes/basic/css/css.css
Origin: https://ja.projectunderstood.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:15:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4230
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15056
last-modified: Mon, 28 Sep 2020 14:38:00 GMT
server: cloudflare
etag: "3ad0-5b0609cf1e200"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ofWXvfpmJeKFcL%2F0jGYdLi5o%2FoXcgLFIKu2ltdQMkFL9aIY%2Fmat8eFA4tKOKbscGyQDBEcuDrhw0LcnOfxbxHqktmXCKsL%2FqV%2B2vr15AnB9v9JBFd5OGLHpnMLlNsA6sCV2NJ0oIVWXv%2F5iNu4Gr%2BdUN7Ag%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6fd56d6949331d9b-NRT

GET
H3 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
projectunderstood.com/wp-content/themes/basic/css/ 14 KB
15 KB 15ms
9ms Font
application/octet-stream 2606:4700:3031::6815:3e65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://projectunderstood.com/wp-content/themes/basic/css/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by: Host: projectunderstood.com
URL: https://projectunderstood.com/wp-content/themes/basic/css/css.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:3e65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52

Request headers

Referer: https://projectunderstood.com/wp-content/themes/basic/css/css.css
Origin: https://ja.projectunderstood.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:15:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6133
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14380
last-modified: Mon, 28 Sep 2020 14:38:00 GMT
server: cloudflare
etag: "382c-5b0609cf1e200"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kep6XcLx4kf%2BjBgZSce6hz2Qlqx8nwX8WX6aHoeCvgqaFXxYnCwQ1a%2BpEzQ1gDcXFdU0ZOIykOiysaZDg7MIi7LqRYgnuMrutiCVU70wKjBiLSLzExdSyC7U4g7Zai7EpPRjoNe0gV38Q0qQzWTWhXgRjlA%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6fd56d69392c1d9b-NRT

GET
H2 200 nv4s40r0xm-1.jpg
uploads.projectunderstood.com/wp-content/uploads/guides/434/ 302 KB
302 KB 13ms
12ms Image
image/jpeg 2606:4700:3031::6815:3e65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.projectunderstood.com/wp-content/uploads/guides/434/nv4s40r0xm-1.jpg
Requested by: Host: ja.projectunderstood.com
URL: https://ja.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:3e65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b3ca6b0bc3bc0396cc901c153b24f2a82ffd935b0c989c1cff0b92917ecb474

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:15:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1427
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 308903
last-modified: Thu, 29 Oct 2020 17:15:38 GMT
server: cloudflare
etag: "4b6a7-5b2d26dc42280"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qOvGhkmmtTezMbtk9ZE3oCzsCoxvt9qEUAgT2Su%2BJtlhf5ObSEWqrjrmHSVW7rd5vTieenh%2BrWD612Jo62ChRB6HVKzB8mBF3nmFapqjHXIWA%2F5EOKMKKAaI4PKFrFii7MtvDiUP0G%2F3Oc%2F4mkg2iukuj19l85e7X6gYQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6fd56d6a5e2a2098-NRT

GET
H2 200 btsjsp9k4k-1.jpg
uploads.projectunderstood.com/wp-content/uploads/guides/744/ 97 KB
98 KB 906ms
906ms Image
image/jpeg 2606:4700:3031::6815:3e65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.projectunderstood.com/wp-content/uploads/guides/744/btsjsp9k4k-1.jpg
Requested by: Host: ja.projectunderstood.com
URL: https://ja.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:3e65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13780742f544d5d136da716398121d110a8f4b0cb7c8cd35b4d22bfe95ed2f91

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:15:05 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 99510
last-modified: Thu, 29 Oct 2020 17:21:04 GMT
server: cloudflare
etag: "184b6-5b2d281328000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oXxNSNKb%2BW83B5bcf65SNB2A9rGQYsccrOKbf2xEOhPh5k6Cik8CjMvZLtwHFVjEd4y2g1VVs7h95A0QPaqDXM%2BcVlEJqzyda3k9PiAjUWNQ%2FjoPVRjnUVXMoIg7dC%2BfSh%2FclPuko6IZPYR83my%2Br0OkXfgaa%2FN65xPDdA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6fd56d6a5e2d2098-NRT

GET
H2 200 btsjsp9k4k-2.jpg
uploads.projectunderstood.com/wp-content/uploads/guides/744/ 44 KB
44 KB 478ms
478ms Image
image/jpeg 2606:4700:3031::6815:3e65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.projectunderstood.com/wp-content/uploads/guides/744/btsjsp9k4k-2.jpg
Requested by: Host: ja.projectunderstood.com
URL: https://ja.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:3e65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1389cd87bf26d7bc2b3c88abf5f9e8055624fca01dd40aa59601fa26ead3639c

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:15:05 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44890
last-modified: Thu, 29 Oct 2020 17:21:04 GMT
server: cloudflare
etag: "af5a-5b2d281328000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rxOyQ7AWHKu8119MkMUO5m4WbrNQxc%2BfEYMAPP%2B9OrvadNf%2FdPYICr%2FDky59HxYPfqoSNOJMFIhZ%2FenlSdwRxkCd4ofmIqMLWUiddivqh6wJq6qLL9WrZiX1YWMEBiTeGS8dr8GTG77MMk7pH58Q9Km05A4updKAyzlxxA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6fd56d6a5e2e2098-NRT

GET
H2 200 btsjsp9k4k-3.jpg
uploads.projectunderstood.com/wp-content/uploads/guides/744/ 40 KB
40 KB 690ms
689ms Image
image/jpeg 2606:4700:3031::6815:3e65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.projectunderstood.com/wp-content/uploads/guides/744/btsjsp9k4k-3.jpg
Requested by: Host: ja.projectunderstood.com
URL: https://ja.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:3e65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f19a9974de1590b92a1faa3d44e98219e9c4888b20efc59bf51bd557f21a47dc

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:15:05 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 40967
last-modified: Thu, 29 Oct 2020 17:21:04 GMT
server: cloudflare
etag: "a007-5b2d281328000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vVjV8H8%2BAMncjpYQf%2BzN5rpDM31UoICWktxj1UNeDfZi4FHwH3uk1kppXdXaRI8TeRitdR00avNbuD1hf9bPTTC9ABp6gN3JwHNqB56tpoKN6EerE2qhjdgygFT2FxsY2%2FhpcMe69QjlsQHjvCzuMQWwRWBT2cTLfFXU8w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6fd56d6a5e2f2098-NRT

GET
H3 200 mem6YaGs126MiZpBA-UFUK0Zdc0.woff2
projectunderstood.com/wp-content/themes/basic/css/ 13 KB
14 KB 13ms
13ms Font
application/octet-stream 2606:4700:3031::6815:3e65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://projectunderstood.com/wp-content/themes/basic/css/mem6YaGs126MiZpBA-UFUK0Zdc0.woff2
Requested by: Host: projectunderstood.com
URL: https://projectunderstood.com/wp-content/themes/basic/css/css.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:3e65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da407a15b1ea0c1b4bb774bd77bb608d6b1c90397b5a75b8895bbccfda5feb63

Request headers

Referer: https://projectunderstood.com/wp-content/themes/basic/css/css.css
Origin: https://ja.projectunderstood.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:15:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4230
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13780
last-modified: Mon, 28 Sep 2020 14:38:00 GMT
server: cloudflare
etag: "35d4-5b0609cf1e200"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q4%2F6HI7toYFlKkjTDxp%2Bgk7%2FgDIPFeqj48hDQfNQQaJluxLeOBKpDH2nBg4haKgS%2BnTY0oHshJ8gYtoA5LF7bMNRZM9sEbdRiBMYa7zhYq608lobraqJ2e66z1%2FuBU8XhE7soaLZVwEr5rVqRKMZ%2F0pfeNQ%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6fd56d6a5ab41d9b-NRT

GET
H3 200 functions.js Show response
projectunderstood.com/wp-content/themes/basic/js/ 1 KB
1 KB 18ms
17ms Script
application/javascript 2606:4700:3031::6815:3e65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://projectunderstood.com/wp-content/themes/basic/js/functions.js
Requested by: Host: ja.projectunderstood.com
URL: https://ja.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:3e65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee5d738d637e6ae6e5f7683fa41aadc91e1b9ff9e722d474f2192c66dc955925

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:15:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4837
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 28 Sep 2020 14:38:00 GMT
server: cloudflare
etag: W/"52b-5b0609cf1e200"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q3YXXLj8Caw7T36ZEXfDOks%2Fx2KD3MohAhgBHEfo%2FboIHu6AUTJFLUcgUK147y7uaeCH%2FjVDMH4tHEzA8azFjTFJvQLqu2hOZ76tqOOP6UUNo0fvaJo9RoBH8RzceCbP%2FG6hwsXFx6S6NMqjq1HckfdxOmc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 6fd56d6a9fc4f8c3-NRT

GET
H3 200 wp-embed.min.js Show response
projectunderstood.com/wp-content/themes/basic/js/ 1 KB
1 KB 18ms
17ms Script
application/javascript 2606:4700:3031::6815:3e65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://projectunderstood.com/wp-content/themes/basic/js/wp-embed.min.js
Requested by: Host: ja.projectunderstood.com
URL: https://ja.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:3e65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:15:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4837
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 28 Sep 2020 14:38:00 GMT
server: cloudflare
etag: W/"59a-5b0609cf1e200"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cbj9rNVy7c9YLBmTM0hjDWvSTigQ0w7pLt4joZpsBasb1dM7ICPODVHbX%2FHoT%2BRdMaodcPXt3g3K59lSYQbK5vfmgxp5X%2BRt%2BBGCh2bX%2FCTEJzfusti2twZmvC05fAOWgBpetU9ppOGrvPBncAvsRSnYa4c%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 6fd56d6a9fc6f8c3-NRT

GET
H3 200 lazysizes.min.js Show response
projectunderstood.com/wp-content/themes/basic/js/ 7 KB
4 KB 18ms
18ms Script
application/javascript 2606:4700:3031::6815:3e65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://projectunderstood.com/wp-content/themes/basic/js/lazysizes.min.js
Requested by: Host: ja.projectunderstood.com
URL: https://ja.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:3e65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1245c1a072bf0abcdebec57d0cbcd07268ebbfb0f67a0a30d8221a786c0537cb

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:15:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4837
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 18 Feb 2020 22:00:00 GMT
server: cloudflare
etag: W/"1a80-59ee0cb0c5800"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xu71idLs9p0qlz2T6UKltg7ikEOcWpJKolawrf3iqtXUhV5aGyd%2Bp%2FZKX3uwoX0Q%2BHNbOxRbxwkKVPtOMpe9Hett2vWdfFYf6VM%2BlT0Zv0eqWwjOdkGgKiRU1GUx2XTcMe6ZSkDW%2B3tslYcE0l2h87W%2BxmE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 6fd56d6a9fc7f8c3-NRT

GET
DATA 200
OK truncated
/ 19 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ae2b3292ce4d22938259dd7e2d411ef3e498276837fbcc0475af40237b608f1f

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//ja.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10;0.7012257754607416
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//ja.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10;0.7012257754607416

43 B
528 B

223ms
223ms

Image
image/gif

88.212.201.198
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//ja.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10;0.7012257754607416

Requested by

Host: ja.projectunderstood.com
URL: https://ja.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10

Protocol

HTTP/1.1

Server

88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host198.rax.ru

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 17 Apr 2022 13:15:05 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 16 Apr 2021 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 17 Apr 2022 13:15:05 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//ja.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10;0.7012257754607416
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Fri, 16 Apr 2021 21:00:00 GMT

GET
H2 200 mr.js Show response
storage.googleapis.com/s2t-images/ 23 KB
5 KB 252ms
211ms Script
application/javascript 2404:6800:4004:80c::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/s2t-images/mr.js?0.6489763389024121
Requested by: Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/brmsl_19102402.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:80c::2010 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 2a379cf63567796698d75a04f4f49c11fbf652effd3b69b3666c45c77789c56c

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:15:04 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycds_7y0hPUrmtuqYeFGr79K0rum-seHL7CHXGM45RHtBHDC4eSKeoyv-cv-P3BOWf03muEnIBAHIy7Oz9mqMSnuf_g
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4449
last-modified: Sat, 16 Apr 2022 23:20:11 GMT
server: UploadServer
etag: "115f5664d494ea5e45aad8061e45949d"
vary: Accept-Encoding
x-goog-hash: crc32c=1nfj4g==, md5=EV9WZNSU6l5FqtgGHkWUnQ==
x-goog-generation: 1650151211301502
cache-control: public, max-age=31536000
x-goog-stored-content-length: 4449
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 17 Apr 2023 13:15:04 GMT

GET
H2 200 abs.js Show response
cdn.zx-adnet.com/adx/ 220 B
221 B 70ms
70ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/adx/abs.js?0.9291208169658036

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/brmsl_19102402.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a2862c9e532e9e51ea7ca8d7c96bb602a74e31396f9c5be127dbea7c5adfc227

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Sat, 16 Apr 2022 12:32:22 GMT
x-timer: S1650201305.791428,VS0,VE68
etag: "5fef2687ef3b38d2357073d43abb64a2f46b34fce9295b7d515ee95b7d79cfdb-br"
x-served-by: cache-nrt18327-NRT
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600,public
date: Sun, 17 Apr 2022 13:15:04 GMT
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive
content-length: 107
x-cache-hits: 0

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 83 KB
28 KB 191ms
60ms Script
text/javascript 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/1dfd585c-f546-4b07-a88b-b1ae5aa10171/plugin.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

sffe /

Resource Hash

60d3b0d8ced9e24b838db560f1cf699d4344b568d322d818c0737b4fb628b712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:15:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28547
x-xss-protection: 0
server: sffe
etag: "1189 / 746 of 1000 / last-modified: 1650060514"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 17 Apr 2022 13:15:04 GMT

GET
H2 200 prebid6.8.0.js Show response
get.optad360.io/sf/ 531 KB
161 KB 3ms
3ms Script
application/javascript 2600:9000:221a:ca00:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/prebid6.8.0.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/1dfd585c-f546-4b07-a88b-b1ae5aa10171/plugin.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:221a:ca00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3fd0bd77b89c9e7157ed89c4d81bfe4fa9cc69e8f4f58243c8d639a13084f3e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 15:19:02 GMT
content-encoding: gzip
last-modified: Wed, 26 Jan 2022 13:40:09 GMT
server: AmazonS3
age: 1202163
etag: W/"a85e74cc3da05463c070cca455a2a88f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 2bbc1f6dd26fc38478c686763c4fd1c8.cloudfront.net (CloudFront)
cache-control: public, max-age=360000000
x-amz-cf-pop: NRT57-P2
x-amz-cf-id: cT7RKQpMZt-TsNU7McDZazt8Y6bmOgdSdWG-B0D2lGsy3MU9oXJefA==

GET
H2 200 embed.php Show response
video.onnetwork.tv/ 81 KB
17 KB 1064ms
273ms Script
text/javascript 5.196.106.241
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://video.onnetwork.tv/embed.php?ext=optad

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/1dfd585c-f546-4b07-a88b-b1ae5aa10171/plugin.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

5.196.106.241 , France, ASN16276 (OVH, FR),

Reverse DNS

vh11a.eris-p.of.pl

Software

XO.webservant /

Resource Hash

7b5fdb4148956c8a53cabb926d87d2e55863ed4e921eb2f5137ef84d759a2e16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sun, 17 Apr 2022 13:15:04 GMT
server: XO.webservant
date: Sun, 17 Apr 2022 13:15:05 GMT
vary: Accept-Encoding
p3p: CP="ALL CAO DSP COR IVD IVA PSD PSA TEL TAI CUS ADM CUR CON SAM OUR IND"
cache-control: no-store, no-cache, must-revalidate, post-check=1, pre-check=1
feature-policy: fullscreen *; autoplay;
content-type: text/javascript;charset=utf-8
expires: Sun, 17 Apr 2022 13:15:04 GMT

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 34ms
10ms XHR
application/json 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220417

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.8.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c21222904362990f47c97e01a9850dbc4f74baa9b9516367767aaabf73b75c54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ja.projectunderstood.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 17 Apr 2022 13:15:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 36845
x-jsd-version: 1.0.1313
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19169-FRA, cache-iad-kiad7000078-IAD
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"66a-qPm7/JXO8ajCeIWUKbw34cMG2OU"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NeXYUWvQx1VepZRkoum12g5%2F3GhteDCq1e%2FAuh5axQz5i72vvvHMFmBPfyUdiG48KQOwXZMkQeG7jkvvlajYy6VkLuNx9t%2F41gQHLrSw1vCoqVLoWeEP9lOIdFOMexspCtLbuwX9sOyTNL0O%2Fjk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6fd56d6b6abbf8fb-NRT
access-control-expose-headers: *

GET
H2 200 checkabuse Show response
cdn.zx-adnet.com/ 56 B
373 B 228ms
228ms Script
text/html 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/checkabuse?surl=https%3A%2F%2Fja.projectunderstood.com%2F744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/abs.js?0.9291208169658036

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

8601386271d3ba06c1135a092613135c5da90b3732a8196e4761faf4b1afdc69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: gzip
etag: W/"38-qno2VtKrKGrEkeWyGeNb55UMVvo"
x-cache: MISS
content-length: 65
x-served-by: cache-nrt18327-NRT
server: Google Frontend
x-timer: S1650201305.862963,VS0,VE225
date: Sun, 17 Apr 2022 13:15:05 GMT
vary: cookie,need-authorization, x-fh-requested-host, accept-encoding
content-type: text/html; charset=utf-8
x-cloud-trace-context: f75f594ded6b3d1954893adb4f4347a6
cache-control: max-age=3600,public
function-execution-id: 9jzq6wdsadi1
accept-ranges: bytes
x-orig-accept-language: jp-JP,jp;q=0.9
x-country-code: JP
x-cache-hits: 0

GET
H3 200 pubads_impl_2022041301.js Show response
securepubads.g.doubleclick.net/gpt/ 362 KB
123 KB 40ms
3ms Script
text/javascript 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067132

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

sffe /

Resource Hash

638d2f5ba5cf501a58131a42efe30aa2c2154904b0654a517cce4baeef308022

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 08:24:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 190229
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125956
x-xss-protection: 0
last-modified: Wed, 13 Apr 2022 08:34:59 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 15 Apr 2023 08:24:36 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 90 B
107 B 76ms
40ms XHR
application/json 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ja.projectunderstood.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

cafe /

Resource Hash

e3db21888e5a0a6181fc003441d73eb2a86c4e3309b588015dc7efc3d0c69827

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 17 Apr 2022 13:15:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 82
x-xss-protection: 0
expires: Sun, 17 Apr 2022 13:15:05 GMT

GET
H2 200 gw_251221.js Show response
site2text-2021.web.app/ 0
357 B 607ms
415ms Script
text/html 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://site2text-2021.web.app/gw_251221.js?0.5034875813315496

Requested by

Host: storage.googleapis.com
URL: https://storage.googleapis.com/s2t-images/mr.js?0.6489763389024121

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
x-cache: MISS
content-length: 0
x-served-by: cache-qpg1228-QPG
server: Google Frontend
x-timer: S1650201305.283067,VS0,VE322
date: Sun, 17 Apr 2022 13:15:05 GMT
vary: cookie,need-authorization, x-fh-requested-host, accept-encoding
content-type: text/html
x-cloud-trace-context: e76d246fbd6d8b781a29c95e320d2697
cache-control: private
function-execution-id: vz80g5vhdyj2
accept-ranges: bytes
x-orig-accept-language: jp-JP,jp;q=0.9
x-country-code: JP
x-cache-hits: 0

GET
H2 200 integrator.js Show response
adservice.google.co.jp/adsid/ 107 B
792 B 148ms
37ms Script
application/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.jp/adsid/integrator.js?domain=ja.projectunderstood.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067132

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 17 Apr 2022 13:15:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 149ms
38ms Script
application/javascript 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ja.projectunderstood.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067132

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 17 Apr 2022 13:15:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 120 KB
32 KB 2249ms
2249ms XHR
text/plain 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2080821974703768&correlator=2593620079015632&eid=31064835%2C31065803%2C31067132%2C31065401&output=ldjh&gdfp_req=1&vrg=2022041301&ptt=17&impl=fif&iu_parts=121764058%3A22563361973%2Cprojectunderstood.com_o3b_display_inter_o3b&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=1701249732&sfv=1-0-38&ecs=20220417&ists=1&fas=8&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1650201305119&lmt=1650201305&dlt=1650201304458&idt=617&biw=1600&bih=1200&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fja.projectunderstood.com%2F744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1796438132.1650201305&ga_sid=1650201305&ga_hid=851399651&ga_fc=false&btvi=-1&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067132

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

cafe /

Resource Hash

8bcacb9fb842a6943954e91b57907f9eb6d96f7a6e947f7d3ed4d3c11eb5fa95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:15:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32886
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.projectunderstood.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 22 KB
11 KB 568ms
567ms XHR
text/plain 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2080821974703768&correlator=2593620079015632&eid=31064835%2C31065803%2C31067132%2C31065401&output=ldjh&gdfp_req=1&vrg=2022041301&ptt=17&impl=fif&iu_parts=121764058%3A22563361973%2Cprojectunderstood.com_SF&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C750x100%7C970x90&ifi=2&adks=2547308185&sfv=1-0-38&ecs=20220417&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1650201305122&lmt=1650201305&dlt=1650201304458&idt=617&biw=1600&bih=1200&adxs=436&adys=1200&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fja.projectunderstood.com%2F744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=728x-1&fws=640&ohw=0&ga_vid=1796438132.1650201305&ga_sid=1650201305&ga_hid=851399651&ga_fc=false&btvi=1&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067132

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

cafe /

Resource Hash

5fb10bb14f534771b74ab480a0543129924bf694aace8f27824999a6ac575a9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:15:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10871
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.projectunderstood.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 582 B
317 B 800ms
800ms XHR
text/plain 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2080821974703768&correlator=2593620079015632&eid=31064835%2C31065803%2C31067132%2C31065401&output=ldjh&gdfp_req=1&vrg=2022041301&ptt=17&impl=fif&iu_parts=121764058%3A22563361973%2Cprojectunderstood.com_adi_W1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x600&ifi=3&adks=3976903869&sfv=1-0-38&ecs=20220417&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1650201305126&lmt=1650201305&dlt=1650201304458&idt=617&biw=1600&bih=1200&adxs=1040&adys=1073&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fja.projectunderstood.com%2F744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=300x-1&fws=128&ohw=0&ga_vid=1796438132.1650201305&ga_sid=1650201305&ga_hid=851399651&ga_fc=false&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067132

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

cafe /

Resource Hash

3904bde8e73483a01d0a2bc3d8bac5252ec01e0379947f86b3e7f8481f338add

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:15:05 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 287
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.projectunderstood.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 56 KB
12 KB 322ms
322ms XHR
text/plain 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2080821974703768&correlator=2593620079015632&eid=31064835%2C31065803%2C31067132%2C31065401&output=ldjh&gdfp_req=1&vrg=2022041301&ptt=17&impl=fif&iu_parts=121764058%3A22563361973%2Cprojectunderstood.com_adi_W1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x600&ifi=4&adks=403733244&sfv=1-0-38&ecs=20220417&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1650201305128&lmt=1650201305&dlt=1650201304458&idt=617&biw=1600&bih=1200&adxs=1012&adys=278&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fja.projectunderstood.com%2F744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=300x-1&fws=128&ohw=0&ga_vid=1796438132.1650201305&ga_sid=1650201305&ga_hid=851399651&ga_fc=false&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067132

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

cafe /

Resource Hash

770818784f879d5aada1d0e06fac18fab7051ed6d534fdb19ad86bba2eb30ccd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:15:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12550
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.projectunderstood.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 563 B
298 B 1340ms
1340ms XHR
text/plain 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2080821974703768&correlator=2593620079015632&eid=31064835%2C31065803%2C31067132%2C31065401&output=ldjh&gdfp_req=1&vrg=2022041301&ptt=17&impl=fif&iu_parts=121764058%3A22563361973%2Cprojectunderstood.com_am_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280%7C360x300&ifi=5&adks=2074830599&sfv=1-0-38&ecs=20220417&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1650201305130&lmt=1650201305&dlt=1650201304458&idt=617&biw=1600&bih=1200&adxs=472&adys=414&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fja.projectunderstood.com%2F744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=300x-1&fws=128&ohw=0&ga_vid=1796438132.1650201305&ga_sid=1650201305&ga_hid=851399651&ga_fc=false&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067132

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

cafe /

Resource Hash

916d97c6c7a80dd0aca4cfdf51955415708603b68fbe9f6af293a17476953ff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:15:06 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 268
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.projectunderstood.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 580 B
315 B 1037ms
1036ms XHR
text/plain 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2080821974703768&correlator=2593620079015632&eid=31064835%2C31065803%2C31067132%2C31065401&output=ldjh&gdfp_req=1&vrg=2022041301&ptt=17&impl=fif&iu_parts=121764058%3A22563361973%2Cprojectunderstood.com_am_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280%7C360x300%7C580x400&ifi=6&adks=524995006&sfv=1-0-38&ecs=20220417&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1650201305133&lmt=1650201305&dlt=1650201304458&idt=617&biw=1600&bih=1200&adxs=472&adys=947&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fja.projectunderstood.com%2F744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=300x-1&fws=128&ohw=0&ga_vid=1796438132.1650201305&ga_sid=1650201305&ga_hid=851399651&ga_fc=false&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067132

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

cafe /

Resource Hash

b14f451d81f127578d512fd5297d844c1bf2657bd04a53cb9559b1e7a592b3fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:15:06 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 285
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.projectunderstood.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 26 KB
11 KB 2485ms
2485ms XHR
text/plain 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2080821974703768&correlator=2593620079015632&eid=31064835%2C31065803%2C31067132%2C31065401&output=ldjh&gdfp_req=1&vrg=2022041301&ptt=17&impl=fif&iu_parts=121764058%3A22563361973%2Cprojectunderstood.com_adi_ATF&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C970x250%7C970x300%7C728x90&ifi=7&adks=1270824643&sfv=1-0-38&ecs=20220417&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1650201305135&lmt=1650201305&dlt=1650201304458&idt=617&biw=1600&bih=1200&adxs=315&adys=278&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fja.projectunderstood.com%2F744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=970x-1&fws=128&ohw=0&ga_vid=1796438132.1650201305&ga_sid=1650201305&ga_hid=851399651&ga_fc=false&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067132

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

cafe /

Resource Hash

22e0ec8b5b17f1c23195bd7f81b8f7eb193ccdc751b663f46dcbf216c992e125

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:15:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10742
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.projectunderstood.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 15 KB
8 KB 1756ms
1755ms XHR
text/plain 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2080821974703768&correlator=2593620079015632&eid=31064835%2C31065803%2C31067132%2C31065401&output=ldjh&gdfp_req=1&vrg=2022041301&ptt=17&impl=fif&iu_parts=121764058%3A22563361973%2Cprojectunderstood.com_am_3&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280%7C360x300%7C580x400&ifi=8&adks=2269407250&sfv=1-0-38&ecs=20220417&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1650201305139&lmt=1650201305&dlt=1650201304458&idt=617&biw=1600&bih=1200&adxs=472&adys=1503&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fja.projectunderstood.com%2F744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=300x-1&fws=128&ohw=0&ga_vid=1796438132.1650201305&ga_sid=1650201305&ga_hid=851399651&ga_fc=false&btvi=2&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067132

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

cafe /

Resource Hash

ad79549048b47ff386151ed89ebe09b8a2156a0cb235b93d46ca8a0da323f5d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:15:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8092
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.projectunderstood.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C9CA 6 KB
4 KB 240ms
51ms Document
text/html 2404:6800:400a:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067132

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:804::2001 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.projectunderstood.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 17 Apr 2022 13:15:05 GMT
expires: Mon, 17 Apr 2023 13:15:05 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads_2022041301.js Show response
securepubads.g.doubleclick.net/gpt/ 35 KB
13 KB 15ms
15ms Script
text/javascript 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022041301.js?cb=31067132

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067132

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

sffe /

Resource Hash

e9c945ab084669e2c40b8331fb01a5ba71b1eb911f561eba726670345ce10392

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 10:53:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 267705
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13281
x-xss-protection: 0
last-modified: Wed, 13 Apr 2022 08:34:59 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 14 Apr 2023 10:53:20 GMT

GET
H2 200 __ZXCONSENT.ZxGetConsent Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 182 B
390 B 30ms
18ms Script
text/javascript 2606:4700:10::6814:b844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/__ZXCONSENT.ZxGetConsent

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/brmsl_19102402.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db264a2d6c30bc872076ab8f14cc9a74421bf81783c2c5bf3c3a23dd1e90b645

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:15:05 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6fd56d6d38b51ed8-NRT

GET
H2 200 sdk.feda0fd8c5f2191f5c4b299585520859048f3705.js Show response
cdn.zx-adnet.com/consent/ 341 KB
66 KB 173ms
173ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/consent/sdk.feda0fd8c5f2191f5c4b299585520859048f3705.js

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/brmsl_19102402.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

04149c43558d59b2f0f2cc3f679979b915401ca5c94e833479ca9ea754db0b89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Sat, 16 Apr 2022 12:32:22 GMT
x-timer: S1650201305.184116,VS0,VE169
etag: "903d4e9708a69e8cc899413e10c8bd8c12ff0e8553c05df46fc83d843518567b-br"
x-served-by: cache-nrt18327-NRT
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=315000
date: Sun, 17 Apr 2022 13:15:05 GMT
accept-ranges: bytes
content-length: 67057
x-cache-hits: 0

GET Wlylbgju.js
ja.projectunderstood.com/ Frame 0
0

GET
H2 200 ui-gdpr-en.feda0fd8c5f2191f5c4b299585520859048f3705.js Show response
cdn.zx-adnet.com/consent/ 230 KB
37 KB 112ms
112ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/consent/ui-gdpr-en.feda0fd8c5f2191f5c4b299585520859048f3705.js

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/consent/sdk.feda0fd8c5f2191f5c4b299585520859048f3705.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ff4b703a37dc11dbca28199ebaa29bfd85fb3793138fdc9bb2b952954d098b68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Sat, 16 Apr 2022 12:32:22 GMT
x-timer: S1650201306.508379,VS0,VE109
etag: "dad5947af947c84745a29032a526f3e68afd9ce38af7f41ee281defb94b29c84-br"
x-served-by: cache-nrt18327-NRT
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=315000
date: Sun, 17 Apr 2022 13:15:05 GMT
accept-ranges: bytes
content-length: 37832
x-cache-hits: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012203150226000/ Frame C83C 222 KB
62 KB 54ms
1ms Script
text/javascript 2404:6800:4004:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067132

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 318387
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62084
x-xss-protection: 0
server: sffe
date: Wed, 13 Apr 2022 20:48:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fa1474a6dd6481f4"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 13 Apr 2023 20:48:38 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame C83C 16 KB
6 KB 58ms
6ms Script
text/javascript 2404:6800:4004:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067132

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 361986
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5728
x-xss-protection: 0
server: sffe
date: Wed, 13 Apr 2022 08:41:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d91e62368f79b48d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 13 Apr 2023 08:41:59 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame C83C 96 KB
29 KB 59ms
7ms Script
text/javascript 2404:6800:4004:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067132

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 361986
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29618
x-xss-protection: 0
server: sffe
date: Wed, 13 Apr 2022 08:41:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9a9baa9802fa29d2"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 13 Apr 2023 08:41:59 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame C83C 5 KB
2 KB 61ms
9ms Script
text/javascript 2404:6800:4004:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067132

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 361986
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1900
x-xss-protection: 0
server: sffe
date: Wed, 13 Apr 2022 08:41:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3393210d007db9ca"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 13 Apr 2023 08:41:59 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame C83C 42 KB
13 KB 62ms
10ms Script
text/javascript 2404:6800:4004:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067132

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 361986
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13669
x-xss-protection: 0
server: sffe
date: Wed, 13 Apr 2022 08:41:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "565eca32a909292d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 13 Apr 2023 08:41:59 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame C83C 8 KB
1 KB 148ms
41ms Stylesheet
text/css 2404:6800:4004:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067132

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 17 Apr 2022 11:21:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 17 Apr 2022 13:15:05 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 17 Apr 2022 13:15:05 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame C83C 3 KB
3 KB 56ms
5ms Image
image/png 2404:6800:4004:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/en.png

Requested by

Host: ja.projectunderstood.com
URL: https://ja.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:808::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 07:24:16 GMT
x-content-type-options: nosniff
server: cafe
age: 21049
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 15880770647744369592
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2982
x-xss-protection: 0
expires: Mon, 18 Apr 2022 07:24:16 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame C83C 344 B
449 B 57ms
6ms Image
image/png 2404:6800:4004:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: ja.projectunderstood.com
URL: https://ja.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:808::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 18:38:39 GMT
x-content-type-options: nosniff
server: cafe
age: 66986
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 6766994032117382215
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Sun, 17 Apr 2022 18:38:39 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame C83C 0
0 48ms
48ms Image
text/html 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CbQPt2RJcYoucDIqe8wOf4aigDYHUzPZo3KqT6J0PloLNhYgWEAEgqoDDImDZAqAB_a_g4QHIAQGpAibls-2R6bU-4AIAqAMByAMKqgS6Ak_QA1tCHBVjgDW4CPDaSXxOwsLUhIVUZ_f9wTm7t7KswSOjjWTp8RIyF_CTNfGFwwrgQY9Xx5X4JOcDDY6sMYl2NJohNOa9grnfZ0MHyGHeXhXqatvhVhC5sp07D4E98u9f-fnz78-F5yTXq62Ai2gAobATf4W7CGdSnTzBt8VY_gOPAkY4MgWfahKJPgU0raY0ALTR7xnCFkl-bGidGwaHkdYlrIJLaWfeCHBMFIOxwqpqfF07iy76ZJB0pseZAzVAQba0QOl_Ydk4y6zUMiXUKDI1D7BuVE2uaMm_DLTOft43b_95OqMOQRCn_B3d5AhuHp7bKKc6AtILW2TsxiQWb9KHLVPdknSlTiR7iqULUeIrCVyOZUe78nzZJdw0K_S41UcXZaLhr753cZT_AZiaxb-4HCwWKJgwwASy_aaW-gPgBAGSBQQIBBgBkgUECAUYBKAGLoAH68-fngKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCt8wXSCAcIgGEQARgd8ggbYWR4LXN1YnN5bi05MTYxODYzNjg1ODI2OTU2gAoDyAsBuBOdJ9gTDNAVAZgWAYAXAbIXHgocCAASFHB1Yi01NTEyMzkwNzA1MTM3NTA3GJLvIQ&sigh=Go4Br7CS8EU&uach_m=[UACH]&template_id=5021
Requested by: Host: ja.projectunderstood.com
URL: https://ja.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: nrt12s46-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/2065551878703476978/ Frame C83C 2 KB
2 KB 41ms
4ms Image
image/png 2404:6800:4004:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2065551878703476978/downsize_200k_v1?w=100&h=100

Requested by

Host: ja.projectunderstood.com
URL: https://ja.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:808::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8bcf3d2ba10feef9912426155ea22f480c44fda69c84471f02aea478099f4fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 04:52:22 GMT
x-content-type-options: nosniff
age: 289363
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2485
x-xss-protection: 0
last-modified: Thu, 25 Nov 2021 08:57:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 14 Apr 2023 04:52:22 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/7910278398689535934/ Frame C83C 27 KB
27 KB 42ms
5ms Image
image/png 2404:6800:4004:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7910278398689535934/downsize_200k_v1?w=400&h=209

Requested by

Host: ja.projectunderstood.com
URL: https://ja.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:808::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1cd4562344c03eee9b9d76442a97481e9c5adadffbd041d408c57e4b7af92ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 07:49:13 GMT
x-content-type-options: nosniff
age: 192352
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27676
x-xss-protection: 0
last-modified: Thu, 25 Nov 2021 08:57:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 15 Apr 2023 07:49:13 GMT

GET
DATA 200
OK truncated
/ Frame C83C 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2003f670349710b69a3657fe62f5b0eb7668897fb49c0050f2a0f39d3bc5c44

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame C83C 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 372a3186cdfa2b7a80c939a0496851ab0519c9b8cb656609fb902168ee053a8b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame C83C 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef18b8baf54ac8387dfbb30dfced82931e45584151c5d0b6e005aa3a542e7952

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v42/ Frame C83C 28 KB
28 KB 80ms
40ms Font
font/woff2 2404:6800:4004:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v42/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ja.projectunderstood.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 05:12:07 GMT
x-content-type-options: nosniff
age: 115378
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28328
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 21:57:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 Apr 2023 05:12:07 GMT

GET
H3 200 container.html Show response
b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5B20 6 KB
3 KB 59ms
10ms Document
text/html 2404:6800:400a:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067132

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400a:804::2001 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.projectunderstood.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 17 Apr 2022 13:15:05 GMT
expires: Mon, 17 Apr 2023 13:15:05 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame E681 624 B
838 B 81ms
42ms Document
text/html 2404:6800:4004:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQi4Dw4AIYis2CvQEwAQ&v=APEucNUET84u1gAkUO5_uSOovl2u-EvT-9Lily837ZQubyeWnPw7t7sxAl6t4ay9mQiDmtxi08TyVVKSfAerpna9g143fxY4HA

Requested by

Host: b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com
URL: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81d::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 17 Apr 2022 13:15:05 GMT
expires: Sun, 17 Apr 2022 13:15:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 5B20 14 KB
11 KB 110ms
72ms Script
text/javascript 2404:6800:4004:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CwU5gxfTlmmNkCX1N1t3mNBNZPPa8p5G3vNdXH1bqzmnRHM-Xq33szj5mqLRGi30yHHCINg_Gc75kb-vVViapBP5KvL-8P7nxdn5rVelcN1PHUcmxofVeealnop5X3vMYXaFmn_4ZopjKw7TcFdQEv7qwbyQ&cry=1&dbm_d=AKAmf-BChfuj242kQgmimdQo3Dr8GHWgKDK6wsmGZSLtyxOsF6xJnucLQd9pf2-jmZev6HXHJFQgBx9nUaTmDO5u8s-XJImffCYrKm8hv-pvuSZ1t4wbp38JZFRqI5leMAh2QD9P2jpRIKPfKrzcvYPG-GpNt5uFCZiLSsc9cJxm06Ak-QmwotrSl8VlLMpXPjvffkA8blOCX_V7S-TpMCoS0wP2pwknk5c-okTsYDMx2apFvz2gETSvueykwLfcPFr_zTDRzNgMVczqbxJ2QYDg_Tryhc3FbxChoyo752WXGEUN7Xx4hmtAiXOu1pJteDxjK9llB0xlc5bdMGmqrfqqKkz8nuNg9Ip1rQYTHjD8ob9vMMjDVZFwkKb9d0nVkONXdDYIIDhvJfyFXrrF99ZqDkudgw5FL_p4Xt5raQUusmZgEo6VmbKEp6l9zifR9YDaoJvJk5UeIN1dgdXfxIiWpzWc8qfr5-5hBQBsoUMW613LnShmPyc8sC8i3ZIE06rfkdfo2RLhmtU3fFIWNGKST7ksfw6H4niglXQ5UX8XEKaLD2EC3eXpfdyhVyPQIEPUi8m0FSAgRPgxuX1M9rD8ciCDZdg8dP1kli2vAVcGcI_LU0mzP1Z9Hqx0q4fem8g8ZZxEvoj_sJid58y0HxYenxMEbujjPSHFa-HyrWDZXoFzpyntxorPCTmPnulfDewDqGMz_kLyzQIQWLOvnceuFfmHTFFMuxvrSJLHixBny01oBi2XXTyNIyJXqkRbkZ3uiZRoABgmH8mQW9xoGmzE1mLtG3bveRUIkd02IOMzB4Zbie0fNiChuQPAmBUgg4KaexLhJVPqdjI4iDUeupkjQiQ2SND-lpsjgrUb3jO-mxH8P7261JwS3mIrj4DfJwz80RUB-00u2uk4GT_gBcvLgIlPQN5cOP3n-t9dRlj0lV4zA4NDEyuEpmWztfgX7RoPv00FtX8xjRKEIrAQFOS882XiV9c2yxtf_XbTuCvvOQJxBSdLc2nvpDYNI-BV-NkOy8CsR_cbSHipgypCDkEMZzOeh5UFhTmf5p4g0WyVAYVR0Aq1uOw_tzamCaj_frIlc-Duor8S6LJfcrL9ieOALXYkVpLICwkdZk2QK9VypEwCb-scOmN21XR68dACJ_ejNFGs1MicD45skdqwJe4VOBPmlIMk2IijUWIZk_k6LHVxbSh7D2kuFTbclnuWSlFjszLhLaNu5ShNc5hFAnftzpnjiJ7JIPJzVWhA5Yv50BYmUXVU2rxM3qOWPRSMlzshqJeuI4KJJ_O_zCMnG-LSxZu_OVHLNyQKUWKqWf3FE2uudPHi5MvaW3fGrAioLq7P0sidIdGgdFJCIahEceaMaym9DxQ5Dx3eyzsgSL7kgwyrD6m58B0mf-NM2wx2F1fXVQ6E9cha6rtuSLnw5OxNq_GK6Fx1rt4p_8R2NuoC7pYhUsmUpNI9JRNAkiTidsPwXnj3-V06n7tZrMGyOYW5h956dD4Nu4a2ZHCX_-CefgA4ylRcV9yF1yR_ZO9aVcvojMYWNoQ_MNL4vWJN4nnjfPwuJjX21bt6eG763lakGDe_ptvugbcCY17cBLbJSBiSiALp4WcvBo95QwHOdenoJveZiljp4vIU83e5URMYe7ojdCok9N49zskL0Rl-KED7xRAihvU4BcWqQ5jXN69gEm-uMQyo76a9qcMxvuPdXbAoinJ_s6Iip3DucDnk5YvjdWc3l09x_hbkvKlCTc7wCBXVOlCyAsfugJloJWSRvLacq1mK50gtk5Oo_-KHMxWKnKQzQ4yQZJpV9bFnCorKTxQzF5G6eVidVP0q7iPWD_AkkluyHsKAGW-J2540SeU82a5jJv0ylWkbE7edg7TPP2A-Ugv87RbeGONOh1EWY5BiVK8VVo2lXDLCf5dulIvTk_PgaRi66x6QOPS_rL-mCZs7wpCf-eR6rjhwU9xS5ztfMSDpf5YRKONdnnKRkGlIKRYDvByF0Ufdr0aItfM5eZtHNIMqLKvXv8dhuirzN8CDXYvM4hWC6TwGhz1fZdoYmz8eNNsGlk60zujL2uiNtKf2fW03Yrm0C9ZTv18TiACXsinT41J4ARuz1IL2zj3e25w7t88xjUaZ1yM9kXSG8EKMYWzacXPzc0voGtXpo6eL-PvVfPnK0eXjKVEPXTiwYqKwyI5Y53lCsVtU1J2Qiby1fGUxWUnzxvSTNz5NHPT6Z4VsIN1GejN6PhQlhAyRYEbpmrdRuvP80F6-bo7k062SqjP_S798WBiCaoZTCx_Ay8SUmw2Nnw-qIxzM3mGABC6gtmJsYzTQHuc-h5u8xwaRPHEgKUd6x2sei6sZJr4F7P292UOf1aesvM92HgdoI9F7QqLJDnKocVQNUHOvOXn-fcZCT2VGmiKZY-Mp3G0TNbsGxtIH96w0ikq3SCdy30773Jyr7aOfFvB4zrdtNquvbdLtNQ8uY4OLuh24PM3gEWu82BjAj22N3kSaePsfqvefBRwjA5HVH4a1HZNq9QgA7SBoRHm1xRCP7McnHuH5fPU_S4BiBppgoeObb_fYqTrbSaE66SgXwuYYC2Uj6xgAD3iX_dYTAgA-bHtpD9UGN74_YWqKhSEHJ2yhBd9x_yzFX52rCsz7oFMZ-vrPN1oUvyQzFDl-602UlgjuUhDdgdhzk_CKe5-jdgnradYs9t7nzlCZFEt2nBVfClTDY_EvspJfTEb9yapegflw8DdC4tfcpi9IxhdwWytgSpiA9NlTPf8wummqJUs0-oA2ZttEGW1YBhY811gGmLV1n2Rvg2FT-xFcTyHrrstXWEoNz_-zNjURZQmp3uJ_R6Unu-dONNZcNHD_Lxuh26dW8dsR1g-yaDyfJI-Zwmu8nfoWUMnnscDmPMZIBA-cjIb5WNs7Am33JiLj_VA3VbmgsLuK0yZPg7qjMJsWlvEaVQr4BQmugHYYv-dk8w7KBc-JY4-T2QXIoDAw5DPj8RmlqPEOr6VgR1eVYyPI17dLYNBe4vQGTce3ROnI1x4oylzrge7hgVPj8bfsEaL0x5w0DtJNlzEnKtxhEiBGflSGiSASwCY6IWknvjVyMq2s7l_bBo_CN_vG7rPDlzPHbkPRrm-lFp8BqKhwmliucn2-pUIqivPhqnXN7V36cJJu9a7j7rxz_RTo4ta-1FG7Otnb2Rmy1s1IpcPywtVyNXuyOcC1wuPHptiajeKHuW6IjdiXJVaAbS-A2cRHgmr18tgWkXMO7JIAMvEXJEkJW3XsH37QYnIz8CoV51RE57-JKIfMJjVYLteMVTzAynLulzPPIPNvObm1fqQ3AeM5rhbq8iQ12QzoY5IwnIbdHKVildOSqa-ONZ_fCg4QljAG4S_1LTtHLqvfijg7ao6tVVVJdHFCbPPajBYwnrSsjvk7zSImBadgSXjlLjiGta2rj-O6OJM6fTeXAyK8ULLTaT6PadDegBx8nJRKuyAA896o33s3MhLkPpm6s9WQU8qQNFhqaou9buWAlV4&cid=CAQSLgCNIrLMWosThkkmk03DDSkIKZ9zBVSKJKAd70H6u8dDzB3NiffRxIEhdfWzALk&rfl=1%2Chttps%253A%252F%252Fja.projectunderstood.com%252F%240

Requested by

Host: ja.projectunderstood.com
URL: https://ja.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81d::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b8b037fd7a123e9c1ed058b687fa3c21e93048b890313b2c8ba4989ff2f47fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Apr 2022 13:15:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10722
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5B20 42 B
494 B 78ms
37ms Image
image/gif 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DTdJ9Uae-BPCC1JFDwWUSTwqa4NXYYz_VXyF-yMRzQbWHNCaxNpAy7XezG2fom6HYIdHRdv1g-4zNeVr3meA7a_b6ZXl8IUfrKF5kh7Mf0Aq8ftP8

Requested by

Host: b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com
URL: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Apr 2022 13:15:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame 5B20 2 KB
1 KB 95ms
2ms Script
application/javascript 2600:140b:400:180::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115751&plc=4167622&sid=18330&dvregion=0&unit=728x90&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0jpWJHJgk8h81oKFD0Kibph&DVP_DBM_1=3060631&DVP_DBM_2=24867963&DVP_DBM_3=15215464750&DVP_DBM_4=396404362&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1184590230446&turl=https://ja.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10&DVP_PP_BUNDLE_ID=
Requested by: Host: b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com
URL: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:140b:400:180::4469 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 731e952d643cd71b3699e9d9b45320f20318c9a8439c059aa296e45b79d5380f

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sun, 17 Apr 2022 13:15:05 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Apr 2022 08:39:57 GMT
Server: Microsoft-IIS/10.0
ETag: "978bff5b4ad81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1163

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 5B20 8 KB
4 KB 96ms
2ms Script
application/javascript 2600:140b:400:180::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0jpWJHJgk8h81oKFD0Kibph&DVP_DBM_1=3060631&DVP_DBM_2=24867963&DVP_DBM_3=15215464750&DVP_DBM_4=396404362&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1184590230446&turl=https://ja.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10&DVP_PP_BUNDLE_ID=
Requested by: Host: b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com
URL: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:140b:400:180::4469 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: af35e2cd67ed585f7d12b4b001e933defc926a1d7437b9b2ed7d7a3bddea93c4

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sun, 17 Apr 2022 13:15:05 GMT
Content-Encoding: gzip
Last-Modified: Thu, 14 Apr 2022 11:03:01 GMT
Server: Microsoft-IIS/10.0
ETag: "8060db34ef4fd81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3303

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 5B20 3 KB
1 KB 2ms
2ms Script
text/javascript 2404:6800:4004:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/window_focus_fy2019.js

Requested by

Host: b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com
URL: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:808::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:14:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 01 May 2022 13:14:39 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5B20 119 KB
37 KB 98ms
58ms Script
text/javascript 2404:6800:4004:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com
URL: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:813::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

