tr.projectunderstood.com Open in urlscan Pro
2606:4700:3034::ac43:ded3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://tr.projectunderstood.com/
Effective URL:
https://tr.projectunderstood.com/
Submission: On December 02 via api (December 2nd 2023, 5:41:22 pm UTC) from US — Scanned from DE

Summary HTTP 128 Redirects Links 43 Behaviour Indicators

Summary

This website contacted 40 IPs in 6 countries across 27 domains to perform 128 HTTP transactions. The main IP is 2606:4700:3034::ac43:ded3, located in United States and belongs to CLOUDFLARENET, US. The main domain is tr.projectunderstood.com.
TLS certificate: Issued by GTS CA 1P5 on November 23rd 2023. Valid for: 3 months.

This is the only time tr.projectunderstood.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 5	2606:4700:303... 2606:4700:3031::6815:3e65	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2606:4700:303... 2606:4700:3034::ac43:ded3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3037::6815:55ef	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:225... 2600:9000:225e:3000:11:a4de:2580:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	88.212.202.52 88.212.202.52	39134 (UNITEDNET) (UNITEDNET)
7	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:206... 2600:9000:206f:2600:f:a31d:75c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:244... 2600:9000:2447:ec00:a:e047:753:a221	16509 (AMAZON-02) (AMAZON-02)
1	18.239.18.33 18.239.18.33	16509 (AMAZON-02) (AMAZON-02)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
1	54.170.64.73 54.170.64.73	16509 (AMAZON-02) (AMAZON-02)
1 2	34.120.135.53 34.120.135.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	162.19.138.116 162.19.138.116	16276 (OVH) (OVH)
1 3	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
17	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:81c::2004	15169 (GOOGLE) (GOOGLE)
3 4	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2 4	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	185.89.210.244 185.89.210.244	29990 (ASN-APPNEX) (ASN-APPNEX)
3	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
1 2	54.76.149.61 54.76.149.61	16509 (AMAZON-02) (AMAZON-02)
14	2a00:1450:400... 2a00:1450:4001:808::2006	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
3	2600:9000:230... 2600:9000:2304:1e00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	69.192.160.219 69.192.160.219	16625 (AKAMAI-AS) (AKAMAI-AS)
1	130.211.44.5 130.211.44.5	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
7	2600:1f13:800... 2600:1f13:800:7782:a96c:a327:c5b:2536	16509 (AMAZON-02) (AMAZON-02)
128	40

5 2606:4700:3031::6815:3e65 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

tr.projectunderstood.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
projectunderstood.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:3034::ac43:ded3 (United States)

ASN13335 (CLOUDFLARENET, US)

tr.projectunderstood.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
projectunderstood.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::6815:55ef (United States)

ASN13335 (CLOUDFLARENET, US)

ds1.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:225e:3000:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)

get.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.202.52 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host152.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:2600:f:a31d:75c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.optad360.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2447:ec00:a:e047:753:a221 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.239.18.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-18-33.ams58.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.170.64.73 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-170-64-73.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.135.53 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.116 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.162 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.36.155 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.244 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.76.149.61 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-149-61.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:808::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2304:1e00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.44.5 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 5.44.211.130.bc.googleusercontent.com

tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:1f13:800:7782:a96c:a327:c5b:2536 (Boardman, United States)

ASN16509 (AMAZON-02, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	googlesyndication.com dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	222 KB
17	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 219 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515	302 KB
14	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	188 KB
14	projectunderstood.com 1 redirects tr.projectunderstood.com projectunderstood.com	161 KB
12	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 900 static.adsafeprotected.com — Cisco Umbrella Rank: 602 dt.adsafeprotected.com — Cisco Umbrella Rank: 567	173 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 428	104 KB
5	gstatic.com www.gstatic.com fonts.gstatic.com	48 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578	3 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	3 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 229	2 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 424 mug.criteo.com — Cisco Umbrella Rank: 2811	7 KB
3	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 1639 google-bidout-d.openx.net — Cisco Umbrella Rank: 1643	670 B
2	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	1 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	128 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 979 bcp.crwdcntrl.net — Cisco Umbrella Rank: 850	12 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 893 id5-sync.com — Cisco Umbrella Rank: 425	34 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 313	3 KB
2	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 12199	1 KB
2	optad360.io get.optad360.io — Cisco Umbrella Rank: 39286	212 KB
1	doubleverify.com tps.doubleverify.com — Cisco Umbrella Rank: 505	162 B
1	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 638	572 B
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 2133	1 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 2789	3 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 631	13 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1740	8 KB
1	optad360.net cdn.optad360.net — Cisco Umbrella Rank: 61231	3 KB
1	ds1.biz ds1.biz	8 KB
128	27