708369fe8dc1fd8fce92d3a7078852bb50ba4ba1a1884b1358c3bf03e1670d50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:15:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36909
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1649897599747219"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 17 Apr 2022 13:15:05 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 5B20 15 KB
6 KB 3ms
3ms Script
text/javascript 2404:6800:4004:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com
URL: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:808::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:14:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6409
x-xss-protection: 0
server: cafe
etag: 15284592792851369840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 01 May 2022 13:14:06 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame E681
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELdi9Rhu5R4SqeajUvCXmXA&google_cver=1

43 B
1012 B

166ms
164ms

Image
image/gif

23.44.53.47
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELdi9Rhu5R4SqeajUvCXmXA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQi4Dw4AIYis2CvQEwAQ&v=APEucNUET84u1gAkUO5_uSOovl2u-EvT-9Lily837ZQubyeWnPw7t7sxAl6t4ay9mQiDmtxi08TyVVKSfAerpna9g143fxY4HA
Protocol: HTTP/1.1
Server: 23.44.53.47 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-53-47.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 17 Apr 2022 13:15:06 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 17 Apr 2022 13:15:06 GMT

Redirect headers

pragma: no-cache
date: Sun, 17 Apr 2022 13:15:05 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELdi9Rhu5R4SqeajUvCXmXA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame E681
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YlwS2R1OnrNJwzddQpEKZQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELdi9Rhu5R4SqeajUvCXmXA&google_cver=1

43 B
892 B

55ms
54ms

Image
image/gif

23.44.53.47
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELdi9Rhu5R4SqeajUvCXmXA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQi4Dw4AIYis2CvQEwAQ&v=APEucNUET84u1gAkUO5_uSOovl2u-EvT-9Lily837ZQubyeWnPw7t7sxAl6t4ay9mQiDmtxi08TyVVKSfAerpna9g143fxY4HA
Protocol: HTTP/1.1
Server: 23.44.53.47 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-53-47.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 17 Apr 2022 13:15:06 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 17 Apr 2022 13:15:06 GMT

Redirect headers

pragma: no-cache
date: Sun, 17 Apr 2022 13:15:06 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELdi9Rhu5R4SqeajUvCXmXA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame E681
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEJSHZP2x8dVlpBb_2xqXtRk&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEJSHZP2x8dVlpBb_2xqXtRk%26google_cver%3D1

43 B
1 KB

113ms
112ms

Image
image/gif

103.43.90.19
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEJSHZP2x8dVlpBb_2xqXtRk%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQi4Dw4AIYis2CvQEwAQ&v=APEucNUET84u1gAkUO5_uSOovl2u-EvT-9Lily837ZQubyeWnPw7t7sxAl6t4ay9mQiDmtxi08TyVVKSfAerpna9g143fxY4HA

Protocol

HTTP/1.1

Server

103.43.90.19 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 17 Apr 2022 13:15:06 GMT
X-Proxy-Origin: 31.204.145.169; 31.204.145.169; 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 82dd4e6e-32a2-43dd-86a7-a54255037457
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 17 Apr 2022 13:15:06 GMT
X-Proxy-Origin: 31.204.145.169; 31.204.145.169; 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 1096d152-658d-4e71-b52f-471d79086274
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEJSHZP2x8dVlpBb_2xqXtRk%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E681
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzI1MjgzMDgwNDYxMTMzMzI4Nw%3D%3D

170 B
188 B

39ms
38ms

Image
image/png

142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzI1MjgzMDgwNDYxMTMzMzI4Nw%3D%3D

Requested by

Protocol

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Apr 2022 13:15:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 17 Apr 2022 13:15:06 GMT
X-Proxy-Origin: 31.204.145.169; 31.204.145.169; 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 1afe5d2f-f8b8-4b71-b672-f289b3a2d72d
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzI1MjgzMDgwNDYxMTMzMzI4Nw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 5B20 41 KB
15 KB 4ms
4ms Script
text/javascript 2404:6800:4004:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CwU5gxfTlmmNkCX1N1t3mNBNZPPa8p5G3vNdXH1bqzmnRHM-Xq33szj5mqLRGi30yHHCINg_Gc75kb-vVViapBP5KvL-8P7nxdn5rVelcN1PHUcmxofVeealnop5X3vMYXaFmn_4ZopjKw7TcFdQEv7qwbyQ&cry=1&dbm_d=AKAmf-BChfuj242kQgmimdQo3Dr8GHWgKDK6wsmGZSLtyxOsF6xJnucLQd9pf2-jmZev6HXHJFQgBx9nUaTmDO5u8s-XJImffCYrKm8hv-pvuSZ1t4wbp38JZFRqI5leMAh2QD9P2jpRIKPfKrzcvYPG-GpNt5uFCZiLSsc9cJxm06Ak-QmwotrSl8VlLMpXPjvffkA8blOCX_V7S-TpMCoS0wP2pwknk5c-okTsYDMx2apFvz2gETSvueykwLfcPFr_zTDRzNgMVczqbxJ2QYDg_Tryhc3FbxChoyo752WXGEUN7Xx4hmtAiXOu1pJteDxjK9llB0xlc5bdMGmqrfqqKkz8nuNg9Ip1rQYTHjD8ob9vMMjDVZFwkKb9d0nVkONXdDYIIDhvJfyFXrrF99ZqDkudgw5FL_p4Xt5raQUusmZgEo6VmbKEp6l9zifR9YDaoJvJk5UeIN1dgdXfxIiWpzWc8qfr5-5hBQBsoUMW613LnShmPyc8sC8i3ZIE06rfkdfo2RLhmtU3fFIWNGKST7ksfw6H4niglXQ5UX8XEKaLD2EC3eXpfdyhVyPQIEPUi8m0FSAgRPgxuX1M9rD8ciCDZdg8dP1kli2vAVcGcI_LU0mzP1Z9Hqx0q4fem8g8ZZxEvoj_sJid58y0HxYenxMEbujjPSHFa-HyrWDZXoFzpyntxorPCTmPnulfDewDqGMz_kLyzQIQWLOvnceuFfmHTFFMuxvrSJLHixBny01oBi2XXTyNIyJXqkRbkZ3uiZRoABgmH8mQW9xoGmzE1mLtG3bveRUIkd02IOMzB4Zbie0fNiChuQPAmBUgg4KaexLhJVPqdjI4iDUeupkjQiQ2SND-lpsjgrUb3jO-mxH8P7261JwS3mIrj4DfJwz80RUB-00u2uk4GT_gBcvLgIlPQN5cOP3n-t9dRlj0lV4zA4NDEyuEpmWztfgX7RoPv00FtX8xjRKEIrAQFOS882XiV9c2yxtf_XbTuCvvOQJxBSdLc2nvpDYNI-BV-NkOy8CsR_cbSHipgypCDkEMZzOeh5UFhTmf5p4g0WyVAYVR0Aq1uOw_tzamCaj_frIlc-Duor8S6LJfcrL9ieOALXYkVpLICwkdZk2QK9VypEwCb-scOmN21XR68dACJ_ejNFGs1MicD45skdqwJe4VOBPmlIMk2IijUWIZk_k6LHVxbSh7D2kuFTbclnuWSlFjszLhLaNu5ShNc5hFAnftzpnjiJ7JIPJzVWhA5Yv50BYmUXVU2rxM3qOWPRSMlzshqJeuI4KJJ_O_zCMnG-LSxZu_OVHLNyQKUWKqWf3FE2uudPHi5MvaW3fGrAioLq7P0sidIdGgdFJCIahEceaMaym9DxQ5Dx3eyzsgSL7kgwyrD6m58B0mf-NM2wx2F1fXVQ6E9cha6rtuSLnw5OxNq_GK6Fx1rt4p_8R2NuoC7pYhUsmUpNI9JRNAkiTidsPwXnj3-V06n7tZrMGyOYW5h956dD4Nu4a2ZHCX_-CefgA4ylRcV9yF1yR_ZO9aVcvojMYWNoQ_MNL4vWJN4nnjfPwuJjX21bt6eG763lakGDe_ptvugbcCY17cBLbJSBiSiALp4WcvBo95QwHOdenoJveZiljp4vIU83e5URMYe7ojdCok9N49zskL0Rl-KED7xRAihvU4BcWqQ5jXN69gEm-uMQyo76a9qcMxvuPdXbAoinJ_s6Iip3DucDnk5YvjdWc3l09x_hbkvKlCTc7wCBXVOlCyAsfugJloJWSRvLacq1mK50gtk5Oo_-KHMxWKnKQzQ4yQZJpV9bFnCorKTxQzF5G6eVidVP0q7iPWD_AkkluyHsKAGW-J2540SeU82a5jJv0ylWkbE7edg7TPP2A-Ugv87RbeGONOh1EWY5BiVK8VVo2lXDLCf5dulIvTk_PgaRi66x6QOPS_rL-mCZs7wpCf-eR6rjhwU9xS5ztfMSDpf5YRKONdnnKRkGlIKRYDvByF0Ufdr0aItfM5eZtHNIMqLKvXv8dhuirzN8CDXYvM4hWC6TwGhz1fZdoYmz8eNNsGlk60zujL2uiNtKf2fW03Yrm0C9ZTv18TiACXsinT41J4ARuz1IL2zj3e25w7t88xjUaZ1yM9kXSG8EKMYWzacXPzc0voGtXpo6eL-PvVfPnK0eXjKVEPXTiwYqKwyI5Y53lCsVtU1J2Qiby1fGUxWUnzxvSTNz5NHPT6Z4VsIN1GejN6PhQlhAyRYEbpmrdRuvP80F6-bo7k062SqjP_S798WBiCaoZTCx_Ay8SUmw2Nnw-qIxzM3mGABC6gtmJsYzTQHuc-h5u8xwaRPHEgKUd6x2sei6sZJr4F7P292UOf1aesvM92HgdoI9F7QqLJDnKocVQNUHOvOXn-fcZCT2VGmiKZY-Mp3G0TNbsGxtIH96w0ikq3SCdy30773Jyr7aOfFvB4zrdtNquvbdLtNQ8uY4OLuh24PM3gEWu82BjAj22N3kSaePsfqvefBRwjA5HVH4a1HZNq9QgA7SBoRHm1xRCP7McnHuH5fPU_S4BiBppgoeObb_fYqTrbSaE66SgXwuYYC2Uj6xgAD3iX_dYTAgA-bHtpD9UGN74_YWqKhSEHJ2yhBd9x_yzFX52rCsz7oFMZ-vrPN1oUvyQzFDl-602UlgjuUhDdgdhzk_CKe5-jdgnradYs9t7nzlCZFEt2nBVfClTDY_EvspJfTEb9yapegflw8DdC4tfcpi9IxhdwWytgSpiA9NlTPf8wummqJUs0-oA2ZttEGW1YBhY811gGmLV1n2Rvg2FT-xFcTyHrrstXWEoNz_-zNjURZQmp3uJ_R6Unu-dONNZcNHD_Lxuh26dW8dsR1g-yaDyfJI-Zwmu8nfoWUMnnscDmPMZIBA-cjIb5WNs7Am33JiLj_VA3VbmgsLuK0yZPg7qjMJsWlvEaVQr4BQmugHYYv-dk8w7KBc-JY4-T2QXIoDAw5DPj8RmlqPEOr6VgR1eVYyPI17dLYNBe4vQGTce3ROnI1x4oylzrge7hgVPj8bfsEaL0x5w0DtJNlzEnKtxhEiBGflSGiSASwCY6IWknvjVyMq2s7l_bBo_CN_vG7rPDlzPHbkPRrm-lFp8BqKhwmliucn2-pUIqivPhqnXN7V36cJJu9a7j7rxz_RTo4ta-1FG7Otnb2Rmy1s1IpcPywtVyNXuyOcC1wuPHptiajeKHuW6IjdiXJVaAbS-A2cRHgmr18tgWkXMO7JIAMvEXJEkJW3XsH37QYnIz8CoV51RE57-JKIfMJjVYLteMVTzAynLulzPPIPNvObm1fqQ3AeM5rhbq8iQ12QzoY5IwnIbdHKVildOSqa-ONZ_fCg4QljAG4S_1LTtHLqvfijg7ao6tVVVJdHFCbPPajBYwnrSsjvk7zSImBadgSXjlLjiGta2rj-O6OJM6fTeXAyK8ULLTaT6PadDegBx8nJRKuyAA896o33s3MhLkPpm6s9WQU8qQNFhqaou9buWAlV4&cid=CAQSLgCNIrLMWosThkkmk03DDSkIKZ9zBVSKJKAd70H6u8dDzB3NiffRxIEhdfWzALk&rfl=1%2Chttps%253A%252F%252Fja.projectunderstood.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:808::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 02:11:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 299001
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Apr 2023 02:11:44 GMT

GET
H/1.1 200
OK dvbs_src_internal102.js Show response
cdn.doubleverify.com/ Frame 5B20 55 KB
18 KB 2ms
2ms Script
application/javascript 2600:140b:400:180::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal102.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115751&plc=4167622&sid=18330&dvregion=0&unit=728x90&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0jpWJHJgk8h81oKFD0Kibph&DVP_DBM_1=3060631&DVP_DBM_2=24867963&DVP_DBM_3=15215464750&DVP_DBM_4=396404362&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1184590230446&turl=https://ja.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10&DVP_PP_BUNDLE_ID=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:140b:400:180::4469 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 3f428ebe6a721f39f9c0377b8045edea6f072fdccc2128391870419168558630

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sun, 17 Apr 2022 13:15:05 GMT
Content-Encoding: gzip
Last-Modified: Tue, 29 Mar 2022 09:23:34 GMT
Server: Microsoft-IIS/10.0
ETag: "06fa3a94e43d81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18094

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame 5B20 2 KB
1 KB 787ms
99ms Script
text/javascript 69.174.120.29
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_370510522146&jsTagObjCallback=__tagObject_callback_370510522146&num=6&ctx=1828362&cmp=115751&plc=4167622&sid=18330&advid=&adsrv=&unit=728x90&isdvvid=&uid=370510522146&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&dvp_strhd=0.40&dvpx_strhd=0.40&brid=3&brver=100&bridua=3&dup=null&turl=https://ja.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10&srcurlD=0&ssl=1&refD=1&htmlmsging=1&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0jpWJHJgk8h81oKFD0Kibph&DVP_DBM_1=3060631&DVP_DBM_2=24867963&DVP_DBM_3=15215464750&DVP_DBM_4=396404362&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1184590230446&DVP_PP_BUNDLE_ID=&prr=1&aUrlD=-1&m1=13&noc=4&fcifrms=3&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=150&eparams=DC4FC%3Dl9EEADTbpTauTau%3B2%5DAC%40%3B64EF%3F56CDE%40%405%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTau%3B2%5DAC%40%3B64EF%3F56CDE%40%405%5D4%40%3ETar9EEADTbpTauTau3hc3%60fd4c6dfec%606a5dc3%60_27fa27562%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTau%3B2%5DAC%40%3B64EF%3F56CDE%40%405%5D4%40%3ETaufcc%5CH%5CD%5C2%5C5%5C2%3F5%5C2CC%40H%5C%3C6JD%5C2C6%5CDH%3AE4965%5C%3A%3F%5CH%3A%3F5%40HD%5C%60_&dvp_exetime=6.20&callbackName=__verify_callback_370510522146
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal102.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 69.174.120.29 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS: te4-0.cr1.lax1.us.packetexchange.net
Software: /
Resource Hash: 8afb93d91e5f1508a0f6ea14a8891a5add045a8f69080e5881ebbad3fd5e053c

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 17 Apr 2022 13:15:06 GMT
Content-Encoding: br
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Transfer-Encoding: chunked
X-DV-Response: 1
Expires: 04/16/2022 13:15:06

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 0C49 22 KB
8 KB 4ms
3ms Document
text/html 2404:6800:4004:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:808::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 165645
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 15 Apr 2022 15:14:20 GMT
expires: Sat, 15 Apr 2023 15:14:20 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 1093ms
254ms Preflight 37.157.4.28
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://ja.projectunderstood.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://ja.projectunderstood.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Sun, 17 Apr 2022 13:15:06 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 localstore.js Show response
script.4dex.io/ 483 B
972 B 17ms
8ms Script
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.8.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:15:05 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1809
content-type: application/javascript
x-amz-request-id: tx0c810f9b689a43feb0d6c-0062543d8e
x-amz-id-2: tx0c810f9b689a43feb0d6c-0062543d8e
last-modified: Mon, 11 Apr 2022 14:37:55 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TmO9MDIxQrWcudwzBm1CpUJcmNensmPZWoOYZb1LVUs4S5TIJC8ENIKifAPIYDXSR7%2F0u5Vs%2BeeOkB6eE72E6acFCitabYWTYZStsY7XHhUxWBzxPzrRUr0D4loSym2kA2y4K0QrDzmdoJ8M"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 1649687875786561
cache-control: public, max-age=1800
cf-ray: 6fd56d723a301f4f-NRT
expires: Sun, 17 Apr 2022 13:45:05 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 438ms
202ms XHR
application/json 103.43.90.19
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.8.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

103.43.90.19 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

2642225e558d3d8b62943afefe8a0100d1be4eb3433cf25b062b710d41e5df6b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ja.projectunderstood.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 17 Apr 2022 13:15:06 GMT
X-Proxy-Origin: 31.204.145.169; 31.204.145.169; 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 3f9e685b-8320-440e-ae71-a15aedbd837c
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://ja.projectunderstood.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
186 B 756ms
231ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.8.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.projectunderstood.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ja.projectunderstood.com
date: Sun, 17 Apr 2022 13:15:06 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
176 B 616ms
179ms XHR
text/plain 147.75.38.124
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.8.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.projectunderstood.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

x-nbr: 1
date: Sun, 17 Apr 2022 13:15:05 GMT
server: envoy
vary: origin, Accept-Encoding
access-control-allow-origin: https://ja.projectunderstood.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1

POST openrtb
adx.adform.net/adx/ 0
0

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
372 B 426ms
245ms XHR
application/json 51.79.234.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.8.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),

Reverse DNS

ip100.ip-51-79-234.net

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://ja.projectunderstood.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://ja.projectunderstood.com
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST /
ssp.wp.pl/bidder/ 0
0

GET
H2 200 adagio.js Show response
script.4dex.io/ 72 KB
23 KB 21ms
15ms Fetch
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c842fa8019eafc4beae4bd989e2c486d3ecd7a407edb21804c35a1726a90fec7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:15:05 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 512661
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: txab4f232551a54421a6ece-0062544044
x-amz-id-2: txab4f232551a54421a6ece-0062544044
last-modified: Mon, 11 Apr 2022 14:37:55 GMT
server: cloudflare
etag: W/"e88bab2e9c57f44732eeec31ca508d70"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6dmCYOEvGqI%2BOFQLsO3xK1JMs2hpfMxtwLMXboK1xT4Dsj%2BFH4%2F1AmeJMYM29wSEdugCSroZrbEJCEgyh%2BgTfdluTgv71Co9kwAunQERCiyqhp4MLDbV4dUxzEicTaLmw5wUxUbAb27h6Jak"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
x-amz-version-id: 1649687874851815
cf-ray: 6fd56d726d128a66-NRT
access-control-allow-headers: Authorization

GET
H3 200 k-Lxrj_3cR5KhrMTVpzAVOH1CgwXrUvkekFpn42ZeoQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 0C49 35 KB
13 KB 38ms
3ms Script
text/javascript 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/k-Lxrj_3cR5KhrMTVpzAVOH1CgwXrUvkekFpn42ZeoQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93e2f1ae3ff7711e4a86b313569cc054e1f50a0c17ad4be47a41699f8d997a84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 05:43:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 372713
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13613
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Apr 2023 05:43:13 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0C49 0
20 B 44ms
44ms Image
image/gif 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BSZ_U2RJcYra8NcWG8ALejpHgAwAAAAA4AeAEAg&bg=!5eal5qLNAAZvJBiFTyQ7ACkAdvg8WkhuDypWm3s19jt_2VJuPNzj3RZxkgxAydsRf_opsmKymkEzfAIAAABIUgAAAANoAQcKAKHCeUw6OlxnW35EhWojNSvP4oVtwlaY2FxUh8q70oRYXvxmR_er_WpLdfgKy4fSzZtihfdIN3sHnMz8P9HmRBE81pg31SMh0HyJyUehxV1Aa8l6vUeAyTZLtTTK6uQ-GPh6yNL0EtEEez1LReQi7eTlDFwAHKCyDpFNtx3Z8yMucKX5f6m0kHC2EYU2D_AsIFHjuGmOU3U5Fm34gERvybpP25kC8sdXltUJWF7tSRtoxSz-zvWpibjnpEmyAJ6rqvrmcjVWDbtxH9T5VGM2lN1d2mrp5lw8Us57IxoAwyCjxhno5NyCC1Fldgo7skVU1m4AhGJDuqZMrqNJKcWMPacJVYkrm63uwt2wIBBf7829YIeBE7FY5PSwefPOcusnlrpc27vLTrmkFQd9WgRmVhQOn6UQUmaDRm1P24dmVwlBoXLS9MePAZeRFU5RztZsK4eiPjSNrXf-qdwSGrkhAVWPGQ5IPa3ve77Co7-h_GNJWo78eg_NI3E_6buhCnsT2L9RZohc7xKzPV5IQfuZAAVM_iSQ6GJ48y7ehIE6LWDzveBPavmsupEDQ5fB2_UB79ra-sv2YGBVl242jKAJ6PSGfbOCHUK84PArwW3WdEJHtD-8TFnp2V5sBQ_93LRuAWR_GjwZHLtKzLsPBiyWyBBsQJIJXAQktWT883qZv4_e1mvf8eRbbe3wDydYwQ8ZaCSobLmwlAqx4XJN93v94loQiTE0Qi21Mf8vvTmToN2U3zIDpGdOiAnmivJ09ucV3M8aHD4WSH5li52w6RHhsmh3ZZgADwuDqQ4k29VIh1L_Lzi8abjGgovs03IoUl8lh_Dh1yBFBlVSqKfUH4XpkHR804SetNYiKqFpyUt3Fin49zXT1eF9pNXYK4MBGyRdiELeFKp0mCR5kV9EW3d0i2Gf-agusji1K_7r2BofnS7dAtaDp4iaxe_SeQWB0tRp0r9lThHzESKmnRuOiODshsvS6UKclgny1ywI0JZTYPNO-Js947A6u5vEbQvTPksOpViB5VYSJKLGkdbV7Hut5KZo5Z6y6hywxxDSDIN1Oe8hG6BHGjT2eqwMS8DMqHi_xoJh8epPClt5_QYRHIbWol0hweC7yjOxgOJbAzyUCwQOSvdYaOWwdpQH3eoaIxCUOL1ObGwlx-yJ1mSKuTLFOo_87sk6hQBin6g4uJNLA7jc7Jja5yRtje4PJ9AjgEafTYA8slpjfdE

Requested by

Host: b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com
URL: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Apr 2022 13:15:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 856ms
254ms Preflight 37.157.4.28
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://ja.projectunderstood.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://ja.projectunderstood.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Sun, 17 Apr 2022 13:15:06 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
18 B 388ms
180ms XHR
text/plain 147.75.38.124
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.8.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.projectunderstood.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

x-nbr: 1
date: Sun, 17 Apr 2022 13:15:05 GMT
server: envoy
vary: origin, Accept-Encoding
access-control-allow-origin: https://ja.projectunderstood.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
186 B 525ms
232ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.8.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.projectunderstood.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ja.projectunderstood.com
date: Sun, 17 Apr 2022 13:15:06 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST /
ssp.wp.pl/bidder/ 0
0

POST openrtb
adx.adform.net/adx/ 0
0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 326ms
281ms XHR
application/json 103.43.90.19
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.8.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

103.43.90.19 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

889977a32d27573ab13f41a4a17cd2818b6865531afcd5ca9fa243eeb2e73631

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ja.projectunderstood.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 17 Apr 2022 13:15:06 GMT
X-Proxy-Origin: 31.204.145.169; 31.204.145.169; 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 26166e12-cf8d-4660-b16c-40bedd196487
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://ja.projectunderstood.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
371 B 186ms
185ms XHR
application/json 51.79.234.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.8.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),

Reverse DNS

ip100.ip-51-79-234.net

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://ja.projectunderstood.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://ja.projectunderstood.com
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

GET
H2 200 frame86.php Show response
video.onnetwork.tv/ 266 KB
60 KB 294ms
294ms Fetch
text/html 5.196.106.241
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://video.onnetwork.tv/frame86.php?id=ffEXSce6a22e103ff0f806edcfb32dc4a6d4c16502013061311&iid=1650201306131&e=1&ap=4&map=1&umum=1&naa=1&pinva=1&pinv=1&onnsfonn=1&vids=580084&onnwid=9074&wtop=https%3A%2F%2Fja.projectunderstood.com%2F744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10&apop=0&vpop=0&apopa=0&vpopa=0&cId=ndEXSce6a22e103ff0f806edcfb32dc4a6d4c1650201306130

Requested by

Host: video.onnetwork.tv
URL: https://video.onnetwork.tv/embed.php?ext=optad

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

5.196.106.241 , France, ASN16276 (OVH, FR),

Reverse DNS

vh11a.eris-p.of.pl

Software

XO.webservant /

Resource Hash

92cbeeb17bab2443f2f9d254e549d7c31ea3bad605e66842cf1545f5a65a91a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sun, 17 Apr 2022 13:15:06 GMT
server: XO.webservant
date: Sun, 17 Apr 2022 13:15:06 GMT
vary: Accept-Encoding
p3p: CP="ALL CAO DSP COR IVD IVA PSD PSA TEL TAI CUS ADM CUR CON SAM OUR IND"
access-control-allow-origin: https://ja.projectunderstood.com
cache-control: no-store, no-cache, must-revalidate, post-check=1, pre-check=1
feature-policy: fullscreen *; autoplay;
access-control-allow-credentials: true
content-type: text/html; charset=utf-8
expires: Sun, 17 Apr 2022 13:15:07 GMT

GET
H2 200 a_cntg.png
cdn.onnetwork.tv/cnt/ 126 B
329 B 1753ms
738ms Image
image/png 178.33.50.233
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.onnetwork.tv/cnt/a_cntg.png?ts=1650201306241&d=9074&wsc=00&typ=embed&mobile=0&c=40
Requested by: Host: ja.projectunderstood.com
URL: https://ja.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.33.50.233 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w18.of.pl
Software: XO.webservantpro /
Resource Hash: a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:15:07 GMT
last-modified: Sunday, 17-Apr-2022 13:15:07 GMT
server: XO.webservantpro
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 126

GET
H2 200 optadVeedmoLogo.png
get.optad360.io/_assets/img/ 2 KB
2 KB 3ms
3ms Image
image/png 2600:9000:221a:ca00:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://get.optad360.io/_assets/img/optadVeedmoLogo.png
Requested by: Host: ja.projectunderstood.com
URL: https://ja.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:221a:ca00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b716981df17d43bef46a03ca1ea6a53c737b208f872498bea8a0fceaed077a2f

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 18 Dec 2021 05:58:35 GMT
via: 1.1 2bbc1f6dd26fc38478c686763c4fd1c8.cloudfront.net (CloudFront)
last-modified: Tue, 20 Apr 2021 11:06:31 GMT
server: AmazonS3
age: 10394192
etag: "d07132fb0cc704b474040b7075270e9c"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=360000000
x-amz-cf-pop: NRT57-P2
accept-ranges: bytes
content-length: 1610
x-amz-cf-id: 8-GRpdVHKplTPxucNCWwLYyMBi3yqnth-uFxHJtJfOj7R7XczqGW-A==

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 560ms
254ms Preflight 37.157.4.28
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://ja.projectunderstood.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://ja.projectunderstood.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Sun, 17 Apr 2022 13:15:06 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
186 B 229ms
229ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.8.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.projectunderstood.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ja.projectunderstood.com
date: Sun, 17 Apr 2022 13:15:06 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 204 / Show response
ssp.wp.pl/bidder/ 0
57 B 897ms
269ms XHR
text/plain 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/?cs=true&bdver=5.3&pbver=6.8.0&inver=0
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.8.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.projectunderstood.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 17 Apr 2022 13:15:07 GMT
server: nginx
vary: Origin
accept-ch-lifetime: 604800
access-control-allow-origin: https://ja.projectunderstood.com
access-control-allow-credentials: true
uber-trace-id: 0000000000000000ba94610b0500092d:00fb763b39bfd367:0:0
accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect

POST openrtb
adx.adform.net/adx/ 0
0

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
371 B 88ms
88ms XHR
application/json 51.79.234.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.8.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),

Reverse DNS

ip100.ip-51-79-234.net

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://ja.projectunderstood.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://ja.projectunderstood.com
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
44 B 180ms
179ms XHR
text/plain 147.75.38.124
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.8.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.projectunderstood.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

x-nbr: 1
date: Sun, 17 Apr 2022 13:15:06 GMT
server: envoy
vary: origin, Accept-Encoding
access-control-allow-origin: https://ja.projectunderstood.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 237ms
237ms XHR
application/json 103.43.90.19
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.8.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

103.43.90.19 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

7b2d26ed48767803c5413e110d6cc54ccbf04f4d757cc6c5c41723fd308640f6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ja.projectunderstood.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 17 Apr 2022 13:15:06 GMT
X-Proxy-Origin: 31.204.145.169; 31.204.145.169; 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
AN-X-Request-Uuid: b85d84a4-7b91-4868-9595-05f2d6e459bf
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://ja.projectunderstood.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame C83C 42 B
64 B 41ms
39ms Image
image/gif 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssOnCRG0tr3NtGSMLujeJLd2aVhuOjz4XpIlgunoH6tHnZaGqYm0o5JYtSXS4bk0p7nnxI5A8hKiCYQuJcS5qja_guSIUHbCpUaOoD-KdpJlrtnF-Q&sai=AMfl-YSsspXUArF-iN6AC0_d1bRFB0AdQifO9AUWro9Usgnl_Xu5kI3MHP9_ZXUtIcX4dMmAd4vQqkyP09pHiQlIb6CVB-Rzx55sqSmZZQn2vA&sig=Cg0ArKJSzF9VIt9YFqLDEAE&cid=CAQSLgCNIrLMhVPBsEpDTIwtL2QWSglodMOYSCL5SIpOJ7bOos8nQsXVAgvp-Gdlr4k&id=ampim&o=1012,291&d=300,600&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=189&tls=1190&g=100&h=100&tt=1190&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=403733244

Requested by

Host: ja.projectunderstood.com
URL: https://ja.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Apr 2022 13:15:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 5B20 24 KB
9 KB 42ms
4ms Script
text/javascript 2404:6800:4004:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal102.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98f790ebde5f4783aca23310b1e48b7fcf96b10a86abc583a36113294bfeef81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 12:34:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2436
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9360
x-xss-protection: 0
last-modified: Wed, 13 Apr 2022 15:00:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sun, 17 Apr 2022 13:34:30 GMT

GET
H3 200 impl_v86.js Show response
www.googletagservices.com/dcm/ Frame 5B20 54 KB
21 KB 3ms
3ms Script
text/javascript 2404:6800:4004:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v86.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c7d7c651efabfdcce87a8fec34efbafc99924e3c83c8412f954219cddafa458

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 10:34:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 182436
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21362
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 15:03:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 15 Apr 2023 10:34:30 GMT

GET
H2 200 B9689862.280630144;dc_ver=86.252;sz=728x90;u_sd=1;dc_adk=2923430898;ord=y9k057;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=1,https%3A%2F%2Fja.projectunderstood.com%2F$0;xdt... Show response
ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/ Frame 5B20 46 KB
23 KB 125ms
77ms Script
text/javascript 172.217.161.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=86.252;sz=728x90;u_sd=1;dc_adk=2923430898;ord=y9k057;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=1,https%3A%2F%2Fja.projectunderstood.com%2F$0;xdt=1;crlt=AxnfcmE45(;stc=1;sttr=17;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v86.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.161.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s23-in-f6.1e100.net

Software

cafe /

Resource Hash

013ae65ce1b6a62bb74e8f9acb6674ac100a5477cccf4c02d8d08ff81f130db8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Apr 2022 13:15:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22964
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4781 6 KB
3 KB 11ms
10ms Document
text/html 2404:6800:400a:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067132

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400a:804::2001 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.projectunderstood.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 17 Apr 2022 13:15:05 GMT
expires: Mon, 17 Apr 2023 13:15:05 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 1365 640 B
318 B 42ms
41ms Document
text/html 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJeI-AIQxIeEigIY7Ie3wwEwAQ&v=APEucNXZOweT-hPNk1KK2Q7HwxKt0IVQ-EdYsM-gfY0xEgSTCcZ-W2_ztynTru_3cGND9pgCq8PSm6ucqAosW27pBzYsRAX9xQ

Requested by

Host: b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com
URL: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 295
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 17 Apr 2022 13:15:06 GMT
expires: Sun, 17 Apr 2022 13:15:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 4781 78 KB
33 KB 69ms
68ms Script
text/javascript 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Abk9VUs9WqIEV1-GSZ0u7-MVczBFpm9fBaNEYHZ32y7Ld6eljQHUNHxfOy-vS5RHLeUYuRdvwiW5HCzstCVNgY2TV52A&cry=1&dbm_d=AKAmf-BUbn_ACj_kYgJSxdcsYOtKNfLfUuHCRDz5Ybp8D3V9RG7lw5e973LSq3Wdr0_s7hqGujbAOuewo6tyq2ChZvPNhmHMpxnPSOjtV2M-p7QSF2_zOrhaV_2tNrNjLSXk7X5RJZdXaYSxMKdWSh0Mh2ZNlmtb7kXvBIBXHcPwkRLBVdEpOJLO8UqtDEFn28cG4uo0lc88aN1NAq4DiTp_r3wdgRKRBTRdYVSTFsA_qD6d2YwgXt0ZAYAfUlPd14JIYjqobJLQAkFmnV7647TsJzqWB_zrhaz7KsjpgoPNyD-mvOnFKKX1RHJP2XjBf2CyISaRBAmz5gxcpHHBLrOwE9XOAS1jxvzXoh5fVw4xfSGuHdaYTczTnfe6w1GZeS63aNldMCW_UCd6tGUDJk8ooTRwLLx6Hk18mgeZPaNN1YtsydRZ5MgbwDJQCPxepyi0xIfNZxOo0ePNQiNaybDrNOeCL1C1bmFTigQqbRc8H2cRsTViZjH9Bptm5z-RqJf1gaai8kc0gRn5C3No0A4d6_N2KKvwTph8GYpBEKfSre0gg31Oiog9A6IAkZP1ij9o2AgaVfomNVvk6z3lic29UjYI6SV-1vkwTwxTUJpMYCeTggY0iDZHrQFK6Qt6YI7ztMGttyFfcBzD79pJH0knIBLRFHy2cn0ZrehXVUwbPMVLIuWemFj5Af4yIdUf2VSDlXp5-4KZvr6JgKZSBgqw8TZ9x2HfDnkxmBs2zFtkqeuN5Zg6CvATMeuXwehIyG46wpGlX5twlNc5NdzmLVlT9Z7l8o5rzDsHtIGoV9jMQ6mInWc7S1qhgDfRBKWfy62q7OD5Hoc13XPO7-vGKbPEw_CS7620j6P1YjP0N-UZ8yqrhXjyIUR91Gkii77kcr_C6kslS2nw9dhsqa7KJeSY5ezmWwB26NGiDVtIjaoey1WXNrdWrSdX2vi2XDN5GpzpXuceDRepe5vZljtv5egLLJv2QxScuGYArjnxm6pSm4CA4pkwR9_u7MmSr6F7Imw704MNFLv5hlZ0S1Mb2TgEJheS4DxAfeA-tH4BlNcUtqdg3HDC1lQ77__oROxLnMOpR3rl_kXluTK8AmEeujw0t-Od-J93s8w0FaYo5W0JUr_e-eHAWvxOYm0SBIxs5scohbVxMYX3FEFPBYhNHEXy69ymcCZwbH28DXcpVHRJ_gi7qaaWY9Fsn9l_V7RM0jyamQN0rVd61c-s1uoQsc2LjVCh0FAv4YMhbOXCmTsIEx4kHmpSLz5f04ZD3w6hSt-L62pR4mV7G3MyC3JOaf43fqky_20ai6t6G3-QX-D7O4aBwQQa1Uj-nafckPIAHSoq4HjhLbbWvL0lcwvkkaABl1vJh2IIP1_x8FI-34ohrGVYf_ykw5eHBuL1l2fe8rPjWSFMmXKTHSM_VJwf3BJvZqHolBZsh5MK5HOl6a-IuO4AGvidlcmFXIbM_nuNKZaHigYWZAqqcyaP1KnamjsxrlwPUSkN9M497tg0Aq8E03hEC8Uy9Axf7oNOrFsc9hmULBF_W-cppHKwtEan_NEcKEseJlMvgd_g1qCiAg1EjgtdtL21y3FQ0eMRz7RKgSqWsABnh0YqCne3oTYi-ITXCAO7v1Vk07DjWj3jB4sAQkVFvRQzJVZV87iBlhQpqWiqm7ziQocifQf828gjZxODo6uTBFFw6qyuITh1TBbNhtjDaaw6lgvcM_FRvC16uJNERfPdd1SuM4m3DjkeZ0c54DJMFm6KgDxoe4OoaOzev0tlNY9J8ux1rDU-9rzU8HFI9Qi5uznvjzLfoKU7JAhuPLTjsmvlBcdLsgGVRdeWLhzeuJYzFxnfnjhQNUqi5MJ1mWdF3EkhwOzro1qQ76l-66__YQDpQUPjcyrPQDbYMK89jmH-yFxudlSk8nkhWeRBc6Cm3u6_yMfoMZ_Q4E6lZpTQ35hz0pJPOo7-_GkHpdfaNjPjlnFDW47vSFaG-d0Y6jRrUpNPTbPpW_vxDSxs0I8Y1Gjrf1Gm5RMkGP8XZASRj6uKUmsMcf-Z0GOykKLQNBKdpY7esMTHFx0qp_DWwTvXaHc78397g4Wpl3p_d1Q5MUC5eSOl0nrMTllVvs78iMg7I4h9EJ6ZmsMkI4RALg9bSbjnBs6z-qhSITXl-wzhEAcpTjWvJS1Skbb-sxM-EaYajSZpbpOasZGhEORzvcHJvaupgU1365L9w2rTQIA3_q1vG71V8nEbyvOv0AADC9JGUkoxtZCCUvwe4MVwofhmxZqYXALq-isga0QJhRd4-T1d3-N8uS9jVTM2Ksh7UMOD7t95JRHGzZOabb7W3yoBINR-ZacKuCmXnrnIHC2ESR1uvrrV7qztCL6PWqKgZdwpwvgAIvq7C8nA0lhZ_kcoGQ1jFz0JmHW-Ol-pG_USJd4knyMqBF5aLU7kyweX_WH08cFAnEzJnClVqOH9Zo8pLwXX3y08E53dXT3BtOPKn0ifbqu4FTovHbJaCIy14cWlJu3RUhrRWLpLdw-XhF5nqfJGxX_BCpq6P0mPnSJpjEH0nWLzZDelfztEA8hl7rGia4GeEKCitVksNb6pWaAJbqevtMTM7t7JvuxtHaxK7c4F9FfbpS2XIVdBdI0KY_xKDZW5usiTN4Gts-C5OjohR-XCSKgDEzq7wF-vST1kcix6Ro-74H3f9pTi0FozGkuRwcmJ8nwznErOST-kpU-eebXsMz1wDH5eggBkOeizQmjShkRp36Trz9b-b-QGM9ZrWRhCIdyD3q_CPifRvGfWPA4FzZCOXzFXubB2HNd8sv8vDNdi09peDsabZuqUzb_FqXQVarK4Fwl9gipF9bZJa1uwY9GDPrfRNWEdf8_H22pguGnTtNW0QVzaVTCN7zpgvGLRlhLtG2fAjNHuLxPwdyp-AGMvJ2AN63bNNNlDsBopX8epzrjQEO-QojWzdMQPZA3vsmWos0uC8ZVLQdVKwn-f9yId5wunDQ9jKIFhXSEZ0vXUw-keyVYJgOT_XgFfQLCiLoGDtMdrYjQvCs1x_c4pmX85TFOzbgkCbb9rCJNvGYdllmT9y9GNU_FV2ySpE12PePfcHY180WGzdPmkUEj-JdJrcFQjX0g1TKfb7uFcQHoR_Mq8WcipClDIx2JF7rC9v2Zl1DnRj7Fv3r4UyMH9WmrqA_s7RW0mDV4dIw0bTDFsNsnFeIOjnfXDE1vdwEPuepKUg9mHf09vO1Of9Rhaiabv9rEExTvROTXBQII0ghxedOShk5U-A7Cjae2pymu--6IpM6xckPgHYqTAloKk9jT5ddERkOGKuGuRsb86CPMsgKDUYe7hdFV7fmerM9FJ4Ae486Zhe76Gsu2ao7dlzIawik7u2LZjQOsLwhrooSasHw3VpX-5bVHtqpwDgiQmzEGTUteQZahNezWRTZO3qGJtjgxYohyP2RuQTx0ISwi-1kH4Vpva6ZH33o2TXBHUr8zzlPvNGJmUe2sOAdc9Ug&cid=CAQSLgCNIrLMZsWGeSSKOnfvSaSEXl5UlPOG7YkhoXJiikXIOQ0ebykqI2CB34-GahcYAQ&rfl=1%2Chttps%253A%252F%252Fja.projectunderstood.com%252F%240

Requested by

Host: ja.projectunderstood.com
URL: https://ja.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

cafe /

Resource Hash

e33e3b41c4e06825b6b7dd549cb94f3d03e1d89c22b84bd10cee46aef0f1bf44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Apr 2022 13:15:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4781 42 B
63 B 39ms
38ms Image
image/gif 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CxuHvYqYgEQxDPr1ekCvTNNSZO8mjLPCJaqq5Bivst9Q0B9wI4JZlWAR0FJsQ1SeEc6kQAnka-d32YoJHjdMN0YroF7wciEoSV2aOCmBEVhWmF6Bs

Requested by

Host: b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com
URL: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Apr 2022 13:15:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 4781 3 KB
1 KB 4ms
3ms Script
text/javascript 2404:6800:4004:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/window_focus_fy2019.js

Requested by

Host: b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com
URL: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:808::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:14:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 01 May 2022 13:14:39 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4781 119 KB
36 KB 63ms
62ms Script
text/javascript 2404:6800:4004:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com
URL: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

708369fe8dc1fd8fce92d3a7078852bb50ba4ba1a1884b1358c3bf03e1670d50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:15:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36909
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1649897599747219"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 17 Apr 2022 13:15:07 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 4781 15 KB
6 KB 5ms
4ms Script
text/javascript 2404:6800:4004:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com
URL: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:808::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:14:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6409
x-xss-protection: 0
server: cafe
etag: 15284592792851369840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 01 May 2022 13:14:06 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 4781 0
0 77ms
36ms Image
text/html 2404:6800:4004:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQe9bQ4p8Qh56-YlhjUlPA7WQo_gNZOIzXIJ12GdWec1FrDFpKFlGkMm1-fbY-W7A7xmExB
Requested by: Host: b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com
URL: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:810::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220413/r20110914/elements/html/ Frame 5B20 8 KB
3 KB 4ms
4ms Script
text/javascript 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220413/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=86.252;sz=728x90;u_sd=1;dc_adk=2923430898;ord=y9k057;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=1,https%3A%2F%2Fja.projectunderstood.com%2F$0;xdt=1;crlt=AxnfcmE45(;stc=1;sttr=17;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:13:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 125
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 01 May 2022 13:13:01 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5B20 0
575 B 86ms
46ms Ping
image/gif 172.217.175.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssSXwgOdK5y1AzblyaBWA64EfsaGjRnC_uUTU6nw6pYUCBb7XQelX5q62NNYTFOJyFxvG1Um9MtcrEtybvKfEFOcrBvc0RAJknp9B2JiKHh06EFTQGl_-YY95Q1KDp77uWkFhIOk6oGAEc6-qU0GhxFAJ0E-_ZZkQ&sig=Cg0ArKJSzOymeQLCf5vGEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220413.29348&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.175.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s21-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 17 Apr 2022 13:15:07 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 17721130591974731406
s0.2mdn.net/simgad/ Frame 5B20 69 KB
70 KB 133ms
10ms Image
image/jpeg 2404:6800:400a:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/17721130591974731406

Requested by

Host: b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com
URL: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80e::2006 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92af9e53d768cc3fb6c9675d0d2eafba403f527fc761b29679953c71d3c588e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 20:24:28 GMT
x-content-type-options: nosniff
age: 406239
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71148
x-xss-protection: 0
last-modified: Tue, 07 Sep 2021 22:07:40 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 12 Apr 2023 20:24:28 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame CB71 22 KB
8 KB 3ms
3ms Document
text/html 2404:6800:4004:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:808::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 165646
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 15 Apr 2022 15:14:20 GMT
expires: Sat, 15 Apr 2023 15:14:20 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK dv-measurements2576.js Show response
cdn.doubleverify.com/ Frame 4BD1 521 KB
96 KB 3ms
3ms Script
application/javascript 2600:140b:400:180::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements2576.js
Requested by: Host: ja.projectunderstood.com
URL: https://ja.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:140b:400:180::4469 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 7b9f6c3e0e65e7f2462bea66f011f7c7d024ad96c1c01595df7a26bdd561f2fc

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sun, 17 Apr 2022 13:15:07 GMT
Content-Encoding: gzip
Last-Modified: Thu, 14 Apr 2022 08:23:02 GMT
Server: Microsoft-IIS/10.0
ETag: "03768dbd84fd81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 98414

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5B20 119 KB
36 KB 122ms
121ms Script
text/javascript 2404:6800:4004:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com
URL: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

708369fe8dc1fd8fce92d3a7078852bb50ba4ba1a1884b1358c3bf03e1670d50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:15:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36909
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1649897599747219"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 17 Apr 2022 13:15:07 GMT

OPTIONS
H2 204 notify
ssp.wp.pl/bidder/ Frame 0
0 870ms
290ms Preflight 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/notify
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://ja.projectunderstood.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization, origin, x-requested-with, cookie, content-type, accept-ch
access-control-allow-methods: POST,GET,OPTIONS
access-control-allow-origin: https://ja.projectunderstood.com
access-control-max-age: 86400
date: Sun, 17 Apr 2022 13:15:07 GMT
server: nginx
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers

POST
H2 204 notify Show response
ssp.wp.pl/bidder/ 0
44 B 290ms
290ms XHR
text/plain 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/notify
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.8.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.projectunderstood.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://ja.projectunderstood.com
date: Sun, 17 Apr 2022 13:15:08 GMT
access-control-allow-credentials: true
server: nginx
vary: Origin

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 1365
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELdCEANPJNCdEy_kVpPR_a8&google_cver=1
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESELdCEANPJNCdEy_kVpPR_a8&google_cver=1

43 B
61 B

38ms
38ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESELdCEANPJNCdEy_kVpPR_a8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJeI-AIQxIeEigIY7Ie3wwEwAQ&v=APEucNXZOweT-hPNk1KK2Q7HwxKt0IVQ-EdYsM-gfY0xEgSTCcZ-W2_ztynTru_3cGND9pgCq8PSm6ucqAosW27pBzYsRAX9xQ
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/18.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Apr 2022 13:15:07 GMT
via: 1.1 google
server: OXGW/18.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESELdCEANPJNCdEy_kVpPR_a8&google_cver=1
date: Sun, 17 Apr 2022 13:15:07 GMT
via: 1.1 google
server: OXGW/18.0.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1365
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NmY0MzY0YzMtNmMyNS0yZDBlLWVjYjEtNGMxM2FiZDMxNjlk

170 B
188 B

83ms
83ms

Image
image/png

142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NmY0MzY0YzMtNmMyNS0yZDBlLWVjYjEtNGMxM2FiZDMxNjlk

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJeI-AIQxIeEigIY7Ie3wwEwAQ&v=APEucNXZOweT-hPNk1KK2Q7HwxKt0IVQ-EdYsM-gfY0xEgSTCcZ-W2_ztynTru_3cGND9pgCq8PSm6ucqAosW27pBzYsRAX9xQ

Protocol

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Apr 2022 13:15:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 17 Apr 2022 13:15:07 GMT
content-encoding: gzip
server: OXGW/18.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NmY0MzY0YzMtNmMyNS0yZDBlLWVjYjEtNGMxM2FiZDMxNjlk
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
via: 1.1 google

GET
H2

200

um
sync.teads.tv/ Frame 1365
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEEX7_O02sKjmjdyYgpkDbNQ&google_cver=1

23 B
287 B

26ms
16ms

Image
image/gif

23.206.252.252
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEEX7_O02sKjmjdyYgpkDbNQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJeI-AIQxIeEigIY7Ie3wwEwAQ&v=APEucNXZOweT-hPNk1KK2Q7HwxKt0IVQ-EdYsM-gfY0xEgSTCcZ-W2_ztynTru_3cGND9pgCq8PSm6ucqAosW27pBzYsRAX9xQ
Protocol: H2
Server: 23.206.252.252 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-206-252-252.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Apr 2022 13:15:07 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sun, 17 Apr 2022 13:15:07 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 17 Apr 2022 13:15:07 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESEEX7_O02sKjmjdyYgpkDbNQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1365
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ODRhMzUwODUtZDM3My00NWQ2LTgwZjktZjc4MzI2MzZlZjcw