	Domain	Requested by
17	pagead2.googlesyndication.com	securepubads.g.doubleclick.net dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net tr.projectunderstood.com www.googletagservices.com
16	tpc.googlesyndication.com	dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com tr.projectunderstood.com
14	s0.2mdn.net	tr.projectunderstood.com s0.2mdn.net dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com
12	projectunderstood.com	tr.projectunderstood.com projectunderstood.com
7	dt.adsafeprotected.com	dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com
7	securepubads.g.doubleclick.net	get.optad360.io securepubads.g.doubleclick.net tr.projectunderstood.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	googleads.g.doubleclick.net	dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com pagead2.googlesyndication.com tr.projectunderstood.com
3	static.adsafeprotected.com	fw.adsafeprotected.com dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com
3	www.gstatic.com	tr.projectunderstood.com dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com
3	fonts.googleapis.com	dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com tr.projectunderstood.com securepubads.g.doubleclick.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	googleads4.g.doubleclick.net	tr.projectunderstood.com
2	fonts.gstatic.com	fonts.googleapis.com
2	fw.adsafeprotected.com	1 redirects tr.projectunderstood.com
2	www.google.com	1 redirects tpc.googlesyndication.com
2	www.googletagservices.com	dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com tr.projectunderstood.com
2	gum.criteo.com	1 redirects static.criteo.net
2	oajs.openx.net	1 redirects
2	cdn.jsdelivr.net	get.optad360.io securepubads.g.doubleclick.net
2	counter.yadro.ru	1 redirects tr.projectunderstood.com
2	get.optad360.io	tr.projectunderstood.com get.optad360.io
2	tr.projectunderstood.com	1 redirects
1	tps.doubleverify.com	tr.projectunderstood.com
1	tags.bluekai.com	dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com
1	google-bidout-d.openx.net	oa.openxcdn.net
1	mug.criteo.com	tr.projectunderstood.com
1	id5-sync.com	cdn.id5-sync.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	cdn.optad360.net	tr.projectunderstood.com
1	ds1.biz	tr.projectunderstood.com
128	40

This site contains links to these domains. Also see Links.

Domain
en.optad360.com
projectunderstood.com
th.projectunderstood.com
id.projectunderstood.com
ja.projectunderstood.com
ko.projectunderstood.com
ar.projectunderstood.com
it.projectunderstood.com
bg.projectunderstood.com
ru.projectunderstood.com
uk.projectunderstood.com
ro.projectunderstood.com
de.projectunderstood.com
fr.projectunderstood.com
pl.projectunderstood.com
sv.projectunderstood.com
es.projectunderstood.com
nl.projectunderstood.com
hr.projectunderstood.com
iw.projectunderstood.com
hu.projectunderstood.com
da.projectunderstood.com
sk.projectunderstood.com
no.projectunderstood.com
sl.projectunderstood.com
el.projectunderstood.com
cs.projectunderstood.com
fi.projectunderstood.com
lt.projectunderstood.com
lv.projectunderstood.com
et.projectunderstood.com
pt.projectunderstood.com
vi.projectunderstood.com
sr.projectunderstood.com
en.projectunderstood.com
bn.projectunderstood.com
ca.projectunderstood.com
hi.projectunderstood.com
ta.projectunderstood.com
te.projectunderstood.com
tl.projectunderstood.com
ur.projectunderstood.com
zh-cn.projectunderstood.com

Subject Issuer	Validity	Valid
projectunderstood.com GTS CA 1P5	`2023-11-23` - `2024-02-21`	3 months	crt.sh
ds1.biz GTS CA 1P5	`2023-11-23` - `2024-02-21`	3 months	crt.sh
*.optad360.io Amazon RSA 2048 M02	`2023-09-17` - `2024-10-15`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.optad360.net Amazon RSA 2048 M02	`2023-06-26` - `2024-07-24`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-11-24` - `2024-02-22`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
cdn.prod.uidapi.com R3	`2023-11-02` - `2024-01-31`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-10-24` - `2024-01-22`	3 months	crt.sh
*.id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-08`	a year	crt.sh
*.tps.doubleverify.com Go Daddy Secure Certificate Authority - G2	`2023-09-29` - `2024-09-28`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M01	`2023-05-09` - `2024-06-06`	a year	crt.sh

This page contains 16 frames:

Primary Page: https://tr.projectunderstood.com/
Frame ID: B302B6A66EB3F55FC1E11D80B71915C5
Requests: 39 HTTP requests in this frame

Frame: https://dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B9A949CECEB9DBA23E113ADF22AC9370
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=tr.projectunderstood.com
Frame ID: DB2F70B0A3CC57D31C934C783DEBF625
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: B93845B7E38155812AE82617DF2BD55A
Requests: 1 HTTP requests in this frame

Frame: https://dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8443EAD3EF5FC5639A16D2E405CF7DAE
Requests: 30 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGI6Itv8BMAE&v=APEucNX0o1L2xPDxwyXr2ecSvWpZNlCp9AtwjM44KcIIUTPogMSJL4tMoM1pL4FX2DySk9ZGSfHMXbQL8hzS5D2kp01LMlTTU53rj0z5wBi8dAr7UPxkAFMzFNswyrHwSAvx6QAF96DQ50hCPpHkZf1NNVWbKE-41zXmT80YJ-Saxff2D6UbZk0p_xDBomB0BYGvNNBJjixNoVsy2r8sgy4BG3psfytTwg
Frame ID: 80BB9A93BBA85C627C7690ED5CAF5F99
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3DE88D924B37E7FB9D004EFF61DFBB32
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 98A1216A062B0E1BFEDCAEA4372D78ED
Requests: 2 HTTP requests in this frame

Frame: https://dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5423073F8E578854644674E146D635F2
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 3DEB23350C790B2DD18433897EC4B325
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 8F63B5FA0F0A5BAB78CA675EAA4439E8
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Frame ID: 59755F37911EDD8C32FE4F107D1DCB89
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 744838E25F769FF6146D34F7C24960FA
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
Frame ID: BFEF4316F34A5A92F3D2527475D389EA
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9009933704752229913/SAMSUNG_LED_TV_970x250/index.html?ev=01_250
Frame ID: 2FD334721A841295997D7E968F5ADD4E
Requests: 13 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 4B793780C25342733B37B959FFABA727
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

OS, Windows kullanma yönergeleri

Page URL History Show full URLs

http://tr.projectunderstood.com/ HTTP 301
https://tr.projectunderstood.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

128
Requests

94 %
HTTPS

62 %
IPv6

27
Domains

40
Subdomains

40
IPs

6
Countries

1638 kB
Transfer

4479 kB
Size

24
Cookies

43 Outgoing links

These are links going to different origins than the main page.

URL: https://en.optad360.com/?utm_source=branding&utm_medium=display&utm_campaign=tr.projectunderstood.com