170 B
188 B

38ms
38ms

Image
image/png

142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ODRhMzUwODUtZDM3My00NWQ2LTgwZjktZjc4MzI2MzZlZjcw

Requested by

Protocol

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Apr 2022 13:15:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 17 Apr 2022 13:15:07 GMT
server: akka-http/10.2.7
content-type: text/html; charset=UTF-8
location: https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ODRhMzUwODUtZDM3My00NWQ2LTgwZjktZjc4MzI2MzZlZjcw
cache-control: max-age=0, no-cache, no-store
content-length: 189
expires: Sun, 17 Apr 2022 13:15:07 GMT

GET
H3 200 k-Lxrj_3cR5KhrMTVpzAVOH1CgwXrUvkekFpn42ZeoQ.js Show response
pagead2.googlesyndication.com/bg/ Frame CB71 35 KB
13 KB 2ms
2ms Script
text/javascript 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/k-Lxrj_3cR5KhrMTVpzAVOH1CgwXrUvkekFpn42ZeoQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93e2f1ae3ff7711e4a86b313569cc054e1f50a0c17ad4be47a41699f8d997a84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 05:43:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 372714
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13613
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Apr 2023 05:43:13 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 4781 106 KB
38 KB 68ms
11ms Script
text/javascript 2404:6800:400a:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: ja.projectunderstood.com
URL: https://ja.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80e::2006 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
Origin: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 02:56:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37142
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 18 Apr 2022 02:56:05 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220413/r20110914/elements/html/ Frame 4781 8 KB
3 KB 3ms
3ms Script
text/javascript 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220413/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Abk9VUs9WqIEV1-GSZ0u7-MVczBFpm9fBaNEYHZ32y7Ld6eljQHUNHxfOy-vS5RHLeUYuRdvwiW5HCzstCVNgY2TV52A&cry=1&dbm_d=AKAmf-BUbn_ACj_kYgJSxdcsYOtKNfLfUuHCRDz5Ybp8D3V9RG7lw5e973LSq3Wdr0_s7hqGujbAOuewo6tyq2ChZvPNhmHMpxnPSOjtV2M-p7QSF2_zOrhaV_2tNrNjLSXk7X5RJZdXaYSxMKdWSh0Mh2ZNlmtb7kXvBIBXHcPwkRLBVdEpOJLO8UqtDEFn28cG4uo0lc88aN1NAq4DiTp_r3wdgRKRBTRdYVSTFsA_qD6d2YwgXt0ZAYAfUlPd14JIYjqobJLQAkFmnV7647TsJzqWB_zrhaz7KsjpgoPNyD-mvOnFKKX1RHJP2XjBf2CyISaRBAmz5gxcpHHBLrOwE9XOAS1jxvzXoh5fVw4xfSGuHdaYTczTnfe6w1GZeS63aNldMCW_UCd6tGUDJk8ooTRwLLx6Hk18mgeZPaNN1YtsydRZ5MgbwDJQCPxepyi0xIfNZxOo0ePNQiNaybDrNOeCL1C1bmFTigQqbRc8H2cRsTViZjH9Bptm5z-RqJf1gaai8kc0gRn5C3No0A4d6_N2KKvwTph8GYpBEKfSre0gg31Oiog9A6IAkZP1ij9o2AgaVfomNVvk6z3lic29UjYI6SV-1vkwTwxTUJpMYCeTggY0iDZHrQFK6Qt6YI7ztMGttyFfcBzD79pJH0knIBLRFHy2cn0ZrehXVUwbPMVLIuWemFj5Af4yIdUf2VSDlXp5-4KZvr6JgKZSBgqw8TZ9x2HfDnkxmBs2zFtkqeuN5Zg6CvATMeuXwehIyG46wpGlX5twlNc5NdzmLVlT9Z7l8o5rzDsHtIGoV9jMQ6mInWc7S1qhgDfRBKWfy62q7OD5Hoc13XPO7-vGKbPEw_CS7620j6P1YjP0N-UZ8yqrhXjyIUR91Gkii77kcr_C6kslS2nw9dhsqa7KJeSY5ezmWwB26NGiDVtIjaoey1WXNrdWrSdX2vi2XDN5GpzpXuceDRepe5vZljtv5egLLJv2QxScuGYArjnxm6pSm4CA4pkwR9_u7MmSr6F7Imw704MNFLv5hlZ0S1Mb2TgEJheS4DxAfeA-tH4BlNcUtqdg3HDC1lQ77__oROxLnMOpR3rl_kXluTK8AmEeujw0t-Od-J93s8w0FaYo5W0JUr_e-eHAWvxOYm0SBIxs5scohbVxMYX3FEFPBYhNHEXy69ymcCZwbH28DXcpVHRJ_gi7qaaWY9Fsn9l_V7RM0jyamQN0rVd61c-s1uoQsc2LjVCh0FAv4YMhbOXCmTsIEx4kHmpSLz5f04ZD3w6hSt-L62pR4mV7G3MyC3JOaf43fqky_20ai6t6G3-QX-D7O4aBwQQa1Uj-nafckPIAHSoq4HjhLbbWvL0lcwvkkaABl1vJh2IIP1_x8FI-34ohrGVYf_ykw5eHBuL1l2fe8rPjWSFMmXKTHSM_VJwf3BJvZqHolBZsh5MK5HOl6a-IuO4AGvidlcmFXIbM_nuNKZaHigYWZAqqcyaP1KnamjsxrlwPUSkN9M497tg0Aq8E03hEC8Uy9Axf7oNOrFsc9hmULBF_W-cppHKwtEan_NEcKEseJlMvgd_g1qCiAg1EjgtdtL21y3FQ0eMRz7RKgSqWsABnh0YqCne3oTYi-ITXCAO7v1Vk07DjWj3jB4sAQkVFvRQzJVZV87iBlhQpqWiqm7ziQocifQf828gjZxODo6uTBFFw6qyuITh1TBbNhtjDaaw6lgvcM_FRvC16uJNERfPdd1SuM4m3DjkeZ0c54DJMFm6KgDxoe4OoaOzev0tlNY9J8ux1rDU-9rzU8HFI9Qi5uznvjzLfoKU7JAhuPLTjsmvlBcdLsgGVRdeWLhzeuJYzFxnfnjhQNUqi5MJ1mWdF3EkhwOzro1qQ76l-66__YQDpQUPjcyrPQDbYMK89jmH-yFxudlSk8nkhWeRBc6Cm3u6_yMfoMZ_Q4E6lZpTQ35hz0pJPOo7-_GkHpdfaNjPjlnFDW47vSFaG-d0Y6jRrUpNPTbPpW_vxDSxs0I8Y1Gjrf1Gm5RMkGP8XZASRj6uKUmsMcf-Z0GOykKLQNBKdpY7esMTHFx0qp_DWwTvXaHc78397g4Wpl3p_d1Q5MUC5eSOl0nrMTllVvs78iMg7I4h9EJ6ZmsMkI4RALg9bSbjnBs6z-qhSITXl-wzhEAcpTjWvJS1Skbb-sxM-EaYajSZpbpOasZGhEORzvcHJvaupgU1365L9w2rTQIA3_q1vG71V8nEbyvOv0AADC9JGUkoxtZCCUvwe4MVwofhmxZqYXALq-isga0QJhRd4-T1d3-N8uS9jVTM2Ksh7UMOD7t95JRHGzZOabb7W3yoBINR-ZacKuCmXnrnIHC2ESR1uvrrV7qztCL6PWqKgZdwpwvgAIvq7C8nA0lhZ_kcoGQ1jFz0JmHW-Ol-pG_USJd4knyMqBF5aLU7kyweX_WH08cFAnEzJnClVqOH9Zo8pLwXX3y08E53dXT3BtOPKn0ifbqu4FTovHbJaCIy14cWlJu3RUhrRWLpLdw-XhF5nqfJGxX_BCpq6P0mPnSJpjEH0nWLzZDelfztEA8hl7rGia4GeEKCitVksNb6pWaAJbqevtMTM7t7JvuxtHaxK7c4F9FfbpS2XIVdBdI0KY_xKDZW5usiTN4Gts-C5OjohR-XCSKgDEzq7wF-vST1kcix6Ro-74H3f9pTi0FozGkuRwcmJ8nwznErOST-kpU-eebXsMz1wDH5eggBkOeizQmjShkRp36Trz9b-b-QGM9ZrWRhCIdyD3q_CPifRvGfWPA4FzZCOXzFXubB2HNd8sv8vDNdi09peDsabZuqUzb_FqXQVarK4Fwl9gipF9bZJa1uwY9GDPrfRNWEdf8_H22pguGnTtNW0QVzaVTCN7zpgvGLRlhLtG2fAjNHuLxPwdyp-AGMvJ2AN63bNNNlDsBopX8epzrjQEO-QojWzdMQPZA3vsmWos0uC8ZVLQdVKwn-f9yId5wunDQ9jKIFhXSEZ0vXUw-keyVYJgOT_XgFfQLCiLoGDtMdrYjQvCs1x_c4pmX85TFOzbgkCbb9rCJNvGYdllmT9y9GNU_FV2ySpE12PePfcHY180WGzdPmkUEj-JdJrcFQjX0g1TKfb7uFcQHoR_Mq8WcipClDIx2JF7rC9v2Zl1DnRj7Fv3r4UyMH9WmrqA_s7RW0mDV4dIw0bTDFsNsnFeIOjnfXDE1vdwEPuepKUg9mHf09vO1Of9Rhaiabv9rEExTvROTXBQII0ghxedOShk5U-A7Cjae2pymu--6IpM6xckPgHYqTAloKk9jT5ddERkOGKuGuRsb86CPMsgKDUYe7hdFV7fmerM9FJ4Ae486Zhe76Gsu2ao7dlzIawik7u2LZjQOsLwhrooSasHw3VpX-5bVHtqpwDgiQmzEGTUteQZahNezWRTZO3qGJtjgxYohyP2RuQTx0ISwi-1kH4Vpva6ZH33o2TXBHUr8zzlPvNGJmUe2sOAdc9Ug&cid=CAQSLgCNIrLMZsWGeSSKOnfvSaSEXl5UlPOG7YkhoXJiikXIOQ0ebykqI2CB34-GahcYAQ&rfl=1%2Chttps%253A%252F%252Fja.projectunderstood.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:13:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 126
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 01 May 2022 13:13:01 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220413/r20110914/ Frame 4781 25 KB
10 KB 4ms
4ms Script
text/javascript 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220413/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e66bfceb15a6ee125dff79826be02a07b766843e6c660edf55ec0c22d1a407c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:13:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 91
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9777
x-xss-protection: 0
server: cafe
etag: 12512753850102923420
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 01 May 2022 13:13:36 GMT

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame 4BD1 1 KB
1 KB 494ms
99ms Script
text/javascript 69.174.120.29
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=67&ttfrms=24&brid=3&brver=100.0.4896.75&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau%3B2%5DAC%40%3B64EF%3F56CDE%40%405%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTau%3B2%5DAC%40%3B64EF%3F56CDE%40%405%5D4%40%3ETar9EEADTbpTauTau3hc3%60fd4c6dfec%606a5dc3%60_27fa27562%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTau%3B2%5DAC%40%3B64EF%3F56CDE%40%405%5D4%40%3ETaufcc%5CH%5CD%5C2%5C5%5C2%3F5%5C2CC%40H%5C%3C6JD%5C2C6%5CDH%3AE4965%5C%3A%3F%5CH%3A%3F5%40HD%5C%60_&srcurlD=0&aUrlD=-1&ssl=https:&uid=1650201307079374&jsCallback=dvCallback_1650201307079303&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F100.0.4896.75%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=90&winw=728&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=2576&tgjsver=2576&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Fb94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&fcifrms=5&brh=2&sdf=2&dvp_epl=427&noc=4&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://ja.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0jpWJHJgk8h81oKFD0Kibph&DVP_DBM_1=3060631&DVP_DBM_2=24867963&DVP_DBM_3=15215464750&DVP_DBM_4=396404362&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1184590230446&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=588520331926.3439&dvp_tukv=585641682.9786801&dvp_uuid=219008976231.0444&dvp_strhd=0.2999992370605469&dvpx_strhd=0.2999992370605469&dvp_tuid=147415564618
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2576.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 69.174.120.29 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS: te4-0.cr1.lax1.us.packetexchange.net
Software: /
Resource Hash: 900a50da617d9c7eb1958addbfdfd14292d419eca86faaef62a54167a2c256cb

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 17 Apr 2022 13:15:07 GMT
Content-Encoding: br
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 04/16/2022 13:15:07

GET
H2 200 player86.css
cdn.onnetwork.tv/css/ Frame 6259 39 KB
9 KB 644ms
492ms Stylesheet
text/css 178.33.50.233
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onnetwork.tv/css/player86.css?s=1643493341
Requested by: Host: video.onnetwork.tv
URL: https://video.onnetwork.tv/embed.php?ext=optad
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.33.50.233 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w18.of.pl
Software: XO.webservantpro /
Resource Hash: af8552f8f89335283643dba9dabc3d9827c15c4635a2eb9a3041d0ee0329a115

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: public
date: Sun, 17 Apr 2022 13:15:07 GMT
content-encoding: gzip
last-modified: Sat, 29 Jan 2022 21:55:41 GMT
server: XO.webservantpro
etag: W/"61f5b7dd-9cab"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=17280000, public
expires: Thu, 03 Nov 2022 13:15:07 GMT

GET
H2 200 general.css
cdn.onnetwork.tv/css/websites/optad/ Frame 6259 616 B
466 B 644ms
492ms Stylesheet
text/css 178.33.50.233
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onnetwork.tv/css/websites/optad/general.css
Requested by: Host: video.onnetwork.tv
URL: https://video.onnetwork.tv/embed.php?ext=optad
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.33.50.233 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w18.of.pl
Software: XO.webservantpro /
Resource Hash: 60e70619e42d5f5a364383d83867d95a84d0133e43b3cd2bc78942eb468c7d4e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: public
date: Sun, 17 Apr 2022 13:15:07 GMT
content-encoding: gzip
last-modified: Sun, 27 Mar 2022 07:49:33 GMT
server: XO.webservantpro
etag: W/"6240170d-268"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=17280000, public
expires: Thu, 03 Nov 2022 13:15:07 GMT

GET
H2 200 adblock_notify.js Show response
cdn.onnetwork.tv/js/ Frame 6259 25 B
338 B 644ms
493ms Script
application/javascript 178.33.50.233
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onnetwork.tv/js/adblock_notify.js?s=1650201306
Requested by: Host: video.onnetwork.tv
URL: https://video.onnetwork.tv/embed.php?ext=optad
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.33.50.233 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w18.of.pl
Software: XO.webservantpro /
Resource Hash: 8e36050b3d955a749259f62d6472e17d21f1f92e8248aa28089549f22baaa4a6

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: public
date: Sun, 17 Apr 2022 13:15:07 GMT
content-encoding: gzip
last-modified: Tue, 18 Aug 2020 15:40:09 GMT
server: XO.webservantpro
etag: W/"5f3bf659-19"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=17280000, public
expires: Thu, 03 Nov 2022 13:15:07 GMT

GET
H2 200 gpt_proxy.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 6259 85 KB
31 KB 45ms
4ms Script
text/javascript 2404:6800:4004:826::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/gpt_proxy.js

Requested by

Host: video.onnetwork.tv
URL: https://video.onnetwork.tv/embed.php?ext=optad

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d7cd7f9e1951cabf780b0e5d5bdbe15f69c596ca7e899529a37593faada09d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:01:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 817
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31532
x-xss-protection: 0
last-modified: Thu, 14 Apr 2022 23:47:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=900
accept-ranges: bytes
expires: Sun, 17 Apr 2022 13:16:30 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 6259 376 KB
126 KB 109ms
69ms Script
text/javascript 2404:6800:4004:826::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: video.onnetwork.tv
URL: https://video.onnetwork.tv/embed.php?ext=optad

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3da958535a6188b8270a226a4602561a9e6bcc0fe31a5b7ce735b84de07226a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:15:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 128424
x-xss-protection: 0
expires: Sun, 17 Apr 2022 13:15:07 GMT

GET
H3 200 hls.min.js Show response
cdn.jsdelivr.net/npm/hls.js@1.1.3/dist/ Frame 6259 315 KB
93 KB 43ms
37ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/hls.js@1.1.3/dist/hls.min.js

Requested by

Host: video.onnetwork.tv
URL: https://video.onnetwork.tv/embed.php?ext=optad

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

920230cba1a6e09330a6cc76c634c78e547fcf67b7a9cc03213dde43ceea0baa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:15:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2346799
x-jsd-version: 1.1.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19183-FRA, cache-tyo11980-TYO
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"4eaf2-/CwIB8b0ZgFLVgmQTHnomAXuiz4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8TWVeoWaXmWAgKx%2BdMP55FiTL7a0wM%2Byh88oXn2P4Hc9RgiQXsZd4LcxuZ7JPCWp1dH3mAMQD0d7SjxWHnGshxHEEk7nXbRHMgYoi6WoWC%2FcGzJhrbCL9%2FOMw5OvPb3Uat4slWbCNawlg0ZC1%2Bg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6fd56d796c3b80d5-NRT

GET
H2 200 player86.js Show response
cdn.onnetwork.tv/js/ Frame 6259 101 KB
27 KB 644ms
494ms Script
application/javascript 178.33.50.233
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onnetwork.tv/js/player86.js?s=1648655722
Requested by: Host: video.onnetwork.tv
URL: https://video.onnetwork.tv/embed.php?ext=optad
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.33.50.233 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w18.of.pl
Software: XO.webservantpro /
Resource Hash: 66d43b103ba75ab7e829c4c7b4eb129f51c64fc268ce3b3d753458daae5b622b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: public
date: Sun, 17 Apr 2022 13:15:07 GMT
content-encoding: gzip
last-modified: Wed, 30 Mar 2022 15:55:22 GMT
server: XO.webservantpro
etag: W/"62447d6a-194e0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=17280000, public
expires: Thu, 03 Nov 2022 13:15:07 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5B20 0
26 B 79ms
44ms Ping
image/gif 172.217.175.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.175.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s21-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 17 Apr 2022 13:15:07 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 4781 41 KB
15 KB 3ms
2ms Script
text/javascript 2404:6800:4004:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com
URL: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:808::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 02:11:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 299003
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Apr 2023 02:11:44 GMT

GET
DATA 200
OK truncated
/ Frame 4781 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7d988696e4a36e0ce7af2d5b5d6b5a08c7aab35f718cdb596d76cba61bfaad6e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 vpisqv54s.js Show response
cdn.krxd.net/controltag/ Frame 4781 9 KB
3 KB 20ms
5ms Script
text/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/vpisqv54s.js?campaignid=26702175&advertiserid=9822641&placementid=329848748&adid=522065515&creativeid=167551254&siteid=6398920
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 251442df8a82e08bba7c62f7f42567fc2c12b9ec729c361ff713844d91188cb3

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Sun, 17 Apr 2022 13:15:07 GMT
via: 1.1 varnish, 1.1 varnish
age: 985
x-cache: MISS, HIT, HIT
x-app-cache: HIT
x-age: 0
content-encoding: gzip
content-length: 3300
x-served-by: config-service-a001-ash-prod.krxd.net, cache-iad-kcgs7200021-IAD, cache-hnd18735-HND
x-response-time: 0
x-do-esi: esi
x-timer: S1650201307.195741,VS0,VE1
etag: "e2fb73a8d47250a2ff453b0fb6b6f07277bb6cb4"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 1, 1

GET
H2 200 vo30wa36j.js Show response
cdn.krxd.net/controltag/ Frame 4781 9 KB
4 KB 20ms
5ms Script
text/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/vo30wa36j.js?campaignid=26702175&advertiserid=9822641&placementid=329848748&adid=522065515&creativeid=167551254&siteid=6398920
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: fec591f247e2ff06efc12644e3401ae42e5061c229b9cb5b8556c9ef99123c07

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Sun, 17 Apr 2022 13:15:07 GMT
via: 1.1 varnish, 1.1 varnish
age: 985
x-cache: MISS, HIT, HIT
x-app-cache: HIT
x-age: 0
content-encoding: gzip
content-length: 3320
x-served-by: config-service-a004-ash-prod.krxd.net, cache-iad-kiad7000123-IAD, cache-hnd18735-HND
x-response-time: 0
x-do-esi: esi
x-timer: S1650201307.195801,VS0,VE1
etag: "cfffd1a5cc025c6187b5e1fba6f4bdd671658dd4"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 1, 1

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/15328689055919431265/1000XM4_mar_300x250/ Frame 9EFC 66 KB
18 KB 61ms
10ms Document
text/html 2404:6800:400a:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15328689055919431265/1000XM4_mar_300x250/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400a:80e::2006 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60e06dfc2f3b55c5524137bf065e351d41c821f63749aff3b99a450e750cc6b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 453520
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 18147
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 12 Apr 2022 07:16:27 GMT
expires: Wed, 12 Apr 2023 07:16:27 GMT
last-modified: Mon, 28 Feb 2022 11:31:41 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4781 0
27 B 48ms
47ms Ping
image/gif 172.217.175.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvJnFN2tcDMwFcg3skoEVpeb5ETw19pPDD05YBimMNYlttJDpdRpyg0fSKtodXjBwQaI-UIjFE9SHRI09LOM_18oSWpstcdoCnXt4fBLZB5fusImOYEWpREMzRevCGBoQtPz2CJEytRalXQIqTMFwFeB94jSNuHnqON6NfxMfsKD5EGGXlgZ6zTEaHaJs2Rx6DIw_eaLypKr9Ezh2iDFv2-ZePuIjtgaFYyDSth9GHB9kzz6I0N38jW40MnuJC4WheStdQ7KpFGaUm-BSCPtdLV2cc-5LH1urdIkCZcpm_ZJ262AUj9LtRrhLM4ecOX_DCOeVKmkjLSKhpqI1sFL5YsP7FCrHeeUyafX97zRYxfvao1nqUeMyRkwykHxZrwixR27nCbYB0ZTiSsTYUDBCp0ZSM1ypFxF6vc21nqL6psouwvBryX1hBssfKI9RzGoDr2aSZz0a-eSg_-FfUy4tddE8KjXnf4ulmoHvs2UfAknwBUc8UG-_ywdjfJ7XsMEku6_390H98ghkukCzFJaJQ5zp9os_1DEde6NW4Ka8V6Pvymwn5jNdMzQAusNaPc4nmIy0Jis_8nSjS080uL2qxaj15AfiXAKu06u5aClt1t9kJ5GnudnkVqL73NRwUfb3E1A4khqd9nR00M51E0uEupA13fYWuboa7Lio8wmFYi0mzEGTa9IdVTXE-cuHpP8vkckPhe6wjIpVp8yAAXGYEqguhhKB-hggTl2oDKJ7ag5IxV1O76WqUj7PIuTBWxAYbSBTZYSXvOW4NBFQylOlUpaFtJNgDbRm2-KRHA2rkV8hcpvvC5z9R2x0loULG8vfAcuTttBizvqkctTANCqyTA13dJG9eqxjsOHTzfspt-cvaXisscU2VOkQAJFqfLrcvtEb0mLX6m32RQW8WFviUi3GPaTpvdsQSTQ9-Z_9M5DR-mptBTkQPfnjLGxifHVrnopQrm_TkA21IA-8QY89MXfFwglaoM1x-p8fHR5o-hT9jkngtFRes3SjtoYwUt0JcqquQrGtlyquxuy77lyF8V_10t6M0dpQSG3V_jWioezImBgsh91tO4qebXat0NGyBs_CJyVp5OPJ3ND1ogmf-mJYsxuRmsJOQryJ3TwrljV2lS8q8NLKtwwDiyXMP8jT9D5c6VQ6Zlwh93gy-aVw-IZrZxO2V2yZq5azEY0EJmUAZq5l1MDKKsl-C9L8edSkk2Dn0NNaUUPXyWMPRkTIATe3riy88Iui_kitHCo6Qksh0OjtJXoEpqCGnL&sai=AMfl-YTW33U0ZgyWcYWmgonF5Psc5EOM0B7-OIi6Mb-ofZkvLtOs2IZVhO8EpEy-c1mc60r7ZeX6NvT9WFqBbZB-BfzUSmbJ7HrNM01UG3g_GsSp2pe8kxaVMga8wNnbDy0p6cNpJGIuKfHz6xKek0DMph_dR02avd-gdDQTLuWbp8_WAlvJPCkVnOaY9U5GjVv17_Cx9Lf0gwl8N2CmYFcBVN7qmruH_nKkcHN5lL3-mJBE&sig=Cg0ArKJSzPf0AogZ-xVAEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=131&cbvp=1&cstd=129&cisv=r20220413.47925&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: ja.projectunderstood.com
URL: https://ja.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.175.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s21-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Sun, 17 Apr 2022 13:15:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 6FB0 22 KB
8 KB 4ms
3ms Document
text/html 2404:6800:4004:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:808::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 165647
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 15 Apr 2022 15:14:20 GMT
expires: Sat, 15 Apr 2023 15:14:20 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 5B20 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01f6149123a63544bc6137a864cb3aaf6e448757f62f89c160c50e6f7026e6bb

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 notify Show response
ssp.wp.pl/bidder/ 0
15 B 291ms
290ms XHR
text/plain 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/notify
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.8.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.projectunderstood.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://ja.projectunderstood.com
date: Sun, 17 Apr 2022 13:15:08 GMT
access-control-allow-credentials: true
server: nginx
vary: Origin

OPTIONS
H2 204 notify
ssp.wp.pl/bidder/ Frame 0
0 675ms
290ms Preflight 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/notify
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://ja.projectunderstood.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization, origin, x-requested-with, cookie, content-type, accept-ch
access-control-allow-methods: POST,GET,OPTIONS
access-control-allow-origin: https://ja.projectunderstood.com
access-control-max-age: 86400
date: Sun, 17 Apr 2022 13:15:07 GMT
server: nginx
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers

GET
H2 200 controltag.js.f5d7048d3841bccb4f5d92333c20b066 Show response
cdn.krxd.net/ctjs/ Frame 4781 259 KB
83 KB 2ms
1ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.f5d7048d3841bccb4f5d92333c20b066
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/vpisqv54s.js?campaignid=26702175&advertiserid=9822641&placementid=329848748&adid=522065515&creativeid=167551254&siteid=6398920
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c22fbbe4bf63288095e3c83d2858a1f4b65b1acdc77ac28785824b184953f0d4

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date: Sun, 17 Apr 2022 13:15:07 GMT
content-encoding: gzip
age: 1386709
x-amz-server-side-encryption: AES256
x-cache: HIT
x-cache-hits: 217729
content-length: 84741
x-served-by: cache-hnd18735-HND
last-modified: Fri, 01 Apr 2022 11:47:20 GMT
x-timer: S1650201307.223073,VS0,VE0
etag: "f5d7048d3841bccb4f5d92333c20b066"
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=315360000
accept-ranges: bytes
expires: Mon, 29 Mar 2032 11:47:19 GMT

GET
H3 200 k-Lxrj_3cR5KhrMTVpzAVOH1CgwXrUvkekFpn42ZeoQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 6FB0 35 KB
13 KB 5ms
5ms Script
text/javascript 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/k-Lxrj_3cR5KhrMTVpzAVOH1CgwXrUvkekFpn42ZeoQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93e2f1ae3ff7711e4a86b313569cc054e1f50a0c17ad4be47a41699f8d997a84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 05:43:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 372714
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13613
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Apr 2023 05:43:13 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CB71 0
20 B 44ms
43ms Image
image/gif 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BW5t72hJcYp3qNtWT8ALfvLLoCwAAAAA4AeAEAg&bg=!oKOlo-fNAAZvJBiFTyQ7ACkAdvg8Wi5E9opgvKUgWi7XW1Uqz-nBUmGkiZOOTC_Fy-3zDnVTYD96fAIAAACxUgAAAAFoAQeZAvDwqeSoNeqratHTwJmYaCxFaHXYTUakYYCSouo7Lrl-BUE09Qf8M1ZeLqAo4Wnr5BK7qmnEjG97rpJwrPcFMe-wieEiGDa-BZkFaL2SZaBOgr5SlnkKT1NcowZ_rKPrIoxqLGzw-HFy03zy0Y6cmrSy-OGjGIAto-jVic5MwVVq_ueC9WXOLIIqyToDe2f3TEeq4H-jY2AV7QHo6fmRcA9kQYDLkdJvvnHHhR9Q3q_QyF_XAPU3GdkbvFJ_4Ql2v1mW2MzEYBMxGt2Uz5BVraZQ99V-O5hxuUmn8EK33w9vcO7teJGa4TdLshzoV2ajPcNgMAqT4lDjHsktJfV61M63th1lqKmcnNb6KhP40dFJmz3v9YKhs0s_r3nO7qNQZ661Y2W9qUaueybxfNTpTniBaerhYmPmLTCvUU0JeN4CQWoIMDe6OdplDOFa38qG_5cK0XtSidsDvKMysPjwO_XAGMBMpW4EoOhQsszK7_nHQ7GweWO59h3jXQlbV2iRBrkXRWfIIO8iYhxUPheCZPCAYj3t4qUBpUUf9bRVuB1qLnv1v5HiIippF1iedhkdByon1bvQUKWFsH4V3w4WrJFFAh0c9mwyc0xjo7_5-3vKiLQ0idgJq-wVwxPrvwA4_kajIuG2cF8w_2Ucm_-NWLiHK4rsAujHij1Dt-peUzqgdUJ53Xdmo-9pA_4lriX7OR0TpMbyHXAFjzOR5zYiruqiwTnnF2ivrDhAQ5XA28ywbB5bQR77yZHsSwF0mD_13twG2DT0A_XrSC-2Xqi_skMuYZscBuIP-SBu_janpgoAZyjfTXMIIuvt3rSobwmclcjc3ljogw4ucz1a7D095B9CFJTmxWHCmvrpTM_bHEY58mkUbFWziMSa57HhTgHzjLIhZOCriWUGtWwpqUeYFJjcR9bh86SaeeQ7t2TAHDQqOXd4Rj6JRAqRYV5vNJt5w_jLGY7iSVblzMM5uqu7174aGY_EcjA7NOuOLfihzNsQrQ

Requested by

Host: b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com
URL: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Apr 2022 13:15:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 ad_impression.gif
beacon.krxd.net/ Frame 4781 0
337 B 535ms
129ms Image
text/plain 54.69.75.135
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/ad_impression.gif?campaignid=26702175&advertiserid=9822641&placementid=329848748&adid=522065515&creativeid=167551254&siteid=6398920&url=https%3A%2F%2Fbeacon.krxd.net%2Fad_impression.gif&_kpid=e67bf852-690e-43c6-ab85-19a05c0f44e3&confid=vo30wa36j
Requested by: Host: b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com
URL: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.69.75.135 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-69-75-135.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:15:07 GMT
cache-control: private, no-cache, no-store
x-request-time: D=56 t=1650201307
x-served-by: beacon-n010-pdx-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 204 ad_impression.gif
beacon.krxd.net/ Frame 4781 0
336 B 529ms
129ms Image
text/plain 54.69.75.135
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/ad_impression.gif?campaignid=26702175&advertiserid=9822641&placementid=329848748&adid=522065515&creativeid=167551254&siteid=6398920&url=https%3A%2F%2Fbeacon.krxd.net%2Fad_impression.gif&_kpid=e67bf852-690e-43c6-ab85-19a05c0f44e3&confid=vpisqv54s
Requested by: Host: b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com
URL: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.69.75.135 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-69-75-135.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:15:07 GMT
cache-control: private, no-cache, no-store
x-request-time: D=78 t=1650201307
x-served-by: beacon-n011-pdx-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 9EFC 29 KB
10 KB 10ms
10ms Script
text/javascript 2404:6800:400a:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15328689055919431265/1000XM4_mar_300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400a:80e::2006 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15328689055919431265/1000XM4_mar_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 20:24:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60622
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 17 Apr 2022 20:24:45 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4781 0
26 B 42ms
41ms Ping
image/gif 172.217.175.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvJnFN2tcDMwFcg3skoEVpeb5ETw19pPDD05YBimMNYlttJDpdRpyg0fSKtodXjBwQaI-UIjFE9SHRI09LOM_18oSWpstcdoCnXt4fBLZB5fusImOYEWpREMzRevCGBoQtPz2CJEytRalXQIqTMFwFeB94jSNuHnqON6NfxMfsKD5EGGXlgZ6zTEaHaJs2Rx6DIw_eaLypKr9Ezh2iDFv2-ZePuIjtgaFYyDSth9GHB9kzz6I0N38jW40MnuJC4WheStdQ7KpFGaUm-BSCPtdLV2cc-5LH1urdIkCZcpm_ZJ262AUj9LtRrhLM4ecOX_DCOeVKmkjLSKhpqI1sFL5YsP7FCrHeeUyafX97zRYxfvao1nqUeMyRkwykHxZrwixR27nCbYB0ZTiSsTYUDBCp0ZSM1ypFxF6vc21nqL6psouwvBryX1hBssfKI9RzGoDr2aSZz0a-eSg_-FfUy4tddE8KjXnf4ulmoHvs2UfAknwBUc8UG-_ywdjfJ7XsMEku6_390H98ghkukCzFJaJQ5zp9os_1DEde6NW4Ka8V6Pvymwn5jNdMzQAusNaPc4nmIy0Jis_8nSjS080uL2qxaj15AfiXAKu06u5aClt1t9kJ5GnudnkVqL73NRwUfb3E1A4khqd9nR00M51E0uEupA13fYWuboa7Lio8wmFYi0mzEGTa9IdVTXE-cuHpP8vkckPhe6wjIpVp8yAAXGYEqguhhKB-hggTl2oDKJ7ag5IxV1O76WqUj7PIuTBWxAYbSBTZYSXvOW4NBFQylOlUpaFtJNgDbRm2-KRHA2rkV8hcpvvC5z9R2x0loULG8vfAcuTttBizvqkctTANCqyTA13dJG9eqxjsOHTzfspt-cvaXisscU2VOkQAJFqfLrcvtEb0mLX6m32RQW8WFviUi3GPaTpvdsQSTQ9-Z_9M5DR-mptBTkQPfnjLGxifHVrnopQrm_TkA21IA-8QY89MXfFwglaoM1x-p8fHR5o-hT9jkngtFRes3SjtoYwUt0JcqquQrGtlyquxuy77lyF8V_10t6M0dpQSG3V_jWioezImBgsh91tO4qebXat0NGyBs_CJyVp5OPJ3ND1ogmf-mJYsxuRmsJOQryJ3TwrljV2lS8q8NLKtwwDiyXMP8jT9D5c6VQ6Zlwh93gy-aVw-IZrZxO2V2yZq5azEY0EJmUAZq5l1MDKKsl-C9L8edSkk2Dn0NNaUUPXyWMPRkTIATe3riy88Iui_kitHCo6Qksh0OjtJXoEpqCGnL&sai=AMfl-YTW33U0ZgyWcYWmgonF5Psc5EOM0B7-OIi6Mb-ofZkvLtOs2IZVhO8EpEy-c1mc60r7ZeX6NvT9WFqBbZB-BfzUSmbJ7HrNM01UG3g_GsSp2pe8kxaVMga8wNnbDy0p6cNpJGIuKfHz6xKek0DMph_dR02avd-gdDQTLuWbp8_WAlvJPCkVnOaY9U5GjVv17_Cx9Lf0gwl8N2CmYFcBVN7qmruH_nKkcHN5lL3-mJBE&sig=Cg0ArKJSzPf0AogZ-xVAEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=253&vt=11&dtpt=122&dett=3&cstd=129&cisv=r20220413.47925&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: ja.projectunderstood.com
URL: https://ja.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.175.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s21-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 17 Apr 2022 13:15:07 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 e67bf852-690e-43c6-ab85-19a05c0f44e3 Show response
consumer.krxd.net/consent/get/ Frame 4781 238 B
434 B 162ms
149ms Script
text/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/e67bf852-690e-43c6-ab85-19a05c0f44e3?idt=device&dt=kxcookie&callback=Krux.ns._default.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.f5d7048d3841bccb4f5d92333c20b066
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: fcf177cbbaaa5b5caebd057dbe318be96b511e76ff82b983f2fdc907607224f5

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:15:07 GMT
via: 1.1 varnish
age: 0
x-served-by: consumer-a008-pdx-prod.krxd.net, cache-nrt18322-NRT
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1650201307.328481,VS0,VE144
content-length: 195
x-cache-hits: 0, 0

GET
H3 200 03.jpg
s0.2mdn.net/sadbundle/15328689055919431265/1000XM4_mar_300x250/ Frame 9EFC 33 KB
33 KB 10ms
10ms Image
image/jpeg 2404:6800:400a:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15328689055919431265/1000XM4_mar_300x250/03.jpg

Requested by

Host: b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com
URL: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400a:80e::2006 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c197aed4b4952c61d48852a91b32d10a1786e706a5bf6e02cbcc8eaf0f47313

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15328689055919431265/1000XM4_mar_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 07:16:27 GMT
x-content-type-options: nosniff
age: 453520
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33909
x-xss-protection: 0
last-modified: Mon, 28 Feb 2022 11:31:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 12 Apr 2023 07:16:27 GMT

GET
H3 200 02.jpg
s0.2mdn.net/sadbundle/15328689055919431265/1000XM4_mar_300x250/ Frame 9EFC 31 KB
31 KB 19ms
19ms Image
image/jpeg 2404:6800:400a:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15328689055919431265/1000XM4_mar_300x250/02.jpg

Requested by

Host: b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com
URL: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400a:80e::2006 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55fd23717a71e51718d8348d519dd7e8a91e386713ee5d7bccf13ffd08170e05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15328689055919431265/1000XM4_mar_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 07:16:27 GMT
x-content-type-options: nosniff
age: 453520
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31673
x-xss-protection: 0
last-modified: Mon, 28 Feb 2022 11:31:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 12 Apr 2023 07:16:27 GMT

GET
H3 200 01.jpg
s0.2mdn.net/sadbundle/15328689055919431265/1000XM4_mar_300x250/ Frame 9EFC 36 KB
36 KB 16ms
16ms Image
image/jpeg 2404:6800:400a:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15328689055919431265/1000XM4_mar_300x250/01.jpg

Requested by

Host: b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com
URL: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400a:80e::2006 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

077f1a8a9da5dcbc4e3a92c0e69685c48245d06a771bea49562e42ab15e079b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15328689055919431265/1000XM4_mar_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 07:16:27 GMT
x-content-type-options: nosniff
age: 453520
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36457
x-xss-protection: 0
last-modified: Mon, 28 Feb 2022 11:31:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 12 Apr 2023 07:16:27 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6FB0 0
20 B 40ms
40ms Image
image/gif 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BIetE2hJcYvf6O8WZ2wSv4qvoCwAAAAA4AeAEAg&bg=!R0SlRADNAAZvJBiFTyQ7ACkAdvg8Wm4XtGZf_YnpHW9zT962tFuciKT49_OMgbmbyJw0UhXwxcov3AIAAABkUgAAAAJoAQcKAE5Kp9SbIunDcpaMvaWlK5PfpYVgBJphKalEN8iKYW2kVElp6cHHTvrk3b-qXMbSWGaoLbgv7UBcT2UdFygMbl7diEJQ8wvAQvdeOFeE60uZAvBBPfwksqgmk24aAZKUxz2WRX7JUF2piPzWohB-FohKUGqmUytaMOsXrxKVnNG0ufYtjqBwqn88l0FwTxTUoOdgHeGMak_9q85T80MXcFbv9tTC4XbMrJSsnSYI3bxiphZBlJxUJHMoqp7V5D2rOyC3df8zGHK8D3UPDOckWjXKMgkrSARY3g7xtDFeS-UPdcj7eIO-9HKrl_VMR5ck-b8_TdzDfq-zuZYKCGHfbFvrSOqAQU5T4QU3jlYvhRZXBJChRGqMfQkrEm8k76wJUpMYXLGge_8wBk4cnpnZb8lNeX-TpRMno9KUDXGR8YsaRy6YbTrE0ilBEtqm28m8psiXF9mgpAydUu7avzteLbFpNVO1YyM2ud9FoJeQDBVLy-yqhZuNB8sQzGiT0CQ1RXOE1ZgFfj-BhMYU3pV89oON9Qb81vY-uhYBxxt7CSJBaL7_hYbvv0cJDf_AUkSgy0ZGpfCuTb18j3u-NEQnv4skX0gvDq73LtyQoC0p8VeW-_IGYTL99hwUBNGaHr2210eOx8TY51nJhIKIwwkIFkuDqXxmdFE9_1J3kseR-PIe8AuI2Qe3g9sG1oobLKcw3QUPKLIdzN--WaeolhDt5ElRiEwrSyu5B7pfbReG_84q11BpoNvQay0wL4umi-EPFPVK3U0ggjFdqwias9W9wwtYb27qVkTUDIZ0Fyry43CM2B7G8Q_YKK6xOCCuNxCpDRr5KCe1nDAzU6lQ3f3MQdHa63PefaVg00lu2YuI-aDlUU5Der3kfhhzSKu7mcBol0XaoZ6jBHM17FXcdXdunqGmsOX_z9kPJoYBFy-Isugv_ILs6cndREFEFOKDjpOX2oM4ccQbtEbUkFOJ6dfCz2gI20mP1BcVGnwovp3pRF7IEtGxrJEmjaiDCPAmxZ2O6kD4WatXAaz7ontAORPmQVZZPCP2m3_fYsOpFEb4-xknol9zBN20VcyBGqvh08UYjzGyASFtdxyLbeTuqi3ruQE5fA

Requested by

Host: b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com
URL: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Apr 2022 13:15:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame AA5E 6 KB
3 KB 10ms
9ms Document
text/html 2404:6800:400a:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067132

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400a:804::2001 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.projectunderstood.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 17 Apr 2022 13:15:05 GMT
expires: Mon, 17 Apr 2023 13:15:05 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame AA5E 4 KB
634 B 79ms
42ms Stylesheet
text/css 2404:6800:4004:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com
URL: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 17 Apr 2022 11:53:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 17 Apr 2022 13:15:07 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 17 Apr 2022 13:15:07 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame CC43 6 KB
670 B 92ms
66ms Stylesheet
text/css 2404:6800:4004:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com
URL: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 17 Apr 2022 11:21:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 17 Apr 2022 13:15:07 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 17 Apr 2022 13:15:07 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame CC43 2 KB
904 B 5ms
5ms Script
text/javascript 2404:6800:4004:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com
URL: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:808::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:03:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 722
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 01 May 2022 13:03:05 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/ Frame CC43 19 KB
8 KB 6ms
5ms Script
text/javascript 2404:6800:4004:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/abg_lite_fy2019.js

Requested by

Host: b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com
URL: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:808::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:14:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8002
x-xss-protection: 0
server: cafe
etag: 5332015062585099865
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 01 May 2022 13:14:59 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame CC43 3 KB
1 KB 6ms
6ms Script
text/javascript 2404:6800:4004:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/window_focus_fy2019.js

Requested by

Host: b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com
URL: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:808::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:14:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 01 May 2022 13:14:39 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CC43 119 KB
36 KB 43ms
43ms Script
text/javascript 2404:6800:4004:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com
URL: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

708369fe8dc1fd8fce92d3a7078852bb50ba4ba1a1884b1358c3bf03e1670d50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:15:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36909
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1649897599747219"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 17 Apr 2022 13:15:07 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame CC43 15 KB
6 KB 6ms
6ms Script
text/javascript 2404:6800:4004:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com
URL: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:808::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:14:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6409
x-xss-protection: 0
server: cafe
etag: 15284592792851369840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 01 May 2022 13:14:06 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame CC43 0
0 74ms
36ms Image
text/html 2404:6800:4004:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQF2oL9vPHBWjE2xl16od_2gWTIOKcp1qlV5Pu8LgcRhin2nzQvCmA4wSyi4bER3-iwrlXZWZWIKrPQrW2pOIRygGHbHg
Requested by: Host: b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com
URL: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:810::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H2 200 fb084ba56019ecef1e967c41e75d05fd.js Show response
www.gstatic.com/mysidia/ Frame CC43 29 KB
12 KB 48ms
2ms Script
text/javascript 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fb084ba56019ecef1e967c41e75d05fd.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com
URL: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

320829d08d5e492bb1e0e2c49e7ddfe9a4d5c9f7ed57f4c1316914276450b4c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 05:42:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 286386
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11996
x-xss-protection: 0
last-modified: Wed, 13 Apr 2022 00:43:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 13 Jul 2022 05:42:01 GMT

GET
H3 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/elements/html/ Frame AA5E 19 KB
8 KB 5ms
5ms Script
text/javascript 2404:6800:4004:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com
URL: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:808::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1240106b570dda5fdb8cf5e703d20b1068194eb2f18795e20fa85fcb96108fdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 12:59:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 959
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 13275616604445095965
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 01 May 2022 12:59:08 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame AA5E 205 B
520 B 45ms
3ms Image
image/png 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com
URL: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 23:28:49 GMT
x-content-type-options: nosniff
age: 567978
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 10 Apr 2023 23:28:49 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame AA5E 604 B
696 B 45ms
3ms Image
image/png 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com
URL: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 19:32:05 GMT
x-content-type-options: nosniff
age: 236582
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 14 Apr 2023 19:32:05 GMT

GET
H3 200 container.html Show response
b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CCD9 6 KB
3 KB 10ms
9ms Document
text/html 2404:6800:400a:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067132

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400a:804::2001 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.projectunderstood.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 17 Apr 2022 13:15:05 GMT
expires: Mon, 17 Apr 2023 13:15:05 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 415A 256 B
174 B 40ms
39ms Document
text/html 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CIkCEMfclwEY84z8rgEwAQ&v=APEucNX841aC80MUh1-OGyMQjniJl8ws7AjaGCRyLbFbivICHrdSrPRC7yVacm3P2jFSyARSXq0xGSOPQ3ov00Y7dlRSk6V50Q