Search URL Search Domain Scan URL

URL: https://projectunderstood.com/

Search URL Search Domain Scan URL

URL: https://th.projectunderstood.com/

Search URL Search Domain Scan URL

URL: https://id.projectunderstood.com/

Search URL Search Domain Scan URL

URL: https://ja.projectunderstood.com/

Search URL Search Domain Scan URL

URL: https://ko.projectunderstood.com/

Search URL Search Domain Scan URL

URL: https://ar.projectunderstood.com/

Search URL Search Domain Scan URL

URL: https://it.projectunderstood.com/

Search URL Search Domain Scan URL

URL: https://bg.projectunderstood.com/

Search URL Search Domain Scan URL

URL: https://ru.projectunderstood.com/

Search URL Search Domain Scan URL

URL: https://uk.projectunderstood.com/

Search URL Search Domain Scan URL

URL: https://ro.projectunderstood.com/

Search URL Search Domain Scan URL

URL: https://de.projectunderstood.com/

Search URL Search Domain Scan URL

URL: https://fr.projectunderstood.com/

Search URL Search Domain Scan URL

URL: https://pl.projectunderstood.com/

Search URL Search Domain Scan URL

URL: https://sv.projectunderstood.com/

Search URL Search Domain Scan URL

URL: https://es.projectunderstood.com/

Search URL Search Domain Scan URL

URL: https://nl.projectunderstood.com/

Search URL Search Domain Scan URL

URL: https://hr.projectunderstood.com/

Search URL Search Domain Scan URL

URL: https://iw.projectunderstood.com/

Search URL Search Domain Scan URL

URL: https://hu.projectunderstood.com/

Search URL Search Domain Scan URL

URL: https://da.projectunderstood.com/

Search URL Search Domain Scan URL

URL: https://sk.projectunderstood.com/

Search URL Search Domain Scan URL

URL: https://no.projectunderstood.com/

Search URL Search Domain Scan URL

URL: https://sl.projectunderstood.com/

Search URL Search Domain Scan URL

URL: https://el.projectunderstood.com/

Search URL Search Domain Scan URL

URL: https://cs.projectunderstood.com/

Search URL Search Domain Scan URL

URL: https://fi.projectunderstood.com/

Search URL Search Domain Scan URL

URL: https://lt.projectunderstood.com/

Search URL Search Domain Scan URL

URL: https://lv.projectunderstood.com/

Search URL Search Domain Scan URL

URL: https://et.projectunderstood.com/

Search URL Search Domain Scan URL

URL: https://pt.projectunderstood.com/

Search URL Search Domain Scan URL

URL: https://vi.projectunderstood.com/

Search URL Search Domain Scan URL

URL: https://sr.projectunderstood.com/

Search URL Search Domain Scan URL

URL: https://en.projectunderstood.com/

Search URL Search Domain Scan URL

URL: https://bn.projectunderstood.com/

Search URL Search Domain Scan URL

URL: https://ca.projectunderstood.com/

Search URL Search Domain Scan URL

URL: https://hi.projectunderstood.com/

Search URL Search Domain Scan URL

URL: https://ta.projectunderstood.com/

Search URL Search Domain Scan URL

URL: https://te.projectunderstood.com/

Search URL Search Domain Scan URL

URL: https://tl.projectunderstood.com/

Search URL Search Domain Scan URL

URL: https://ur.projectunderstood.com/

Search URL Search Domain Scan URL

URL: https://zh-cn.projectunderstood.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://tr.projectunderstood.com/ HTTP 301
https://tr.projectunderstood.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//tr.projectunderstood.com/;0.8897797924463411 HTTP 302
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//tr.projectunderstood.com/;0.8897797924463411

Request Chain 34

https://oajs.openx.net/esp?url=https%3A%2F%2Ftr.projectunderstood.com%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Ftr.projectunderstood.com%2F&rid=esp&cc=1

Request Chain 37

https://gum.criteo.com/sid/json?origin=publishertagids&domain=projectunderstood.com&sn=ChromeSyncframe&so=0&topUrl=tr.projectunderstood.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=JjjX_nxrenpnd0FHSG95bTdZTUNnSEZ6UHFhWHV1OEpyU0pyUThuaUNVb2d5NmtyandvTDhFKzh4NzFmcDdpTEdINWVCU2xEd1EyOTVRSDJ5M2VrVnFiZUsza3BMNHhvbVROUXhydC9NWVo5ZFZzbTJDSHZHMkVROXdQbWpDSzRocGo4Z2ZkSGw4eGw3YWdRb1l1RGtOek5oU2JWczkzSnNNRmh6MkI3dUkwYnVOQi83Z3ZRaHBYSjVTK3dKSGJyZS9OcGd6Nk5pZWt4WUpDMGtjT1hBL2xRRzRHL0xhMk4rbGl1WnllR3pDaS84SGxuZjVpdlROdVBBNkVWOUtPUGZMMFJzOUlSTExnUHdqZHNXRGRuREFucFEzTjMySzlOQmRtNE5XWlpVMFJ1SlZTRT18&cppv=2