Requested by

Host: b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com
URL: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

cafe /

Resource Hash

02e390f500bf5776b062eef6a874e7b6380e46003d34c369ac0246e74900fc78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 151
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 17 Apr 2022 13:15:07 GMT
expires: Sun, 17 Apr 2022 13:15:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame CCD9 14 KB
10 KB 72ms
71ms Script
text/javascript 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CfTdeH4wsbtwvRB5XFePC1UHRexBYBCMqhY8NQlpmY-edGk6x5sRZ_oigT_38TUSD5-JFm2dWJYsCR0WHsrVLI6hIQKSkJcXlojSWvLQainKMiBrvH-ko7T69QhaoSO5oFg-AFbir-4_MOWeSiLElb3-SJUg&dbm_d=AKAmf-BoQMioL6dldWFsDdsmEwdXYF04mqtgznd0798c5ua86bfHgYwCiwwX2M4Nn22khX0WEu0inVabasnFfcpNQ5y2d_u4n0ZgFzhosKev2MTuyJlqfh4FnKlrG7NQ-lpMykX14lQzquck8nuMX6n6_-MPoYoeajSFXp9obQIr7z8L3f_KWBYI9TM0SunqprP1ZfjonUgfg3-612H44pU9altBd5s2Y-J3fyJqdSQ4feJAKR92fBtZ1UsxKaNlTCsFw-B47h0II-GqgZmeQ2rnY1-__8Xd2HIx5gGFVpLXPAnOVnH_Tghg1mF1xVMbwmZaPJSn2np1zO-iYR_khS2txy8tiNIt86YoVbBxIpNUfAjDsZIaC2WMYYqMvXj71bXkukFwGz7z7pZp-B1MESOFF0Lb3wRflMdSXTk_8ViG31COiyYf8Hs8VsV2tYQPYL8qZZOl4igOt3oRuRfWs0HEJUPudkDeJq0lqSoLSO10FTwvrcdRWyIgWsowLu_8X_w1eUDVu_Z3OnO0Pp86u2ICbuCDsESPeM33Pxht9bTd-Jiqk87scu_N5985Du5EnB5yLJ52Hg0hbvhZ7EjGjJfiGfVlqKdjtovqUIJ7SgYV0B9pcLaclhtcNrTwKMIRtqkpB4meIo5rQAnqp4ogGzrG3zC453iNp7xhP-qf_b0z-4Ib5b45U4WanbVYjB0tSLySdvjtBI0KZDqh5NboOeR8DPNewd8m9J7qcsQiu4UONF0syArr28Uz5KXOy0_a5rf4t8dFjlBFxEnTUeejcjGHzN7HfA8kkawJt_kmFl_OxiLmJvtdl8Gw5oZplMbEUlCFgggBkEAmLiT-LH865VGlCmwNdSSsbMaLrpjKNQ2jZNTBTIYucwUPWuiH6LC05shUMKrYHIxIPlY-b1Xbnb5rzGeF7Y5SEGuA3uh2hRh5sccdftgHgBM1SyxA3NVaRgPzwjiv0qNjaFJ-drjQuOtOdRi7CISc0psm8m0_knjnGUiTAokUXLaBGTWAa_1Tb9LqzUr4c3ewzUpEkJ2GLpAV6EL5CVFc4oT5asxeYwC2Z_JmA8hZ7WGX6du6t65wLKk1GzwiCIDVmyuAKrQ3bUwhHXA1YmMGZTmsbj1ZNtkiwdNYwfcZt9leEkJZktfziwK8X7cfW49KO1B7WTlspRQEzPmfFF_iuebC_I-PW7CjkMLmg80HtebnPEkpMkMvpwCff87AWBaIQPMwkzOLKiW6mqegzL7JlgTdAAtd10Tzb4CaNgCCB6l8y-IE-Z4_8zg0XcXemfsLhEle_K9IAh-jDDS8VQ18joCouO4fzHlX0qkOj36fbBwis_S0d4-_IhdhRsepe49OiSge3dID2k7U_a6PprK3_iQ26CNttB-PEZvNKWNERF2GxyIa4pdxNwqGHCOX0jUzIZh-avmYloaM9T_FhMZm6EPlD9wgsaeuN_oLc_yG75OJpAhuh56eO6TVHw3k7ErwGSPF_pdlKjSYWZ9CyxfDZG7pW3kJwZRJJ0YoudJqSeNJ4dNuInu-XguxuJsP5itYN53g1DvawJ9J_DEt2lKCWxyWr5wHIDUnwmPuj9YPN4QVLgGJqcjSGu5ZsFFBYdwfLpEFoF2wAj1fvT6Eoy4agHp_TeePI8R2z-goRlJz2R-4xBK_oCwvFviZL38w7YexlKUlp0K02Z9LSyA3Mg5EdJvIHDagRkx4WQXufVUd9SXpbfnLm8ZCO18NL1QriLdMIPS64RTxSE5JnQwjYy7GCyeMyivxvfXtxH2Xkheb1y41HF0oqc2iR6BvJCv33hsJ73zxCNWRBtnGgTCN20zIHEhH7GsbY4w6BWkgxEK3nPrDgRc2zD9WeMGHKy75ta-X8VUEEYQsWjwMd5Dql1ByKj9RIE2DXL0ccqFa9BMz5adGgi3BlM_CqYSNhZv7DVVu7CjHpvHmiDxKitPpgQDCf6ZhV2aT70YTkAuwwvEWktYKo70iWzOYctggbqN8-KGQZuL3U9RZ5cYzuQA_nrztokSD8ZgvXKp7T7RyeujPYPhziaz3wD8egMv0ztKo2mqGT7n7DBflpt7WXcgRGagWisKb_-2pvFWed6f4eJMWHLy61cfpjJZkPw2aA6Vg5yMDx88dgnewHqYbDYbGTYYH-85aBAcSqwPmwtt5ZCQ4_6AHvQ2kOlz3VBNxzmQwr1spNXTe59RJp6WV8skflpaZD5Hl52RfT9uCiKy8VU1ZzdgmrzUm4IspHX_xEbo5VOWpL01whRc7HT1fbFQuztBjIGZUCW3NXIYxyOYlTthvdGO1GDpPkIBLpv1p9pCzG_pYkfGmchNOiLr2rmLOunZ2aMymrF6y0Fwiz9-wwejzce9ad_JzroEkwUpWCZGLf3g55zHCprQE8elK2XtXuown-DbSO1bknjhfma4y9ZDmYwEt617zcISCI_1Xet0T6IwoqfiB0z1zhQVMPkaTZxK7l9WEj_dj5HJCJeUdDklLENKBqIt4x_QvT2YufRwt3RSGvgU2uvPD-zR1khAsz2yiXzbs0lw-RPBmuYGyYrRAl66l0SHBuCl3W80Qa2IoXB6CmDmu0pVqnsba7AF-OxbY3WaEitrUZb4WrBTi34r4ODLZNU_aM-kSqck7kpk8NQIZVVfzBs-6g7htIoJByO2j-jN0aUQXkIJwXZ9ZDaTDblKzkyxTi4HkjiW4PulahbCJs0uKsT-v3gk4N46AOYx1HQMIfcbCLwujY5ALhvTMiMB4yDqkB0rU9pR6W-clsyGtNg_QeSMRM6urwR2SPGoHwWf5q__AjmOEsUaFus__xbhUyV-x1PiYdsO6ZAfhbhrWn-OWL-DaCkVG85-S2cZm5nsREw8ownLUOLJHrmVtvzDAgD_xRX7_MB0gggepU6zD&cid=CAQSLQCNIrLM5HDmnFf9ySIGYO8RUtzjAl8YJmGmUNnrqxVimtWlevyHJ5AFC9PxPhgB&rfl=1%2Chttps%253A%252F%252Fja.projectunderstood.com%252F%240

Requested by

Host: ja.projectunderstood.com
URL: https://ja.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

cafe /

Resource Hash

131cf2c1b0214a0b495616b015e8c282b9dcb87578387a298dc0e1397b4557ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Apr 2022 13:15:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10680
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame CCD9 42 B
63 B 37ms
36ms Image
image/gif 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B3lKwb1vGi8Kd2z87aIBPjneVX4cSdkSra42w_ORVkOlElJjo26387Gp_ZTdwrHiwqTSCS8ZI3ofsRl4_tvJQ-qP8ZZ27Aw41e-VraBadseavE7_U

Requested by

Host: b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com
URL: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Apr 2022 13:15:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adj Show response
fw.adsafeprotected.com/rjss/bgd/743429/55636121/xbbe/creative/ Frame CCD9 239 KB
73 KB 411ms
7ms Script
application/javascript 54.65.22.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/bgd/743429/55636121/xbbe/creative/adj?p=APEucNUML_uRTeCyTJ_nn9xXD60bPUjwFKRPCh_ITMUJiPhuU-8ZlTw&d=CnkAoCZ_4OOQVQbKgsJ9rcbPBo1WdnEPb6T6ckIuVunupyVSiOPVMJSY9XbAiyCGYCPeTkifDGWgas4QM_SDeJwrIR9BjfJDruKLPgsQufcmfAGFVhs9GxZ2FcVd0vdbN_Dn7Ziu9tyIkr-F1YghYZRkmRnhjhhyZt6nEpkUAKAmf-DRoFT1yf81VxusRM3Xlva268PQWtY-nHnrzGSttuK88U6_qwFI6_dn8wFuy3_Jmq87qiuvHngJS9RhsPf0KP8WN8Ts-EOfd5shBIRZj_VAGV-D-oXACfZgEmGD8OVHHu65R1bPgKn-mrdQhfKDCssxKtUwlXfebTLr0oRSZxC2Qhwm3__IliQOmeIDYIJdweI_AxWZ8emo2gTjeDuNvZ-qSuQmNSWiD_Or3RJVhCWsdXfqjKRx2YHn2UQhwZRB_Nh_OyOnHuhW6KbbC8FGiax4DsBz_3tzBWlFMW0a11g4DrwZ28baBXl4srWbY9o11fGP7pX8kRmQ_26IR8hhc3675gyevxGM9Dqx95pI2ogOvaEb0pXTp_uVaIiOUq81P6tNpJZSWMitTBKX2hUirUIAGmAV8fHJ1-SGz1mvd436_0bbqxC6r0ambQjup3dnJDcoJPxBzsoLrdd5rUA_DnIaYUhasPn8wURv0tN-ZodFVoddHhaOcaKEfrudgZB0bKuIBa9uVgeY0erZs2nCta7FzG_lxsKn__Pp21XYnCc4PR9xRH0lNNX5vZH6Lk5w1LHQ9KLWjMfYVk_8IAqibpHkb3sKXkcQJrSN5kmG0B-p8MVPrmG8jjuk4P8jFZ7dy4n6H5r6sNJ2BPJkNt9HgJR7FIonlbdwg_y9r2B5BK_yPCRPzWOj29ikzdisP6hMhcs3UaHE9yYyDE4RJeibEJZBLtYH2OY7ubZ1M70VoHPlfSY-7exIONdlgbcDvqfCvkfdINDEPi2HcE1FrxVYejPhatovcCtPOfsWTKxbObSbg29dI1rlUryPbRX3-tgnvgJOEeGChl0vDzjBdfuOn3hQh6xdb-TQMPPrswRwG7b2xK3yMW2T6ziBLgWtAgqcUGJISKMSYMTEa4eLXfsV7BYk7E8N5or3IrocCJtJJm2XBvMPypexNSGnzmq4vtlSexmMwyMd6PXgR1x4JdsjBHxhL3udJ5L48EUBUpUxVlsgXjvFE58QoFRE42O10Bv6SLdeVABNiTei2DFVN9XnDGE56mOGjprCHgWGODeq25n2_xaWUt6MK8b3VXgnsvNcEen1ED_m4YKBTYvvmVJqaOaOo7OOGlI7tN7siz2_Ui76kv3CCAzQuS0Dt9ZAePcJNgIPiZT3pFxspklIIZL0_o6gqQimtZuwvI2ITvhk26vEMc277KKynDQwvM6SX3Zp7wcIS3u23Sy8KsL5SSMElpZRxM5DAALHprwFKiCFuHcorovI3wvsI5sO37nA1B26YVGWDEi3Essm2horVNp0vTPm7JdfrzvCghzfXaibHwraoGVyjWZXT550YuMXddblmvZBo-SAx8ISOeBt9Jh9f_ZZX28NFsYdX22rRi85n7vUa7vOCsp5Wp6PMz--701PDqYpQUZMS8lcuetvOh8FSpy4Gz7W0Aj3eBfY3Z0qEhHqEOOdJdhHvee06U5R0hJMTAHMNc6KQryFRE-SJiCZOP24KbtAomAPZ_xsccJ8UY3EgwJKhl0YNfU86mBPmjDFnIV2e6hD6Kzra_GC5mkofXT9ebpPKiQ1jfYh_QOpvhHxMuAfXYpOfmHOmMJm4x6yYC2iqgE5PbYuAXOrGfrjKcq4Mz62vnzx7PkKrzSxe6-uzK1C95DL_fdQ0Cf2S8weG32JgHZ5q16aRasOZolxAwgVuewG2AgTFQTVKf3PzBQmr7tb807zGLGj2QpwmPFYRQYXV4t4aN8lWdo3zv9yQgtm9W3hD7cOuB8F96yZicFhfdbEAdI_12CDyous7TCWiUojcYEt32SviZzHCeZRiEcbKoQ7N7GTUU4v4W_ZyHeJZI6y-6fWnSuc6GUF0Ah2DOc25LQStikfJbcJiMclQwPRLaWoPNWNMTqMg6aEa-mpVbN-zAwV843nOASCizt-bM5Ut_WbvuXX2lLvhhglUUvz7CjkqhS6lo3X5GS2wTRcfFbo85vX84lJ3cpNYDlLtnpob3krAslkP-iAyqTlPnpHbs4-_pzK7rkrSFqBHdeNbm1sGAPf0jw-ORuLCh7TNfWpyLDj6rwQBYRBkrXTXmDDLDetkCw0vqfBdc4Jn15OtNLOvIjlBKRu3j0EFBOd7UgiOYASgLXEdcvXUhn-YRh3u67M72cdp1iUBunfAWm__a9tDPW9C_OXOCE2LO2v-RKirR5ZuqhcfqUvAebW3ObSlDtVFnRx85jjkUa6GYnZMJAQK_tCt33HKQU8uJTTFncyxRkHj9bBVzyV0GBCGtO_j2sFpfoVe_3FBACN31ISoH9LXvh2kqUd-w59sOQKYvLijbhZ8bn4cBINtXDwPBSpbcATKAm8TUrrP_e7j5hauawGCHN2kULeVuhJ0m8oV6Yz7v5-gEcP_JTDMx9cUTc8uW7M6c-CHvTY4ulz_7yJFYtfHo5cDsozQHt_4uKrL-7Crci4YOUOiv7xHGJl5FAn0nPmEJwJK4-Gx64jJ8PYEawwrTlG8mZc-VbkPmFtj_QmeibtxyDS89qB7hMZL8o-TBUCjbBOCw2kgM6Pstr_aCCNJJhxx4O0wGndCg6rqHfWX7v8UVcMUV9d7eDUJqYj3-j2IS17CG-lHn70DIfJw_mFpinq9q3WmyOU_OUsftskRLiW0Qcj96z1uuu_UzTBwhsomDLW0LhP2qcGofnA2q8ZKSvLdJ0n1hSJDoNPImrgFMSD3vLIVSYaGGIEzPbR6SDOsnmuXyJ96zV1sq380EnBnysSIWxwg-OxDMnOcOWHxkP9q7m4Bc77VPLoioje3SHVnppKkK5DJextY-9A88j74h-wXfY7Ucp-s8nQGCseW56TelQBW1U-AoBAy2haWy9IDYkmFXkDPxN1p_7DDsUMnXrTLRLvV-DSbLsbECvSbLZ6F5okdR2c8hQCLeLqMADri9lG7gBFYzrRVfnmQepQEczSApA4PBcGWaXG0hcgFYGpf-EpKBgaR26LPfLopdRNFdE2ZrN7yhZLGzOvk0bozBw4bTtIe9pMs42hUfi7ztjE-WbPxXK2O-2_NPIRkpssh6plB2PA_p36nz0Rvln-serrDz59uaeh97L8zGPBpDH1XoR1TX78AWp8_pRM0jc0OtqERALtLWr8YrED46AYqKI-TE_Ew49X6XLF3V8piQGvyAWNEU6nU7ntDccSqeqVklLAXODRZF1Ks6RWnZqb-nHpUd_b0wC37uN6uTd7R50W8fWBd-zWDUnqhWazEBZQjdZN4UHTBMbYe228NTpRwu9f6cVtwcn0cbc18cVnxnCeeNWUb4WJCWRbe-pU7aHynAeHFs7UcmpgMqgd4VqvkNC0EzEoBZ9RBY952OP26fwOs4oCvMKo_u-PYeR1dQYnQIvrEV1Ec6-fFm_is0j5C00oPNxakTAmi9ogOB0EXnb2_lwsa3bDp2LOYbJ48RG7h_JJ7UfyXHm4rOo9onuyb_QaMwgEEi0AjSKyzORw5pxX_ckiBmDvEVLc4wJfGCZhplDZ66sVYprVpXr8hyeQBQvT8T4YAWAB
Requested by: Host: b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com
URL: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.65.22.229 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-65-22-229.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: 5c38077f83c98466a612085a7051a4325283b7f951a0b728943fb5ee540271c9

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Apr 2022 13:15:08 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame CCD9 3 KB
1 KB 4ms
3ms Script
text/javascript 2404:6800:4004:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/window_focus_fy2019.js

Requested by

Host: b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com
URL: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:808::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:14:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 01 May 2022 13:14:39 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame CCD9 15 KB
6 KB 4ms
3ms Script
text/javascript 2404:6800:4004:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com
URL: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:808::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:14:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6409
x-xss-protection: 0
server: cafe
etag: 15284592792851369840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 01 May 2022 13:14:06 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame CCD9 0
0 36ms
36ms Image
text/html 2404:6800:4004:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQKtvg-dTXklEcQD2KqHXEx1gac-bDEDVqAcPWDbplwypxL8JYAjEybzGS5M7O_9yBfJaOH
Requested by: Host: b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com
URL: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:810::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CCD9 119 KB
36 KB 68ms
67ms Script
text/javascript 2404:6800:4004:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com
URL: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

708369fe8dc1fd8fce92d3a7078852bb50ba4ba1a1884b1358c3bf03e1670d50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:15:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36909
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1649897599747219"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 17 Apr 2022 13:15:07 GMT

GET
H/1.1

200

beacon.gif
d7079319626924959602-t3650225182335709258.id.amgdgt.com/img/server/ Frame 415A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=turn_dmp&google_cm
https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI0MTMwODU4/rnd/?mpuid=CAESEIJd7vJknF_cy5XVqzHUq7g&google_cver=1
https://d7079319626924959602-t3650225182335709258.id.amgdgt.com/img/server/beacon.gif

43 B
283 B

368ms
92ms

Image
image/gif

50.116.239.150
TURN-US-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d7079319626924959602-t3650225182335709258.id.amgdgt.com/img/server/beacon.gif

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIkCEMfclwEY84z8rgEwAQ&v=APEucNX841aC80MUh1-OGyMQjniJl8ws7AjaGCRyLbFbivICHrdSrPRC7yVacm3P2jFSyARSXq0xGSOPQ3ov00Y7dlRSk6V50Q

Protocol

HTTP/1.1

Server

50.116.239.150 , United States, ASN6336 (TURN-US-ASN, US),

Reverse DNS

Software

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sun, 17 Apr 2022 13:15:07 GMT
Last-Modified: Sat, 15 Jan 2022 01:29:41 GMT
Accept-Ranges: bytes
ETag: W/"43-1642210181000"
Content-Length: 43
Strict-Transport-Security: max-age=15768000
Content-Type: image/gif

Redirect headers

location: https://d7079319626924959602-t3650225182335709258.id.amgdgt.com/img/server/beacon.gif
pragma: no-cache
date: Sun, 17 Apr 2022 13:15:07 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

sync
partners.tremorhub.com/ Frame 415A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm
https://partners.tremorhub.com/sync?UIGL=CAESED7KbBHNBuuLvIbYqpjKUdQ&google_cver=1

43 B
183 B

661ms
172ms

Image
image/gif

2600:1f18:612b:4216:25d9:1223:9f5d:e330
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UIGL=CAESED7KbBHNBuuLvIbYqpjKUdQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIkCEMfclwEY84z8rgEwAQ&v=APEucNX841aC80MUh1-OGyMQjniJl8ws7AjaGCRyLbFbivICHrdSrPRC7yVacm3P2jFSyARSXq0xGSOPQ3ov00Y7dlRSk6V50Q
Protocol: H2
Server: 2600:1f18:612b:4216:25d9:1223:9f5d:e330 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:15:08 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 17 Apr 2022 13:15:07 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://partners.tremorhub.com/sync?UIGL=CAESED7KbBHNBuuLvIbYqpjKUdQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 283
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 206 black.mp4
cdn.onnetwork.tv/img/ Frame 6259 3 KB
3 KB 247ms
246ms Media
video/mp4 178.33.50.233
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onnetwork.tv/img/black.mp4
Requested by: Host: ja.projectunderstood.com
URL: https://ja.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.33.50.233 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w18.of.pl
Software: XO.webservantpro /
Resource Hash: 33e364012a7b1d72169cfaa7f2b3cda202b016e6e926577739b8bd9b3b61680c

Request headers

Referer: https://ja.projectunderstood.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Range: bytes=0-

Response headers

pragma: public
date: Sun, 17 Apr 2022 13:15:07 GMT
last-modified: Mon, 19 Mar 2018 19:13:39 GMT
server: XO.webservantpro
access-control-allow-origin: *
etag: "5ab00be3-ab3"
access-control-allow-methods: GET, POST, OPTIONS
content-type: video/mp4
Content-Range: bytes 0-2738/2739
cache-control: max-age=17280000, public
Content-Length: 2739
expires: Thu, 03 Nov 2022 13:15:07 GMT

GET
H2 200 optout_check Show response
beacon.krxd.net/ Frame 4781 62 B
220 B 129ms
129ms Script
text/javascript 54.69.75.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/optout_check?callback=Krux.ns._default.kxjsonp_optOutCheck
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.f5d7048d3841bccb4f5d92333c20b066
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.69.75.135 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-69-75-135.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 9809085b9cca779ef02ad8dee06b80d1708ef1f09b5f00939b03e97e1669f53b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:15:07 GMT
cache-control: private, max-age=0, s-max-age=0
x-request-time: D=30 t=1650201307
x-served-by: beacon-n008-pdx-prod.krxd.net
content-type: text/javascript

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame CCD9 41 KB
15 KB 3ms
3ms Script
text/javascript 2404:6800:4004:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CfTdeH4wsbtwvRB5XFePC1UHRexBYBCMqhY8NQlpmY-edGk6x5sRZ_oigT_38TUSD5-JFm2dWJYsCR0WHsrVLI6hIQKSkJcXlojSWvLQainKMiBrvH-ko7T69QhaoSO5oFg-AFbir-4_MOWeSiLElb3-SJUg&dbm_d=AKAmf-BoQMioL6dldWFsDdsmEwdXYF04mqtgznd0798c5ua86bfHgYwCiwwX2M4Nn22khX0WEu0inVabasnFfcpNQ5y2d_u4n0ZgFzhosKev2MTuyJlqfh4FnKlrG7NQ-lpMykX14lQzquck8nuMX6n6_-MPoYoeajSFXp9obQIr7z8L3f_KWBYI9TM0SunqprP1ZfjonUgfg3-612H44pU9altBd5s2Y-J3fyJqdSQ4feJAKR92fBtZ1UsxKaNlTCsFw-B47h0II-GqgZmeQ2rnY1-__8Xd2HIx5gGFVpLXPAnOVnH_Tghg1mF1xVMbwmZaPJSn2np1zO-iYR_khS2txy8tiNIt86YoVbBxIpNUfAjDsZIaC2WMYYqMvXj71bXkukFwGz7z7pZp-B1MESOFF0Lb3wRflMdSXTk_8ViG31COiyYf8Hs8VsV2tYQPYL8qZZOl4igOt3oRuRfWs0HEJUPudkDeJq0lqSoLSO10FTwvrcdRWyIgWsowLu_8X_w1eUDVu_Z3OnO0Pp86u2ICbuCDsESPeM33Pxht9bTd-Jiqk87scu_N5985Du5EnB5yLJ52Hg0hbvhZ7EjGjJfiGfVlqKdjtovqUIJ7SgYV0B9pcLaclhtcNrTwKMIRtqkpB4meIo5rQAnqp4ogGzrG3zC453iNp7xhP-qf_b0z-4Ib5b45U4WanbVYjB0tSLySdvjtBI0KZDqh5NboOeR8DPNewd8m9J7qcsQiu4UONF0syArr28Uz5KXOy0_a5rf4t8dFjlBFxEnTUeejcjGHzN7HfA8kkawJt_kmFl_OxiLmJvtdl8Gw5oZplMbEUlCFgggBkEAmLiT-LH865VGlCmwNdSSsbMaLrpjKNQ2jZNTBTIYucwUPWuiH6LC05shUMKrYHIxIPlY-b1Xbnb5rzGeF7Y5SEGuA3uh2hRh5sccdftgHgBM1SyxA3NVaRgPzwjiv0qNjaFJ-drjQuOtOdRi7CISc0psm8m0_knjnGUiTAokUXLaBGTWAa_1Tb9LqzUr4c3ewzUpEkJ2GLpAV6EL5CVFc4oT5asxeYwC2Z_JmA8hZ7WGX6du6t65wLKk1GzwiCIDVmyuAKrQ3bUwhHXA1YmMGZTmsbj1ZNtkiwdNYwfcZt9leEkJZktfziwK8X7cfW49KO1B7WTlspRQEzPmfFF_iuebC_I-PW7CjkMLmg80HtebnPEkpMkMvpwCff87AWBaIQPMwkzOLKiW6mqegzL7JlgTdAAtd10Tzb4CaNgCCB6l8y-IE-Z4_8zg0XcXemfsLhEle_K9IAh-jDDS8VQ18joCouO4fzHlX0qkOj36fbBwis_S0d4-_IhdhRsepe49OiSge3dID2k7U_a6PprK3_iQ26CNttB-PEZvNKWNERF2GxyIa4pdxNwqGHCOX0jUzIZh-avmYloaM9T_FhMZm6EPlD9wgsaeuN_oLc_yG75OJpAhuh56eO6TVHw3k7ErwGSPF_pdlKjSYWZ9CyxfDZG7pW3kJwZRJJ0YoudJqSeNJ4dNuInu-XguxuJsP5itYN53g1DvawJ9J_DEt2lKCWxyWr5wHIDUnwmPuj9YPN4QVLgGJqcjSGu5ZsFFBYdwfLpEFoF2wAj1fvT6Eoy4agHp_TeePI8R2z-goRlJz2R-4xBK_oCwvFviZL38w7YexlKUlp0K02Z9LSyA3Mg5EdJvIHDagRkx4WQXufVUd9SXpbfnLm8ZCO18NL1QriLdMIPS64RTxSE5JnQwjYy7GCyeMyivxvfXtxH2Xkheb1y41HF0oqc2iR6BvJCv33hsJ73zxCNWRBtnGgTCN20zIHEhH7GsbY4w6BWkgxEK3nPrDgRc2zD9WeMGHKy75ta-X8VUEEYQsWjwMd5Dql1ByKj9RIE2DXL0ccqFa9BMz5adGgi3BlM_CqYSNhZv7DVVu7CjHpvHmiDxKitPpgQDCf6ZhV2aT70YTkAuwwvEWktYKo70iWzOYctggbqN8-KGQZuL3U9RZ5cYzuQA_nrztokSD8ZgvXKp7T7RyeujPYPhziaz3wD8egMv0ztKo2mqGT7n7DBflpt7WXcgRGagWisKb_-2pvFWed6f4eJMWHLy61cfpjJZkPw2aA6Vg5yMDx88dgnewHqYbDYbGTYYH-85aBAcSqwPmwtt5ZCQ4_6AHvQ2kOlz3VBNxzmQwr1spNXTe59RJp6WV8skflpaZD5Hl52RfT9uCiKy8VU1ZzdgmrzUm4IspHX_xEbo5VOWpL01whRc7HT1fbFQuztBjIGZUCW3NXIYxyOYlTthvdGO1GDpPkIBLpv1p9pCzG_pYkfGmchNOiLr2rmLOunZ2aMymrF6y0Fwiz9-wwejzce9ad_JzroEkwUpWCZGLf3g55zHCprQE8elK2XtXuown-DbSO1bknjhfma4y9ZDmYwEt617zcISCI_1Xet0T6IwoqfiB0z1zhQVMPkaTZxK7l9WEj_dj5HJCJeUdDklLENKBqIt4x_QvT2YufRwt3RSGvgU2uvPD-zR1khAsz2yiXzbs0lw-RPBmuYGyYrRAl66l0SHBuCl3W80Qa2IoXB6CmDmu0pVqnsba7AF-OxbY3WaEitrUZb4WrBTi34r4ODLZNU_aM-kSqck7kpk8NQIZVVfzBs-6g7htIoJByO2j-jN0aUQXkIJwXZ9ZDaTDblKzkyxTi4HkjiW4PulahbCJs0uKsT-v3gk4N46AOYx1HQMIfcbCLwujY5ALhvTMiMB4yDqkB0rU9pR6W-clsyGtNg_QeSMRM6urwR2SPGoHwWf5q__AjmOEsUaFus__xbhUyV-x1PiYdsO6ZAfhbhrWn-OWL-DaCkVG85-S2cZm5nsREw8ownLUOLJHrmVtvzDAgD_xRX7_MB0gggepU6zD&cid=CAQSLQCNIrLM5HDmnFf9ySIGYO8RUtzjAl8YJmGmUNnrqxVimtWlevyHJ5AFC9PxPhgB&rfl=1%2Chttps%253A%252F%252Fja.projectunderstood.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:808::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 02:11:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 299003
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Apr 2023 02:11:44 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame E25E 22 KB
8 KB 5ms
4ms Document
text/html 2404:6800:4004:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:808::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 165647
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 15 Apr 2022 15:14:20 GMT
expires: Sat, 15 Apr 2023 15:14:20 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 k-Lxrj_3cR5KhrMTVpzAVOH1CgwXrUvkekFpn42ZeoQ.js Show response
pagead2.googlesyndication.com/bg/ Frame E25E 35 KB
13 KB 3ms
2ms Script
text/javascript 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/k-Lxrj_3cR5KhrMTVpzAVOH1CgwXrUvkekFpn42ZeoQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93e2f1ae3ff7711e4a86b313569cc054e1f50a0c17ad4be47a41699f8d997a84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 05:43:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 372714
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13613
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Apr 2023 05:43:13 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E25E 0
20 B 40ms
40ms Image
image/gif 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B1IXI2xJcYrXRK-aN2wTdwIGICwAAAAA4AeAEAg&bg=!mJulm9_NAAZvJBiFTyQ7ACkAdvg8WqknKAUyy_olSlJzY4R1FZmgGxcuix7Kpx0dG1scmphum5XiEQIAAAA_UgAAAAFoAQcKAE2bS41G84R5X7UvDARuKUB-4qJi_voJinCEMTAYeWIoIc_-Xyjtb7NMuFHWzJ0zf8Q146FrvT9IVyzqYfQl1tJnUWrtfjHGdZHbuCin_pkC-zP12gmBCwgbrUVc7ZI6t6Y-wUTgDhbR70mD90bjohUngHhOHdlvS85OzrswhOfGkGwqMqFMTQZG6voGjmfjjkgKfk558EKciivoczwpQFhewtnxL72KCzWWJB9DKOhhvyQxZsCzA7FCKkHpGfS0opIjbov4OQsYaJtxbt4W3DbZWXyKSx9_PrXWFK0MRxfJufWss4pK58UEVXALUCIGX63XFZa9vG7a_bPGu_eGy7yDvpaBiBdunDiEvPoHMh2Hts0mIRh8oURP6V2VtuRh1B3R-g2McC__4oNZ4o-f_KwxVXZLxb4I950hrilO8S6t5c6hAf1rWKfNaIXksJjMSWPnpdyRHoLfSyGlZl7QCfhCfxacbptWzFdtrA_ojK5TmtDXgUPCViApaczLmqySVbExYyQTaY-pxov-QYyP_7bSiu7bU5XCyAlObvA_Zl1_9zsXd3-zR2-uaksXcowj9V2STeNPBfR3m65Me2-MgT7grtvHJQ9AQaQM3eAr9P87pKafzUYt2qk0t4FJEK-Pbis7BUkE5jGpg9oWDAn5tWwcLqM9mYEsK8usnKw6IBg0WJ1kEB1PdUl9N8GNZDEerkbRFnBmz7TS_z_C5Y6d2WcSdWRGPqr61i4Ah3Ko1kcr90jNxOc7BujjQuOex4LQ_pw03jkrZY6lC6VCcRGbBIIOpGGV7krKawpHJFsNO_HWktY83iQ6NzPEq1Vaopg6GbzQg_gKtlOWOGEyX7deh08UFFJIsKmmaygZJcKfdisKyt_kOAZTTNPF894EKO9cmKTC0hx-YjnxQthcEtI7XcN3UPgcnR03UHWlzPp6Kgfpc1X22c-DvTBS7b9jtaRdwt_v9-mqm5kz7uYHXrQXLvLiBVk0CU381ftkDVXy-7PXVmRWTj1An8JzEYsQMDe3DyqpWa_m5Kqtz0oXshmO3zARTOuLr_pp_FcEopGp-z9b6QokN86Pm56vuuZxJg63WZwsSSkR0oS2aSlbwH0D1SLbrBtcA7QDVUU9wyg

Requested by

Host: b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com
URL: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Apr 2022 13:15:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 6259 49 KB
20 KB 42ms
2ms Script
text/javascript 2404:6800:4004:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: ja.projectunderstood.com
URL: https://ja.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4720
date: Sun, 17 Apr 2022 11:56:28 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 17 Apr 2022 13:56:28 GMT

GET
H3 200 bridge3.510.1_pl.html Show response
imasdk.googleapis.com/js/core/ Frame 7D95 631 KB
205 KB 62ms
26ms Document
text/html 2404:6800:4004:826::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.510.1_pl.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5164e2608ea6ad663e10f6b75a014ce2f9b01cec36057ee9ad93842528032c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.projectunderstood.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 221197
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 209865
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Thu, 14 Apr 2022 23:48:31 GMT
expires: Fri, 14 Apr 2023 23:48:31 GMT
last-modified: Thu, 14 Apr 2022 23:44:31 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 6259 44 KB
16 KB 54ms
54ms Script
text/javascript 2404:6800:400a:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400a:80e::2006 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:15:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 17 Apr 2022 13:15:08 GMT

GET
H2 200 580084_1m.jpg
cdnt.onnetwork.tv/poster/5/8/ Frame 6259 25 KB
25 KB 674ms
247ms Image
image/jpeg 178.33.50.233
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnt.onnetwork.tv/poster/5/8/580084_1m.jpg

Requested by

Host: ja.projectunderstood.com
URL: https://ja.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.33.50.233 , France, ASN16276 (OVH, FR),

Reverse DNS

vh11b.eris-w18.of.pl

Software

XO.webservantpro /

Resource Hash

f8816e8e5dd490622a612a4e8325e9f6d91f3efbdcf5a97d985d8ba3a3121184

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:15:08 GMT
last-modified: Tue, 15 Feb 2022 13:34:41 GMT
server: XO.webservantpro
etag: "620babf1-6215"
strict-transport-security: max-age=31536000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=17280000
accept-ranges: bytes
content-length: 25109
expires: Thu, 03 Nov 2022 13:15:08 GMT

GET
H2 200 a_cnti.png Show response
cdn.onnetwork.tv/cnt/ Frame 6259 126 B
329 B 247ms
247ms Fetch
image/png 178.33.50.233
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onnetwork.tv/cnt/a_cnti.png?ts=1650201308&event=plimpression&d=9074&vs=0&aps=4&playerVisible=0&mobile=0&acount=0
Requested by: Host: ja.projectunderstood.com
URL: https://ja.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.33.50.233 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w18.of.pl
Software: XO.webservantpro /
Resource Hash: a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:15:08 GMT
last-modified: Sunday, 17-Apr-2022 13:15:08 GMT
server: XO.webservantpro
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 126

GET
H2 200 a_cntg.png Show response
cdn.onnetwork.tv/cnt/ Frame 6259 126 B
329 B 246ms
246ms Fetch
image/png 178.33.50.233
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onnetwork.tv/cnt/a_cntg.png?ts=1650201308&d=9074&wsc=ab&typ=embed&mobile=0&c=23
Requested by: Host: ja.projectunderstood.com
URL: https://ja.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.33.50.233 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w18.of.pl
Software: XO.webservantpro /
Resource Hash: a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:15:08 GMT
last-modified: Sunday, 17-Apr-2022 13:15:08 GMT
server: XO.webservantpro
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 126

GET
H2 200 a_cntd.png Show response
cdn.onnetwork.tv/cnt/ Frame 6259 126 B
329 B 247ms
246ms Fetch
image/png 178.33.50.233
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onnetwork.tv/cnt/a_cntd.png?ts=1650201308&mobile=0&plc=1&time=22&website=9074
Requested by: Host: ja.projectunderstood.com
URL: https://ja.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.33.50.233 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w18.of.pl
Software: XO.webservantpro /
Resource Hash: a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:15:08 GMT
last-modified: Sunday, 17-Apr-2022 13:15:08 GMT
server: XO.webservantpro
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 126

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 2431 37 KB
13 KB 2ms
2ms Script
text/javascript 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 12:42:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1983
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sun, 17 Apr 2022 13:42:05 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ Frame 6259 4 B
24 B 73ms
36ms XHR
text/plain 2404:6800:4004:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1271601939&t=pageview&_s=1&dl=https%3A%2F%2Fja.projectunderstood.com%2F744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10&dp=%2Fab%2Foptad_com&ul=en-us&de=UTF-8&dt=Player&sd=24-bit&sr=1600x1200&vp=725x409&je=0&_u=IGhAAEABAAAAAC~&jid=1739999927&gjid=1948967342&cid=2087097221.1650201308&tid=UA-135221353-1&_gid=1078868124.1650201308&_r=1&_slc=1&z=1058217958

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ja.projectunderstood.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 17 Apr 2022 13:15:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ja.projectunderstood.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

adj Show response
bid.g.doubleclick.net/xbbe/creative/ Frame CCD9
Redirect Chain

https://fw.adsafeprotected.com/rfw/bgd/743429/55636121/xbbe/creative/adj?p=APEucNUML_uRTeCyTJ_nn9xXD60bPUjwFKRPCh_ITMUJiPhuU-8ZlTw&d=CnkAoCZ_4OOQVQbKgsJ9rcbPBo1WdnEPb6T6ckIuVunupyVSiOPVMJSY9XbAiyCG...
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNUML_uRTeCyTJ_nn9xXD60bPUjwFKRPCh_ITMUJiPhuU-8ZlTw&d=CnkAoCZ_4OOQVQbKgsJ9rcbPBo1WdnEPb6T6ckIuVunupyVSiOPVMJSY9XbAiyCGYCPeTkifDGWgas4QM_SDeJwrI...

43 KB
18 KB

196ms
85ms

Script
text/javascript

64.233.189.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNUML_uRTeCyTJ_nn9xXD60bPUjwFKRPCh_ITMUJiPhuU-8ZlTw&d=CnkAoCZ_4OOQVQbKgsJ9rcbPBo1WdnEPb6T6ckIuVunupyVSiOPVMJSY9XbAiyCGYCPeTkifDGWgas4QM_SDeJwrIR9BjfJDruKLPgsQufcmfAGFVhs9GxZ2FcVd0vdbN_Dn7Ziu9tyIkr-F1YghYZRkmRnhjhhyZt6nEpkUAKAmf-DRoFT1yf81VxusRM3Xlva268PQWtY-nHnrzGSttuK88U6_qwFI6_dn8wFuy3_Jmq87qiuvHngJS9RhsPf0KP8WN8Ts-EOfd5shBIRZj_VAGV-D-oXACfZgEmGD8OVHHu65R1bPgKn-mrdQhfKDCssxKtUwlXfebTLr0oRSZxC2Qhwm3__IliQOmeIDYIJdweI_AxWZ8emo2gTjeDuNvZ-qSuQmNSWiD_Or3RJVhCWsdXfqjKRx2YHn2UQhwZRB_Nh_OyOnHuhW6KbbC8FGiax4DsBz_3tzBWlFMW0a11g4DrwZ28baBXl4srWbY9o11fGP7pX8kRmQ_26IR8hhc3675gyevxGM9Dqx95pI2ogOvaEb0pXTp_uVaIiOUq81P6tNpJZSWMitTBKX2hUirUIAGmAV8fHJ1-SGz1mvd436_0bbqxC6r0ambQjup3dnJDcoJPxBzsoLrdd5rUA_DnIaYUhasPn8wURv0tN-ZodFVoddHhaOcaKEfrudgZB0bKuIBa9uVgeY0erZs2nCta7FzG_lxsKn__Pp21XYnCc4PR9xRH0lNNX5vZH6Lk5w1LHQ9KLWjMfYVk_8IAqibpHkb3sKXkcQJrSN5kmG0B-p8MVPrmG8jjuk4P8jFZ7dy4n6H5r6sNJ2BPJkNt9HgJR7FIonlbdwg_y9r2B5BK_yPCRPzWOj29ikzdisP6hMhcs3UaHE9yYyDE4RJeibEJZBLtYH2OY7ubZ1M70VoHPlfSY-7exIONdlgbcDvqfCvkfdINDEPi2HcE1FrxVYejPhatovcCtPOfsWTKxbObSbg29dI1rlUryPbRX3-tgnvgJOEeGChl0vDzjBdfuOn3hQh6xdb-TQMPPrswRwG7b2xK3yMW2T6ziBLgWtAgqcUGJISKMSYMTEa4eLXfsV7BYk7E8N5or3IrocCJtJJm2XBvMPypexNSGnzmq4vtlSexmMwyMd6PXgR1x4JdsjBHxhL3udJ5L48EUBUpUxVlsgXjvFE58QoFRE42O10Bv6SLdeVABNiTei2DFVN9XnDGE56mOGjprCHgWGODeq25n2_xaWUt6MK8b3VXgnsvNcEen1ED_m4YKBTYvvmVJqaOaOo7OOGlI7tN7siz2_Ui76kv3CCAzQuS0Dt9ZAePcJNgIPiZT3pFxspklIIZL0_o6gqQimtZuwvI2ITvhk26vEMc277KKynDQwvM6SX3Zp7wcIS3u23Sy8KsL5SSMElpZRxM5DAALHprwFKiCFuHcorovI3wvsI5sO37nA1B26YVGWDEi3Essm2horVNp0vTPm7JdfrzvCghzfXaibHwraoGVyjWZXT550YuMXddblmvZBo-SAx8ISOeBt9Jh9f_ZZX28NFsYdX22rRi85n7vUa7vOCsp5Wp6PMz--701PDqYpQUZMS8lcuetvOh8FSpy4Gz7W0Aj3eBfY3Z0qEhHqEOOdJdhHvee06U5R0hJMTAHMNc6KQryFRE-SJiCZOP24KbtAomAPZ_xsccJ8UY3EgwJKhl0YNfU86mBPmjDFnIV2e6hD6Kzra_GC5mkofXT9ebpPKiQ1jfYh_QOpvhHxMuAfXYpOfmHOmMJm4x6yYC2iqgE5PbYuAXOrGfrjKcq4Mz62vnzx7PkKrzSxe6-uzK1C95DL_fdQ0Cf2S8weG32JgHZ5q16aRasOZolxAwgVuewG2AgTFQTVKf3PzBQmr7tb807zGLGj2QpwmPFYRQYXV4t4aN8lWdo3zv9yQgtm9W3hD7cOuB8F96yZicFhfdbEAdI_12CDyous7TCWiUojcYEt32SviZzHCeZRiEcbKoQ7N7GTUU4v4W_ZyHeJZI6y-6fWnSuc6GUF0Ah2DOc25LQStikfJbcJiMclQwPRLaWoPNWNMTqMg6aEa-mpVbN-zAwV843nOASCizt-bM5Ut_WbvuXX2lLvhhglUUvz7CjkqhS6lo3X5GS2wTRcfFbo85vX84lJ3cpNYDlLtnpob3krAslkP-iAyqTlPnpHbs4-_pzK7rkrSFqBHdeNbm1sGAPf0jw-ORuLCh7TNfWpyLDj6rwQBYRBkrXTXmDDLDetkCw0vqfBdc4Jn15OtNLOvIjlBKRu3j0EFBOd7UgiOYASgLXEdcvXUhn-YRh3u67M72cdp1iUBunfAWm__a9tDPW9C_OXOCE2LO2v-RKirR5ZuqhcfqUvAebW3ObSlDtVFnRx85jjkUa6GYnZMJAQK_tCt33HKQU8uJTTFncyxRkHj9bBVzyV0GBCGtO_j2sFpfoVe_3FBACN31ISoH9LXvh2kqUd-w59sOQKYvLijbhZ8bn4cBINtXDwPBSpbcATKAm8TUrrP_e7j5hauawGCHN2kULeVuhJ0m8oV6Yz7v5-gEcP_JTDMx9cUTc8uW7M6c-CHvTY4ulz_7yJFYtfHo5cDsozQHt_4uKrL-7Crci4YOUOiv7xHGJl5FAn0nPmEJwJK4-Gx64jJ8PYEawwrTlG8mZc-VbkPmFtj_QmeibtxyDS89qB7hMZL8o-TBUCjbBOCw2kgM6Pstr_aCCNJJhxx4O0wGndCg6rqHfWX7v8UVcMUV9d7eDUJqYj3-j2IS17CG-lHn70DIfJw_mFpinq9q3WmyOU_OUsftskRLiW0Qcj96z1uuu_UzTBwhsomDLW0LhP2qcGofnA2q8ZKSvLdJ0n1hSJDoNPImrgFMSD3vLIVSYaGGIEzPbR6SDOsnmuXyJ96zV1sq380EnBnysSIWxwg-OxDMnOcOWHxkP9q7m4Bc77VPLoioje3SHVnppKkK5DJextY-9A88j74h-wXfY7Ucp-s8nQGCseW56TelQBW1U-AoBAy2haWy9IDYkmFXkDPxN1p_7DDsUMnXrTLRLvV-DSbLsbECvSbLZ6F5okdR2c8hQCLeLqMADri9lG7gBFYzrRVfnmQepQEczSApA4PBcGWaXG0hcgFYGpf-EpKBgaR26LPfLopdRNFdE2ZrN7yhZLGzOvk0bozBw4bTtIe9pMs42hUfi7ztjE-WbPxXK2O-2_NPIRkpssh6plB2PA_p36nz0Rvln-serrDz59uaeh97L8zGPBpDH1XoR1TX78AWp8_pRM0jc0OtqERALtLWr8YrED46AYqKI-TE_Ew49X6XLF3V8piQGvyAWNEU6nU7ntDccSqeqVklLAXODRZF1Ks6RWnZqb-nHpUd_b0wC37uN6uTd7R50W8fWBd-zWDUnqhWazEBZQjdZN4UHTBMbYe228NTpRwu9f6cVtwcn0cbc18cVnxnCeeNWUb4WJCWRbe-pU7aHynAeHFs7UcmpgMqgd4VqvkNC0EzEoBZ9RBY952OP26fwOs4oCvMKo_u-PYeR1dQYnQIvrEV1Ec6-fFm_is0j5C00oPNxakTAmi9ogOB0EXnb2_lwsa3bDp2LOYbJ48RG7h_JJ7UfyXHm4rOo9onuyb_QaMwgEEi0AjSKyzORw5pxX_ckiBmDvEVLc4wJfGCZhplDZ66sVYprVpXr8hyeQBQvT8T4YAWAB

Requested by

Host: b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com
URL: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

64.233.189.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tl-in-f156.1e100.net