Request Chain 51

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOAl2Cn5V-3xrzz42UtBM10&google_cver=1

Request Chain 52

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWtsPZ3to2PWzmkKGuUQcwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOAl2Cn5V-3xrzz42UtBM10&google_cver=1

Request Chain 53

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESELd4XTN5do5vnKNbU9cljDU&google_cver=1

Request Chain 54

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjE4ODAwMzEyMTQzMzU5NzMyNw%3D%3D

Request Chain 91

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 105

https://fw.adsafeprotected.com/rfw/st/1854208/76774455/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1014933263&ias_pubId=pub-5512390705137507&ias_chanId=1&ias_placementId=20808097378&bidurl=https://tr.projectunderstood.com/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0iMfQsf5mCqjt-nSsbfJ1VY&adsafe_url=https%3A%2F%2Ftr.projectunderstood.com&adsafe_type=y&adsafe_url=https%3A%2F%2Ftr.projectunderstood.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fdbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fdbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:67e4a3fc-8be4-4fa8-b0c0-e36ab478591d,c:vFmmSh,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-66f6d74bff-72kzh,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:277,mot:0,app:0,maw:0,fm:tXiXJgx+11%7C12%7C13%7C14*.1854208-76774455%7C141%7C142%7C143%7C15%7C1611%7C1612%7C17,idMap:14*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:DIV,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:289,oid:ffaa53ce-9139-11ee-b7ca-825929032a41,v:19.8.461,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js?bundleId=${BUNDLE_ID}&ias_xappb=

128 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
tr.projectunderstood.com/
Redirect Chain

http://tr.projectunderstood.com/
https://tr.projectunderstood.com/

27 KB
5 KB

169ms
95ms

Document
text/html

2606:4700:3034::ac43:ded3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.projectunderstood.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:ded3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.1.5
Resource Hash: 0c134dba842b45b5f70eb86f2504bec4beb54b274ce6073e3be3c815b011ede0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 82f55c15bb2d0b84-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 02 Dec 2023 17:41:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9dsHhvlIbGVJarB8qX9b42GLwOJ9dQuA14nuae5WWutoPY%2BWRhbMbU3iZYm%2BZBdBBqS8SGoTPWrc7FmFiQ4yA1KnJSP2PEUy47FPq6gHS6mgcPDbGksu7iKeBWlCS7fORJrSodCpQSk9A5HwUHB125YqMKbuG3E%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/8.1.5

Redirect headers

CF-RAY: 82f55c1509258ff5-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Sat, 02 Dec 2023 17:41:15 GMT
Expires: Sat, 02 Dec 2023 18:41:15 GMT
Location: https://tr.projectunderstood.com/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S2JMy0I1U8J%2Ffu76msqHsYuQaMDWrNTwPBCm5mLq%2FpM8rFiL072jMQNM%2FHGEAiRDGejbAmPHnRUMyadQ%2Fa1EZP%2Bi8uXHoJSNZEEtwllBvT73I%2Fhl%2B%2BnAQ5RMWXZNNq76rAoFgnVHs%2F290vnHdglhlAB0TvjX4ws%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 / Show response
ds1.biz/ 19 KB
8 KB 178ms
74ms Script
application/javascript 2606:4700:3037::6815:55ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ds1.biz/?te=hbsggmjrge5ha3ddf4ztkobw

Requested by

Host: tr.projectunderstood.com
URL: https://tr.projectunderstood.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:55ef , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

908653e565065624258af55804140c34816635950acf4fd4d4b640701ff774dc

Security Headers

Name	Value
Content-Security-Policy	img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tr.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:16 GMT
strict-transport-security: max-age=31536000
content-encoding: br
content-security-policy: img-src https: data:; upgrade-insecure-requests
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FRCGpLcMjYEWwmPIV9QSGq37yKp%2BXi0FgSMzCAOJ6DLkAQJN6lgtVxKOH5m%2B%2Blw6SFX2qb8Nup%2FXgoSascpgbYPi%2BVE4VGPXTlziLOXE2fRTDEIpJSl4A08PpFHbTNkiZrmAyh2X"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cf-ray: 82f55c1709f33c80-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 wp-emoji-release.min.js Show response
projectunderstood.com/wp-content/themes/basic/js/ 14 KB
5 KB 111ms
98ms Script
application/javascript 2606:4700:3034::ac43:ded3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://projectunderstood.com/wp-content/themes/basic/js/wp-emoji-release.min.js
Requested by: Host: tr.projectunderstood.com
URL: https://tr.projectunderstood.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:ded3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tr.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:15 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 28 Sep 2020 14:38:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"37a6-5b0609cf1e200"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yBwkUnxtH97e5ifO5MZgn%2B5V5%2BS6GNj25NxVCH4DX3Moyhc4i7HGe5eNWDvgvCrYyh7caq7JGbuthosRZIHSfEGWpw7MkcRk8%2FZxDRLnSteEuRpQYPuGtEYOWXwQH5Y6OxtYbQEs7UI4obf%2B51jewJCoc2A%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 82f55c167b850b84-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 style.min.css
projectunderstood.com/wp-content/themes/basic/css/ 59 KB
9 KB 105ms
92ms Stylesheet
text/css 2606:4700:3034::ac43:ded3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://projectunderstood.com/wp-content/themes/basic/css/style.min.css
Requested by: Host: tr.projectunderstood.com
URL: https://tr.projectunderstood.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:ded3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94f2f09efe1f39eb579729aad1ef06f35cdc4376c9c3ce45316fc735c4ad2e05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tr.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:15 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Fri, 02 Oct 2020 15:57:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"ebfa-5b0b22ed60b00"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XncYjSZiwlJXTxol5WtfpKLtmAgT1CX51%2FEEefy5sJio4802BQh5c2MyQqWJNCgo%2BnfX%2F88%2BTSo4zklm%2B3dX89lQOPucHj52y0Zprcl6JpRy6Q%2B36qiWhYrLmuV7E0%2FGRHpodFML4xq02Yks3Y%2BlRX2xkNY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 82f55c167b810b84-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 css.css
projectunderstood.com/wp-content/themes/basic/css/ 10 KB
1 KB 101ms
88ms Stylesheet
text/css 2606:4700:3034::ac43:ded3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://projectunderstood.com/wp-content/themes/basic/css/css.css
Requested by: Host: tr.projectunderstood.com
URL: https://tr.projectunderstood.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:ded3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6a1d72ce09ab03a2e8085c37683f627e0242d1549f5c413730edd75486a85e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tr.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:15 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Fri, 02 Oct 2020 15:56:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"2942-5b0b22b428400"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9bwgP%2Bdt9FPw8Qf%2BckVgsHbXGgNqYxZPouIUMzv8BbnvsSLcBP%2FMi9sob0M1zNU5yRyEwcAq1sI%2B2ElVDy%2FeAEbf5lxg6rzau2hBhx6QgiGNmmlyjtb8jZhVuCkyO0GiX31DjDGnqwKrzF2qWJLWysIFqs8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 82f55c167b830b84-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 style.css
projectunderstood.com/wp-content/themes/basic/css/ 56 KB
26 KB 304ms
291ms Stylesheet
text/css 2606:4700:3034::ac43:ded3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://projectunderstood.com/wp-content/themes/basic/css/style.css
Requested by: Host: tr.projectunderstood.com
URL: https://tr.projectunderstood.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:ded3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfc3639783b53cb6fac8067a01bef53d2f1d98eb83089c2ef7f1805a8a360521