Software

cafe /

Resource Hash

72bb86f9d70dea643495bfa290f04d801db4624dede7bb10fd41bc5f19b55acb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Apr 2022 13:15:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18311
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 17 Apr 2022 13:15:08 GMT
x-server-name: app01.jp.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNUML_uRTeCyTJ_nn9xXD60bPUjwFKRPCh_ITMUJiPhuU-8ZlTw&d=CnkAoCZ_4OOQVQbKgsJ9rcbPBo1WdnEPb6T6ckIuVunupyVSiOPVMJSY9XbAiyCGYCPeTkifDGWgas4QM_SDeJwrIR9BjfJDruKLPgsQufcmfAGFVhs9GxZ2FcVd0vdbN_Dn7Ziu9tyIkr-F1YghYZRkmRnhjhhyZt6nEpkUAKAmf-DRoFT1yf81VxusRM3Xlva268PQWtY-nHnrzGSttuK88U6_qwFI6_dn8wFuy3_Jmq87qiuvHngJS9RhsPf0KP8WN8Ts-EOfd5shBIRZj_VAGV-D-oXACfZgEmGD8OVHHu65R1bPgKn-mrdQhfKDCssxKtUwlXfebTLr0oRSZxC2Qhwm3__IliQOmeIDYIJdweI_AxWZ8emo2gTjeDuNvZ-qSuQmNSWiD_Or3RJVhCWsdXfqjKRx2YHn2UQhwZRB_Nh_OyOnHuhW6KbbC8FGiax4DsBz_3tzBWlFMW0a11g4DrwZ28baBXl4srWbY9o11fGP7pX8kRmQ_26IR8hhc3675gyevxGM9Dqx95pI2ogOvaEb0pXTp_uVaIiOUq81P6tNpJZSWMitTBKX2hUirUIAGmAV8fHJ1-SGz1mvd436_0bbqxC6r0ambQjup3dnJDcoJPxBzsoLrdd5rUA_DnIaYUhasPn8wURv0tN-ZodFVoddHhaOcaKEfrudgZB0bKuIBa9uVgeY0erZs2nCta7FzG_lxsKn__Pp21XYnCc4PR9xRH0lNNX5vZH6Lk5w1LHQ9KLWjMfYVk_8IAqibpHkb3sKXkcQJrSN5kmG0B-p8MVPrmG8jjuk4P8jFZ7dy4n6H5r6sNJ2BPJkNt9HgJR7FIonlbdwg_y9r2B5BK_yPCRPzWOj29ikzdisP6hMhcs3UaHE9yYyDE4RJeibEJZBLtYH2OY7ubZ1M70VoHPlfSY-7exIONdlgbcDvqfCvkfdINDEPi2HcE1FrxVYejPhatovcCtPOfsWTKxbObSbg29dI1rlUryPbRX3-tgnvgJOEeGChl0vDzjBdfuOn3hQh6xdb-TQMPPrswRwG7b2xK3yMW2T6ziBLgWtAgqcUGJISKMSYMTEa4eLXfsV7BYk7E8N5or3IrocCJtJJm2XBvMPypexNSGnzmq4vtlSexmMwyMd6PXgR1x4JdsjBHxhL3udJ5L48EUBUpUxVlsgXjvFE58QoFRE42O10Bv6SLdeVABNiTei2DFVN9XnDGE56mOGjprCHgWGODeq25n2_xaWUt6MK8b3VXgnsvNcEen1ED_m4YKBTYvvmVJqaOaOo7OOGlI7tN7siz2_Ui76kv3CCAzQuS0Dt9ZAePcJNgIPiZT3pFxspklIIZL0_o6gqQimtZuwvI2ITvhk26vEMc277KKynDQwvM6SX3Zp7wcIS3u23Sy8KsL5SSMElpZRxM5DAALHprwFKiCFuHcorovI3wvsI5sO37nA1B26YVGWDEi3Essm2horVNp0vTPm7JdfrzvCghzfXaibHwraoGVyjWZXT550YuMXddblmvZBo-SAx8ISOeBt9Jh9f_ZZX28NFsYdX22rRi85n7vUa7vOCsp5Wp6PMz--701PDqYpQUZMS8lcuetvOh8FSpy4Gz7W0Aj3eBfY3Z0qEhHqEOOdJdhHvee06U5R0hJMTAHMNc6KQryFRE-SJiCZOP24KbtAomAPZ_xsccJ8UY3EgwJKhl0YNfU86mBPmjDFnIV2e6hD6Kzra_GC5mkofXT9ebpPKiQ1jfYh_QOpvhHxMuAfXYpOfmHOmMJm4x6yYC2iqgE5PbYuAXOrGfrjKcq4Mz62vnzx7PkKrzSxe6-uzK1C95DL_fdQ0Cf2S8weG32JgHZ5q16aRasOZolxAwgVuewG2AgTFQTVKf3PzBQmr7tb807zGLGj2QpwmPFYRQYXV4t4aN8lWdo3zv9yQgtm9W3hD7cOuB8F96yZicFhfdbEAdI_12CDyous7TCWiUojcYEt32SviZzHCeZRiEcbKoQ7N7GTUU4v4W_ZyHeJZI6y-6fWnSuc6GUF0Ah2DOc25LQStikfJbcJiMclQwPRLaWoPNWNMTqMg6aEa-mpVbN-zAwV843nOASCizt-bM5Ut_WbvuXX2lLvhhglUUvz7CjkqhS6lo3X5GS2wTRcfFbo85vX84lJ3cpNYDlLtnpob3krAslkP-iAyqTlPnpHbs4-_pzK7rkrSFqBHdeNbm1sGAPf0jw-ORuLCh7TNfWpyLDj6rwQBYRBkrXTXmDDLDetkCw0vqfBdc4Jn15OtNLOvIjlBKRu3j0EFBOd7UgiOYASgLXEdcvXUhn-YRh3u67M72cdp1iUBunfAWm__a9tDPW9C_OXOCE2LO2v-RKirR5ZuqhcfqUvAebW3ObSlDtVFnRx85jjkUa6GYnZMJAQK_tCt33HKQU8uJTTFncyxRkHj9bBVzyV0GBCGtO_j2sFpfoVe_3FBACN31ISoH9LXvh2kqUd-w59sOQKYvLijbhZ8bn4cBINtXDwPBSpbcATKAm8TUrrP_e7j5hauawGCHN2kULeVuhJ0m8oV6Yz7v5-gEcP_JTDMx9cUTc8uW7M6c-CHvTY4ulz_7yJFYtfHo5cDsozQHt_4uKrL-7Crci4YOUOiv7xHGJl5FAn0nPmEJwJK4-Gx64jJ8PYEawwrTlG8mZc-VbkPmFtj_QmeibtxyDS89qB7hMZL8o-TBUCjbBOCw2kgM6Pstr_aCCNJJhxx4O0wGndCg6rqHfWX7v8UVcMUV9d7eDUJqYj3-j2IS17CG-lHn70DIfJw_mFpinq9q3WmyOU_OUsftskRLiW0Qcj96z1uuu_UzTBwhsomDLW0LhP2qcGofnA2q8ZKSvLdJ0n1hSJDoNPImrgFMSD3vLIVSYaGGIEzPbR6SDOsnmuXyJ96zV1sq380EnBnysSIWxwg-OxDMnOcOWHxkP9q7m4Bc77VPLoioje3SHVnppKkK5DJextY-9A88j74h-wXfY7Ucp-s8nQGCseW56TelQBW1U-AoBAy2haWy9IDYkmFXkDPxN1p_7DDsUMnXrTLRLvV-DSbLsbECvSbLZ6F5okdR2c8hQCLeLqMADri9lG7gBFYzrRVfnmQepQEczSApA4PBcGWaXG0hcgFYGpf-EpKBgaR26LPfLopdRNFdE2ZrN7yhZLGzOvk0bozBw4bTtIe9pMs42hUfi7ztjE-WbPxXK2O-2_NPIRkpssh6plB2PA_p36nz0Rvln-serrDz59uaeh97L8zGPBpDH1XoR1TX78AWp8_pRM0jc0OtqERALtLWr8YrED46AYqKI-TE_Ew49X6XLF3V8piQGvyAWNEU6nU7ntDccSqeqVklLAXODRZF1Ks6RWnZqb-nHpUd_b0wC37uN6uTd7R50W8fWBd-zWDUnqhWazEBZQjdZN4UHTBMbYe228NTpRwu9f6cVtwcn0cbc18cVnxnCeeNWUb4WJCWRbe-pU7aHynAeHFs7UcmpgMqgd4VqvkNC0EzEoBZ9RBY952OP26fwOs4oCvMKo_u-PYeR1dQYnQIvrEV1Ec6-fFm_is0j5C00oPNxakTAmi9ogOB0EXnb2_lwsa3bDp2LOYbJ48RG7h_JJ7UfyXHm4rOo9onuyb_QaMwgEEi0AjSKyzORw5pxX_ckiBmDvEVLc4wJfGCZhplDZ66sVYprVpXr8hyeQBQvT8T4YAWAB
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame 66E9 80 KB
21 KB 341ms
118ms Script
application/javascript 2600:9000:2363:9800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com
URL: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2363:9800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 18:49:54 GMT
content-encoding: gzip
age: 20802315
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 162e0a5e43b734e69d940498f98a7bb0.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: LAX53-P2
content-type: application/javascript
x-amz-cf-id: qOcHUO_AF1p7bQk15ZotWpAZ4g3fal7f2JVctiiVOcA3ZQaRNGJJXg==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ Frame 6259 1 B
445 B 167ms
54ms XHR
text/plain 2404:6800:4008:c01::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-135221353-1&cid=2087097221.1650201308&jid=1739999927&gjid=1948967342&_gid=1078868124.1650201308&_u=IGhAAEAAAAAAAC~&z=2078116560

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4008:c01::9c Taipei, Taiwan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ja.projectunderstood.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 17 Apr 2022 13:15:08 GMT
content-type: text/plain
access-control-allow-origin: https://ja.projectunderstood.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 a_cntm.png Show response
cdn.onnetwork.tv/cnt/ Frame 6259 126 B
329 B 253ms
253ms Fetch
image/png 178.33.50.233
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onnetwork.tv/cnt/a_cntm.png?ts=1650201308&i=580084&d=9074&wsc=ab&plist=0&widget=0&initap=4&currap=4&ab=0&cbs=1&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&typ=embed&ap=4&vs=40
Requested by: Host: ja.projectunderstood.com
URL: https://ja.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.33.50.233 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w18.of.pl
Software: XO.webservantpro /
Resource Hash: a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:15:08 GMT
last-modified: Sunday, 17-Apr-2022 13:15:08 GMT
server: XO.webservantpro
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 126

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5B20 42 B
64 B 74ms
38ms Fetch
image/gif 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvaQQUu-Ltwhq4wzQGRkK3tY5BR3N5TMdpGMY5hOR0ikKtIv2F6HIeYo0HvHhj_QphKZDDbBqD7rCCLGzWan2mWhHvck2Ei&sig=Cg0ArKJSzEqlXeSVPrFTEAE&id=lidar2&mcvt=1046&p=0,0,90,728&mtos=1046,1046,1046,1046,1046&tos=1046,0,0,0,0&v=20220413&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=32&adk=2923430898&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1650201305731&rpt=1393&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Apr 2022 13:15:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5B20 42 B
64 B 76ms
41ms Fetch
image/gif 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstE5VNXzdNjd6XaSopPWj450iOU12FQgOV3AGGbO5YGR1wDCvRHqB0xnoLvftmfTuNeStJDs4UzKVBfF5GV0orwS8qWk323NgsxD8_NwSEp-fyQv0g&sai=AMfl-YQPSH0iHrPlvdFmj2y7VwcuTnlV8UuTgTKRWEtt5iBlZ74Un0cQo5XhocJr_9Q6i1KAA8e6vT40OYCTEp0OwJy5_qb83VXyvHkk9-nY6Q&sig=Cg0ArKJSzGiSLleT3BeoEAE&cid=CAQSLgCNIrLMWosThkkmk03DDSkIKZ9zBVSKJKAd70H6u8dDzB3NiffRxIEhdfWzALk&id=lidar2&mcvt=1047&p=1110,436,1204,1164&mtos=0,1047,1047,1047,1047&tos=0,1047,0,0,0&v=20220413&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&vu=1&app=0&itpl=20&adk=2547308185&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1650201305731&rpt=1390&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Apr 2022 13:15:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame CCD9 43 B
301 B 1107ms
172ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=743429&asId=de7f8326-d6f9-ab17-4ace-efa252cdeb28&tv=%7Bc:a31Tii,pingTime:-3,time:51,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:16%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:51,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B47~0%5D,as:%5B47~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t3gEw3B+11%7C12%7C131%7C132%7C133%7C134%7C135%7C141%7C1421%7C151%7C152%7C153%7C161%7C17*.743429-55636121%7C171%7C172,idMap:17*,rmeas:1,rend:0,renddet:IMG.us%7D&br=c
Requested by: Host: b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com
URL: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 17 Apr 2022 13:15:09 GMT
X-Server-Name: dt59.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame CCD9 43 B
301 B 1106ms
172ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=743429&asId=de7f8326-d6f9-ab17-4ace-efa252cdeb28&tv=%7Bc:a31Tij,pingTime:-6,time:52,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:52,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B47~0%5D,as:%5B47~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t3gEw3B+11%7C12%7C131%7C132%7C133%7C134%7C135%7C141%7C1421%7C151%7C152%7C153%7C161%7C17*.743429-55636121%7C171%7C172,idMap:17*,rmeas:1,rend:0,renddet:IMG.us%7D&tpiLookup=ao:ja.projectunderstood.com*&br=c
Requested by: Host: b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com
URL: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 17 Apr 2022 13:15:09 GMT
X-Server-Name: dt37.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame CCD9 43 B
301 B 1103ms
172ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=743429&asId=de7f8326-d6f9-ab17-4ace-efa252cdeb28&tv=%7Bc:a31Tio,pingTime:-2,time:57,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:510,beZ:511,mfA:512,cmA:513,inA:514,inZ:517,prA:517,prZ:521,si:526,poA:527,poZ:544,cmZ:544,mfZ:544,loA:562,loZ:564,ltA:567,ltZ:567%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:16%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:57,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B52~0%5D,as:%5B52~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t3gEw3B+11%7C12%7C131%7C132%7C133%7C134%7C135%7C141%7C1421%7C151%7C152%7C153%7C161%7C17*.743429-55636121%7C171%7C172,idMap:17*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:IMG.us,sinceFw:40,readyFired:false%7D&br=c
Requested by: Host: b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com
URL: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 17 Apr 2022 13:15:09 GMT
X-Server-Name: dt33.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200 457933 Show response
cmp-as-tm.everesttech.net/ads/cmp/s/2021/ Frame CCD9 9 KB
4 KB 275ms
90ms Script
text/javascript 18.136.247.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp-as-tm.everesttech.net/ads/cmp/s/2021/457933?w=728&h=90&s=5&dsp=Google+DCM&clk=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsuyTqmsI98m5IwtyzG8LRtP9kc-jEx4P4IN4sDYbiQ_EVh6U3qav5JKxCZSplWWFWPfqCwZKcCOfw_HmFnqne_DGOyUTrCjwUs8T10s2FIuU8G6tZP3An5clcGuosNRUnPizlEFi3L0RlowZruK1JwzKj22csjfcoT-0Lja38F5fkyQJeSJxmkbdjXK0HRIi1n9Qeavg07GH8LWc0a20pz1LIwYWlRitmJoRaUDQzsd4yHnWKMhs7JwdnEHLgCpIp2UE5uH2DbuDFKLEUqJWfLbxTOaAZjAKzO8hcFtSYo4GRxo7d7ZzMa-DEkc6iJsOJxSKp3ta450FOQ0_En9sjRa6zPrMWxQbM4fdfAdk9N4GU-lKqOilMV2riNrFIV64tgKN-7_SClzaz2_p1hyvkKbBzEp_P-gAxWQGKdRV6P7WQcrGLyda8FUyMTiuCjNld4I-ZNiq0exFtO2FB7dZzVuD1hWq2I2LGXusInhsJggsCxftoIDfWgkUsLPlKYCOwOgqPWGobu9qw_m2jBisXp8jL-FYjQsW3rlY7mpkemz6sxbyHeeMLeVP2eooqS7yFbIfzqxcuCvGJ3-JFSRWcKaT31Wf3eZEAYpxebOatjFaoHAuk3bUeSXLIUq2j5-P-LfT4oo1Tv6O9UkWlXf2kKBoZMM6EOVL_qs8RMzGQmEjRo6uIvKM8DRc0R2PGQyNUfCqxQQK06lDZrExY0KG1sd7Y4KwzerZKhjLrpv-gm3pAd1geQCgMiQ3VD24OaqUOBWn2KccU8iQCAWu280dibTfSptnfFLtSexoMVC-sL8GatUoiF2fHdGTcI0k_3P-podkL2mrMSwhc3sgaXcMMsfgQD7J89tNGO2LTxifBmHhphgG68zlicSewgLyXxR2JDf3A3mrb1unUPwVPa7YsUAtH_EprevpDR5B6ie-cBIB2TtksHvt9Ga3H0AsZatA_oqQ5_USHg_Vx9aZ1jACC2Hwob1uS7aR74oRbQfwxeh5afiFFwVd2maXjOKDAjI47yEFrFQcmyFq4EEczNSLQIX7DCpe0j9GLwavhQesdJisoKsLEZRQxLSt0H_ktf9ohZgAnoKjYeJFHNFQXvLcshnrB9HOpEwEWzbOry1yI259KqYlP_g1-ljbWLxxMrQfZgol8MLgJ0ZybYs8jB8gLicoI8D6wdzISFO2lfNHbhQnI2wsfmVLzJ6SlUszWBXegwxtjLzBk9-7CqfKL7iGr4%26sai%3DAMfl-YRZW-8TcbXWKlpS_DDmnmxi0mhTPEFxQGbVgLLWMi8zEif3fRp9QWdZ5DywnQL4bU3m2j-LS_JIEbBYUjU0hqg-wOgPw6WdWZpxBmZDUBQatbIyX1ECl2hv5SIdSkg95qTRKBF4RVVu-qKQOfa_VyEOohe6PsTYSaZmKiWRYKCbmfW5qy8lWGtvwNEI4_v_Jod_kekoX4-LvEmxCJr2RW_DrQlRL0YddVZf2kX1DvHJ8HS-qNI%26sig%3DCg0ArKJSzES0Wk8G9X35EAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&dsp_bu_id=25947223&dsp_pa_id=305934931&dsp_si_id=6958819&dsp_ad_id=498879351&dsp_cr_id=137843133&dp1=305934931&tc_1=2200008&tc_2=25947223&tc_3=305934931&tc_4=137843133&tc_5=dcmadvertiserid|8404942$dcmcampaignid|25947223$dcmadid|498879351$dcmrenderingid|137678428$dcmsiteid|6958819$dcmplacementid|305934931$customer|Microsoft$dv360auctionid|
Requested by: Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/743429/55636121/xbbe/creative/adj?p=APEucNUML_uRTeCyTJ_nn9xXD60bPUjwFKRPCh_ITMUJiPhuU-8ZlTw&d=CnkAoCZ_4OOQVQbKgsJ9rcbPBo1WdnEPb6T6ckIuVunupyVSiOPVMJSY9XbAiyCGYCPeTkifDGWgas4QM_SDeJwrIR9BjfJDruKLPgsQufcmfAGFVhs9GxZ2FcVd0vdbN_Dn7Ziu9tyIkr-F1YghYZRkmRnhjhhyZt6nEpkUAKAmf-DRoFT1yf81VxusRM3Xlva268PQWtY-nHnrzGSttuK88U6_qwFI6_dn8wFuy3_Jmq87qiuvHngJS9RhsPf0KP8WN8Ts-EOfd5shBIRZj_VAGV-D-oXACfZgEmGD8OVHHu65R1bPgKn-mrdQhfKDCssxKtUwlXfebTLr0oRSZxC2Qhwm3__IliQOmeIDYIJdweI_AxWZ8emo2gTjeDuNvZ-qSuQmNSWiD_Or3RJVhCWsdXfqjKRx2YHn2UQhwZRB_Nh_OyOnHuhW6KbbC8FGiax4DsBz_3tzBWlFMW0a11g4DrwZ28baBXl4srWbY9o11fGP7pX8kRmQ_26IR8hhc3675gyevxGM9Dqx95pI2ogOvaEb0pXTp_uVaIiOUq81P6tNpJZSWMitTBKX2hUirUIAGmAV8fHJ1-SGz1mvd436_0bbqxC6r0ambQjup3dnJDcoJPxBzsoLrdd5rUA_DnIaYUhasPn8wURv0tN-ZodFVoddHhaOcaKEfrudgZB0bKuIBa9uVgeY0erZs2nCta7FzG_lxsKn__Pp21XYnCc4PR9xRH0lNNX5vZH6Lk5w1LHQ9KLWjMfYVk_8IAqibpHkb3sKXkcQJrSN5kmG0B-p8MVPrmG8jjuk4P8jFZ7dy4n6H5r6sNJ2BPJkNt9HgJR7FIonlbdwg_y9r2B5BK_yPCRPzWOj29ikzdisP6hMhcs3UaHE9yYyDE4RJeibEJZBLtYH2OY7ubZ1M70VoHPlfSY-7exIONdlgbcDvqfCvkfdINDEPi2HcE1FrxVYejPhatovcCtPOfsWTKxbObSbg29dI1rlUryPbRX3-tgnvgJOEeGChl0vDzjBdfuOn3hQh6xdb-TQMPPrswRwG7b2xK3yMW2T6ziBLgWtAgqcUGJISKMSYMTEa4eLXfsV7BYk7E8N5or3IrocCJtJJm2XBvMPypexNSGnzmq4vtlSexmMwyMd6PXgR1x4JdsjBHxhL3udJ5L48EUBUpUxVlsgXjvFE58QoFRE42O10Bv6SLdeVABNiTei2DFVN9XnDGE56mOGjprCHgWGODeq25n2_xaWUt6MK8b3VXgnsvNcEen1ED_m4YKBTYvvmVJqaOaOo7OOGlI7tN7siz2_Ui76kv3CCAzQuS0Dt9ZAePcJNgIPiZT3pFxspklIIZL0_o6gqQimtZuwvI2ITvhk26vEMc277KKynDQwvM6SX3Zp7wcIS3u23Sy8KsL5SSMElpZRxM5DAALHprwFKiCFuHcorovI3wvsI5sO37nA1B26YVGWDEi3Essm2horVNp0vTPm7JdfrzvCghzfXaibHwraoGVyjWZXT550YuMXddblmvZBo-SAx8ISOeBt9Jh9f_ZZX28NFsYdX22rRi85n7vUa7vOCsp5Wp6PMz--701PDqYpQUZMS8lcuetvOh8FSpy4Gz7W0Aj3eBfY3Z0qEhHqEOOdJdhHvee06U5R0hJMTAHMNc6KQryFRE-SJiCZOP24KbtAomAPZ_xsccJ8UY3EgwJKhl0YNfU86mBPmjDFnIV2e6hD6Kzra_GC5mkofXT9ebpPKiQ1jfYh_QOpvhHxMuAfXYpOfmHOmMJm4x6yYC2iqgE5PbYuAXOrGfrjKcq4Mz62vnzx7PkKrzSxe6-uzK1C95DL_fdQ0Cf2S8weG32JgHZ5q16aRasOZolxAwgVuewG2AgTFQTVKf3PzBQmr7tb807zGLGj2QpwmPFYRQYXV4t4aN8lWdo3zv9yQgtm9W3hD7cOuB8F96yZicFhfdbEAdI_12CDyous7TCWiUojcYEt32SviZzHCeZRiEcbKoQ7N7GTUU4v4W_ZyHeJZI6y-6fWnSuc6GUF0Ah2DOc25LQStikfJbcJiMclQwPRLaWoPNWNMTqMg6aEa-mpVbN-zAwV843nOASCizt-bM5Ut_WbvuXX2lLvhhglUUvz7CjkqhS6lo3X5GS2wTRcfFbo85vX84lJ3cpNYDlLtnpob3krAslkP-iAyqTlPnpHbs4-_pzK7rkrSFqBHdeNbm1sGAPf0jw-ORuLCh7TNfWpyLDj6rwQBYRBkrXTXmDDLDetkCw0vqfBdc4Jn15OtNLOvIjlBKRu3j0EFBOd7UgiOYASgLXEdcvXUhn-YRh3u67M72cdp1iUBunfAWm__a9tDPW9C_OXOCE2LO2v-RKirR5ZuqhcfqUvAebW3ObSlDtVFnRx85jjkUa6GYnZMJAQK_tCt33HKQU8uJTTFncyxRkHj9bBVzyV0GBCGtO_j2sFpfoVe_3FBACN31ISoH9LXvh2kqUd-w59sOQKYvLijbhZ8bn4cBINtXDwPBSpbcATKAm8TUrrP_e7j5hauawGCHN2kULeVuhJ0m8oV6Yz7v5-gEcP_JTDMx9cUTc8uW7M6c-CHvTY4ulz_7yJFYtfHo5cDsozQHt_4uKrL-7Crci4YOUOiv7xHGJl5FAn0nPmEJwJK4-Gx64jJ8PYEawwrTlG8mZc-VbkPmFtj_QmeibtxyDS89qB7hMZL8o-TBUCjbBOCw2kgM6Pstr_aCCNJJhxx4O0wGndCg6rqHfWX7v8UVcMUV9d7eDUJqYj3-j2IS17CG-lHn70DIfJw_mFpinq9q3WmyOU_OUsftskRLiW0Qcj96z1uuu_UzTBwhsomDLW0LhP2qcGofnA2q8ZKSvLdJ0n1hSJDoNPImrgFMSD3vLIVSYaGGIEzPbR6SDOsnmuXyJ96zV1sq380EnBnysSIWxwg-OxDMnOcOWHxkP9q7m4Bc77VPLoioje3SHVnppKkK5DJextY-9A88j74h-wXfY7Ucp-s8nQGCseW56TelQBW1U-AoBAy2haWy9IDYkmFXkDPxN1p_7DDsUMnXrTLRLvV-DSbLsbECvSbLZ6F5okdR2c8hQCLeLqMADri9lG7gBFYzrRVfnmQepQEczSApA4PBcGWaXG0hcgFYGpf-EpKBgaR26LPfLopdRNFdE2ZrN7yhZLGzOvk0bozBw4bTtIe9pMs42hUfi7ztjE-WbPxXK2O-2_NPIRkpssh6plB2PA_p36nz0Rvln-serrDz59uaeh97L8zGPBpDH1XoR1TX78AWp8_pRM0jc0OtqERALtLWr8YrED46AYqKI-TE_Ew49X6XLF3V8piQGvyAWNEU6nU7ntDccSqeqVklLAXODRZF1Ks6RWnZqb-nHpUd_b0wC37uN6uTd7R50W8fWBd-zWDUnqhWazEBZQjdZN4UHTBMbYe228NTpRwu9f6cVtwcn0cbc18cVnxnCeeNWUb4WJCWRbe-pU7aHynAeHFs7UcmpgMqgd4VqvkNC0EzEoBZ9RBY952OP26fwOs4oCvMKo_u-PYeR1dQYnQIvrEV1Ec6-fFm_is0j5C00oPNxakTAmi9ogOB0EXnb2_lwsa3bDp2LOYbJ48RG7h_JJ7UfyXHm4rOo9onuyb_QaMwgEEi0AjSKyzORw5pxX_ckiBmDvEVLc4wJfGCZhplDZ66sVYprVpXr8hyeQBQvT8T4YAWAB&adsafe_url=https%3A%2F%2Fja.projectunderstood.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fb94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fb94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:de7f8326-d6f9-ab17-4ace-efa252cdeb28,c:a31ThJ,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-5965999f9f-ms6zw,rg:jp,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,nbld:0,mtim:2,fm:t3gEw3B+11%7C12%7C131%7C132%7C133%7C134%7C135%7C141%7C1421%7C151%7C152%7C153%7C161%7C17*.743429-55636121%7C171%7C172,idMap:17*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:16,oid:674614f0-be50-11ec-90bb-dac5b56043dc,v:19.8.299,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.136.247.49 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-136-247-49.ap-southeast-1.compute.amazonaws.com
Software: AMO-jAds/1.1 /
Resource Hash: 6a10ef40cbc7c51762bc04579aacd822f725df1a67d1787a0f226145954a56f7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Apr 2022 13:15:08 GMT
content-encoding: gzip
server: AMO-jAds/1.1
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
transfer-encoding: chunked
x-h: cmp-adserver01.adcloud-prod.ap-southeast-1.private
expires: Sun Apr 17 13:15:08 UTC 2022

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220413/r20110914/ Frame CCD9 25 KB
10 KB 6ms
4ms Script
text/javascript 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220413/r20110914/abg_lite.js

Requested by

Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/743429/55636121/xbbe/creative/adj?p=APEucNUML_uRTeCyTJ_nn9xXD60bPUjwFKRPCh_ITMUJiPhuU-8ZlTw&d=CnkAoCZ_4OOQVQbKgsJ9rcbPBo1WdnEPb6T6ckIuVunupyVSiOPVMJSY9XbAiyCGYCPeTkifDGWgas4QM_SDeJwrIR9BjfJDruKLPgsQufcmfAGFVhs9GxZ2FcVd0vdbN_Dn7Ziu9tyIkr-F1YghYZRkmRnhjhhyZt6nEpkUAKAmf-DRoFT1yf81VxusRM3Xlva268PQWtY-nHnrzGSttuK88U6_qwFI6_dn8wFuy3_Jmq87qiuvHngJS9RhsPf0KP8WN8Ts-EOfd5shBIRZj_VAGV-D-oXACfZgEmGD8OVHHu65R1bPgKn-mrdQhfKDCssxKtUwlXfebTLr0oRSZxC2Qhwm3__IliQOmeIDYIJdweI_AxWZ8emo2gTjeDuNvZ-qSuQmNSWiD_Or3RJVhCWsdXfqjKRx2YHn2UQhwZRB_Nh_OyOnHuhW6KbbC8FGiax4DsBz_3tzBWlFMW0a11g4DrwZ28baBXl4srWbY9o11fGP7pX8kRmQ_26IR8hhc3675gyevxGM9Dqx95pI2ogOvaEb0pXTp_uVaIiOUq81P6tNpJZSWMitTBKX2hUirUIAGmAV8fHJ1-SGz1mvd436_0bbqxC6r0ambQjup3dnJDcoJPxBzsoLrdd5rUA_DnIaYUhasPn8wURv0tN-ZodFVoddHhaOcaKEfrudgZB0bKuIBa9uVgeY0erZs2nCta7FzG_lxsKn__Pp21XYnCc4PR9xRH0lNNX5vZH6Lk5w1LHQ9KLWjMfYVk_8IAqibpHkb3sKXkcQJrSN5kmG0B-p8MVPrmG8jjuk4P8jFZ7dy4n6H5r6sNJ2BPJkNt9HgJR7FIonlbdwg_y9r2B5BK_yPCRPzWOj29ikzdisP6hMhcs3UaHE9yYyDE4RJeibEJZBLtYH2OY7ubZ1M70VoHPlfSY-7exIONdlgbcDvqfCvkfdINDEPi2HcE1FrxVYejPhatovcCtPOfsWTKxbObSbg29dI1rlUryPbRX3-tgnvgJOEeGChl0vDzjBdfuOn3hQh6xdb-TQMPPrswRwG7b2xK3yMW2T6ziBLgWtAgqcUGJISKMSYMTEa4eLXfsV7BYk7E8N5or3IrocCJtJJm2XBvMPypexNSGnzmq4vtlSexmMwyMd6PXgR1x4JdsjBHxhL3udJ5L48EUBUpUxVlsgXjvFE58QoFRE42O10Bv6SLdeVABNiTei2DFVN9XnDGE56mOGjprCHgWGODeq25n2_xaWUt6MK8b3VXgnsvNcEen1ED_m4YKBTYvvmVJqaOaOo7OOGlI7tN7siz2_Ui76kv3CCAzQuS0Dt9ZAePcJNgIPiZT3pFxspklIIZL0_o6gqQimtZuwvI2ITvhk26vEMc277KKynDQwvM6SX3Zp7wcIS3u23Sy8KsL5SSMElpZRxM5DAALHprwFKiCFuHcorovI3wvsI5sO37nA1B26YVGWDEi3Essm2horVNp0vTPm7JdfrzvCghzfXaibHwraoGVyjWZXT550YuMXddblmvZBo-SAx8ISOeBt9Jh9f_ZZX28NFsYdX22rRi85n7vUa7vOCsp5Wp6PMz--701PDqYpQUZMS8lcuetvOh8FSpy4Gz7W0Aj3eBfY3Z0qEhHqEOOdJdhHvee06U5R0hJMTAHMNc6KQryFRE-SJiCZOP24KbtAomAPZ_xsccJ8UY3EgwJKhl0YNfU86mBPmjDFnIV2e6hD6Kzra_GC5mkofXT9ebpPKiQ1jfYh_QOpvhHxMuAfXYpOfmHOmMJm4x6yYC2iqgE5PbYuAXOrGfrjKcq4Mz62vnzx7PkKrzSxe6-uzK1C95DL_fdQ0Cf2S8weG32JgHZ5q16aRasOZolxAwgVuewG2AgTFQTVKf3PzBQmr7tb807zGLGj2QpwmPFYRQYXV4t4aN8lWdo3zv9yQgtm9W3hD7cOuB8F96yZicFhfdbEAdI_12CDyous7TCWiUojcYEt32SviZzHCeZRiEcbKoQ7N7GTUU4v4W_ZyHeJZI6y-6fWnSuc6GUF0Ah2DOc25LQStikfJbcJiMclQwPRLaWoPNWNMTqMg6aEa-mpVbN-zAwV843nOASCizt-bM5Ut_WbvuXX2lLvhhglUUvz7CjkqhS6lo3X5GS2wTRcfFbo85vX84lJ3cpNYDlLtnpob3krAslkP-iAyqTlPnpHbs4-_pzK7rkrSFqBHdeNbm1sGAPf0jw-ORuLCh7TNfWpyLDj6rwQBYRBkrXTXmDDLDetkCw0vqfBdc4Jn15OtNLOvIjlBKRu3j0EFBOd7UgiOYASgLXEdcvXUhn-YRh3u67M72cdp1iUBunfAWm__a9tDPW9C_OXOCE2LO2v-RKirR5ZuqhcfqUvAebW3ObSlDtVFnRx85jjkUa6GYnZMJAQK_tCt33HKQU8uJTTFncyxRkHj9bBVzyV0GBCGtO_j2sFpfoVe_3FBACN31ISoH9LXvh2kqUd-w59sOQKYvLijbhZ8bn4cBINtXDwPBSpbcATKAm8TUrrP_e7j5hauawGCHN2kULeVuhJ0m8oV6Yz7v5-gEcP_JTDMx9cUTc8uW7M6c-CHvTY4ulz_7yJFYtfHo5cDsozQHt_4uKrL-7Crci4YOUOiv7xHGJl5FAn0nPmEJwJK4-Gx64jJ8PYEawwrTlG8mZc-VbkPmFtj_QmeibtxyDS89qB7hMZL8o-TBUCjbBOCw2kgM6Pstr_aCCNJJhxx4O0wGndCg6rqHfWX7v8UVcMUV9d7eDUJqYj3-j2IS17CG-lHn70DIfJw_mFpinq9q3WmyOU_OUsftskRLiW0Qcj96z1uuu_UzTBwhsomDLW0LhP2qcGofnA2q8ZKSvLdJ0n1hSJDoNPImrgFMSD3vLIVSYaGGIEzPbR6SDOsnmuXyJ96zV1sq380EnBnysSIWxwg-OxDMnOcOWHxkP9q7m4Bc77VPLoioje3SHVnppKkK5DJextY-9A88j74h-wXfY7Ucp-s8nQGCseW56TelQBW1U-AoBAy2haWy9IDYkmFXkDPxN1p_7DDsUMnXrTLRLvV-DSbLsbECvSbLZ6F5okdR2c8hQCLeLqMADri9lG7gBFYzrRVfnmQepQEczSApA4PBcGWaXG0hcgFYGpf-EpKBgaR26LPfLopdRNFdE2ZrN7yhZLGzOvk0bozBw4bTtIe9pMs42hUfi7ztjE-WbPxXK2O-2_NPIRkpssh6plB2PA_p36nz0Rvln-serrDz59uaeh97L8zGPBpDH1XoR1TX78AWp8_pRM0jc0OtqERALtLWr8YrED46AYqKI-TE_Ew49X6XLF3V8piQGvyAWNEU6nU7ntDccSqeqVklLAXODRZF1Ks6RWnZqb-nHpUd_b0wC37uN6uTd7R50W8fWBd-zWDUnqhWazEBZQjdZN4UHTBMbYe228NTpRwu9f6cVtwcn0cbc18cVnxnCeeNWUb4WJCWRbe-pU7aHynAeHFs7UcmpgMqgd4VqvkNC0EzEoBZ9RBY952OP26fwOs4oCvMKo_u-PYeR1dQYnQIvrEV1Ec6-fFm_is0j5C00oPNxakTAmi9ogOB0EXnb2_lwsa3bDp2LOYbJ48RG7h_JJ7UfyXHm4rOo9onuyb_QaMwgEEi0AjSKyzORw5pxX_ckiBmDvEVLc4wJfGCZhplDZ66sVYprVpXr8hyeQBQvT8T4YAWAB&adsafe_url=https%3A%2F%2Fja.projectunderstood.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fb94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fb94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:de7f8326-d6f9-ab17-4ace-efa252cdeb28,c:a31ThJ,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-5965999f9f-ms6zw,rg:jp,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,nbld:0,mtim:2,fm:t3gEw3B+11%7C12%7C131%7C132%7C133%7C134%7C135%7C141%7C1421%7C151%7C152%7C153%7C161%7C17*.743429-55636121%7C171%7C172,idMap:17*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:16,oid:674614f0-be50-11ec-90bb-dac5b56043dc,v:19.8.299,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e66bfceb15a6ee125dff79826be02a07b766843e6c660edf55ec0c22d1a407c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:13:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 92
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9777
x-xss-protection: 0
server: cafe
etag: 12512753850102923420
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 01 May 2022 13:13:36 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220413/r20110914/elements/html/ Frame CCD9 8 KB
3 KB 8ms
6ms Script
text/javascript 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220413/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:13:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 127
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 01 May 2022 13:13:01 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame CCD9 0
26 B 44ms
40ms Ping
image/gif 172.217.175.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvi7vpsN8MeMvEtqVTPS7J8h5xpTQtr5Q9AGUzNyBoLHbcQhINtedzHa-0sxecZLezYy6V7fjH41QUnUK4CoK0v2hdI-dMme-TaNzDpmxWvcBJ_XyOhjqkwYGdLx7aqEXinr97ByD5Vhds&sai=AMfl-YRS05Ah3HF_Q9qTqnAwMXgpQ4I7_e42ykkPmRpGE1OBaGiSTyqt9DsRDn8b945zrtLW004OFGnlslABlOae7PwEfDwaPg72p6a_zGRaohjJHF9cc3-Rm49kJXE&sig=Cg0ArKJSzKwKgoNtrkg8EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=4&cbvp=1&cstd=1&cisv=r20220413.63744&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.175.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s21-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 17 Apr 2022 13:15:08 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 4249 Show response
ads.everesttech.net/ads/mti/20742/ Frame E7CD 9 KB
9 KB 745ms
266ms Document
text/html 44.228.154.252
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.everesttech.net/ads/mti/20742/4249?CLK_TR=%2F%2Fstatsf-tm.everesttech.net%2Fstats%2F1%2Fct%3Fcmpo%3Dt%26cmpe%3DH4sIAAAAAAAAAAHAAD__YuhkS6FcJbdaLJTwvNe-jaiImDNU9wvRSQFEPj4d3JdhnkQBEPvGxOU7w3ixoQHda-d98DBN3MdvhQe3_hgPlqZ3st_7SE979DPe7h75MRnkmVqZLSaPuXIjRbg3cs4XyTPxUOaRM_FzVR22oLtZB_b2-2xxpzxD_NJ1tHStYTpCkpArpeWUrE64quUdjNUs6bltapNJ03_kJIcDQqPmTX3_1LRMtwVL2JWa5ih5-Ly5g8dRApjAMteO3YaB88-D1p3qs8AAAAA%26redir%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Fpcs%252Fclick%253Fxai%253DAKAOjsuyTqmsI98m5IwtyzG8LRtP9kc-jEx4P4IN4sDYbiQ_EVh6U3qav5JKxCZSplWWFWPfqCwZKcCOfw_HmFnqne_DGOyUTrCjwUs8T10s2FIuU8G6tZP3An5clcGuosNRUnPizlEFi3L0RlowZruK1JwzKj22csjfcoT-0Lja38F5fkyQJeSJxmkbdjXK0HRIi1n9Qeavg07GH8LWc0a20pz1LIwYWlRitmJoRaUDQzsd4yHnWKMhs7JwdnEHLgCpIp2UE5uH2DbuDFKLEUqJWfLbxTOaAZjAKzO8hcFtSYo4GRxo7d7ZzMa-DEkc6iJsOJxSKp3ta450FOQ0_En9sjRa6zPrMWxQbM4fdfAdk9N4GU-lKqOilMV2riNrFIV64tgKN-7_SClzaz2_p1hyvkKbBzEp_P-gAxWQGKdRV6P7WQcrGLyda8FUyMTiuCjNld4I-ZNiq0exFtO2FB7dZzVuD1hWq2I2LGXusInhsJggsCxftoIDfWgkUsLPlKYCOwOgqPWGobu9qw_m2jBisXp8jL-FYjQsW3rlY7mpkemz6sxbyHeeMLeVP2eooqS7yFbIfzqxcuCvGJ3-JFSRWcKaT31Wf3eZEAYpxebOatjFaoHAuk3bUeSXLIUq2j5-P-LfT4oo1Tv6O9UkWlXf2kKBoZMM6EOVL_qs8RMzGQmEjRo6uIvKM8DRc0R2PGQyNUfCqxQQK06lDZrExY0KG1sd7Y4KwzerZKhjLrpv-gm3pAd1geQCgMiQ3VD24OaqUOBWn2KccU8iQCAWu280dibTfSptnfFLtSexoMVC-sL8GatUoiF2fHdGTcI0k_3P-podkL2mrMSwhc3sgaXcMMsfgQD7J89tNGO2LTxifBmHhphgG68zlicSewgLyXxR2JDf3A3mrb1unUPwVPa7YsUAtH_EprevpDR5B6ie-cBIB2TtksHvt9Ga3H0AsZatA_oqQ5_USHg_Vx9aZ1jACC2Hwob1uS7aR74oRbQfwxeh5afiFFwVd2maXjOKDAjI47yEFrFQcmyFq4EEczNSLQIX7DCpe0j9GLwavhQesdJisoKsLEZRQxLSt0H_ktf9ohZgAnoKjYeJFHNFQXvLcshnrB9HOpEwEWzbOry1yI259KqYlP_g1-ljbWLxxMrQfZgol8MLgJ0ZybYs8jB8gLicoI8D6wdzISFO2lfNHbhQnI2wsfmVLzJ6SlUszWBXegwxtjLzBk9-7CqfKL7iGr4%2526sai%253DAMfl-YRZW-8TcbXWKlpS_DDmnmxi0mhTPEFxQGbVgLLWMi8zEif3fRp9QWdZ5DywnQL4bU3m2j-LS_JIEbBYUjU0hqg-wOgPw6WdWZpxBmZDUBQatbIyX1ECl2hv5SIdSkg95qTRKBF4RVVu-qKQOfa_VyEOohe6PsTYSaZmKiWRYKCbmfW5qy8lWGtvwNEI4_v_Jod_kekoX4-LvEmxCJr2RW_DrQlRL0YddVZf2kX1DvHJ8HS-qNI%2526sig%253DCg0ArKJSzES0Wk8G9X35EAE%2526cry%253D1%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D&CMP_ID=25947223&PLCMT_ID=305934931&AD_ID=498879351&FEED_ID=${TM_FEED_ID_NUM}&Placement_ID=305934931&cachebuster=1650201344&TC_1=2200008&TC_2=25947223&TC_3=305934931&TC_4=137843133&TC_5=dcmadvertiserid|8404942$dcmcampaignid|25947223$dcmadid|498879351$dcmrenderingid|137678428$dcmsiteid|6958819$dcmplacementid|305934931$customer|Microsoft$dv360auctionid|
Requested by: Host: cmp-as-tm.everesttech.net
URL: https://cmp-as-tm.everesttech.net/ads/cmp/s/2021/457933?w=728&h=90&s=5&dsp=Google+DCM&clk=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsuyTqmsI98m5IwtyzG8LRtP9kc-jEx4P4IN4sDYbiQ_EVh6U3qav5JKxCZSplWWFWPfqCwZKcCOfw_HmFnqne_DGOyUTrCjwUs8T10s2FIuU8G6tZP3An5clcGuosNRUnPizlEFi3L0RlowZruK1JwzKj22csjfcoT-0Lja38F5fkyQJeSJxmkbdjXK0HRIi1n9Qeavg07GH8LWc0a20pz1LIwYWlRitmJoRaUDQzsd4yHnWKMhs7JwdnEHLgCpIp2UE5uH2DbuDFKLEUqJWfLbxTOaAZjAKzO8hcFtSYo4GRxo7d7ZzMa-DEkc6iJsOJxSKp3ta450FOQ0_En9sjRa6zPrMWxQbM4fdfAdk9N4GU-lKqOilMV2riNrFIV64tgKN-7_SClzaz2_p1hyvkKbBzEp_P-gAxWQGKdRV6P7WQcrGLyda8FUyMTiuCjNld4I-ZNiq0exFtO2FB7dZzVuD1hWq2I2LGXusInhsJggsCxftoIDfWgkUsLPlKYCOwOgqPWGobu9qw_m2jBisXp8jL-FYjQsW3rlY7mpkemz6sxbyHeeMLeVP2eooqS7yFbIfzqxcuCvGJ3-JFSRWcKaT31Wf3eZEAYpxebOatjFaoHAuk3bUeSXLIUq2j5-P-LfT4oo1Tv6O9UkWlXf2kKBoZMM6EOVL_qs8RMzGQmEjRo6uIvKM8DRc0R2PGQyNUfCqxQQK06lDZrExY0KG1sd7Y4KwzerZKhjLrpv-gm3pAd1geQCgMiQ3VD24OaqUOBWn2KccU8iQCAWu280dibTfSptnfFLtSexoMVC-sL8GatUoiF2fHdGTcI0k_3P-podkL2mrMSwhc3sgaXcMMsfgQD7J89tNGO2LTxifBmHhphgG68zlicSewgLyXxR2JDf3A3mrb1unUPwVPa7YsUAtH_EprevpDR5B6ie-cBIB2TtksHvt9Ga3H0AsZatA_oqQ5_USHg_Vx9aZ1jACC2Hwob1uS7aR74oRbQfwxeh5afiFFwVd2maXjOKDAjI47yEFrFQcmyFq4EEczNSLQIX7DCpe0j9GLwavhQesdJisoKsLEZRQxLSt0H_ktf9ohZgAnoKjYeJFHNFQXvLcshnrB9HOpEwEWzbOry1yI259KqYlP_g1-ljbWLxxMrQfZgol8MLgJ0ZybYs8jB8gLicoI8D6wdzISFO2lfNHbhQnI2wsfmVLzJ6SlUszWBXegwxtjLzBk9-7CqfKL7iGr4%26sai%3DAMfl-YRZW-8TcbXWKlpS_DDmnmxi0mhTPEFxQGbVgLLWMi8zEif3fRp9QWdZ5DywnQL4bU3m2j-LS_JIEbBYUjU0hqg-wOgPw6WdWZpxBmZDUBQatbIyX1ECl2hv5SIdSkg95qTRKBF4RVVu-qKQOfa_VyEOohe6PsTYSaZmKiWRYKCbmfW5qy8lWGtvwNEI4_v_Jod_kekoX4-LvEmxCJr2RW_DrQlRL0YddVZf2kX1DvHJ8HS-qNI%26sig%3DCg0ArKJSzES0Wk8G9X35EAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&dsp_bu_id=25947223&dsp_pa_id=305934931&dsp_si_id=6958819&dsp_ad_id=498879351&dsp_cr_id=137843133&dp1=305934931&tc_1=2200008&tc_2=25947223&tc_3=305934931&tc_4=137843133&tc_5=dcmadvertiserid|8404942$dcmcampaignid|25947223$dcmadid|498879351$dcmrenderingid|137678428$dcmsiteid|6958819$dcmplacementid|305934931$customer|Microsoft$dv360auctionid|
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.228.154.252 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-228-154-252.us-west-2.compute.amazonaws.com
Software: AMO-jAds/1.1 /
Resource Hash: 63cb6c6ffa093eb3ea1d3ab89a780a4dbd2516722b9a0940bb340b1e249e71a9

Request headers

Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: text/html;charset=utf-8
date: Sun, 17 Apr 2022 13:15:09 GMT
expires: Sun Apr 17 13:15:09 UTC 2022
p3p: NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT
pragma: no-cache
server: AMO-jAds/1.1

GET
H2 200 imp
statsf-tm.everesttech.net/stats/1/ Frame CCD9 85 B
353 B 687ms
667ms Image
image/png 151.101.194.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://statsf-tm.everesttech.net/stats/1/imp?cmpo=t&cmpe=H4sIAAAAAAAAAAHAAD__YuhkS6FcJbdaLJTwvNe-jaiImDNU9wvRSQFEPj4d3JdhnkQBEPvGxOU7w3ixoQHda-d98DBN3MdvhQe3_hgPlqZ3st_7SE979DPe7h75MRnkmVqZLSaPuXIjRbg3cs4XyTPxUOaRM_FzVR22oLtZB_b2-2xxpzxD_NJ1tHStYTpCkpArpeWUrE64quUdjNUs6bltapNJ03_kJIcDQqPmTX3_1LRMtwVL2JWa5ih5-Ly5g8dRApjAMteO3YaB88-D1p3qs8AAAAA
Requested by: Host: b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com
URL: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:15:09 GMT
via: 1.1 varnish
x-pt: P=239
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
x-cache-hits: 0
x-region: Asia
content-length: 85
x-served-by: cache-hnd18725-HND
pragma: no-cache
server: Jetty(9.4.35.v20201120)
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
expires: Sun, 17 Apr 2022 13:15:09 GMT

GET
DATA 200
OK truncated
/ Frame CCD9 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db21c850ee95e413a7ad251e2093448e1c0ba4caf43f4dc32e9905511beb3aa1

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

POST
H/1.1 204
No Content bsevent.gif
rtbc-sgc.doubleverify.com/ Frame 5B20 0
295 B 286ms
95ms Ping
text/plain 69.174.120.29
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbc-sgc.doubleverify.com/bsevent.gif?impid=9500c5fdc6c648ea9794aa95a50c6a37&nav_pltfrm=Linux%20x86_64&cbust=1650201308787854
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal102.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 69.174.120.29 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS: te4-0.cr1.lax1.us.packetexchange.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com
Pragma: no-cache
Date: Sun, 17 Apr 2022 13:15:09 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Vary: Origin
Expires: 04/16/2022 13:15:09

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame CCD9 43 B
301 B 518ms
173ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=743429&asId=de7f8326-d6f9-ab17-4ace-efa252cdeb28&tv=%7Bc:a31TsM,pingTime:-10,time:701,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMDAuMC40ODk2Ljc1IFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1650201308859%7C%7C69e4922c2fb7bc8d7582b6f61e2082bd%7C%7Ceb4f03ab9dc867f6a5bdb2294b85db99%7C%7Cd7d82e1c62e3cc8f51841e697694a7f1%7C%7Caa9e37cabe73a45a151faec9c85bf354%7C%7C8fc98d42414be707180b5aa597219c54%7C%7Cec1e2ca86daf7a0cef84bf150c05c8e6%7C%7C9e6242d78da68a6b2fd658ce367dc9f7%7C%7C1629390669%7D
Requested by: Host: b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com
URL: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 17 Apr 2022 13:15:09 GMT
X-Server-Name: dt58.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2 200 a_cnti.png Show response
cdn.onnetwork.tv/cnt/ Frame 6259 126 B
329 B 247ms
246ms Fetch
image/png 178.33.50.233
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onnetwork.tv/cnt/a_cnti.png?ts=1650201309&event=plstarttry&d=9074&vs=0&aps=4&playerVisible=1&plist=0&widget=0&initap=4&currap=4&ab=0&cbs=1&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&acount=0
Requested by: Host: ja.projectunderstood.com
URL: https://ja.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.33.50.233 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w18.of.pl
Software: XO.webservantpro /
Resource Hash: a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:15:09 GMT
last-modified: Sunday, 17-Apr-2022 13:15:09 GMT
server: XO.webservantpro
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 126

GET
H2 200 a_cnti.png Show response
cdn.onnetwork.tv/cnt/ Frame 6259 126 B
329 B 247ms
246ms Fetch
image/png 178.33.50.233
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onnetwork.tv/cnt/a_cnti.png?ts=1650201309&event=adsearch&d=9074&vs=0&aps=4&playerVisible=1&plist=0&widget=0&initap=4&currap=4&ab=0&cbs=2&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&acount=0
Requested by: Host: ja.projectunderstood.com
URL: https://ja.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.33.50.233 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w18.of.pl
Software: XO.webservantpro /
Resource Hash: a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:15:09 GMT
last-modified: Sunday, 17-Apr-2022 13:15:09 GMT
server: XO.webservantpro
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 126

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 6259 107 B
122 B 73ms
37ms Script
application/javascript 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ja.projectunderstood.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 17 Apr 2022 13:15:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame CCD9 43 B
301 B 272ms
174ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=743429&asId=de7f8326-d6f9-ab17-4ace-efa252cdeb28&tv=%7Bc:a31Tyr,time:1052,type:e,im:%7Bpci:%7Btdr:1005%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:1052,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1047~0%5D,as:%5B1047~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t3gEw3B+11%7C12%7C131%7C132%7C133%7C134%7C135%7C141%7C1421%7C151%7C152%7C153%7C161%7C17*.743429-55636121%7C171%7C172,idMap:17*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Requested by: Host: b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com
URL: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 17 Apr 2022 13:15:09 GMT
X-Server-Name: dt42.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 7D95 85 KB
17 KB 357ms
356ms XHR
text/xml 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F121764058%2C22563361973%2Fprojectunderstood.com_o3b_instream_OnN_o3b&url=https%3A%2F%2Fja.projectunderstood.com%2F744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10&description_url=projectunderstood.com&tfcd=0&npa=0&sz=300x250%7C400x300%7C980x300&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&nofb=1&vpa=auto&osd=2&frm=0&vis=1&sdr=1&is_amp=0&ad_rule=0&allcues=15000%2C30000&vid_d=92&vad_type=linear&vpos=preroll&vpmute=0&gdpr=0&pod=1&ppos=1&min_ad_duration=0&max_ad_duration=360000&sdkv=h.3.510.1&hl=en&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&u_so=l&ctv=0&mpt=onnetwork%2Fvplayer&mpv=8.6.1&gdpr_consent=tcunavailable&sdki=44d&ptt=20&adk=4093528735&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.510.1&sid=095E5934-926C-4A94-BB42-E616B9EFC407&nel=0&eid=44725356%2C44750813%2C44750823%2C44758348%2C44761692&dlt=1650201306232&idt=1966&dt=1650201309266&cookie=ID%3D1b4e733874eb5566%3AT%3D1650201305%3AS%3DALNI_MbaRjRnlQpxUwOYnpzG-IgNvmV_Mg&correlator=433791787931860&scor=3658584778120945&ppid=onnetwork&ged=ve4_td3_tt1_pd3_la3000_er901.260.901.260_vi0.0.1200.1600_vp0_eb16619

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.510.1_pl.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

cafe /

Resource Hash

fdd878d75a0669046048016fb681ca4ec61bf98bfcece4164b0ce9ad5313f1ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:15:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16778
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 7D95 80 KB
16 KB 704ms
704ms XHR
text/xml 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F121764058%2C22563361973%2Fprojectunderstood.com_o3b_instream_OnN_o3b&url=https%3A%2F%2Fja.projectunderstood.com%2F744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10&description_url=projectunderstood.com&tfcd=0&npa=0&sz=300x250%7C400x300%7C980x300&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&nofb=1&vpa=auto&osd=2&frm=0&vis=1&sdr=1&is_amp=0&ad_rule=0&allcues=15000%2C30000&vid_d=92&vad_type=linear&vpos=preroll&vpmute=0&gdpr=0&pod=1&ppos=2&min_ad_duration=0&max_ad_duration=360000&sdkv=h.3.510.1&hl=en&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&u_so=l&ctv=0&mpt=onnetwork%2Fvplayer&mpv=8.6.1&gdpr_consent=tcunavailable&sdki=44d&ptt=20&adk=4093528735&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.510.1&sid=095E5934-926C-4A94-BB42-E616B9EFC407&nel=0&eid=44725356%2C44750813%2C44750823%2C44758348%2C44761692&dlt=1650201306232&idt=1966&dt=1650201309270&cookie=ID%3D1b4e733874eb5566%3AT%3D1650201305%3AS%3DALNI_MbaRjRnlQpxUwOYnpzG-IgNvmV_Mg&correlator=433791787931860&scor=3658584778120945&ppid=onnetwork&ged=ve4_td3_tt1_pd3_la3000_er901.260.901.260_vi0.0.1200.1600_vp0_ts0_eb16619

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.510.1_pl.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

cafe /

Resource Hash

ab9499e8996279b5c88e01eff06ebcc9242dd4e01f4b29bbdb565252aa112d45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:15:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16399
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 4249 Show response
ads.everesttech.net/ads/mti/20742/ Frame E7CD 15 KB
15 KB 142ms
141ms Document
text/html 44.228.154.252
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.everesttech.net/ads/mti/20742/4249?CLK_TR=%2F%2Fstatsf-tm.everesttech.net%2Fstats%2F1%2Fct%3Fcmpo%3Dt%26cmpe%3DH4sIAAAAAAAAAAHAAD__YuhkS6FcJbdaLJTwvNe-jaiImDNU9wvRSQFEPj4d3JdhnkQBEPvGxOU7w3ixoQHda-d98DBN3MdvhQe3_hgPlqZ3st_7SE979DPe7h75MRnkmVqZLSaPuXIjRbg3cs4XyTPxUOaRM_FzVR22oLtZB_b2-2xxpzxD_NJ1tHStYTpCkpArpeWUrE64quUdjNUs6bltapNJ03_kJIcDQqPmTX3_1LRMtwVL2JWa5ih5-Ly5g8dRApjAMteO3YaB88-D1p3qs8AAAAA%26redir%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Fpcs%252Fclick%253Fxai%253DAKAOjsuyTqmsI98m5IwtyzG8LRtP9kc-jEx4P4IN4sDYbiQ_EVh6U3qav5JKxCZSplWWFWPfqCwZKcCOfw_HmFnqne_DGOyUTrCjwUs8T10s2FIuU8G6tZP3An5clcGuosNRUnPizlEFi3L0RlowZruK1JwzKj22csjfcoT-0Lja38F5fkyQJeSJxmkbdjXK0HRIi1n9Qeavg07GH8LWc0a20pz1LIwYWlRitmJoRaUDQzsd4yHnWKMhs7JwdnEHLgCpIp2UE5uH2DbuDFKLEUqJWfLbxTOaAZjAKzO8hcFtSYo4GRxo7d7ZzMa-DEkc6iJsOJxSKp3ta450FOQ0_En9sjRa6zPrMWxQbM4fdfAdk9N4GU-lKqOilMV2riNrFIV64tgKN-7_SClzaz2_p1hyvkKbBzEp_P-gAxWQGKdRV6P7WQcrGLyda8FUyMTiuCjNld4I-ZNiq0exFtO2FB7dZzVuD1hWq2I2LGXusInhsJggsCxftoIDfWgkUsLPlKYCOwOgqPWGobu9qw_m2jBisXp8jL-FYjQsW3rlY7mpkemz6sxbyHeeMLeVP2eooqS7yFbIfzqxcuCvGJ3-JFSRWcKaT31Wf3eZEAYpxebOatjFaoHAuk3bUeSXLIUq2j5-P-LfT4oo1Tv6O9UkWlXf2kKBoZMM6EOVL_qs8RMzGQmEjRo6uIvKM8DRc0R2PGQyNUfCqxQQK06lDZrExY0KG1sd7Y4KwzerZKhjLrpv-gm3pAd1geQCgMiQ3VD24OaqUOBWn2KccU8iQCAWu280dibTfSptnfFLtSexoMVC-sL8GatUoiF2fHdGTcI0k_3P-podkL2mrMSwhc3sgaXcMMsfgQD7J89tNGO2LTxifBmHhphgG68zlicSewgLyXxR2JDf3A3mrb1unUPwVPa7YsUAtH_EprevpDR5B6ie-cBIB2TtksHvt9Ga3H0AsZatA_oqQ5_USHg_Vx9aZ1jACC2Hwob1uS7aR74oRbQfwxeh5afiFFwVd2maXjOKDAjI47yEFrFQcmyFq4EEczNSLQIX7DCpe0j9GLwavhQesdJisoKsLEZRQxLSt0H_ktf9ohZgAnoKjYeJFHNFQXvLcshnrB9HOpEwEWzbOry1yI259KqYlP_g1-ljbWLxxMrQfZgol8MLgJ0ZybYs8jB8gLicoI8D6wdzISFO2lfNHbhQnI2wsfmVLzJ6SlUszWBXegwxtjLzBk9-7CqfKL7iGr4%2526sai%253DAMfl-YRZW-8TcbXWKlpS_DDmnmxi0mhTPEFxQGbVgLLWMi8zEif3fRp9QWdZ5DywnQL4bU3m2j-LS_JIEbBYUjU0hqg-wOgPw6WdWZpxBmZDUBQatbIyX1ECl2hv5SIdSkg95qTRKBF4RVVu-qKQOfa_VyEOohe6PsTYSaZmKiWRYKCbmfW5qy8lWGtvwNEI4_v_Jod_kekoX4-LvEmxCJr2RW_DrQlRL0YddVZf2kX1DvHJ8HS-qNI%2526sig%253DCg0ArKJSzES0Wk8G9X35EAE%2526cry%253D1%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D&CMP_ID=25947223&PLCMT_ID=305934931&AD_ID=498879351&FEED_ID=${TM_FEED_ID_NUM}&Placement_ID=305934931&cachebuster=1650201344&TC_1=2200008&TC_2=25947223&TC_3=305934931&TC_4=137843133&TC_5=dcmadvertiserid|8404942$dcmcampaignid|25947223$dcmadid|498879351$dcmrenderingid|137678428$dcmsiteid|6958819$dcmplacementid|305934931$customer|Microsoft$dv360auctionid|&nr=0.5758039927578036&edge=y&html5=y&loc=https%3A%2F%2Fb94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com%2F
Requested by: Host: ads.everesttech.net
URL: https://ads.everesttech.net/ads/mti/20742/4249?CLK_TR=%2F%2Fstatsf-tm.everesttech.net%2Fstats%2F1%2Fct%3Fcmpo%3Dt%26cmpe%3DH4sIAAAAAAAAAAHAAD__YuhkS6FcJbdaLJTwvNe-jaiImDNU9wvRSQFEPj4d3JdhnkQBEPvGxOU7w3ixoQHda-d98DBN3MdvhQe3_hgPlqZ3st_7SE979DPe7h75MRnkmVqZLSaPuXIjRbg3cs4XyTPxUOaRM_FzVR22oLtZB_b2-2xxpzxD_NJ1tHStYTpCkpArpeWUrE64quUdjNUs6bltapNJ03_kJIcDQqPmTX3_1LRMtwVL2JWa5ih5-Ly5g8dRApjAMteO3YaB88-D1p3qs8AAAAA%26redir%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Fpcs%252Fclick%253Fxai%253DAKAOjsuyTqmsI98m5IwtyzG8LRtP9kc-jEx4P4IN4sDYbiQ_EVh6U3qav5JKxCZSplWWFWPfqCwZKcCOfw_HmFnqne_DGOyUTrCjwUs8T10s2FIuU8G6tZP3An5clcGuosNRUnPizlEFi3L0RlowZruK1JwzKj22csjfcoT-0Lja38F5fkyQJeSJxmkbdjXK0HRIi1n9Qeavg07GH8LWc0a20pz1LIwYWlRitmJoRaUDQzsd4yHnWKMhs7JwdnEHLgCpIp2UE5uH2DbuDFKLEUqJWfLbxTOaAZjAKzO8hcFtSYo4GRxo7d7ZzMa-DEkc6iJsOJxSKp3ta450FOQ0_En9sjRa6zPrMWxQbM4fdfAdk9N4GU-lKqOilMV2riNrFIV64tgKN-7_SClzaz2_p1hyvkKbBzEp_P-gAxWQGKdRV6P7WQcrGLyda8FUyMTiuCjNld4I-ZNiq0exFtO2FB7dZzVuD1hWq2I2LGXusInhsJggsCxftoIDfWgkUsLPlKYCOwOgqPWGobu9qw_m2jBisXp8jL-FYjQsW3rlY7mpkemz6sxbyHeeMLeVP2eooqS7yFbIfzqxcuCvGJ3-JFSRWcKaT31Wf3eZEAYpxebOatjFaoHAuk3bUeSXLIUq2j5-P-LfT4oo1Tv6O9UkWlXf2kKBoZMM6EOVL_qs8RMzGQmEjRo6uIvKM8DRc0R2PGQyNUfCqxQQK06lDZrExY0KG1sd7Y4KwzerZKhjLrpv-gm3pAd1geQCgMiQ3VD24OaqUOBWn2KccU8iQCAWu280dibTfSptnfFLtSexoMVC-sL8GatUoiF2fHdGTcI0k_3P-podkL2mrMSwhc3sgaXcMMsfgQD7J89tNGO2LTxifBmHhphgG68zlicSewgLyXxR2JDf3A3mrb1unUPwVPa7YsUAtH_EprevpDR5B6ie-cBIB2TtksHvt9Ga3H0AsZatA_oqQ5_USHg_Vx9aZ1jACC2Hwob1uS7aR74oRbQfwxeh5afiFFwVd2maXjOKDAjI47yEFrFQcmyFq4EEczNSLQIX7DCpe0j9GLwavhQesdJisoKsLEZRQxLSt0H_ktf9ohZgAnoKjYeJFHNFQXvLcshnrB9HOpEwEWzbOry1yI259KqYlP_g1-ljbWLxxMrQfZgol8MLgJ0ZybYs8jB8gLicoI8D6wdzISFO2lfNHbhQnI2wsfmVLzJ6SlUszWBXegwxtjLzBk9-7CqfKL7iGr4%2526sai%253DAMfl-YRZW-8TcbXWKlpS_DDmnmxi0mhTPEFxQGbVgLLWMi8zEif3fRp9QWdZ5DywnQL4bU3m2j-LS_JIEbBYUjU0hqg-wOgPw6WdWZpxBmZDUBQatbIyX1ECl2hv5SIdSkg95qTRKBF4RVVu-qKQOfa_VyEOohe6PsTYSaZmKiWRYKCbmfW5qy8lWGtvwNEI4_v_Jod_kekoX4-LvEmxCJr2RW_DrQlRL0YddVZf2kX1DvHJ8HS-qNI%2526sig%253DCg0ArKJSzES0Wk8G9X35EAE%2526cry%253D1%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D&CMP_ID=25947223&PLCMT_ID=305934931&AD_ID=498879351&FEED_ID=${TM_FEED_ID_NUM}&Placement_ID=305934931&cachebuster=1650201344&TC_1=2200008&TC_2=25947223&TC_3=305934931&TC_4=137843133&TC_5=dcmadvertiserid|8404942$dcmcampaignid|25947223$dcmadid|498879351$dcmrenderingid|137678428$dcmsiteid|6958819$dcmplacementid|305934931$customer|Microsoft$dv360auctionid|
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.228.154.252 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-228-154-252.us-west-2.compute.amazonaws.com
Software: AMO-jAds/1.1 /
Resource Hash: 8d6f833c1893ce901fdf052045dc767951a707403fc2b2285de5de7fe4f4e0dc

Request headers

Referer: https://ads.everesttech.net/ads/mti/20742/4249?CLK_TR=%2F%2Fstatsf-tm.everesttech.net%2Fstats%2F1%2Fct%3Fcmpo%3Dt%26cmpe%3DH4sIAAAAAAAAAAHAAD__YuhkS6FcJbdaLJTwvNe-jaiImDNU9wvRSQFEPj4d3JdhnkQBEPvGxOU7w3ixoQHda-d98DBN3MdvhQe3_hgPlqZ3st_7SE979DPe7h75MRnkmVqZLSaPuXIjRbg3cs4XyTPxUOaRM_FzVR22oLtZB_b2-2xxpzxD_NJ1tHStYTpCkpArpeWUrE64quUdjNUs6bltapNJ03_kJIcDQqPmTX3_1LRMtwVL2JWa5ih5-Ly5g8dRApjAMteO3YaB88-D1p3qs8AAAAA%26redir%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Fpcs%252Fclick%253Fxai%253DAKAOjsuyTqmsI98m5IwtyzG8LRtP9kc-jEx4P4IN4sDYbiQ_EVh6U3qav5JKxCZSplWWFWPfqCwZKcCOfw_HmFnqne_DGOyUTrCjwUs8T10s2FIuU8G6tZP3An5clcGuosNRUnPizlEFi3L0RlowZruK1JwzKj22csjfcoT-0Lja38F5fkyQJeSJxmkbdjXK0HRIi1n9Qeavg07GH8LWc0a20pz1LIwYWlRitmJoRaUDQzsd4yHnWKMhs7JwdnEHLgCpIp2UE5uH2DbuDFKLEUqJWfLbxTOaAZjAKzO8hcFtSYo4GRxo7d7ZzMa-DEkc6iJsOJxSKp3ta450FOQ0_En9sjRa6zPrMWxQbM4fdfAdk9N4GU-lKqOilMV2riNrFIV64tgKN-7_SClzaz2_p1hyvkKbBzEp_P-gAxWQGKdRV6P7WQcrGLyda8FUyMTiuCjNld4I-ZNiq0exFtO2FB7dZzVuD1hWq2I2LGXusInhsJggsCxftoIDfWgkUsLPlKYCOwOgqPWGobu9qw_m2jBisXp8jL-FYjQsW3rlY7mpkemz6sxbyHeeMLeVP2eooqS7yFbIfzqxcuCvGJ3-JFSRWcKaT31Wf3eZEAYpxebOatjFaoHAuk3bUeSXLIUq2j5-P-LfT4oo1Tv6O9UkWlXf2kKBoZMM6EOVL_qs8RMzGQmEjRo6uIvKM8DRc0R2PGQyNUfCqxQQK06lDZrExY0KG1sd7Y4KwzerZKhjLrpv-gm3pAd1geQCgMiQ3VD24OaqUOBWn2KccU8iQCAWu280dibTfSptnfFLtSexoMVC-sL8GatUoiF2fHdGTcI0k_3P-podkL2mrMSwhc3sgaXcMMsfgQD7J89tNGO2LTxifBmHhphgG68zlicSewgLyXxR2JDf3A3mrb1unUPwVPa7YsUAtH_EprevpDR5B6ie-cBIB2TtksHvt9Ga3H0AsZatA_oqQ5_USHg_Vx9aZ1jACC2Hwob1uS7aR74oRbQfwxeh5afiFFwVd2maXjOKDAjI47yEFrFQcmyFq4EEczNSLQIX7DCpe0j9GLwavhQesdJisoKsLEZRQxLSt0H_ktf9ohZgAnoKjYeJFHNFQXvLcshnrB9HOpEwEWzbOry1yI259KqYlP_g1-ljbWLxxMrQfZgol8MLgJ0ZybYs8jB8gLicoI8D6wdzISFO2lfNHbhQnI2wsfmVLzJ6SlUszWBXegwxtjLzBk9-7CqfKL7iGr4%2526sai%253DAMfl-YRZW-8TcbXWKlpS_DDmnmxi0mhTPEFxQGbVgLLWMi8zEif3fRp9QWdZ5DywnQL4bU3m2j-LS_JIEbBYUjU0hqg-wOgPw6WdWZpxBmZDUBQatbIyX1ECl2hv5SIdSkg95qTRKBF4RVVu-qKQOfa_VyEOohe6PsTYSaZmKiWRYKCbmfW5qy8lWGtvwNEI4_v_Jod_kekoX4-LvEmxCJr2RW_DrQlRL0YddVZf2kX1DvHJ8HS-qNI%2526sig%253DCg0ArKJSzES0Wk8G9X35EAE%2526cry%253D1%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D&CMP_ID=25947223&PLCMT_ID=305934931&AD_ID=498879351&FEED_ID=${TM_FEED_ID_NUM}&Placement_ID=305934931&cachebuster=1650201344&TC_1=2200008&TC_2=25947223&TC_3=305934931&TC_4=137843133&TC_5=dcmadvertiserid|8404942$dcmcampaignid|25947223$dcmadid|498879351$dcmrenderingid|137678428$dcmsiteid|6958819$dcmplacementid|305934931$customer|Microsoft$dv360auctionid|
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: text/html;charset=utf-8
date: Sun, 17 Apr 2022 13:15:09 GMT
expires: Sun Apr 17 13:15:09 UTC 2022
pragma: no-cache
server: AMO-jAds/1.1

POST
H/1.1 204
No Content event.png
tpsc-sgc.doubleverify.com/ Frame 4BD1 0
295 B 294ms
104ms Ping
text/plain 69.174.120.29
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-sgc.doubleverify.com/event.png?impid=d4860823d5b64aed983b78820fa46374&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&dvp_atali=1&vdur=494&eoid=9&msrjs=2576&nav_pltfrm=Linux%20x86_64&sdf=2&vit=2&isvelg=1&rmi=16&tltms=0&tetms=8&msltms=6&vltms=494&sei=289&vetms=5&engms=1&engisel=1&ttfurm=2521&cbust=1650201309578692
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2576.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 69.174.120.29 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS: te4-0.cr1.lax1.us.packetexchange.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com
Pragma: no-cache
Date: Sun, 17 Apr 2022 13:15:09 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Vary: Origin
Expires: 04/16/2022 13:15:09

GET
H/1.1 200
OK html5-ad-script_v4.html Show response
dco-assets.everestads.net/ics-campaign/static/dco/ Frame 2F2E 16 KB
4 KB 167ms
2ms Document
text/html 104.120.3.184
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign/static/dco/html5-ad-script_v4.html?data=YlwS3QAABbAy4kJl
Requested by: Host: ads.everesttech.net
URL: https://ads.everesttech.net/ads/mti/20742/4249?CLK_TR=%2F%2Fstatsf-tm.everesttech.net%2Fstats%2F1%2Fct%3Fcmpo%3Dt%26cmpe%3DH4sIAAAAAAAAAAHAAD__YuhkS6FcJbdaLJTwvNe-jaiImDNU9wvRSQFEPj4d3JdhnkQBEPvGxOU7w3ixoQHda-d98DBN3MdvhQe3_hgPlqZ3st_7SE979DPe7h75MRnkmVqZLSaPuXIjRbg3cs4XyTPxUOaRM_FzVR22oLtZB_b2-2xxpzxD_NJ1tHStYTpCkpArpeWUrE64quUdjNUs6bltapNJ03_kJIcDQqPmTX3_1LRMtwVL2JWa5ih5-Ly5g8dRApjAMteO3YaB88-D1p3qs8AAAAA%26redir%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Fpcs%252Fclick%253Fxai%253DAKAOjsuyTqmsI98m5IwtyzG8LRtP9kc-jEx4P4IN4sDYbiQ_EVh6U3qav5JKxCZSplWWFWPfqCwZKcCOfw_HmFnqne_DGOyUTrCjwUs8T10s2FIuU8G6tZP3An5clcGuosNRUnPizlEFi3L0RlowZruK1JwzKj22csjfcoT-0Lja38F5fkyQJeSJxmkbdjXK0HRIi1n9Qeavg07GH8LWc0a20pz1LIwYWlRitmJoRaUDQzsd4yHnWKMhs7JwdnEHLgCpIp2UE5uH2DbuDFKLEUqJWfLbxTOaAZjAKzO8hcFtSYo4GRxo7d7ZzMa-DEkc6iJsOJxSKp3ta450FOQ0_En9sjRa6zPrMWxQbM4fdfAdk9N4GU-lKqOilMV2riNrFIV64tgKN-7_SClzaz2_p1hyvkKbBzEp_P-gAxWQGKdRV6P7WQcrGLyda8FUyMTiuCjNld4I-ZNiq0exFtO2FB7dZzVuD1hWq2I2LGXusInhsJggsCxftoIDfWgkUsLPlKYCOwOgqPWGobu9qw_m2jBisXp8jL-FYjQsW3rlY7mpkemz6sxbyHeeMLeVP2eooqS7yFbIfzqxcuCvGJ3-JFSRWcKaT31Wf3eZEAYpxebOatjFaoHAuk3bUeSXLIUq2j5-P-LfT4oo1Tv6O9UkWlXf2kKBoZMM6EOVL_qs8RMzGQmEjRo6uIvKM8DRc0R2PGQyNUfCqxQQK06lDZrExY0KG1sd7Y4KwzerZKhjLrpv-gm3pAd1geQCgMiQ3VD24OaqUOBWn2KccU8iQCAWu280dibTfSptnfFLtSexoMVC-sL8GatUoiF2fHdGTcI0k_3P-podkL2mrMSwhc3sgaXcMMsfgQD7J89tNGO2LTxifBmHhphgG68zlicSewgLyXxR2JDf3A3mrb1unUPwVPa7YsUAtH_EprevpDR5B6ie-cBIB2TtksHvt9Ga3H0AsZatA_oqQ5_USHg_Vx9aZ1jACC2Hwob1uS7aR74oRbQfwxeh5afiFFwVd2maXjOKDAjI47yEFrFQcmyFq4EEczNSLQIX7DCpe0j9GLwavhQesdJisoKsLEZRQxLSt0H_ktf9ohZgAnoKjYeJFHNFQXvLcshnrB9HOpEwEWzbOry1yI259KqYlP_g1-ljbWLxxMrQfZgol8MLgJ0ZybYs8jB8gLicoI8D6wdzISFO2lfNHbhQnI2wsfmVLzJ6SlUszWBXegwxtjLzBk9-7CqfKL7iGr4%2526sai%253DAMfl-YRZW-8TcbXWKlpS_DDmnmxi0mhTPEFxQGbVgLLWMi8zEif3fRp9QWdZ5DywnQL4bU3m2j-LS_JIEbBYUjU0hqg-wOgPw6WdWZpxBmZDUBQatbIyX1ECl2hv5SIdSkg95qTRKBF4RVVu-qKQOfa_VyEOohe6PsTYSaZmKiWRYKCbmfW5qy8lWGtvwNEI4_v_Jod_kekoX4-LvEmxCJr2RW_DrQlRL0YddVZf2kX1DvHJ8HS-qNI%2526sig%253DCg0ArKJSzES0Wk8G9X35EAE%2526cry%253D1%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D&CMP_ID=25947223&PLCMT_ID=305934931&AD_ID=498879351&FEED_ID=${TM_FEED_ID_NUM}&Placement_ID=305934931&cachebuster=1650201344&TC_1=2200008&TC_2=25947223&TC_3=305934931&TC_4=137843133&TC_5=dcmadvertiserid|8404942$dcmcampaignid|25947223$dcmadid|498879351$dcmrenderingid|137678428$dcmsiteid|6958819$dcmplacementid|305934931$customer|Microsoft$dv360auctionid|&nr=0.5758039927578036&edge=y&html5=y&loc=https%3A%2F%2Fb94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com%2F
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.120.3.184 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-120-3-184.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 3bdf27a1124d341aa2b1880639ae305d9af0d84dd79d7e7f460794038ff75fbf

Request headers

Referer: https://ads.everesttech.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 3934
Content-Type: text/html; charset=UTF-8
Date: Sun, 17 Apr 2022 13:15:09 GMT
ETag: "127386841-3fce-5d3a7da5bc600"
Expires: Sun, 17 Apr 2022 14:15:09 GMT
Last-Modified: Tue, 21 Dec 2021 13:19:20 GMT
Server: Apache
Vary: Accept-Encoding
X-Permitted-Cross-Domain-Policies: all

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CCD9 42 B
64 B 40ms
40ms Fetch
image/gif 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvwxjuHodqfxfVzyMjp07h35Zst3WjhDJ9-mepUrG1kbW6QUNjrBmPiJhN4iTQKLxeumU22WA7ORn07K7_VXMo4yzPYNprPx13h0V9N9enx04SZiUQ&sai=AMfl-YSe1hfA0J-oOgU_p8z5XVwDsJEHIjIA7CMlCRCmp1Jxyxsgv-QUrEEL3Pw-aNu1vVHRGiQpwPwLlfHOwl2jFh8eZitapedy1KbE0UMU&sig=Cg0ArKJSzKtKjilwe7SREAE&cid=CAQSLQCNIrLM5HDmnFf9ySIGYO8RUtzjAl8YJmGmUNnrqxVimtWlevyHJ5AFC9PxPhgB&id=lidar2&mcvt=1000&p=291,436,381,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220413&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1270824643&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1650201307649&rpt=1128&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Apr 2022 13:15:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK mraid.js Show response
dco-assets.everestads.net/ics-campaign/static/dco/ Frame 2F2E 0
390 B 2ms
2ms Script
text/javascript 104.120.3.184
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign/static/dco/mraid.js
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign/static/dco/html5-ad-script_v4.html?data=YlwS3QAABbAy4kJl
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.120.3.184 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-120-3-184.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://dco-assets.everestads.net/ics-campaign/static/dco/html5-ad-script_v4.html?data=YlwS3QAABbAy4kJl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sun, 17 Apr 2022 13:15:09 GMT
Last-Modified: Tue, 21 Dec 2021 13:19:20 GMT
X-Permitted-Cross-Domain-Policies: all
ETag: "1272240c0-0-5d3a7da5bc600"
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 0
Server: Apache
Expires: Sun, 17 Apr 2022 14:15:09 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame CCD9 0
26 B 41ms
41ms Ping
image/gif 172.217.175.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.175.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s21-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 17 Apr 2022 13:15:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 49ms
49ms XHR
application/json 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022041301&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067132

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

512a78c67ccac30dfe6aafad02ac67856f40640c03afa0a88b79c4db210aac12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 17 Apr 2022 13:15:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10628
x-xss-protection: 0

GET
H/1.1 200
OK z728x90.html Show response
dco-assets.everestads.net/ics-campaign//5031/t/7878/6/ Frame 1A73 8 KB
3 KB 2ms
2ms Document
text/html 104.120.3.184
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign//5031/t/7878/6/z728x90.html
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign/static/dco/html5-ad-script_v4.html?data=YlwS3QAABbAy4kJl
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.120.3.184 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-120-3-184.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 220de3c970e23fe080c44f049f4c8bcfc81d53d81456396602eb2e7a5c0a1422

Request headers

Referer: https://dco-assets.everestads.net/ics-campaign/static/dco/html5-ad-script_v4.html?data=YlwS3QAABbAy4kJl
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 2273
Content-Type: text/html; charset=UTF-8
Date: Sun, 17 Apr 2022 13:15:09 GMT
ETag: "13ba1a2c1-203d-5db494f3c4a00"
Expires: Sun, 17 Apr 2022 14:15:09 GMT
Last-Modified: Mon, 28 Mar 2022 15:53:12 GMT
Server: Apache
Vary: Accept-Encoding
X-Permitted-Cross-Domain-Policies: all

GET
H2 200 AMOLibrary.js Show response
ads.everesttech.net/ads/static/local/ Frame 1A73 5 KB
6 KB 135ms
135ms Script
application/javascript 44.228.154.252
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.everesttech.net/ads/static/local/AMOLibrary.js
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/7878/6/z728x90.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.228.154.252 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-228-154-252.us-west-2.compute.amazonaws.com
Software: AMO-jAds/1.1 /
Resource Hash: e66ad7a792dcaa684917803058147d54e110728a7cef76562e5bc5ca1388339e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://dco-assets.everestads.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: cache
date: Sun, 17 Apr 2022 13:15:09 GMT
last-modified: Wed, 22 Dec 2021 09:29:42 GMT
server: AMO-jAds/1.1
etag: W/"5582-1640165382000"
content-type: application/javascript
cache-control: cache,store,max-age=86400
accept-ranges: bytes
content-length: 5582

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 68ms
68ms Script
text/javascript 2404:6800:4004:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067132

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:808::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:15:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 17 Apr 2022 13:15:09 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EF6E 13 KB
5 KB 7ms
6ms Document
text/html 2404:6800:4004:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:808::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.projectunderstood.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 425269
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 12 Apr 2022 15:07:20 GMT
expires: Wed, 12 Apr 2023 15:07:20 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8370 783 B
536 B 42ms
39ms Document
text/html 2404:6800:4004:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

899d5dc48670706e3074770963bf53239d01b4e9262156404ad538c10cdc1a23

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-FvH0LN2aPfJF6O0GzuAM7w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.projectunderstood.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-FvH0LN2aPfJF6O0GzuAM7w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 17 Apr 2022 13:15:10 GMT
expires: Sun, 17 Apr 2022 13:15:10 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 515ms
169ms Preflight
application/json 2406:2600:4::b
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fja.projectunderstood.com%2F&domain=ja.projectunderstood.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://ja.projectunderstood.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://ja.projectunderstood.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sun, 17 Apr 2022 13:15:10 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1200
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET

sid
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fja.projectunderstood.com%2F&domain=ja.projectunderstood.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=peSyxXxOdG03NGlWVzJuUGJvc3ovaDZad0tUQ3NYTmVFRTRSdEdLUW4yb2dIRmsvN05mdGNnV1JtMmtBaERyU1RhdEtzYmEwSUZMVnQ3US9aSjgrMGxXRHhpRk9hRVVYb3NjZTZ3MWpmQjhDNnNZYjhlZHlGblNMdTZxdC...

0
0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
549 B 62ms
5ms XHR
application/json 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.8.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: dcebbde3a49e2c0d3adb320d8cf924157259f93a5620d2b3ab13c7ac43d222f6

Request headers

Referer: https://ja.projectunderstood.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 17 Apr 2022 13:15:10 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ja.projectunderstood.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Tue, 17 May 2022 13:15:10 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 032D 52 KB
17 KB 13ms
2ms Document
text/html 23.44.52.227
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.8.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.44.52.227 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-52-227.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://ja.projectunderstood.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sun, 17 Apr 2022 13:15:10 GMT
ETag: "623de86a-cf34"
Expires: Mon, 18 Apr 2022 13:15:12 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H2 200 usersync Show response
ssp.wp.pl/bidder/ Frame 4B19 442 B
436 B 268ms
267ms Document
text/html 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.8.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: b0ecc068189c389cc70ae56306a63c7174fa4cf1b6f58922d3179002ada6142a

Request headers

Referer: https://ja.projectunderstood.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-origin: *
content-encoding: gzip
content-length: 306
content-type: text/html; charset=utf-8
date: Sun, 17 Apr 2022 13:15:10 GMT
last-modified: Thu, 14 Apr 2022 07:22:12 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 usersync Show response
ssp.wp.pl/bidder/ Frame 0F60 442 B
344 B 270ms
270ms Document
text/html 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.8.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: b0ecc068189c389cc70ae56306a63c7174fa4cf1b6f58922d3179002ada6142a

Request headers

Referer: https://ja.projectunderstood.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-origin: *
content-encoding: gzip
content-length: 306
content-type: text/html; charset=utf-8
date: Sun, 17 Apr 2022 13:15:10 GMT
last-modified: Thu, 14 Apr 2022 07:22:12 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame E5FE 2 KB
814 B 249ms
247ms Document
text/html 51.79.234.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1650201306599&gdpr=0

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.8.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),

Reverse DNS

ip100.ip-51-79-234.net

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://ja.projectunderstood.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
content-type: text/html
strict-transport-security: max-age=15552000

GET
H2 200 usersync Show response
ssp.wp.pl/bidder/ Frame 7788 442 B
344 B 271ms
270ms Document
text/html 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.8.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: b0ecc068189c389cc70ae56306a63c7174fa4cf1b6f58922d3179002ada6142a

Request headers

Referer: https://ja.projectunderstood.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-origin: *
content-encoding: gzip
content-length: 306
content-type: text/html; charset=utf-8
date: Sun, 17 Apr 2022 13:15:10 GMT
last-modified: Thu, 14 Apr 2022 07:22:12 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 8773 2 KB
814 B 247ms
247ms Document
text/html 51.79.234.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1650201306405&gdpr=0

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.8.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),

Reverse DNS

ip100.ip-51-79-234.net

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://ja.projectunderstood.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
content-type: text/html
strict-transport-security: max-age=15552000

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 41B7 2 KB
814 B 242ms
242ms Document
text/html 51.79.234.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1650201306409&gdpr=0

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.8.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),

Reverse DNS

ip100.ip-51-79-234.net

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://ja.projectunderstood.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
content-type: text/html
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 21FE 52 KB
17 KB 10ms
3ms Document
text/html 23.44.52.227
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.8.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.44.52.227 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-52-227.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://ja.projectunderstood.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sun, 17 Apr 2022 13:15:10 GMT
ETag: "623de86a-cf34"
Expires: Mon, 18 Apr 2022 13:15:12 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 083C 52 KB
17 KB 9ms
3ms Document
text/html 23.44.52.227
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.8.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.44.52.227 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-52-227.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://ja.projectunderstood.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sun, 17 Apr 2022 13:15:10 GMT
ETag: "623de86a-cf34"
Expires: Mon, 18 Apr 2022 13:15:12 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

POST
H2 204 csi
csi.gstatic.com/ Frame 7D95 0
327 B 80ms
37ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~l23b92ie&c=8687069880748&slotId=4343534940374&qqid=CIK-5vaWm_cCFdYIlgod0ecETg&gqid=3RJcYqPZEdfK2AS3kLAI&fb=ima_html5-lima&sdkv=h.3.510.1&ppt=onnetwork%2Fvplayer&ppv=8.6.1&mrd=30&aab=1&itv=1&eee=missing-element&bi=missing-id&ghmsh_eids=44725356%2C44750813%2C44750823%2C44758348%2C44761692&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&vmfc=2&vhc=0&wta=1&hghme=1&met.4=ghmsh_s.l23b93nl~ghmsh_s.l23b93nl~ghmsh_s.l23b93nm~ghmsh_s.l23b93xz~ghmsh_s.l23b93xz~ghmsh_s.l23b93y0&ghmsh_mi=22%2C18%2C&ghmsh_vi=134%2C136%2C243%2C247%2C396%2C398%2C&ghmsh_ai=139%2C140%2C250%2C&ghmsh_gvt=0&ams=1&vs=1280x720&vc=avc1.64001F&mt=video%2Fmp4&vsrc=youtube&bit=22&cpn=75wXoP6UCiQPrboD
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.510.1_pl.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Apr 2022 13:15:10 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK M365_FY20Q4_SMB_USA_728x90_BAN_Bookings_English_NA_NA_ANI_BN_NA_2.htm Show response
dco-assets.everestads.net/ics-campaign//5031/t/7878/6/Bookings/ Frame 4440 14 KB
6 KB 6ms
6ms Document
text/html 104.120.3.184
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign//5031/t/7878/6/Bookings/M365_FY20Q4_SMB_USA_728x90_BAN_Bookings_English_NA_NA_ANI_BN_NA_2.htm
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/7878/6/z728x90.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.120.3.184 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-120-3-184.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 404729f9964f837770ca79eb3f2bb36453c9f66c74245a02d845b433adf1baae

Request headers

Referer: https://dco-assets.everestads.net/ics-campaign//5031/t/7878/6/z728x90.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 5290
Content-Type: text/html; charset=UTF-8
Date: Sun, 17 Apr 2022 13:15:10 GMT
ETag: "13c6f0af9-37f2-5db494f3c4a00"
Expires: Sun, 17 Apr 2022 14:15:10 GMT
Last-Modified: Mon, 28 Mar 2022 15:53:12 GMT
Server: Apache
Vary: Accept-Encoding
X-Permitted-Cross-Domain-Policies: all

GET
H2 200 a_cnti.png Show response
cdn.onnetwork.tv/cnt/ Frame 6259 126 B
329 B 246ms
246ms Fetch
image/png 178.33.50.233
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onnetwork.tv/cnt/a_cnti.png?ts=1650201310&event=adloaded&d=9074&vs=1675&aps=4&playerVisible=1&plist=0&widget=0&initap=4&currap=4&ab=0&cbs=2&co=0&vc=1650201306130&pod=0&ppos=0&muted=1&mobile=0&lls=0&acount=0
Requested by: Host: ja.projectunderstood.com
URL: https://ja.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.33.50.233 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w18.of.pl
Software: XO.webservantpro /
Resource Hash: a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:15:10 GMT
last-modified: Sunday, 17-Apr-2022 13:15:10 GMT
server: XO.webservantpro
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 126

GET
H2 200 a_cnti.png Show response
cdn.onnetwork.tv/cnt/ Frame 6259 126 B
329 B 246ms
246ms Fetch
image/png 178.33.50.233
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onnetwork.tv/cnt/a_cnti.png?ts=1650201310&event=adstarttry&d=9074&vs=0&aps=4&playerVisible=1&plist=0&widget=0&initap=4&currap=4&ab=0&cbs=2&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&acount=0
Requested by: Host: ja.projectunderstood.com
URL: https://ja.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.33.50.233 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w18.of.pl
Software: XO.webservantpro /
Resource Hash: a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:15:10 GMT
last-modified: Sunday, 17-Apr-2022 13:15:10 GMT
server: XO.webservantpro
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 126

GET
H3 200 help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame 7D95 453 B
478 B 4ms
4ms Image
image/png 2404:6800:4004:826::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-pub-2382012522979108

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://imasdk.googleapis.com/js/core/bridge3.510.1_pl.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 12:51:08 GMT
x-content-type-options: nosniff
age: 1442
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 453
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: image/png
cache-control: public, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Apr 2022 13:41:08 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 7D95 42 B
64 B 42ms
41ms Image
image/gif 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cxsfb3RJcYsLbE9aR2ATRz5PwBJuTg9hpzP_3kNgPsJAfEAEg6pr8J2DZAqABi-KKoAHIAQXgAgCoAwGYBACqBO4CT9A_PIHrWr8I4DoAjf_RJRioFEe4sKOtbFkvqP4qOY6Rs_e16Xwy7PQeoy0NO8KROJkXUghbOBp5VlxTDd7GZd8map4obQ43AanxfQEfnpyBkMD7WfVp-kvsJHnf4mNcYVqCFRRgJlGWt9pNrSj8JJZChmG0hlIuL0yHSNiWRrIZLmuZvjJwMz7QI8ffsefE8aM7LfhFTOWasHaNKcWn4zsO9VsPc6jfzVJ83Px-a-T3LMb1rjUw_2ZA4gmQrxzd-VOWbbhhpyZqFkMtz5z1_7R7lUFrbTjrgaiOJN20j4ZrcDSRqdqpU-kp5jEKP9BkVdbmO0ztecFUKvFZaLowFpt6YaIUNLFOh-D7fKGComps4hgR1Gc82aJrMyW_Bsb31z0NA5caHk1xgBNWyiFeHeoerjXl9-iBiPmPEMSpMYoGVUrE-xL-FaRo_zGOHVJ_68YI_GRWxbo5n1VSEwmOyVAt_XYV-jaMj-l859ouwATPkbrl5QPgBAGIBZOW-YY6kgUICAMQARgBUAGgBlSAB92d9d8CqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwGoCAHSCAcIgGEQARgd8ggbYWR4LXN1YnN5bi05MTYxODYzNjg1ODI2OTU2sQmFgrVVNIDgroAKA5gLAcgLAdALDrgMAbAT8rv1DtgTDYgUAdgUAdAVAagWAeIWAggB-BYBgBcB&sigh=CNgibZXYKho&label=show_ad&acvw=&sdkv=h.3.510.1&vci=CiMIAhoMb25uZXR3b3JrLnR2IAQqDTE2NTAyMDEzMDYxMzBAAAplCAESGHB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldBoHQWRTZW5zZSAEKgw1MzkwNTM5MTYxMDgyDDU3MzE5OTM5NjY4OEDpAlIdEA8lAABwQSgBOgd1bmtub3duQgd1bmtub3duUAAYAQ..