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tr.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:16 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 28 Sep 2020 15:14:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"dfd3-5b0611db0de00"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XJ9xWLT9iEnItR%2BaumPR3K2tXLWiScJf7f%2F16tJ0f%2FiBd%2FNFgmmuq7Gi77QaVzPULh2E%2Fi%2FF8nm7YxfujlNTq%2FUdWvY%2B7iAgaXidPvLHszszz3gL7K9%2BKTOMDKixbnnsVIt6p3b9nmR6nUyOpzEpZLV6SrY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 82f55c167b800b84-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery.js Show response
projectunderstood.com/wp-content/themes/basic/js/ 95 KB
34 KB 113ms
100ms Script
application/javascript 2606:4700:3034::ac43:ded3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://projectunderstood.com/wp-content/themes/basic/js/jquery.js
Requested by: Host: tr.projectunderstood.com
URL: https://tr.projectunderstood.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:ded3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tr.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:15 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 28 Sep 2020 14:38:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"17a69-5b0609cf1e200"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SdtbIBK0ge1BskfxR3lClXJOF6fDyOSL5RKONSRVc4IGYmjC62r3Gc1tLzAPoVaRIn4KUakAsS18Cd0pTO1XI4cNL5Kj1UEl8z5ZdokHvhuSD29Y4xfjiabRAuSh1CBjuD1FLbgP0Oib%2FlKARB067jjBa6U%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 82f55c167b840b84-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 plugin.min.js Show response
get.optad360.io/sf/1dfd585c-f546-4b07-a88b-b1ae5aa10171/ 268 KB
57 KB 133ms
32ms Script
application/javascript 2600:9000:225e:3000:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/1dfd585c-f546-4b07-a88b-b1ae5aa10171/plugin.min.js
Requested by: Host: tr.projectunderstood.com
URL: https://tr.projectunderstood.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:3000:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c72e519279e29b3811f910204dd1c7755411ff3c6e145f1cec2fd1be22a19a20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tr.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 13:50:02 GMT
content-encoding: gzip
via: 1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
last-modified: Sun, 15 Oct 2023 04:03:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 13875
etag: W/"e9bae002e3a00af18c6b5798af78d1b0"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=86400
x-amz-cf-id: -QElU5gbHegf7nrglCgdLoGUFOgZ9Uny-CPeRAzxAuBwD2wT9E6rAA==

GET
H2 200 functions.js Show response
projectunderstood.com/wp-content/themes/basic/js/ 1 KB
865 B 93ms
92ms Script
application/javascript 2606:4700:3034::ac43:ded3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://projectunderstood.com/wp-content/themes/basic/js/functions.js
Requested by: Host: tr.projectunderstood.com
URL: https://tr.projectunderstood.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:ded3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee5d738d637e6ae6e5f7683fa41aadc91e1b9ff9e722d474f2192c66dc955925

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tr.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:15 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 28 Sep 2020 14:38:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"52b-5b0609cf1e200"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FrU%2BTrKDcwbOd%2FXUTSqYPHLhsMArqML%2Fb1Wv6niE0SDCphMwHHY4i3ignR9A9j00U7ryVXDflNJL8e17EBpQOqlJ89c%2B29ZA5NPt3tlFkXh%2FU%2FCYv9Fak897vOiwIMXaFbFGmakvOUsNmLpkHkgMT8ODY%2F0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 82f55c167b880b84-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 wp-embed.min.js Show response
projectunderstood.com/wp-content/themes/basic/js/ 1 KB
1 KB 85ms
84ms Script
application/javascript 2606:4700:3034::ac43:ded3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://projectunderstood.com/wp-content/themes/basic/js/wp-embed.min.js
Requested by: Host: tr.projectunderstood.com
URL: https://tr.projectunderstood.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:ded3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tr.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:15 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 28 Sep 2020 14:38:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"59a-5b0609cf1e200"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=woylmUG5nQLf048zR5wYayoE%2FygdOWEFib37%2FOGMl3hPW92pJ8RVbLra%2FuH9dj%2FqmYjUv%2BORoMYhyD4lYnFzuhNmGp2vhwPghDuxQD3KbcysCDOOKwE6cHiiOOwdvmZvaXtpO3hPrLGAR%2F1WefpCn%2FrKkZ0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 82f55c167b890b84-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 lazysizes.min.js Show response
projectunderstood.com/wp-content/themes/basic/js/ 7 KB
3 KB 94ms
94ms Script
application/javascript 2606:4700:3034::ac43:ded3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://projectunderstood.com/wp-content/themes/basic/js/lazysizes.min.js
Requested by: Host: tr.projectunderstood.com
URL: https://tr.projectunderstood.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:ded3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1245c1a072bf0abcdebec57d0cbcd07268ebbfb0f67a0a30d8221a786c0537cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tr.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:15 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 18 Feb 2020 22:00:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1a80-59ee0cb0c5800"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GcKIWXt9CBLau%2B0QX6nmnLqCNCZFoxR%2Fflu%2Fd7bz5gm6XelpHqDa%2BWBeFM0QQ63fO504Tsok5FTMN4MuLuw0jl8BDnPmwuD%2FkJ3yJclDIJ5quoHzCVRufHjpM1w1jXYG7WQmp8cfHdIrOpwByY%2B4Z7r1uMQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 82f55c167b8b0b84-AMS
alt-svc: h3=":443"; ma=86400