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Apr 2022 13:15:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
pubads.g.doubleclick.net/pagead/ Frame 7D95 0
0 40ms
40ms Image
text/html 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubads.g.doubleclick.net/pagead/adview?ai=CZos83RJcYsLbE9aR2ATRz5PwBJuTg9hpzP_3kNgPsJAfEAEg6pr8J2DZAqABi-KKoAHIAQXgAgCoAwGYBACqBOsCT9A_PIHrWr8I4DoAjf_RJRioFEe4sKOtbFkvqP4qOY6Rs_e16Xwy7PQeoy0NO8KROJkXUghbOBp5VlxTDd7GZd8map4obQ43AanxfQEfnpyBkMD7WfVp-kvsJHnf4mNcYVqCFRRgJlGWt9pNrSj8JJZChmG0hlIuL0yHSNiWRrIZLmuZvjJwMz7QI8ffsefE8aM7LfhFTOWasHaNKcWn4zsO9VsPc6jfzVJ83Px-a-T3LMb1rjUw_2ZA4gmQrxzd-VOWbbhhpyZqFkMtz5z1_7R7lUFrbTjrgaiOJN20j4ZrcDSRqdqpU-kp5jEKP9BkVdbmO0ztecFUKvFZaLowFpt6YaIUNLFOh-D7fKGComps4hgR1Gc82aJrMyW_Bsb31z0NA5caHk1xgBNWyiFeHeoe9jR_AnsTz2t0myCgkm4H5rL2TOqI12YaPdtAKXp2wt75VoRkcmD6iXtKptFUu5LNOmA54s8zc-DfwATPkbrl5QPgBAGgBlSAB92d9d8CqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDgpB2oCAHSCAcIgGEQARgd8ggbYWR4LXN1YnN5bi05MTYxODYzNjg1ODI2OTU2gAoDyAsBsBPyu_UOwhMGGIviiqAB2BMNiBQB2BQB0BUBqBYB4hYCCAGAFwGyFx4KHAgAEhRwdWItNTUxMjM5MDcwNTEzNzUwNxiS7yE&sigh=iUDhFYUjnR4&cmd=Ch1jYS12aWRlby1wdWItNTUxMjM5MDcwNTEzNzUwNxAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&vt=10&sdkv=h.3.510.1&vci=CiMIAhoMb25uZXR3b3JrLnR2IAQqDTE2NTAyMDEzMDYxMzBAAAplCAESGHB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldBoHQWRTZW5zZSAEKgw1MzkwNTM5MTYxMDgyDDU3MzE5OTM5NjY4OEDpAlIdEA8lAABwQSgBOgd1bmtub3duQgd1bmtub3duUAAYAQ..
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: nrt12s46-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 7D95 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK amoAd.js Show response
dco-assets.everestads.net/ics-campaign//5031/t/7878/6/Bookings/ Frame 4440 7 KB
7 KB 3ms
2ms Script
text/javascript 104.120.3.184
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign//5031/t/7878/6/Bookings/amoAd.js
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/7878/6/Bookings/M365_FY20Q4_SMB_USA_728x90_BAN_Bookings_English_NA_NA_ANI_BN_NA_2.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.120.3.184 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-120-3-184.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ae926e80b736bec7e0f2f134726cae528edab546cdf843c466cbf7d25f9839ff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://dco-assets.everestads.net/ics-campaign//5031/t/7878/6/Bookings/M365_FY20Q4_SMB_USA_728x90_BAN_Bookings_English_NA_NA_ANI_BN_NA_2.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sun, 17 Apr 2022 13:15:10 GMT
Last-Modified: Mon, 28 Mar 2022 15:53:12 GMT
X-Permitted-Cross-Domain-Policies: all
ETag: "13ba1a2c3-1a8e-5db494f3c4a00"
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6798
Server: Apache
Expires: Sun, 17 Apr 2022 14:15:10 GMT

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.8.0/ Frame 4440 62 KB
23 KB 18ms
9ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.8.0/gsap.min.js

Requested by

Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/7878/6/Bookings/M365_FY20Q4_SMB_USA_728x90_BAN_Bookings_English_NA_NA_ANI_BN_NA_2.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a14255e68fc99fc5b4a8b323c13070ac67f42775917706fd3b147b436810a5da

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://dco-assets.everestads.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:15:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 287894
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22641
timing-allow-origin: *
last-modified: Wed, 29 Sep 2021 08:04:56 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "61541e28-5871"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H5t7dQ%2FX3l4oxvnXEDUBm39e40zONlRUsiYj7Mv6EVBQr%2FrOJrY10nDbuVqejOqRlFeYfQN5po2g%2FHA24kg8IHlDPh2K02nnLovbvf4rSSHSZYj2xCrN1ouh1dZi%2F55fotkeChepYrcUoVsEzM9dlv9U"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6fd56d8c2b561f13-NRT
expires: Fri, 07 Apr 2023 13:15:10 GMT

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame 4440 236 KB
63 KB 360ms
15ms Script
text/javascript 2600:140b:4::1732:8179
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/7878/6/Bookings/M365_FY20Q4_SMB_USA_728x90_BAN_Bookings_English_NA_NA_ANI_BN_NA_2.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2600:140b:4::1732:8179 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://dco-assets.everestads.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:15:10 GMT
content-encoding: gzip
server: Apache
cache-control: max-age=900
vary: Accept-Encoding
content-type: text/javascript
x-n: S
accept-ranges: bytes
expires: Sun, 17 Apr 2022 13:30:10 GMT

GET
H/1.1 200
OK depthjs-1.1.3.min.js Show response
dco-assets.everestads.net/ics-campaign//5031/t/7878/6/Bookings/ Frame 4440 20 KB
21 KB 5ms
3ms Script
text/javascript 104.120.3.184
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign//5031/t/7878/6/Bookings/depthjs-1.1.3.min.js
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/7878/6/Bookings/M365_FY20Q4_SMB_USA_728x90_BAN_Bookings_English_NA_NA_ANI_BN_NA_2.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.120.3.184 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-120-3-184.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 5c4e28fa9b98ebce5d761561a965dca96534443e1483f293605294e4ebba19e7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://dco-assets.everestads.net/ics-campaign//5031/t/7878/6/Bookings/M365_FY20Q4_SMB_USA_728x90_BAN_Bookings_English_NA_NA_ANI_BN_NA_2.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sun, 17 Apr 2022 13:15:10 GMT
Last-Modified: Mon, 28 Mar 2022 15:53:12 GMT
X-Permitted-Cross-Domain-Policies: all
ETag: "13c15be25-5090-5db494f3c4a00"
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20624
Server: Apache
Expires: Sun, 17 Apr 2022 14:15:10 GMT

GET
H/1.1 200
OK M365_FY20Q4_SMB_USA_728x90_BAN_Bookings_English_NA_NA_ANI_BN_NA_2.js Show response
dco-assets.everestads.net/ics-campaign//5031/t/7878/6/Bookings/ Frame 4440 46 KB
46 KB 7ms
2ms Script
text/javascript 104.120.3.184
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign//5031/t/7878/6/Bookings/M365_FY20Q4_SMB_USA_728x90_BAN_Bookings_English_NA_NA_ANI_BN_NA_2.js?1501171107836
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/7878/6/Bookings/M365_FY20Q4_SMB_USA_728x90_BAN_Bookings_English_NA_NA_ANI_BN_NA_2.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.120.3.184 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-120-3-184.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 71a526dea886a1fc90df8ed2b76f4e5460af2d916f74ccd6686ebb378c0115e4

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://dco-assets.everestads.net/ics-campaign//5031/t/7878/6/Bookings/M365_FY20Q4_SMB_USA_728x90_BAN_Bookings_English_NA_NA_ANI_BN_NA_2.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sun, 17 Apr 2022 13:15:10 GMT
Last-Modified: Mon, 28 Mar 2022 15:53:12 GMT
X-Permitted-Cross-Domain-Policies: all
ETag: "13b46f2ec-b65b-5db494f3c4a00"
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 46683
Server: Apache
Expires: Sun, 17 Apr 2022 14:15:10 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 6259 0
54 B 36ms
36ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~l23b927n&c=8687069880748&slotId=4343534940374&eee=missing-element&bi=missing-id&ulv=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Apr 2022 13:15:10 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7D95 0
20 B 38ms
37ms Image
image/gif 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?evt=start&format=TRUEVIEW&lid=143&sdkv=h.3.510.1&e=44725356%2C44750813%2C44750823%2C44758348%2C44761692&id=ima_html5&c=4016044067733254&domain=ja.projectunderstood.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Apr 2022 13:15:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 032D 0
745 B 129ms
129ms Script
text/html 103.43.90.19
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

103.43.90.19 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 17 Apr 2022 13:15:10 GMT
X-Proxy-Origin: 31.204.145.169; 31.204.145.169; 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 1779a829-beaf-4fe5-ae40-4b0be7f122bb
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 21FE 0
745 B 106ms
106ms Script
text/html 103.43.90.19
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

103.43.90.19 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 17 Apr 2022 13:15:10 GMT
X-Proxy-Origin: 31.204.145.169; 31.204.145.169; 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
AN-X-Request-Uuid: fa7aa7b2-f77a-4714-b4e7-7639310e7988
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 083C 0
745 B 105ms
104ms Script
text/html 103.43.90.19
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

103.43.90.19 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 17 Apr 2022 13:15:10 GMT
X-Proxy-Origin: 31.204.145.169; 31.204.145.169; 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
AN-X-Request-Uuid: bf9f91d0-44ef-4f4a-bed3-b1a2278a8a94
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

206
Partial Content

videoplayback
rr4---sn-oguesn6s.googlevideo.com/ Frame 6259
Redirect Chain

https://rr4---sn-oguesn6s.googlevideo.com/videoplayback?expire=1650230109&ei=3RJcYqGPIpiw2roPsaWauAw&ip=31.204.145.169&id=013489628b3c9a82&itag=22&source=youtube&requiressl=yes&mh=dy&mm=31&mn=sn-og...
https://rr4---sn-oguesn6s.googlevideo.com/videoplayback?expire=1650230109&ei=3RJcYqGPIpiw2roPsaWauAw&ip=31.204.145.169&id=013489628b3c9a82&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ct...

2 MB
2 MB

611ms
606ms

Media
video/mp4

2404:6800:4004:24::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr4---sn-oguesn6s.googlevideo.com/videoplayback?expire=1650230109&ei=3RJcYqGPIpiw2roPsaWauAw&ip=31.204.145.169&id=013489628b3c9a82&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=15.116&lmt=1649811104694203&txp=5432434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIgGdUhhnVJDuEkXQ-XmYEFieaPgxJvM45_q1BlHUjdBTICIQCSTZ8WRExfFV5qh70zOzsW0oAO9kaYx7u2TOCR9PC8cg==&cpn=RaB3defASwRYcuF1&redirect_counter=1&rm=sn-ogue7d7z&req_id=5d8f4aaee2d36e2&cms_redirect=yes&cmsv=e&ipbypass=yes&mh=dy&mip=2a00:1633:128:4::3&mm=31&mn=sn-oguesn6s&ms=au&mt=1650201186&mv=m&mvi=4&pl=32&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAJgGzjzrjvjcV01qwRbKJQJRbAWvp_qIkHqZrf6bExReAiEA2vkJ-6MZbzOKbxZA_-Jgd3kSETcUI63DNJ2IjrfJI3g%3D

Protocol

HTTP/1.1

Server

2404:6800:4004:24::9 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

39527c797f09b7443e870f1aa5317681df07a7f564a9dab29ab854a3eaca4607

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sun, 17 Apr 2022 13:15:10 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 13 Apr 2022 00:51:44 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-1835663/1835664
Cache-Control: private, max-age=28499
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1835664
Expires: Sun, 17 Apr 2022 13:15:10 GMT

Redirect headers

Date: Sun, 17 Apr 2022 13:15:10 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: text/html
Location: https://rr4---sn-oguesn6s.googlevideo.com/videoplayback?expire=1650230109&ei=3RJcYqGPIpiw2roPsaWauAw&ip=31.204.145.169&id=013489628b3c9a82&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=15.116&lmt=1649811104694203&txp=5432434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIgGdUhhnVJDuEkXQ-XmYEFieaPgxJvM45_q1BlHUjdBTICIQCSTZ8WRExfFV5qh70zOzsW0oAO9kaYx7u2TOCR9PC8cg==&cpn=RaB3defASwRYcuF1&redirect_counter=1&rm=sn-ogue7d7z&req_id=5d8f4aaee2d36e2&cms_redirect=yes&cmsv=e&ipbypass=yes&mh=dy&mip=2a00:1633:128:4::3&mm=31&mn=sn-oguesn6s&ms=au&mt=1650201186&mv=m&mvi=4&pl=32&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAJgGzjzrjvjcV01qwRbKJQJRbAWvp_qIkHqZrf6bExReAiEA2vkJ-6MZbzOKbxZA_-Jgd3kSETcUI63DNJ2IjrfJI3g%3D
Cache-Control: private, max-age=900
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Content-Length: 0
Expires: Sun, 17 Apr 2022 13:15:10 GMT

GET
H3 200 k-Lxrj_3cR5KhrMTVpzAVOH1CgwXrUvkekFpn42ZeoQ.js Show response
pagead2.googlesyndication.com/bg/ Frame EF6E 35 KB
13 KB 2ms
2ms Script
text/javascript 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/k-Lxrj_3cR5KhrMTVpzAVOH1CgwXrUvkekFpn42ZeoQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93e2f1ae3ff7711e4a86b313569cc054e1f50a0c17ad4be47a41699f8d997a84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 05:43:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 372717
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13613
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Apr 2023 05:43:13 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8370 0
0 45ms
45ms Image
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022041301&jk=2080821974703768&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame EF6E 0
10 B 2ms
2ms Image
text/plain 2404:6800:4004:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?yvKbmg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:808::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:15:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 wpjslib-sync.js Show response
std.wpcdn.pl/wpjslib/ Frame 4B19 129 KB
34 KB 2653ms
556ms Script
application/javascript 212.77.98.32

General

Check archive.org

Show headers Download Go to

Full URL: https://std.wpcdn.pl/wpjslib/wpjslib-sync.js
Requested by: Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.98.32 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 3b958ef98c547a0816e5c2019b22779689ffa961284b26717341ea952b038290

Request headers

Referer: https://ssp.wp.pl/
Origin: https://ssp.wp.pl
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:15:12 GMT
content-encoding: br
last-modified: Thu, 14 Apr 2022 13:44:10 GMT
server: nginx
etag: W/"6ef1f3221456e32e8ed642ab92cfe793"
access-control-max-age: 300
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900, stale-while-revalidate=86400
x-rgw-object-type: Normal
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 wpjslib-sync.js Show response
std.wpcdn.pl/wpjslib/ Frame 0F60 129 KB
34 KB 2652ms
556ms Script
application/javascript 212.77.98.32

General

Check archive.org

Show headers Download Go to

Full URL: https://std.wpcdn.pl/wpjslib/wpjslib-sync.js
Requested by: Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.98.32 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 3b958ef98c547a0816e5c2019b22779689ffa961284b26717341ea952b038290

Request headers

Referer: https://ssp.wp.pl/
Origin: https://ssp.wp.pl
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:15:12 GMT
content-encoding: br
last-modified: Thu, 14 Apr 2022 13:44:10 GMT
server: nginx
etag: W/"6ef1f3221456e32e8ed642ab92cfe793"
access-control-max-age: 300
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900, stale-while-revalidate=86400
x-rgw-object-type: Normal
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 wpjslib-sync.js Show response
std.wpcdn.pl/wpjslib/ Frame 7788 129 KB
34 KB 2652ms
556ms Script
application/javascript 212.77.98.32

General

Check archive.org

Show headers Download Go to

Full URL: https://std.wpcdn.pl/wpjslib/wpjslib-sync.js
Requested by: Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.98.32 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 3b958ef98c547a0816e5c2019b22779689ffa961284b26717341ea952b038290

Request headers

Referer: https://ssp.wp.pl/
Origin: https://ssp.wp.pl
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:15:12 GMT
content-encoding: br
last-modified: Thu, 14 Apr 2022 13:44:10 GMT
server: nginx
etag: W/"6ef1f3221456e32e8ed642ab92cfe793"
access-control-max-age: 300
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900, stale-while-revalidate=86400
x-rgw-object-type: Normal
timing-allow-origin: *
access-control-allow-headers: *

GET
H/1.1 200
OK SegoePro-Semibold.woff
dco-assets.everestads.net/ics-campaign//5031/t/7878/6/Bookings/fonts/ Frame 4440 25 KB
26 KB 17ms
17ms Font
application/octet-stream 104.120.3.184
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign//5031/t/7878/6/Bookings/fonts/SegoePro-Semibold.woff
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/7878/6/Bookings/M365_FY20Q4_SMB_USA_728x90_BAN_Bookings_English_NA_NA_ANI_BN_NA_2.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.120.3.184 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-120-3-184.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: dd5cedf68c73545e36272585c781c66d4d723804e427be71a95c9b2610f2f8c8

Request headers

Referer: https://dco-assets.everestads.net/ics-campaign//5031/t/7878/6/Bookings/M365_FY20Q4_SMB_USA_728x90_BAN_Bookings_English_NA_NA_ANI_BN_NA_2.htm
Origin: https://dco-assets.everestads.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sun, 17 Apr 2022 13:15:10 GMT
Last-Modified: Mon, 28 Mar 2022 15:53:12 GMT
X-Permitted-Cross-Domain-Policies: all
ETag: "13c34760c-6590-5db494f3c4a00"
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 26000
Server: Apache
Expires: Sun, 17 Apr 2022 14:15:10 GMT

GET
H/1.1 200
OK M365_FY20Q4_SMB_USA_728x90_BAN_Bookings_English_NA_NA_ANI_BN_NA_2_atlas_1.png
dco-assets.everestads.net/ics-campaign//5031/t/7878/6/Bookings/images/ Frame 4440 78 KB
79 KB 19ms
19ms Image
image/png 104.120.3.184
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dco-assets.everestads.net/ics-campaign//5031/t/7878/6/Bookings/images/M365_FY20Q4_SMB_USA_728x90_BAN_Bookings_English_NA_NA_ANI_BN_NA_2_atlas_1.png?1646338185999
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/7878/6/z728x90.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.120.3.184 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-120-3-184.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ef32bd6ecb28cf2cfa517ef0b4877f31cd396b6e12baed2141c551cd85f83615

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://dco-assets.everestads.net/ics-campaign//5031/t/7878/6/Bookings/M365_FY20Q4_SMB_USA_728x90_BAN_Bookings_English_NA_NA_ANI_BN_NA_2.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sun, 17 Apr 2022 13:15:10 GMT
Last-Modified: Mon, 28 Mar 2022 15:53:12 GMT
X-Permitted-Cross-Domain-Policies: all
ETag: "13c34760d-138e3-5db494f3c4a00"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 80099
Server: Apache
Expires: Sun, 17 Apr 2022 14:15:10 GMT

POST
H/1.1 204
No Content event.png
tpsc-sgc.doubleverify.com/ Frame 4BD1 0
295 B 94ms
93ms Ping
text/plain 69.174.120.29
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-sgc.doubleverify.com/event.png?impid=d4860823d5b64aed983b78820fa46374&gdpr=&gdpr_consent=&msrcanlm=392&msrcannum=3&eoid=11&ismms=31&isumms=30&isvelg=1&nvr=6&isgmmims=31&isgmv4mims=31&elmtp=6&isbxdms=2531&b0=100&b11=2537&adhgt=90&adwdth=728&norwdth=728&norhgt=90&engisel=1&vsos=3&dvp_vsosnmr=16&lftb=2637&sftb=2637&msrdp=4&naral=128&vct=512&vphgt=1200&vpwdth=1600&chgt=90&cwdth=728&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1031&isuiabvms=1031&isgmpims=140&isgmv4dpims=1031&ispmxpms=1031&engalms=29&dvp_dpr=1&cbust=1650201310577329
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2576.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 69.174.120.29 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS: te4-0.cr1.lax1.us.packetexchange.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com
Pragma: no-cache
Date: Sun, 17 Apr 2022 13:15:10 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Vary: Origin
Expires: 04/16/2022 13:15:10

GET
H2 204 imp
analyticspixel.microsoft.com/aid/ Frame 4440 0
651 B 111ms
39ms Image
text/plain 204.79.197.204
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analyticspixel.microsoft.com/aid/imp?dcoimpid=YlwS3QAABbAy4kJl&dcmadvertiserid|8404942$dcmcampaignid|25947223$dcmadid|498879351$dcmrenderingid|137678428$dcmsiteid|6958819$dcmplacementid|305934931$customer|Microsoft$dv360auctionid|
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.79.197.204 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: a-0005.a-msedge.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://dco-assets.everestads.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Apr 2022 13:15:10 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 22DDF83EE82D4A1FB7A03AA255F81A99 Ref B: TYBEDGE0308 Ref C: 2022-04-17T13:15:10Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 56ms
55ms Image
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022041301&jk=2080821974703768&bg=!KyilKGzNAAZvJBiFTyQ7ACkAdvg8Wn7PZ4HWQJNtXv_l8KXScVYTl7ln4aYWZfFpBJ2SZzZNQS8kawIAAAB3UgAAAAFoAQcKAJIb9Y-7ZV32ly9ewNJqC2wk6xQbEdnmPJHbHDP0Mz13JoxUqZeskouVgDzN7JgpxOP4R7cJRvmqMNh1ck9juo2CasN4qYcJOThFnu2sxpV9OhuhCl0TCoF3STcuwJZ0y6-NGpm7x9XWBYDn5LtiFzG-VNb4hImQgKBIu9p8oYPrfdsiGk_TNz8TrG8mTZ12Fq5mupkCnHz9Db4APc7yQujVChqvFk_2M7rzkJj3LW-wlJQRMhu5dTJuyJiP9la7LvgFCN6o5ECp8CAguCiy637V1zEHaEcRWwsOWA5iwNhMBdD7UDlntUd2K0tBJY3mMAkfELr9CVYIlp1lDhqYeT2mqI8Y53m-HZMrHeQ2zKb8xYU2hKylWcl6CP1csaRq3RAq7NEVI77bB2xTDtt4t5b6uXHYZd4z1ghIwi7nzfDJA_VllNW0_0QwbNCtD7srInrddYn53OMIgSzSprp6FMMtQRDb0QBdjMkWdkrDSe9rt98whiV5wLkssQx8xDkyzjLYGi6VxlN8ZWRTtuOgmzT7VPszVYLzKuH5qidupwrkX-1j5c03vL_3413MSXh5HzzccaSjI46RJnOE_W-EpFB15VRX_1PE8jccvwCtnPtiSHoLjQXLff7msj3e328A5k62vBU3qNIe4Hu3O9BwKYV-5PVJkykgXd4r8KExaQx9XnrXRRGnAXBvq9zJkcFCXDcyhxMtsgUkxXkEvjyUMuV_j1CRqXqbRCHfqy37mXlVlwZTU4T2ldBpbb5ikZ54fwogEK2kcqVPnUE2t57DEWZVr_sdJMVnlW8fgxYuPdSa0lzVKdbs0DzfDU_0JimGngRaoqU9zVwGN2ALhVkQ__aBs79mNLi4VvH-ELdxgB7piExHhPMc80ODTQFB6g0O2D0KAPuSLGO8kNNQm7BYB4xtahpiDDUJ8sP2qE8cKOfFPTvH9WdkyzoIh0pbyfzzmdmEHzSkbCRCjyDRbNjEotuSVAv3yLPpkHOlpX6GkowO83pWYj0ao4fIUcxzANy38Z211-7934kWKyTNH_UkXskoaajVeEL4MFXsE2Be03mq24MxHH8CHbiQqCpcGiu6i2X1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

POST
H3 204 csi
csi.gstatic.com/ Frame 6259 0
17 B 73ms
36ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~l23b940t&c=8687069880748&slotId=4343534940374&met.4=hvd_lc.l23b940u~hvd_ad.l23b940u~hvd_mad.l23b940u~hvd_admu.l23b940u~hvd_src.l23b940u&umsem=0&ps=724x409&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fcdn.onnetwork.tv%252Fcss%252Fplayer86.css%253Fs%253D1643493341&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Apr 2022 13:15:10 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 6259 0
17 B 74ms
37ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~l23b94ls&c=8687069880748&slotId=4343534940374&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fcdn.onnetwork.tv%252Fcss%252Fwebsites%252Foptad%252Fgeneral.css&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Apr 2022 13:15:10 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 6259 0
17 B 76ms
39ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=4~l23b94ls&c=8687069880748&slotId=4343534940374&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fcdn.onnetwork.tv%252Fjs%252Fadblock_notify.js%253Fs%253D1650201306&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Apr 2022 13:15:10 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 6259 0
17 B 78ms
41ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=5~l23b94ls&c=8687069880748&slotId=4343534940374&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fimasdk.googleapis.com%252Fjs%252Fsdkloader%252Fgpt_proxy.js&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Apr 2022 13:15:10 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 6259 0
17 B 77ms
41ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=6~l23b94ls&c=8687069880748&slotId=4343534940374&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fimasdk.googleapis.com%252Fjs%252Fsdkloader%252Fima3.js&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Apr 2022 13:15:10 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 6259 0
17 B 75ms
40ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=7~l23b94lt&c=8687069880748&slotId=4343534940374&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fcdn.onnetwork.tv%252Fjs%252Fplayer86.js%253Fs%253D1648655722&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Apr 2022 13:15:10 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 6259 0
17 B 76ms
41ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=8~l23b94lt&c=8687069880748&slotId=4343534940374&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fcdn.onnetwork.tv%252Fimg%252Fblack.mp4&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Apr 2022 13:15:10 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 6259 0
17 B 77ms
42ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=9~l23b94lu&c=8687069880748&slotId=4343534940374&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.google-analytics.com%252Fanalytics.js&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Apr 2022 13:15:10 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 6259 0
17 B 78ms
42ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=a~l23b94lu&c=8687069880748&slotId=4343534940374&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fimasdk.googleapis.com%252Fjs%252Fcore%252Fbridge3.510.1_pl.html%2523goog_230563199&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Apr 2022 13:15:10 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 6259 0
17 B 78ms
43ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=b~l23b94lu&c=8687069880748&slotId=4343534940374&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fs0.2mdn.net%252Finstream%252Fvideo%252Fclient.js&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Apr 2022 13:15:10 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 6259 0
17 B 78ms
43ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=c~l23b94lu&c=8687069880748&slotId=4343534940374&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fcdnt.onnetwork.tv%252Fposter%252F5%252F8%252F580084_1m.jpg&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Apr 2022 13:15:10 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 6259 0
17 B 78ms
43ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=d~l23b94lv&c=8687069880748&slotId=4343534940374&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fcdn.onnetwork.tv%252Fcnt%252Fa_cnti.png%253Fts%253D1650201308%2526event%253Dplimpression%2526d%253D9074%2526vs%253D0%2526aps%253D4%2526playerVisible%253D0%2526mobile%253D0%2526acount%253D0&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Apr 2022 13:15:10 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 6259 0
17 B 69ms
36ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=e~l23b94lv&c=8687069880748&slotId=4343534940374&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fcdn.onnetwork.tv%252Fcnt%252Fa_cntg.png%253Fts%253D1650201308%2526d%253D9074%2526wsc%253Dab%2526typ%253Dembed%2526mobile%253D0%2526c%253D23&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Apr 2022 13:15:10 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 6259 0
17 B 69ms
36ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=f~l23b94lv&c=8687069880748&slotId=4343534940374&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fcdn.onnetwork.tv%252Fcnt%252Fa_cntd.png%253Fts%253D1650201308%2526mobile%253D0%2526plc%253D1%2526time%253D22%2526website%253D9074&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Apr 2022 13:15:10 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 6259 0
17 B 72ms
39ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=g~l23b94lv&c=8687069880748&slotId=4343534940374&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.google-analytics.com%252Fj%252Fcollect%253Fv%253D1%2526_v%253Dj96%2526aip%253D1%2526a%253D1271601939%2526t%253Dpageview%2526_s%253D1%2526dl%253Dhttps%25253A%25252F%25252Fja.projectunderstood.com%25252F744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10%2526dp%253D%25252Fab%25252Foptad_com%2526ul%253Den-us%2526de%253DUTF-8%2526dt%253DPlayer%2526sd%253D24-bit%2526sr%253D1600x1200%2526vp%253D725x409%2526je%253D0%2526_u%253DIGhAAEABAAAAAC~%2526jid%253D1739999927%2526gjid%253D1948967342%2526cid%253D2087097221.1650201308%2526tid%253DUA-135221353-1%2526_gid%253D1078868124.1650201308%2526_r%253D1%2526_slc%253D1%2526z%253D1058217958&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Apr 2022 13:15:10 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 6259 0
17 B 69ms
37ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=h~l23b94lw&c=8687069880748&slotId=4343534940374&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fstats.g.doubleclick.net%252Fj%252Fcollect%253Ft%253Ddc%2526aip%253D1%2526_r%253D3%2526v%253D1%2526_v%253Dj96%2526tid%253DUA-135221353-1%2526cid%253D2087097221.1650201308%2526jid%253D1739999927%2526gjid%253D1948967342%2526_gid%253D1078868124.1650201308%2526_u%253DIGhAAEAAAAAAAC~%2526z%253D2078116560&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Apr 2022 13:15:10 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 6259 0
17 B 69ms
37ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=i~l23b94lw&c=8687069880748&slotId=4343534940374&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fcdn.onnetwork.tv%252Fcnt%252Fa_cntm.png%253Fts%253D1650201308%2526i%253D580084%2526d%253D9074%2526wsc%253Dab%2526plist%253D0%2526widget%253D0%2526initap%253D4%2526currap%253D4%2526ab%253D0%2526cbs%253D1%2526co%253D0%2526vc%253D0%2526pod%253D0%2526ppos%253D0%2526muted%253D1%2526mobile%253D0%2526lls%253D0%2526typ%253Dembed%2526ap%253D4%2526vs%253D40&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Apr 2022 13:15:10 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 6259 0
17 B 74ms
42ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=j~l23b94lw&c=8687069880748&slotId=4343534940374&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fcdn.onnetwork.tv%252Fcnt%252Fa_cnti.png%253Fts%253D1650201309%2526event%253Dplstarttry%2526d%253D9074%2526vs%253D0%2526aps%253D4%2526playerVisible%253D1%2526plist%253D0%2526widget%253D0%2526initap%253D4%2526currap%253D4%2526ab%253D0%2526cbs%253D1%2526co%253D0%2526vc%253D0%2526pod%253D0%2526ppos%253D0%2526muted%253D1%2526mobile%253D0%2526lls%253D0%2526acount%253D0&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Apr 2022 13:15:10 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 6259 0
17 B 74ms
42ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=k~l23b94lx&c=8687069880748&slotId=4343534940374&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fcdn.onnetwork.tv%252Fcnt%252Fa_cnti.png%253Fts%253D1650201309%2526event%253Dadsearch%2526d%253D9074%2526vs%253D0%2526aps%253D4%2526playerVisible%253D1%2526plist%253D0%2526widget%253D0%2526initap%253D4%2526currap%253D4%2526ab%253D0%2526cbs%253D2%2526co%253D0%2526vc%253D0%2526pod%253D0%2526ppos%253D0%2526muted%253D1%2526mobile%253D0%2526lls%253D0%2526acount%253D0&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Apr 2022 13:15:10 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 6259 0
17 B 74ms
42ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=l~l23b94lx&c=8687069880748&slotId=4343534940374&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fcdn.onnetwork.tv%252Fcnt%252Fa_cnti.png%253Fts%253D1650201310%2526event%253Dadloaded%2526d%253D9074%2526vs%253D1675%2526aps%253D4%2526playerVisible%253D1%2526plist%253D0%2526widget%253D0%2526initap%253D4%2526currap%253D4%2526ab%253D0%2526cbs%253D2%2526co%253D0%2526vc%253D1650201306130%2526pod%253D0%2526ppos%253D0%2526muted%253D1%2526mobile%253D0%2526lls%253D0%2526acount%253D0&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Apr 2022 13:15:10 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 6259 0
17 B 75ms
43ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=m~l23b94lx&c=8687069880748&slotId=4343534940374&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fcdn.onnetwork.tv%252Fcnt%252Fa_cnti.png%253Fts%253D1650201310%2526event%253Dadstarttry%2526d%253D9074%2526vs%253D0%2526aps%253D4%2526playerVisible%253D1%2526plist%253D0%2526widget%253D0%2526initap%253D4%2526currap%253D4%2526ab%253D0%2526cbs%253D2%2526co%253D0%2526vc%253D0%2526pod%253D0%2526ppos%253D0%2526muted%253D1%2526mobile%253D0%2526lls%253D0%2526acount%253D0&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Apr 2022 13:15:10 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 7D95 42 B
64 B 40ms
40ms Image
image/gif 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cxsfb3RJcYsLbE9aR2ATRz5PwBJuTg9hpzP_3kNgPsJAfEAEg6pr8J2DZAqABi-KKoAHIAQXgAgCoAwGYBACqBO4CT9A_PIHrWr8I4DoAjf_RJRioFEe4sKOtbFkvqP4qOY6Rs_e16Xwy7PQeoy0NO8KROJkXUghbOBp5VlxTDd7GZd8map4obQ43AanxfQEfnpyBkMD7WfVp-kvsJHnf4mNcYVqCFRRgJlGWt9pNrSj8JJZChmG0hlIuL0yHSNiWRrIZLmuZvjJwMz7QI8ffsefE8aM7LfhFTOWasHaNKcWn4zsO9VsPc6jfzVJ83Px-a-T3LMb1rjUw_2ZA4gmQrxzd-VOWbbhhpyZqFkMtz5z1_7R7lUFrbTjrgaiOJN20j4ZrcDSRqdqpU-kp5jEKP9BkVdbmO0ztecFUKvFZaLowFpt6YaIUNLFOh-D7fKGComps4hgR1Gc82aJrMyW_Bsb31z0NA5caHk1xgBNWyiFeHeoerjXl9-iBiPmPEMSpMYoGVUrE-xL-FaRo_zGOHVJ_68YI_GRWxbo5n1VSEwmOyVAt_XYV-jaMj-l859ouwATPkbrl5QPgBAGIBZOW-YY6kgUICAMQARgBUAGgBlSAB92d9d8CqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwGoCAHSCAcIgGEQARgd8ggbYWR4LXN1YnN5bi05MTYxODYzNjg1ODI2OTU2sQmFgrVVNIDgroAKA5gLAcgLAdALDrgMAbAT8rv1DtgTDYgUAdgUAdAVAagWAeIWAggB-BYBgBcB&sigh=CNgibZXYKho&label=video_ad_loaded&acvw=&sdkv=h.3.510.1&vci=CiMIAhoMb25uZXR3b3JrLnR2IAQqDTE2NTAyMDEzMDYxMzBAAAplCAESGHB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldBoHQWRTZW5zZSAEKgw1MzkwNTM5MTYxMDgyDDU3MzE5OTM5NjY4OEDpAlIdEA8lAACgQSgBOgd1bmtub3duQgd1bmtub3duUAAYAQ..

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Apr 2022 13:15:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Oy6hyfNY.js Show response
tpc.googlesyndication.com/sodar/ Frame 7D95 41 KB
15 KB 9ms
9ms Script
text/javascript 2404:6800:4004:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.510.1_pl.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:808::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 10:41:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 527605
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15406
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Apr 2023 10:41:45 GMT

GET
H2 200 a_cntt.png
cdn.onnetwork.tv/cnt/ Frame 7D95 126 B
329 B 253ms
249ms Image
image/png 178.33.50.233
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.onnetwork.tv/cnt/a_cntt.png?ts=16502013090&vmvp=0&i=580084&d=9074&vs=1675&vc=1650201306130&mobile=0&aps=4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.33.50.233 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w18.of.pl
Software: XO.webservantpro /
Resource Hash: a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:15:11 GMT
last-modified: Sunday, 17-Apr-2022 13:15:11 GMT
server: XO.webservantpro
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 126

GET
H3 200 adview
pubads.g.doubleclick.net/pagead/ Frame 7D95 0
0 46ms
44ms Image
text/html 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubads.g.doubleclick.net/pagead/adview?ai=CZos83RJcYsLbE9aR2ATRz5PwBJuTg9hpzP_3kNgPsJAfEAEg6pr8J2DZAqABi-KKoAHIAQXgAgCoAwGYBACqBOsCT9A_PIHrWr8I4DoAjf_RJRioFEe4sKOtbFkvqP4qOY6Rs_e16Xwy7PQeoy0NO8KROJkXUghbOBp5VlxTDd7GZd8map4obQ43AanxfQEfnpyBkMD7WfVp-kvsJHnf4mNcYVqCFRRgJlGWt9pNrSj8JJZChmG0hlIuL0yHSNiWRrIZLmuZvjJwMz7QI8ffsefE8aM7LfhFTOWasHaNKcWn4zsO9VsPc6jfzVJ83Px-a-T3LMb1rjUw_2ZA4gmQrxzd-VOWbbhhpyZqFkMtz5z1_7R7lUFrbTjrgaiOJN20j4ZrcDSRqdqpU-kp5jEKP9BkVdbmO0ztecFUKvFZaLowFpt6YaIUNLFOh-D7fKGComps4hgR1Gc82aJrMyW_Bsb31z0NA5caHk1xgBNWyiFeHeoe9jR_AnsTz2t0myCgkm4H5rL2TOqI12YaPdtAKXp2wt75VoRkcmD6iXtKptFUu5LNOmA54s8zc-DfwATPkbrl5QPgBAGgBlSAB92d9d8CqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDgpB2oCAHSCAcIgGEQARgd8ggbYWR4LXN1YnN5bi05MTYxODYzNjg1ODI2OTU2gAoDyAsBsBPyu_UOwhMGGIviiqAB2BMNiBQB2BQB0BUBqBYB4hYCCAGAFwGyFx4KHAgAEhRwdWItNTUxMjM5MDcwNTEzNzUwNxiS7yE&sigh=iUDhFYUjnR4&cmd=Ch1jYS12aWRlby1wdWItNTUxMjM5MDcwNTEzNzUwNxAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&sdkv=h.3.510.1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: nrt12s46-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 200 B26126200.317139459;dc_trk_aid=509962873;dc_trk_cid=159943317;dc_dbm_token=AD1EzRQAAAA6CjMKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhMIk5b5hjqoAouA8OACsALyx6MMQDsQl-e6AbVmOUpfbq9a-fUx4mKz0fc=;ord=23848...
ad.doubleclick.net/ddm/trackimp/N972952.279382BIDMANAGER_DFASITE/ Frame 7D95 42 B
63 B 86ms
50ms Image
image/gif 172.217.161.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N972952.279382BIDMANAGER_DFASITE/B26126200.317139459;dc_trk_aid=509962873;dc_trk_cid=159943317;dc_dbm_token=AD1EzRQAAAA6CjMKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhMIk5b5hjqoAouA8OACsALyx6MMQDsQl-e6AbVmOUpfbq9a-fUx4mKz0fc=;ord=238485776;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=;dc_exteid=3648837895474371850;dc_av=536;dc_sk=1;dc_ctype=84;dc_ref=;dc_pubid=3;dc_btype=23?gclid=EAIaIQobChMIgr7m9pab9wIV1giWCh3R5wROEAEYASAAEgL1APD_BwE

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.161.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s23-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Apr 2022 13:15:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 7D95 42 B
64 B 47ms
41ms Image
image/gif 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CCzPA3RJcYsLbE9aR2ATRz5PwBJuTg9hpzP_3kNgPsJAfEAEg6pr8J2DZAqABi-KKoAHIAQXgAgCoAwGYBACqBOsCT9A_PIHrWr8I4DoAjf_RJRioFEe4sKOtbFkvqP4qOY6Rs_e16Xwy7PQeoy0NO8KROJkXUghbOBp5VlxTDd7GZd8map4obQ43AanxfQEfnpyBkMD7WfVp-kvsJHnf4mNcYVqCFRRgJlGWt9pNrSj8JJZChmG0hlIuL0yHSNiWRrIZLmuZvjJwMz7QI8ffsefE8aM7LfhFTOWasHaNKcWn4zsO9VsPc6jfzVJ83Px-a-T3LMb1rjUw_2ZA4gmQrxzd-VOWbbhhpyZqFkMtz5z1_7R7lUFrbTjrgaiOJN20j4ZrcDSRqdqpU-kp5jEKP9BkVdbmO0ztecFUKvFZaLowFpt6YaIUNLFOh-D7fKGComps4hgR1Gc82aJrMyW_Bsb31z0NA5caHk1xgBNWyiFeHeoe9jR_AnsTz2t0myCgkm4H5rL2TOqI12YaPdtAKXp2wt75VoRkcmD6iXtKptFUu5LNOmA54s8zc-DfwATPkbrl5QPgBAGIBZOW-YY6oAZUgAfdnfXfAqgHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcBqAgB0ggHCIBhEAEYHfIIG2FkeC1zdWJzeW4tOTE2MTg2MzY4NTgyNjk1NoAKA8gLAbAT8rv1DtgTDYgUAdgUAdAVAagWAeIWAggB-BYBgBcB&sigh=0hCibKtd8LM&cmd=Ch1jYS12aWRlby1wdWItNTUxMjM5MDcwNTEzNzUwNxAAGAI&label=vast_creativeview&ad_mt=0&acvw=sv%3D924%26cb%3Dima%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D901,260,1310,984%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15069%26vmtime%3D-1%26is%3D275%26cs%3D274%26c%3D0.73%26mc%3D0.73%26nc%3D0.73%26mv%3D0%26nv%3D0%26lte%3D0.73%26ces%26femt%3D1939%26femvt%3D0%26emc%3D5%26emuc%3D0%26emb%3D0,0,3,0,0%26avms%3Dexc%26qi%3D153001763%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D0%26psa%3D0%26ptlt%3D3115%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.11%26t%3D1650201310088&sdkv=h.3.510.1&vci=CiMIAhoMb25uZXR3b3JrLnR2IAQqDTE2NTAyMDEzMDYxMzBAAApoCAESGHB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldBoHQWRTZW5zZSAEKgw1MzkwNTM5MTYxMDgyDDU3MzE5OTM5NjY4OEDpAlIgEA8lAACgQSgBOgd1bmtub3duQgd1bmtub3duSI0GUAAYAQ..

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Apr 2022 13:15:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 7D95 42 B
64 B 45ms
40ms Image
image/gif 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvkGBh5ue3QWksSpXV5I-zOhFuzzbSBv6ZH-RS5Pq4shycP1pfQjSAif4Ig3ymHqB-A-9-7HPtG_m-muV8g7Id6fq7FGHvvksdzVcdlfJ0e3uO7TNQ&sai=AMfl-YSnGk_2bajq0NA44Nd47aPD4qCGXOi7G_bzf-WemA2xwstN4lJJ3-_-YgfPOKQ7yV5aImS8OalbmV55h5QcUCDYu6atsG5aCDY4C7WEm9EkYiM17yhZrDtiZQg&sig=Cg0ArKJSzBkRWzu5Fn3rEAE&cid=CAASFeRo7fVDPJIpm5T8tRyzCGpLzMDbEg&id=lidarv&acvw=sv%3D924%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D901,260,1310,984%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15069%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26ic%3D274%26cs%3D274%26c%3D0.73%26mc%3D0.73%26nc%3D0.73%26mv%3D0%26nv%3D0%26lte%3D0.73%26ces%26femt%3D1939%26femvt%3D0%26emc%3D5%26emuc%3D0%26emb%3D0,0,3,0,0%26avms%3Dexc%26qi%3D153001763%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D0%26psa%3D0%26ptlt%3D3117%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.11%26t%3D1650201310088&avm=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Apr 2022 13:15:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview_ext
pagead2.googlesyndication.com/ Frame 7D95 42 B
64 B 43ms
37ms Image
image/gif 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/activeview_ext?id=lidarv&avm=1&dc_pubid=3&dc_exteid=3648837895474371850&acvw=sv%3D924%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D901,260,1310,984%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15069%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26ic%3D274%26cs%3D274%26c%3D0.73%26mc%3D0.73%26nc%3D0.73%26mv%3D0%26nv%3D0%26lte%3D0.73%26ces%26femt%3D1939%26femvt%3D0%26emc%3D5%26emuc%3D0%26emb%3D0,0,3,0,0%26avms%3Dexc%26qi%3D153001763%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D0%26psa%3D0%26ptlt%3D3117%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.11%26t%3D1650201310088?

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Apr 2022 13:15:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pubid=3;dc_exteid=3648837895474371850;met=1;ecn1=1;etm1=0;eid1=200101;acvw=sv%3D924%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D901,260,1310,984%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D...
ade.googlesyndication.com/ddm/activity_ext/ Frame 7D95 42 B
494 B 87ms
41ms Image
image/gif 172.217.175.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=3648837895474371850;met=1;ecn1=1;etm1=0;eid1=200101;acvw=sv%3D924%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D901,260,1310,984%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15069%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26ic%3D274%26cs%3D274%26c%3D0.73%26mc%3D0.73%26nc%3D0.73%26mv%3D0%26nv%3D0%26lte%3D0.73%26ces%26femt%3D1939%26femvt%3D0%26emc%3D5%26emuc%3D0%26emb%3D0,0,3,0,0%26avms%3Dexc%26qi%3D153001763%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D0%26psa%3D0%26ptlt%3D3117%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.11%26t%3D1650201310088?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.175.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s29-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Apr 2022 13:15:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 7D95 42 B
64 B 49ms
44ms Image
image/gif 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CCzPA3RJcYsLbE9aR2ATRz5PwBJuTg9hpzP_3kNgPsJAfEAEg6pr8J2DZAqABi-KKoAHIAQXgAgCoAwGYBACqBOsCT9A_PIHrWr8I4DoAjf_RJRioFEe4sKOtbFkvqP4qOY6Rs_e16Xwy7PQeoy0NO8KROJkXUghbOBp5VlxTDd7GZd8map4obQ43AanxfQEfnpyBkMD7WfVp-kvsJHnf4mNcYVqCFRRgJlGWt9pNrSj8JJZChmG0hlIuL0yHSNiWRrIZLmuZvjJwMz7QI8ffsefE8aM7LfhFTOWasHaNKcWn4zsO9VsPc6jfzVJ83Px-a-T3LMb1rjUw_2ZA4gmQrxzd-VOWbbhhpyZqFkMtz5z1_7R7lUFrbTjrgaiOJN20j4ZrcDSRqdqpU-kp5jEKP9BkVdbmO0ztecFUKvFZaLowFpt6YaIUNLFOh-D7fKGComps4hgR1Gc82aJrMyW_Bsb31z0NA5caHk1xgBNWyiFeHeoe9jR_AnsTz2t0myCgkm4H5rL2TOqI12YaPdtAKXp2wt75VoRkcmD6iXtKptFUu5LNOmA54s8zc-DfwATPkbrl5QPgBAGIBZOW-YY6oAZUgAfdnfXfAqgHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcBqAgB0ggHCIBhEAEYHfIIG2FkeC1zdWJzeW4tOTE2MTg2MzY4NTgyNjk1NoAKA8gLAbAT8rv1DtgTDYgUAdgUAdAVAagWAeIWAggB-BYBgBcB&sigh=0hCibKtd8LM&cmd=Ch1jYS12aWRlby1wdWItNTUxMjM5MDcwNTEzNzUwNxAAGAI&label=part2viewed&ad_mt=0&acvw=sv%3D924%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D901,260,1310,984%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15069%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26i0%3D275%26ic%3D0%26cs%3D274%26c%3D0.73%26mc%3D0.73%26nc%3D0.73%26mv%3D0%26nv%3D0%26lte%3D0.73%26ces%26femt%3D1939%26femvt%3D0%26emc%3D5%26emuc%3D0%26emb%3D0,0,3,0,0%26avms%3Dexc%26qi%3D153001763%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D0%26psa%3D0%26ptlt%3D3118%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.11%26t%3D1650201310088&sdkv=h.3.510.1&vci=CiMIAhoMb25uZXR3b3JrLnR2IAQqDTE2NTAyMDEzMDYxMzBAAApoCAESGHB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldBoHQWRTZW5zZSAEKgw1MzkwNTM5MTYxMDgyDDU3MzE5OTM5NjY4OEDpAlIgEA8lAACgQSgBOgd1bmtub3duQgd1bmtub3duSI0GUAAYAQ..

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Apr 2022 13:15:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pubid=3;dc_exteid=3648837895474371850;met=1;ecn1=1;etm1=0;eid1=11;acvw=sv%3D924%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D901,260,1310,984%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0...
ade.googlesyndication.com/ddm/activity_ext/ Frame 7D95 42 B
107 B 90ms
45ms Image
image/gif 172.217.175.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=3648837895474371850;met=1;ecn1=1;etm1=0;eid1=11;acvw=sv%3D924%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D901,260,1310,984%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15069%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26i0%3D275%26ic%3D0%26cs%3D274%26c%3D0.73%26mc%3D0.73%26nc%3D0.73%26mv%3D0%26nv%3D0%26lte%3D0.73%26ces%26femt%3D1939%26femvt%3D0%26emc%3D5%26emuc%3D0%26emb%3D0,0,3,0,0%26avms%3Dexc%26qi%3D153001763%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D0%26psa%3D0%26ptlt%3D3118%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.11%26t%3D1650201310088?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.175.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s29-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Apr 2022 13:15:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 a_cnta.png
cdn.onnetwork.tv/cnt/ Frame 7D95 126 B
329 B 251ms
246ms Image
image/png 178.33.50.233
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.onnetwork.tv/cnt/a_cnta.png?ts=16502013090&vmvp=0&s=580084&d=9074&vs=1675&vc=1650201306130&mobile=0&aps=4&pls=1&wsc=ab&playerVisible=1&acount=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.33.50.233 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w18.of.pl
Software: XO.webservantpro /
Resource Hash: a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:15:11 GMT
last-modified: Sunday, 17-Apr-2022 13:15:11 GMT
server: XO.webservantpro
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 126

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7D95 0
20 B 41ms
36ms Image
image/gif 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?evt=showui&format=TRUEVIEW&lid=143&sdkv=h.3.510.1&e=44725356%2C44750813%2C44750823%2C44758348%2C44761692&id=ima_html5&c=4016044067733254&domain=ja.projectunderstood.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Apr 2022 13:15:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 7D95 42 B
64 B 47ms
43ms Image
image/gif 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CCzPA3RJcYsLbE9aR2ATRz5PwBJuTg9hpzP_3kNgPsJAfEAEg6pr8J2DZAqABi-KKoAHIAQXgAgCoAwGYBACqBOsCT9A_PIHrWr8I4DoAjf_RJRioFEe4sKOtbFkvqP4qOY6Rs_e16Xwy7PQeoy0NO8KROJkXUghbOBp5VlxTDd7GZd8map4obQ43AanxfQEfnpyBkMD7WfVp-kvsJHnf4mNcYVqCFRRgJlGWt9pNrSj8JJZChmG0hlIuL0yHSNiWRrIZLmuZvjJwMz7QI8ffsefE8aM7LfhFTOWasHaNKcWn4zsO9VsPc6jfzVJ83Px-a-T3LMb1rjUw_2ZA4gmQrxzd-VOWbbhhpyZqFkMtz5z1_7R7lUFrbTjrgaiOJN20j4ZrcDSRqdqpU-kp5jEKP9BkVdbmO0ztecFUKvFZaLowFpt6YaIUNLFOh-D7fKGComps4hgR1Gc82aJrMyW_Bsb31z0NA5caHk1xgBNWyiFeHeoe9jR_AnsTz2t0myCgkm4H5rL2TOqI12YaPdtAKXp2wt75VoRkcmD6iXtKptFUu5LNOmA54s8zc-DfwATPkbrl5QPgBAGIBZOW-YY6oAZUgAfdnfXfAqgHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcBqAgB0ggHCIBhEAEYHfIIG2FkeC1zdWJzeW4tOTE2MTg2MzY4NTgyNjk1NoAKA8gLAbAT8rv1DtgTDYgUAdgUAdAVAagWAeIWAggB-BYBgBcB&sigh=0hCibKtd8LM&cmd=Ch1jYS12aWRlby1wdWItNTUxMjM5MDcwNTEzNzUwNxAAGAI&label=admute&ad_mt=0&acvw=sv%3D924%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D901,260,1310,984%26tos%3D0,0,12,0,0%26mtos%3D0,0,12,12,12%26amtos%3D0,0,0,0,0%26mcvt%3D12%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D12%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D12%26pst%3D-1%26dur%3D15069%26vmtime%3D-1%26dvs%3D12%26dfvs%3D0%26dvpt%3D12%26is%3D275%26i0%3D275%26ic%3D4096%26cs%3D4370%26c%3D0.73%26mc%3D0.73%26nc%3D0.73%26mv%3D0%26nv%3D0%26lte%3D0.73%26ces%26femt%3D1939%26femvt%3D0%26emc%3D5%26emuc%3D0%26emb%3D0,0,3,0,0%26avms%3Dexc%26qi%3D153001763%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D0%26psa%3D0%26ptlt%3D3122%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,12,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.11%26t%3D1650201310088&sdkv=h.3.510.1&vci=CiMIAhoMb25uZXR3b3JrLnR2IAQqDTE2NTAyMDEzMDYxMzBAAApoCAESGHB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldBoHQWRTZW5zZSAEKgw1MzkwNTM5MTYxMDgyDDU3MzE5OTM5NjY4OEDpAlIgEA8lAACgQSgBOgd1bmtub3duQgd1bmtub3duSI0GUAAYAQ..

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Apr 2022 13:15:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pubid=3;dc_exteid=3648837895474371850;met=1;ecn1=1;etm1=0;eid1=16;acvw=sv%3D924%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D901,260,1310,984%26tos%3D0,0,12,0,0%26mtos%3D0,0,12,12,12%26amtos%3D...
ade.googlesyndication.com/ddm/activity_ext/ Frame 7D95 42 B
107 B 87ms
43ms Image
image/gif 172.217.175.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=3648837895474371850;met=1;ecn1=1;etm1=0;eid1=16;acvw=sv%3D924%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D901,260,1310,984%26tos%3D0,0,12,0,0%26mtos%3D0,0,12,12,12%26amtos%3D0,0,0,0,0%26mcvt%3D12%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D12%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D12%26pst%3D-1%26dur%3D15069%26vmtime%3D-1%26dvs%3D12%26dfvs%3D0%26dvpt%3D12%26is%3D275%26i0%3D275%26ic%3D4096%26cs%3D4370%26c%3D0.73%26mc%3D0.73%26nc%3D0.73%26mv%3D0%26nv%3D0%26lte%3D0.73%26ces%26femt%3D1939%26femvt%3D0%26emc%3D5%26emuc%3D0%26emb%3D0,0,3,0,0%26avms%3Dexc%26qi%3D153001763%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D0%26psa%3D0%26ptlt%3D3122%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,12,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.11%26t%3D1650201310088?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.175.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s29-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Apr 2022 13:15:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 a_cnta.png
cdn.onnetwork.tv/cnt/ Frame 7D95 126 B
329 B 251ms
247ms Image
image/png 178.33.50.233
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.onnetwork.tv/cnt/a_cnta.png?ts=16502013090&vmvp=0&g=580084&d=9074&vs=1675&vc=1650201306130&mobile=0&aps=4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.33.50.233 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w18.of.pl
Software: XO.webservantpro /
Resource Hash: a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:15:11 GMT
last-modified: Sunday, 17-Apr-2022 13:15:11 GMT
server: XO.webservantpro
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 126

POST
H3 200 collect Show response
www.google-analytics.com/j/ Frame 6259 2 B
22 B 36ms
35ms XHR
text/plain 2404:6800:4004:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1271601939&t=event&ni=0&_s=1&dl=https%3A%2F%2Fja.projectunderstood.com%2F744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10&ul=en-us&de=UTF-8&dt=Player&sd=24-bit&sr=1600x1200&vp=725x409&je=0&ec=%2Foptad_com%2F9074&ea=adstart&el=1675&ev=0&_u=KGnAAEABAAAAAC~&jid=817479415&gjid=1035479621&cid=2087097221.1650201308&tid=UA-210919371-9&_gid=1078868124.1650201308&_r=1&_slc=1&z=1272084641

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ja.projectunderstood.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 17 Apr 2022 13:15:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ja.projectunderstood.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 a_cnti.png Show response
cdn.onnetwork.tv/cnt/ Frame 6259 126 B
329 B 246ms
246ms Fetch
image/png 178.33.50.233
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onnetwork.tv/cnt/a_cnti.png?ts=1650201311&event=adstart&d=9074&vs=1675&aps=4&playerVisible=1&plist=0&widget=0&initap=4&currap=4&ab=0&cbs=2&co=0&vc=1650201306130&pod=0&ppos=1&muted=1&mobile=0&lls=1&acount=0
Requested by: Host: ja.projectunderstood.com
URL: https://ja.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.33.50.233 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w18.of.pl
Software: XO.webservantpro /
Resource Hash: a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:15:11 GMT
last-modified: Sunday, 17-Apr-2022 13:15:11 GMT
server: XO.webservantpro
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 126

GET
H2 200 a_cntm.png Show response
cdn.onnetwork.tv/cnt/ Frame 6259 126 B
329 B 246ms
246ms Fetch
image/png 178.33.50.233
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onnetwork.tv/cnt/a_cntm.png?ts=1650201311&u=580084&d=9074&vnb=0&pls=0&abm=1&wsc=ab&typ=embed&playerVisible=1&mobile=0&vs=44
Requested by: Host: ja.projectunderstood.com
URL: https://ja.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.33.50.233 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w18.of.pl
Software: XO.webservantpro /
Resource Hash: a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:15:11 GMT
last-modified: Sunday, 17-Apr-2022 13:15:11 GMT
server: XO.webservantpro
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 126

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame CCD9 43 B
301 B 173ms
173ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=743429&asId=de7f8326-d6f9-ab17-4ace-efa252cdeb28&tv=%7Bc:a31TZL,pingTime:1,time:2746,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:16%7D,%7Bpiv:100,vs:i,r:,t:1729%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1017,o:1729,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1724~0,0~100%5D,as:%5B1724~728.90%5D%7D%7D,%7Bsl:i,t:1729,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1017~100%5D,as:%5B1017~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:273,fm:t3gEw3B+11%7C12%7C131%7C132%7C133%7C134%7C135%7C141%7C1421%7C151%7C152%7C153%7C161%7C17*.743429-55636121%7C171%7C172,idMap:17*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 17 Apr 2022 13:15:10 GMT
X-Server-Name: dt42.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame CCD9 43 B
301 B 175ms
175ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=743429&asId=de7f8326-d6f9-ab17-4ace-efa252cdeb28&tv=%7Bc:a31TZM,pingTime:1,time:2747,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:16%7D,%7Bpiv:100,vs:i,r:,t:1729%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1018,o:1729,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1724~0,0~100%5D,as:%5B1724~728.90%5D%7D%7D,%7Bsl:i,t:1729,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1018~100%5D,as:%5B1018~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:273,fm:t3gEw3B+11%7C12%7C131%7C132%7C133%7C134%7C135%7C141%7C1421%7C151%7C152%7C153%7C161%7C17*.743429-55636121%7C171%7C172,idMap:17*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 17 Apr 2022 13:15:11 GMT
X-Server-Name: dt58.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H3 200 hhrtBw21.html Show response
tpc.googlesyndication.com/sodar/ Frame 2507 23 KB
9 KB 6ms
4ms Document
text/html 2404:6800:4004:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/hhrtBw21.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:808::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 308517
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 13 Apr 2022 23:33:13 GMT
expires: Thu, 13 Apr 2023 23:33:13 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 k-Lxrj_3cR5KhrMTVpzAVOH1CgwXrUvkekFpn42ZeoQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 2507 35 KB
13 KB 3ms
3ms Script
text/javascript 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/k-Lxrj_3cR5KhrMTVpzAVOH1CgwXrUvkekFpn42ZeoQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/hhrtBw21.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93e2f1ae3ff7711e4a86b313569cc054e1f50a0c17ad4be47a41699f8d997a84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 05:43:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 372717
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13613
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Apr 2023 05:43:13 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 1477ms
169ms Preflight
application/json 182.161.74.11

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=peSyxXxOdG03NGlWVzJuUGJvc3ovaDZad0tUQ3NYTmVFRTRSdEdLUW4yb2dIRmsvN05mdGNnV1JtMmtBaERyU1RhdEtzYmEwSUZMVnQ3US9aSjgrMGxXRHhpRk9hRVVYb3NjZTZ3MWpmQjhDNnNZYjhlZHlGblNMdTZxdCtiZG9Scy9HLzg1ckFaeWlXbnNSSmgxVzB3ajBFS3VzOHhlZTVXaERVV0trYVdFbGdxUUJ5S1ppODVGaDQ4UTFXUW12UzZJYjRQbVI0U2QvSUQ4M3FPY0h5eWUraGFxYmJIeFVQN0dFem9jdEVqVno3SFFCVHc4d0lYVytsZjVDcmtSQlZCYmZYfA&cppv=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.11 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sun, 17 Apr 2022 13:15:12 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 943
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2507 0
20 B 45ms
45ms Image
image/gif 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=36&t=2&li=v_h.3.510.1&bgai=BZI7R3RJcYsLbE9aR2ATRz5PwBAAAAAA4AboFEwjju-T2lpv3AhVXJZYKHTcIDAE&bg=!GhmlGV3NAAZvJBiFTyQ7ACkAdvg8WonuwpgiBVZLXgIHAMq1GawuH5E31SeaE_95RIbfdBshioDSzgIAAABPUgAAAAJoAQcKADtbU2jeWQfK_sNwRjbW5dfSlVTur0wBSlSzIch4nZ_AqyIm7HUDOgZrwagKz0glbzIw-k9fwVo40Jc7hZkCdyVcU25saCJH1gYaFVCKR_U8S0SXEzgZMVlB9pkJDMo3_Aq49ES1FzX5I1Wv3zh6DhapXdtdLSTFoAGEsyhpaOJjsc-XxDb1VTSbIUlkaNolfmDXtHg_bQt0gE3cmH0jsKq4mfLduhVY0TXhGl9m2beY79Jh9NILPuz1Tq1yz-1msL2F05xA15X5nDDpq49zeMqMouRf9uo42yaOkCirIxNPnouLyZ7GhtTGkFU8owvrtfSXBRukt5AiQrjslENhpxNaUIpJ96iQ0X9kjiYonUW3Rz9pH7XIvVUPBY9PjyKQGY3gQsdGoIF0LAV6aUlCfq6sr71_GvMMjUk6qRBcdzv8DfcSa53a50uxPhvU7b506Fv3Fg9iY917S49zYzjRgwVEXRSUjhnF1bPPYiiYSUfvxnVhnMCbM-xQZwUlp8rE49pGKQJxudga4HD_K5xNKPQWaaLaz9TIv8EVUuTDfdeutlNB8_PeLbUlS7bw4Ppnacq42drd-k6KcCmDOMAnqM1v3eGWBnSL0CDa4oRxheco9gXjEjBvjUMRTGItDF7zKxvgHKUWmLhh6bJP-xzBdoWoVxAHkF_9DAEAnzvqFc-qqVIrtWM_v6WWBZ2F0vMlt-IDQQkAUWoQsngBd4nbvapqfQn6F1kOVCYET6AEJ4J4KgSleinVsr7tFAV_CsgdaiYjmrCRXq6bhEiYfLqfN5OKpe_22DvVyAvy3dd45qp9XSTgpohMwSyOjiz-Qs5spA1igzhTjp_2yBzmCMmXIfLQJaeXSFwFjzq_Wf9KH7wAK8r6KtPk9d1EYuvjD-d2yhwJb_nLQi7UCFRMClYom3PpSyzIaXg

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Apr 2022 13:15:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 playback
s.youtube.com/api/stats/ Frame 7D95 0
0 409ms
150ms Image
text/html 2607:f8b0:4023:1009::8a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.youtube.com/api/stats/playback?ns=yt&fexp=44725356%2C44750813%2C44750823%2C44758348%2C44761692&el=adunit&cpn=RaB3defASwRYcuF1&docid=ATSJYos8moI&visitordata=Cgt6TWJKYjdyY0tVbw%253D%253D&ver=2&cmt=0.195&fmt=18&rt=0.000&adformat=2_2_1&euri=https%3A%2F%2Fja.projectunderstood.com%2F&len=15.070&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=100.0.4896.75&cos=Linux%20x86_64&cosver=537.36&cplatform=desktop&mos=1&volume=0&delay=13&rtn=10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4023:1009::8a Fort Worth, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 032D 0
745 B 139ms
139ms Script
text/html 103.43.90.19
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

103.43.90.19 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 17 Apr 2022 13:15:11 GMT
X-Proxy-Origin: 31.204.145.169; 31.204.145.169; 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 417b7225-3c8f-4f72-b1e3-31dbbd491245
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 21FE 0
745 B 98ms
97ms Script
text/html 103.43.90.19
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

103.43.90.19 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 17 Apr 2022 13:15:11 GMT
X-Proxy-Origin: 31.204.145.169; 31.204.145.169; 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 1dc8b592-dec9-4a7f-8f02-1005992e3bb2
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 083C 0
745 B 100ms
100ms Script
text/html 103.43.90.19
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

103.43.90.19 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 17 Apr 2022 13:15:11 GMT
X-Proxy-Origin: 31.204.145.169; 31.204.145.169; 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 51455561-873c-4d13-8b5d-04a7c1a2ff3d
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 a_cnta.png
cdn.onnetwork.tv/cnt/ Frame 7D95 126 B
329 B 247ms
246ms Image
image/png 178.33.50.233
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.onnetwork.tv/cnt/a_cnta.png?ts=16502013090&vmvp=0&v=580084&d=9074&vs=1675&vc=1650201306130&mobile=0&aps=4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.33.50.233 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w18.of.pl
Software: XO.webservantpro /
Resource Hash: a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:15:13 GMT
last-modified: Sunday, 17-Apr-2022 13:15:13 GMT
server: XO.webservantpro
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 126

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 7D95 42 B
64 B 44ms
43ms Image
image/gif 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvkGBh5ue3QWksSpXV5I-zOhFuzzbSBv6ZH-RS5Pq4shycP1pfQjSAif4Ig3ymHqB-A-9-7HPtG_m-muV8g7Id6fq7FGHvvksdzVcdlfJ0e3uO7TNQ&sai=AMfl-YSnGk_2bajq0NA44Nd47aPD4qCGXOi7G_bzf-WemA2xwstN4lJJ3-_-YgfPOKQ7yV5aImS8OalbmV55h5QcUCDYu6atsG5aCDY4C7WEm9EkYiM17yhZrDtiZQg&sig=Cg0ArKJSzBkRWzu5Fn3rEAE&cid=CAASFeRo7fVDPJIpm5T8tRyzCGpLzMDbEg&id=lidarv&acvw=sv%3D924%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D901,260,1310,984%26tos%3D0,0,2019,0,0%26mtos%3D0,0,2019,2019,2019%26amtos%3D0,0,0,0,0%26mcvt%3D2019%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2019%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D420%26pst%3D414%26dur%3D15069%26vmtime%3D1945%26dtos%3D2019%26dtoss%3D1%26dvs%3D2007%26dfvs%3D0%26dvpt%3D2007%26is%3D275%26i0%3D275%26ic%3D1%26cs%3D4371%26c%3D0.73%26mc%3D0.73%26nc%3D0.73%26mv%3D0%26nv%3D0%26lte%3D0.73%26ces%26femt%3D1939%26femvt%3D0%26emc%3D15%26emuc%3D0%26emb%3D0,0,13,0,0%26avms%3Dexc%26qi%3D153001763%26psm%3D-2147483645%26psv%3D-2147483645%26psfv%3D0%26psa%3D0%26ptlt%3D5128%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,2019,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.11%26t%3D1650201310088

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Apr 2022 13:15:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview_ext
pagead2.googlesyndication.com/ Frame 7D95 42 B
64 B 38ms
37ms Image
image/gif 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/activeview_ext?id=lidarv&dc_pubid=3&dc_exteid=3648837895474371850&acvw=sv%3D924%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D901,260,1310,984%26tos%3D0,0,2019,0,0%26mtos%3D0,0,2019,2019,2019%26amtos%3D0,0,0,0,0%26mcvt%3D2019%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2019%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D420%26pst%3D414%26dur%3D15069%26vmtime%3D1945%26dtos%3D2019%26dtoss%3D1%26dvs%3D2007%26dfvs%3D0%26dvpt%3D2007%26is%3D275%26i0%3D275%26ic%3D1%26cs%3D4371%26c%3D0.73%26mc%3D0.73%26nc%3D0.73%26mv%3D0%26nv%3D0%26lte%3D0.73%26ces%26femt%3D1939%26femvt%3D0%26emc%3D15%26emuc%3D0%26emb%3D0,0,13,0,0%26avms%3Dexc%26qi%3D153001763%26psm%3D-2147483645%26psv%3D-2147483645%26psfv%3D0%26psa%3D0%26ptlt%3D5128%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,2019,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.11%26t%3D1650201310088?

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Apr 2022 13:15:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dc_pubid=3;dc_exteid=3648837895474371850;met=1;ecn1=1;etm1=0;eid1=200000;acvw=sv%3D924%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D901,260,1310,984%26tos%3D0,0,2019,0,0%26mtos%3D0,0,2019,2019,2019...
ade.googlesyndication.com/ddm/activity_ext/ Frame 7D95 42 B
63 B 77ms
41ms Image
image/gif 172.217.175.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=3648837895474371850;met=1;ecn1=1;etm1=0;eid1=200000;acvw=sv%3D924%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D901,260,1310,984%26tos%3D0,0,2019,0,0%26mtos%3D0,0,2019,2019,2019%26amtos%3D0,0,0,0,0%26mcvt%3D2019%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2019%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D420%26pst%3D414%26dur%3D15069%26vmtime%3D1945%26dtos%3D2019%26dtoss%3D1%26dvs%3D2007%26dfvs%3D0%26dvpt%3D2007%26is%3D275%26i0%3D275%26ic%3D1%26cs%3D4371%26c%3D0.73%26mc%3D0.73%26nc%3D0.73%26mv%3D0%26nv%3D0%26lte%3D0.73%26ces%26femt%3D1939%26femvt%3D0%26emc%3D15%26emuc%3D0%26emb%3D0,0,13,0,0%26avms%3Dexc%26qi%3D153001763%26psm%3D-2147483645%26psv%3D-2147483645%26psfv%3D0%26psa%3D0%26ptlt%3D5128%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,2019,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.11%26t%3D1650201310088?

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.175.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s29-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Apr 2022 13:15:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 a_cnti.png Show response
cdn.onnetwork.tv/cnt/ Frame 6259 126 B
329 B 247ms
246ms Fetch
image/png 178.33.50.233
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onnetwork.tv/cnt/a_cnti.png?ts=1650201313&event=adviewable&d=9074&vs=1675&aps=4&playerVisible=1&plist=0&widget=0&initap=4&currap=4&ab=0&cbs=2&co=0&vc=1650201306130&pod=0&ppos=1&muted=1&mobile=0&lls=1&acount=0
Requested by: Host: ja.projectunderstood.com
URL: https://ja.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.33.50.233 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w18.of.pl
Software: XO.webservantpro /
Resource Hash: a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:15:13 GMT
last-modified: Sunday, 17-Apr-2022 13:15:13 GMT
server: XO.webservantpro
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 126

GET
H2 200 a_cnta.png Show response
cdn.onnetwork.tv/cnt/ Frame 6259 126 B
329 B 246ms
246ms Fetch
image/png 178.33.50.233
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onnetwork.tv/cnt/a_cnta.png?ts=1650201313&z=580084&d=9074&vs=1675&aps=4&playerVisible=1&mobile=0&wsc=ab&acount=0&typ=embed
Requested by: Host: ja.projectunderstood.com
URL: https://ja.projectunderstood.com/744-w-s-a-d-and-arrow-keys-are-switched-in-windows-10
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.33.50.233 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w18.of.pl
Software: XO.webservantpro /
Resource Hash: a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ja.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:15:13 GMT
last-modified: Sunday, 17-Apr-2022 13:15:13 GMT
server: XO.webservantpro
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 126

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 7D95 42 B
64 B 313ms
312ms Image
image/gif 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CCzPA3RJcYsLbE9aR2ATRz5PwBJuTg9hpzP_3kNgPsJAfEAEg6pr8J2DZAqABi-KKoAHIAQXgAgCoAwGYBACqBOsCT9A_PIHrWr8I4DoAjf_RJRioFEe4sKOtbFkvqP4qOY6Rs_e16Xwy7PQeoy0NO8KROJkXUghbOBp5VlxTDd7GZd8map4obQ43AanxfQEfnpyBkMD7WfVp-kvsJHnf4mNcYVqCFRRgJlGWt9pNrSj8JJZChmG0hlIuL0yHSNiWRrIZLmuZvjJwMz7QI8ffsefE8aM7LfhFTOWasHaNKcWn4zsO9VsPc6jfzVJ83Px-a-T3LMb1rjUw_2ZA4gmQrxzd-VOWbbhhpyZqFkMtz5z1_7R7lUFrbTjrgaiOJN20j4ZrcDSRqdqpU-kp5jEKP9BkVdbmO0ztecFUKvFZaLowFpt6YaIUNLFOh-D7fKGComps4hgR1Gc82aJrMyW_Bsb31z0NA5caHk1xgBNWyiFeHeoe9jR_AnsTz2t0myCgkm4H5rL2TOqI12YaPdtAKXp2wt75VoRkcmD6iXtKptFUu5LNOmA54s8zc-DfwATPkbrl5QPgBAGIBZOW-YY6oAZUgAfdnfXfAqgHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcBqAgB0ggHCIBhEAEYHfIIG2FkeC1zdWJzeW4tOTE2MTg2MzY4NTgyNjk1NoAKA8gLAbAT8rv1DtgTDYgUAdgUAdAVAagWAeIWAggB-BYBgBcB&sigh=0hCibKtd8LM&cmd=Ch1jYS12aWRlby1wdWItNTUxMjM5MDcwNTEzNzUwNxAAGAI&label=videoplaytime25&ad_mt=3947&acvw=sv%3D924%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D901,260,1310,984%26tos%3D0,0,3992,0,0%26mtos%3D0,0,3992,3992,3992%26amtos%3D0,0,0,0,0%26mcvt%3D3992%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3992%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D821%26pst%3D414%26dur%3D15069%26vmtime%3D3946%26dtos%3D1973%26dtoss%3D2%26dvs%3D1973%26dfvs%3D0%26dvpt%3D1973%26is%3D275%26i0%3D275%26i1%3D275%26ic%3D0%26cs%3D4371%26c%3D0.73%26mc%3D0.73%26nc%3D0.73%26mv%3D0%26nv%3D0%26qmt%3D0,0,3992,3992,3992%26qnc%3D0.73%26qmv%3D0%26qnv%3D0%26lte%3D0.73%26ces%26femt%3D1939%26femvt%3D0%26emc%3D25%26emuc%3D0%26emb%3D0,0,23,0,0%26avms%3Dexc%26qi%3D153001763%26psm%3D-2147483633%26psv%3D-2147483633%26psfv%3D0%26psa%3D0%26ptlt%3D7101%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,3992,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.11%26t%3D1650201310088&sdkv=h.3.510.1&vci=CiMIAhoMb25uZXR3b3JrLnR2IAQqDTE2NTAyMDEzMDYxMzBAAApoCAESGHB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldBoHQWRTZW5zZSAEKgw1MzkwNTM5MTYxMDgyDDU3MzE5OTM5NjY4OEDpAlIgEA8lAACgQSgBOgd1bmtub3duQgd1bmtub3duSI0GUAAYAQ..

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Apr 2022 13:15:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dc_pubid=3;dc_exteid=3648837895474371850;met=1;ecn1=1;etm1=0;eid1=960584;acvw=sv%3D924%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D901,260,1310,984%26tos%3D0,0,3992,0,0%26mtos%3D0,0,3992,3992,3992...
ade.googlesyndication.com/ddm/activity_ext/ Frame 7D95 42 B
63 B 313ms
312ms Image
image/gif 172.217.175.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=3648837895474371850;met=1;ecn1=1;etm1=0;eid1=960584;acvw=sv%3D924%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D901,260,1310,984%26tos%3D0,0,3992,0,0%26mtos%3D0,0,3992,3992,3992%26amtos%3D0,0,0,0,0%26mcvt%3D3992%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3992%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D821%26pst%3D414%26dur%3D15069%26vmtime%3D3946%26dtos%3D1973%26dtoss%3D2%26dvs%3D1973%26dfvs%3D0%26dvpt%3D1973%26is%3D275%26i0%3D275%26i1%3D275%26ic%3D0%26cs%3D4371%26c%3D0.73%26mc%3D0.73%26nc%3D0.73%26mv%3D0%26nv%3D0%26qmt%3D0,0,3992,3992,3992%26qnc%3D0.73%26qmv%3D0%26qnv%3D0%26lte%3D0.73%26ces%26femt%3D1939%26femvt%3D0%26emc%3D25%26emuc%3D0%26emb%3D0,0,23,0,0%26avms%3Dexc%26qi%3D153001763%26psm%3D-2147483633%26psv%3D-2147483633%26psfv%3D0%26psa%3D0%26ptlt%3D7101%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,3992,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.11%26t%3D1650201310088?

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.175.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s29-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Apr 2022 13:15:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 a_cnta.png
cdn.onnetwork.tv/cnt/ Frame 7D95 126 B
329 B 313ms
313ms Image
image/png 178.33.50.233
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.onnetwork.tv/cnt/a_cnta.png?ts=16502013090&vmvp=0&f=580084&d=9074&vs=1675&vc=1650201306130&mobile=0&aps=4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.33.50.233 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w18.of.pl
Software: XO.webservantpro /
Resource Hash: a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:15:14 GMT
last-modified: Sunday, 17-Apr-2022 13:15:14 GMT
server: XO.webservantpro
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 126

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame CCD9 43 B
301 B 290ms
290ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=743429&asId=de7f8326-d6f9-ab17-4ace-efa252cdeb28&tv=%7Bc:a31V20,pingTime:5,time:6729,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:16%7D,%7Bpiv:100,vs:i,r:,t:1729%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:5000,o:1729,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1724~0,0~100%5D,as:%5B1724~728.90%5D%7D%7D,%7Bsl:i,t:1729,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:176,fm:t3gEw3B+11%7C12%7C131%7C132%7C133%7C134%7C135%7C141%7C1421%7C151%7C152%7C153%7C161%7C17*.743429-55636121%7C171%7C172,idMap:17*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 17 Apr 2022 13:15:14 GMT
X-Server-Name: dt58.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame CCD9 43 B
301 B 360ms
360ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=743429&asId=de7f8326-d6f9-ab17-4ace-efa252cdeb28&tv=%7Bc:a31V3C,pingTime:5,time:6829,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:16%7D,%7Bpiv:100,vs:i,r:,t:1729%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:5100,o:1729,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1724~0,0~100%5D,as:%5B1724~728.90%5D%7D%7D,%7Bsl:i,t:1729,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5101~100%5D,as:%5B5101~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:176,fm:t3gEw3B+11%7C12%7C131%7C132%7C133%7C134%7C135%7C141%7C1421%7C151%7C152%7C153%7C161%7C17*.743429-55636121%7C171%7C172,idMap:17*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 17 Apr 2022 13:15:15 GMT
X-Server-Name: dt42.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ja.projectunderstood.com
URL: https://ja.projectunderstood.com/Wlylbgju.js

Domain: adx.adform.net
URL: https://adx.adform.net/adx/openrtb

Domain: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/?cs=true&bdver=5.3&pbver=6.8.0&inver=0

Domain: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/?cs=true&bdver=5.3&pbver=6.8.0&inver=0

Domain: adx.adform.net
URL: https://adx.adform.net/adx/openrtb

Domain: adx.adform.net
URL: https://adx.adform.net/adx/openrtb

Domain: mug.criteo.com
URL: https://mug.criteo.com/sid?cpp=peSyxXxOdG03NGlWVzJuUGJvc3ovaDZad0tUQ3NYTmVFRTRSdEdLUW4yb2dIRmsvN05mdGNnV1JtMmtBaERyU1RhdEtzYmEwSUZMVnQ3US9aSjgrMGxXRHhpRk9hRVVYb3NjZTZ3MWpmQjhDNnNZYjhlZHlGblNMdTZxdCtiZG9Scy9HLzg1ckFaeWlXbnNSSmgxVzB3ajBFS3VzOHhlZTVXaERVV0trYVdFbGdxUUJ5S1ppODVGaDQ4UTFXUW12UzZJYjRQbVI0U2QvSUQ4M3FPY0h5eWUraGFxYmJIeFVQN0dFem9jdEVqVno3SFFCVHc4d0lYVytsZjVDcmtSQlZCYmZYfA&cppv=2

Verdicts & Comments Add Verdict or Comment

170 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

33 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.net17.biz/	1970-01-20 03:06:33	Name: uuid Value: 7ec951b1-e8f3-44b4-a6bb-ce8b87b8f71e
.yadro.ru/	1970-01-20 11:07:58	Name: FTID Value: 1YN1BP2hPQeI1YN1BP001MXG
.projectunderstood.com/	1970-01-20 11:08:57	Name: didomi_token Value: eyJ1c2VyX2lkIjoiMTgwMzdhOWEtMTZhOC02MjkwLWEyZjgtNjQ5N2JkNGNmZTQ0IiwiY3JlYXRlZCI6IjIwMjItMDQtMTdUMTM6MTU6MDUuNDg4WiIsInVwZGF0ZWQiOiIyMDIyLTA0LTE3VDEzOjE1OjA1LjQ4OFoiLCJ2ZXJzaW9uIjpudWxsfQ==
.doubleclick.net/	1970-01-20 19:54:33	Name: IDE Value: AHWqTUkKnfXRp1vi89TJbM5dmHeyioA8U2URkLs4a-HXiJ6mVimTIqzf0i2Pvc6HEA0
.yadro.ru/	1970-01-20 11:07:58	Name: VID Value: 0_OaMM0mcpeI1YN1BP001CX4
.casalemedia.com/	1970-01-20 11:08:57	Name: CMID Value: YlwS2R1OnrNJwzddQpEKZQAA
.casalemedia.com/	1970-01-20 04:32:57	Name: CMPS Value: 851
ja.projectunderstood.com/	1970-01-20 03:06:33	Name: _pbjs_userid_consent_data Value: 6683316680106290
.projectunderstood.com/	1970-01-20 11:08:57	Name: _sharedID Value: 9fe9e6df-947b-49dc-b21c-abe60ebbf68c
.casalemedia.com/	1970-01-20 04:32:57	Name: CMPRO Value: 838
.casalemedia.com/	1970-01-20 02:24:47	Name: CMST Value: YlwS2mJcEtoA
.casalemedia.com/	1970-01-20 11:08:57	Name: CMRUM3 Value: 2d625c12da2760CAESELdi9Rhu5R4SqeajUvCXmXA
.adnxs.com/	1970-01-20 04:32:57	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVLtVnz(!]tbPl1M>e)ZlrFUfJ+tGXxoD^]d_G?5'K5AEJIK?W8ovD:6`e`dX$E.##9f3If)y3KL9D3I?+NZEDac
.adnxs.com/	1970-01-20 04:32:57	Name: uuid2 Value: 3252830804611333287
.adnxs.com/	1970-01-20 04:32:57	Name: icu Value: ChgInuRhEAoYAiACKAIw2qXwkgY4AkACSAIQ2qXwkgYYAQ..
.teads.tv/	1970-01-20 11:07:30	Name: tt_viewer Value: 826f2dcb-6092-4d69-aae6-8e1ff2b59e3b
.openx.net/	1970-01-20 11:08:57	Name: i Value: 90808850-0cd5-4c5d-a387-de420516eb00\|1650201307
.projectunderstood.com/	1970-01-20 11:44:57	Name: __gads Value: ID=1b4e733874eb5566:T=1650201305:S=ALNI_MbaRjRnlQpxUwOYnpzG-IgNvmV_Mg
.projectunderstood.com/	1970-01-20 11:44:57	Name: __gpi Value: UID=000004e335354c12:T=1650201305:RT=1650201305:S=ALNI_MZER4qFENINRFOUjqK2BcM-wmMONA
.krxd.net/	1970-01-20 06:42:33	Name: _kuid_ Value: OyKtzEkE
.turn.com/	1970-01-20 06:42:33	Name: uid Value: 3650225182335709258
.projectunderstood.com/	1970-01-20 19:54:33	Name: _ga Value: GA1.2.2087097221.1650201308
.projectunderstood.com/	1970-01-20 02:24:47	Name: _gid Value: GA1.2.1078868124.1650201308
.projectunderstood.com/	1970-01-20 02:23:21	Name: _gat_onn_tracker Value: 1
.ja.projectunderstood.com/	1970-01-20 19:54:33	Name: _ga Value: GA1.3.2087097221.1650201308
.ja.projectunderstood.com/	1970-01-20 02:24:47	Name: _gid Value: GA1.3.1078868124.1650201308
.everesttech.net/	1970-01-20 19:54:33	Name: everest_g_v2 Value: g_surferid~YlwS3AABZmYVhyVM
.adsrvr.org/	1970-01-20 11:08:57	Name: TDID Value: 558ef846-4aba-48ce-80cd-c34601ca502c
ja.projectunderstood.com/	1970-01-20 11:08:57	Name: unifiedid Value: %7B%22TDID%22%3A%22558ef846-4aba-48ce-80cd-c34601ca502c%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-04-17T13%3A15%3A10%22%7D
.microsoft.com/	1970-01-20 11:08:57	Name: MC1 Value: GUID=5567660ba3b446c2a269ef0c55a49ac6&HASH=5567&LV=202204&V=4&LU=1650201310845
.microsoft.com/	1970-01-20 11:44:57	Name: MUID Value: 39BF5D97E969650A22924C1EED696393
.analyticspixel.microsoft.com/	1970-01-20 02:33:26	Name: MR Value: 0
.ja.projectunderstood.com/	1970-01-20 02:23:21	Name: _gat_devel_atracker Value: 1

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://video.onnetwork.tv/embed.php?ext=optad(Line 740) Message: Unrecognized feature: 'xr'.
other	warning	URL: https://video.onnetwork.tv/embed.php?ext=optad(Line 740) Message: Allow attribute will take precedence over 'allowfullscreen'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
ad.doubleclick.net
ade.googlesyndication.com
ads.everesttech.net
adservice.google.co.jp
adservice.google.com
adx.adform.net
analyticspixel.microsoft.com
b94b175c4e57641e2d54b10af72afdea.safeframe.googlesyndication.com
beacon.krxd.net
bid.g.doubleclick.net
cdn.ampproject.org
cdn.doubleverify.com
cdn.jsdelivr.net
cdn.krxd.net
cdn.onnetwork.tv
cdn.zx-adnet.com
cdnjs.cloudflare.com
cdnt.onnetwork.tv
cm.g.doubleclick.net
cmp-as-tm.everesttech.net
code.createjs.com
consumer.krxd.net
counter.yadro.ru
csi.gstatic.com
d.turn.com
d7079319626924959602-t3650225182335709258.id.amgdgt.com
dco-assets.everestads.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
geolocation.onetrust.com
get.optad360.io
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
imasdk.googleapis.com
ja.projectunderstood.com
match.adsrvr.org
mug.criteo.com
net17.biz
onetag-sys.com
pagead2.googlesyndication.com
partners.tremorhub.com
prebid-eu.creativecdn.com
prebid.a-mo.net
projectunderstood.com
pubads.g.doubleclick.net
rr4---sn-oguesn6s.googlevideo.com
rtb0.doubleverify.com
rtbc-sgc.doubleverify.com
s.youtube.com
s0.2mdn.net
script.4dex.io
securepubads.g.doubleclick.net
site2text-2021.web.app
ssp.wp.pl
static.adsafeprotected.com
stats.g.doubleclick.net
statsf-tm.everesttech.net
std.wpcdn.pl
storage.googleapis.com
sync.teads.tv
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-sgc.doubleverify.com
uploads.projectunderstood.com
us-u.openx.net
video.onnetwork.tv
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
adx.adform.net
ja.projectunderstood.com
mug.criteo.com
ssp.wp.pl
103.43.90.19
104.120.3.184
104.244.36.20
142.251.42.162
142.251.42.194
147.75.38.124
151.101.194.49
151.101.65.195
151.101.66.133
172.217.161.38
172.217.175.226
172.217.175.98
178.33.50.233
18.136.247.49
182.161.74.11
185.184.8.90
188.166.135.13
2001:4860:4802:32::3
2001:df2:a300:bbbb::136
204.79.197.204
212.77.98.32
212.77.99.29
23.206.252.252
23.44.52.227
23.44.53.47
2404:6800:4004:24::9
2404:6800:4004:801::2001
2404:6800:4004:801::2002
2404:6800:4004:808::2001
2404:6800:4004:80c::2010
2404:6800:4004:810::2004
2404:6800:4004:813::2002
2404:6800:4004:81d::2002
2404:6800:4004:821::2002
2404:6800:4004:821::200a
2404:6800:4004:823::2002
2404:6800:4004:823::2003
2404:6800:4004:823::200e
2404:6800:4004:825::2003
2404:6800:4004:826::200a
2404:6800:4008:c01::9c
2404:6800:400a:804::2001
2404:6800:400a:80e::2006
2406:2600:4::b
2600:140b:400:180::4469
2600:140b:4::1732:8179
2600:1f18:612b:4216:25d9:1223:9f5d:e330
2600:9000:221a:ca00:11:a4de:2580:93a1
2600:9000:2363:9800:8:48e:53c0:93a1
2606:4700:10::6814:b844
2606:4700:20::681a:8a9
2606:4700:3031::6815:3e65
2606:4700::6810:5614
2606:4700::6811:180e
2607:f8b0:4023:1009::8a
2620:0:890::100
3.33.220.150
34.98.64.218
37.157.4.28
44.228.154.252
5.196.106.241
50.116.239.150
51.79.234.100
54.65.22.229
54.69.75.135
64.233.189.156
69.174.120.29
88.212.201.198
013ae65ce1b6a62bb74e8f9acb6674ac100a5477cccf4c02d8d08ff81f130db8
01f6149123a63544bc6137a864cb3aaf6e448757f62f89c160c50e6f7026e6bb
02e390f500bf5776b062eef6a874e7b6380e46003d34c369ac0246e74900fc78
04149c43558d59b2f0f2cc3f679979b915401ca5c94e833479ca9ea754db0b89
077f1a8a9da5dcbc4e3a92c0e69685c48245d06a771bea49562e42ab15e079b0
0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1240106b570dda5fdb8cf5e703d20b1068194eb2f18795e20fa85fcb96108fdb
1245c1a072bf0abcdebec57d0cbcd07268ebbfb0f67a0a30d8221a786c0537cb
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
131cf2c1b0214a0b495616b015e8c282b9dcb87578387a298dc0e1397b4557ee
13780742f544d5d136da716398121d110a8f4b0cb7c8cd35b4d22bfe95ed2f91
1389cd87bf26d7bc2b3c88abf5f9e8055624fca01dd40aa59601fa26ead3639c
1afb7470999e7042ed6d937973232a0116a8b2967c936cc37aff91be89435558
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726
213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb
2140806c6263b5b322eaba870045087b1d5b14c5ac188704d24ac4a77daa4e56
220de3c970e23fe080c44f049f4c8bcfc81d53d81456396602eb2e7a5c0a1422
22e0ec8b5b17f1c23195bd7f81b8f7eb193ccdc751b663f46dcbf216c992e125
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
251442df8a82e08bba7c62f7f42567fc2c12b9ec729c361ff713844d91188cb3
2642225e558d3d8b62943afefe8a0100d1be4eb3433cf25b062b710d41e5df6b
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2a379cf63567796698d75a04f4f49c11fbf652effd3b69b3666c45c77789c56c
2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f
320829d08d5e492bb1e0e2c49e7ddfe9a4d5c9f7ed57f4c1316914276450b4c8
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33e364012a7b1d72169cfaa7f2b3cda202b016e6e926577739b8bd9b3b61680c
34db9d642bf98c0780595b19851624dc0ad8bf94394265877f623fee6259fc63
372a3186cdfa2b7a80c939a0496851ab0519c9b8cb656609fb902168ee053a8b
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3904bde8e73483a01d0a2bc3d8bac5252ec01e0379947f86b3e7f8481f338add
39527c797f09b7443e870f1aa5317681df07a7f564a9dab29ab854a3eaca4607
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
3b958ef98c547a0816e5c2019b22779689ffa961284b26717341ea952b038290
3bdf27a1124d341aa2b1880639ae305d9af0d84dd79d7e7f460794038ff75fbf
3c197aed4b4952c61d48852a91b32d10a1786e706a5bf6e02cbcc8eaf0f47313
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3f428ebe6a721f39f9c0377b8045edea6f072fdccc2128391870419168558630
404729f9964f837770ca79eb3f2bb36453c9f66c74245a02d845b433adf1baae
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98
4ae6e5775130b64d110001cf19fb259b3ae69290b8f78f90e6e976bbde293759
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
512a78c67ccac30dfe6aafad02ac67856f40640c03afa0a88b79c4db210aac12
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55fd23717a71e51718d8348d519dd7e8a91e386713ee5d7bccf13ffd08170e05
5c38077f83c98466a612085a7051a4325283b7f951a0b728943fb5ee540271c9
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c4e28fa9b98ebce5d761561a965dca96534443e1483f293605294e4ebba19e7
5c7d7c651efabfdcce87a8fec34efbafc99924e3c83c8412f954219cddafa458
5fb10bb14f534771b74ab480a0543129924bf694aace8f27824999a6ac575a9b
60d3b0d8ced9e24b838db560f1cf699d4344b568d322d818c0737b4fb628b712
60e06dfc2f3b55c5524137bf065e351d41c821f63749aff3b99a450e750cc6b6
60e70619e42d5f5a364383d83867d95a84d0133e43b3cd2bc78942eb468c7d4e
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
638d2f5ba5cf501a58131a42efe30aa2c2154904b0654a517cce4baeef308022
63cb6c6ffa093eb3ea1d3ab89a780a4dbd2516722b9a0940bb340b1e249e71a9
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66d43b103ba75ab7e829c4c7b4eb129f51c64fc268ce3b3d753458daae5b622b
6a10ef40cbc7c51762bc04579aacd822f725df1a67d1787a0f226145954a56f7
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
708369fe8dc1fd8fce92d3a7078852bb50ba4ba1a1884b1358c3bf03e1670d50
71a526dea886a1fc90df8ed2b76f4e5460af2d916f74ccd6686ebb378c0115e4
72bb86f9d70dea643495bfa290f04d801db4624dede7bb10fd41bc5f19b55acb
731e952d643cd71b3699e9d9b45320f20318c9a8439c059aa296e45b79d5380f
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
770818784f879d5aada1d0e06fac18fab7051ed6d534fdb19ad86bba2eb30ccd
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7b2d26ed48767803c5413e110d6cc54ccbf04f4d757cc6c5c41723fd308640f6
7b5fdb4148956c8a53cabb926d87d2e55863ed4e921eb2f5137ef84d759a2e16
7b9f6c3e0e65e7f2462bea66f011f7c7d024ad96c1c01595df7a26bdd561f2fc
7d988696e4a36e0ce7af2d5b5d6b5a08c7aab35f718cdb596d76cba61bfaad6e
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
8601386271d3ba06c1135a092613135c5da90b3732a8196e4761faf4b1afdc69
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
889977a32d27573ab13f41a4a17cd2818b6865531afcd5ca9fa243eeb2e73631
899d5dc48670706e3074770963bf53239d01b4e9262156404ad538c10cdc1a23
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8afb93d91e5f1508a0f6ea14a8891a5add045a8f69080e5881ebbad3fd5e053c
8b3ca6b0bc3bc0396cc901c153b24f2a82ffd935b0c989c1cff0b92917ecb474
8b8b037fd7a123e9c1ed058b687fa3c21e93048b890313b2c8ba4989ff2f47fe
8bcacb9fb842a6943954e91b57907f9eb6d96f7a6e947f7d3ed4d3c11eb5fa95
8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e
8d6f833c1893ce901fdf052045dc767951a707403fc2b2285de5de7fe4f4e0dc
8e36050b3d955a749259f62d6472e17d21f1f92e8248aa28089549f22baaa4a6
900a50da617d9c7eb1958addbfdfd14292d419eca86faaef62a54167a2c256cb
916d97c6c7a80dd0aca4cfdf51955415708603b68fbe9f6af293a17476953ff6
920230cba1a6e09330a6cc76c634c78e547fcf67b7a9cc03213dde43ceea0baa
92af9e53d768cc3fb6c9675d0d2eafba403f527fc761b29679953c71d3c588e1
92cbeeb17bab2443f2f9d254e549d7c31ea3bad605e66842cf1545f5a65a91a9
93e2f1ae3ff7711e4a86b313569cc054e1f50a0c17ad4be47a41699f8d997a84
94f2f09efe1f39eb579729aad1ef06f35cdc4376c9c3ce45316fc735c4ad2e05
9809085b9cca779ef02ad8dee06b80d1708ef1f09b5f00939b03e97e1669f53b
98f790ebde5f4783aca23310b1e48b7fcf96b10a86abc583a36113294bfeef81
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
9d7cd7f9e1951cabf780b0e5d5bdbe15f69c596ca7e899529a37593faada09d7
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a14255e68fc99fc5b4a8b323c13070ac67f42775917706fd3b147b436810a5da
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a2862c9e532e9e51ea7ca8d7c96bb602a74e31396f9c5be127dbea7c5adfc227
a3da958535a6188b8270a226a4602561a9e6bcc0fe31a5b7ce735b84de07226a
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace
a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
ab9499e8996279b5c88e01eff06ebcc9242dd4e01f4b29bbdb565252aa112d45
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad79549048b47ff386151ed89ebe09b8a2156a0cb235b93d46ca8a0da323f5d6
ae2b3292ce4d22938259dd7e2d411ef3e498276837fbcc0475af40237b608f1f
ae8b4d7614935d2a950ea3ce9f770e3b4f96c509d8475d31edf0d8a5d25152bb
ae926e80b736bec7e0f2f134726cae528edab546cdf843c466cbf7d25f9839ff
aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af35e2cd67ed585f7d12b4b001e933defc926a1d7437b9b2ed7d7a3bddea93c4
af8552f8f89335283643dba9dabc3d9827c15c4635a2eb9a3041d0ee0329a115
b0ecc068189c389cc70ae56306a63c7174fa4cf1b6f58922d3179002ada6142a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b14f451d81f127578d512fd5297d844c1bf2657bd04a53cb9559b1e7a592b3fc
b716981df17d43bef46a03ca1ea6a53c737b208f872498bea8a0fceaed077a2f
b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8
c21222904362990f47c97e01a9850dbc4f74baa9b9516367767aaabf73b75c54
c22fbbe4bf63288095e3c83d2858a1f4b65b1acdc77ac28785824b184953f0d4
c842fa8019eafc4beae4bd989e2c486d3ecd7a407edb21804c35a1726a90fec7
cfc3639783b53cb6fac8067a01bef53d2f1d98eb83089c2ef7f1805a8a360521
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d1cd4562344c03eee9b9d76442a97481e9c5adadffbd041d408c57e4b7af92ee
d2003f670349710b69a3657fe62f5b0eb7668897fb49c0050f2a0f39d3bc5c44
d5164e2608ea6ad663e10f6b75a014ce2f9b01cec36057ee9ad93842528032c0
da407a15b1ea0c1b4bb774bd77bb608d6b1c90397b5a75b8895bbccfda5feb63
db21c850ee95e413a7ad251e2093448e1c0ba4caf43f4dc32e9905511beb3aa1
db264a2d6c30bc872076ab8f14cc9a74421bf81783c2c5bf3c3a23dd1e90b645
dcebbde3a49e2c0d3adb320d8cf924157259f93a5620d2b3ab13c7ac43d222f6
dd5cedf68c73545e36272585c781c66d4d723804e427be71a95c9b2610f2f8c8
e20b08b2e91591365ef36d26feef47c5e0b555fee4579a4b7bbd5605147e1064
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e33e3b41c4e06825b6b7dd549cb94f3d03e1d89c22b84bd10cee46aef0f1bf44
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3db21888e5a0a6181fc003441d73eb2a86c4e3309b588015dc7efc3d0c69827
e3fd0bd77b89c9e7157ed89c4d81bfe4fa9cc69e8f4f58243c8d639a13084f3e
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
e548abcd8734bfcf8b4ebbbca1af98f9e8ae1e0ff884c0971f29498a4fc108f4
e66ad7a792dcaa684917803058147d54e110728a7cef76562e5bc5ca1388339e
e66bfceb15a6ee125dff79826be02a07b766843e6c660edf55ec0c22d1a407c1
e6a1d72ce09ab03a2e8085c37683f627e0242d1549f5c413730edd75486a85e3
e8bcf3d2ba10feef9912426155ea22f480c44fda69c84471f02aea478099f4fd
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e9c945ab084669e2c40b8331fb01a5ba71b1eb911f561eba726670345ce10392
ee5d738d637e6ae6e5f7683fa41aadc91e1b9ff9e722d474f2192c66dc955925
ef18b8baf54ac8387dfbb30dfced82931e45584151c5d0b6e005aa3a542e7952
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef32bd6ecb28cf2cfa517ef0b4877f31cd396b6e12baed2141c551cd85f83615
f19a9974de1590b92a1faa3d44e98219e9c4888b20efc59bf51bd557f21a47dc
f8816e8e5dd490622a612a4e8325e9f6d91f3efbdcf5a97d985d8ba3a3121184
fcf177cbbaaa5b5caebd057dbe318be96b511e76ff82b983f2fdc907607224f5
fdd878d75a0669046048016fb681ca4ec61bf98bfcece4164b0ce9ad5313f1ac
fec591f247e2ff06efc12644e3401ae42e5061c229b9cb5b8556c9ef99123c07
ff4b703a37dc11dbca28199ebaa29bfd85fb3793138fdc9bb2b952954d098b68

ja.projectunderstood.com Open in urlscan Pro 2606:4700:3031::6815:3e65 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

339 Requests

94 %HTTPS

49 %IPv6

45 Domains

76 Subdomains

68 IPs

10 Countries

5632 kBTransfer

12044 kBSize

33 Cookies

45 Outgoing links

Redirected requests

339 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ja.projectunderstood.com Open in urlscan Pro
2606:4700:3031::6815:3e65 Public Scan

Screenshot
Live screenshot

Full Image

339
Requests

94 %
HTTPS

49 %
IPv6

45
Domains

76
Subdomains

68
IPs

10
Countries

5632 kB
Transfer

12044 kB
Size

33
Cookies

339 HTTP transactions
8 data transactions