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//tr.projectunderstood.com/;0.8897797924463411
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//tr.projectunderstood.com/;0.8897797924463411

43 B
528 B

64ms
64ms

Image
image/gif

88.212.202.52
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//tr.projectunderstood.com/;0.8897797924463411

Requested by

Host: tr.projectunderstood.com
URL: https://tr.projectunderstood.com/

Protocol

HTTP/1.1

Server

88.212.202.52 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host152.rax.ru

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tr.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 02 Dec 2023 17:41:16 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: image/gif
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Dec 2022 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 02 Dec 2023 17:41:16 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: text/html
Location: https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//tr.projectunderstood.com/;0.8897797924463411
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Length: 32
Expires: Thu, 01 Dec 2022 21:00:00 GMT

GET
DATA 200
OK truncated
/ 19 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ae2b3292ce4d22938259dd7e2d411ef3e498276837fbcc0475af40237b608f1f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 EJRSQgYoZZY2vCFuvAnt66qSVys.woff2
projectunderstood.com/wp-content/themes/basic/css/ 29 KB
29 KB 206ms
127ms Font
application/octet-stream 2606:4700:3031::6815:3e65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://projectunderstood.com/wp-content/themes/basic/css/EJRSQgYoZZY2vCFuvAnt66qSVys.woff2
Requested by: Host: projectunderstood.com
URL: https://projectunderstood.com/wp-content/themes/basic/css/css.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:3e65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e548abcd8734bfcf8b4ebbbca1af98f9e8ae1e0ff884c0971f29498a4fc108f4

Request headers

Referer: https://projectunderstood.com/wp-content/themes/basic/css/css.css
Origin: https://tr.projectunderstood.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:16 GMT
cf-cache-status: MISS
last-modified: Mon, 28 Sep 2020 14:38:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "72d8-5b0609cf1e200"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FayR5%2FVxm9GF37OS3MwwZTYp6piBm2E5BwOSNVStDl0oWsaGyvgIvx%2BVVb39bomaiJa0G5tvD4xxuqp5BMfjeGqIwrJ51cjWAhtVkB7I157GCt8v7bi6U0O6ohLbPVLi0%2B0knrfbn%2B6kX1F1ie3tWy2QaG4%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82f55c18f9dd3ce0-CDG
alt-svc: h3=":443"; ma=86400
content-length: 29400

GET
H3 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
projectunderstood.com/wp-content/themes/basic/css/ 14 KB
15 KB 242ms
163ms Font
application/octet-stream 2606:4700:3031::6815:3e65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://projectunderstood.com/wp-content/themes/basic/css/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by: Host: projectunderstood.com
URL: https://projectunderstood.com/wp-content/themes/basic/css/css.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:3e65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52

Request headers

Referer: https://projectunderstood.com/wp-content/themes/basic/css/css.css
Origin: https://tr.projectunderstood.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:16 GMT
cf-cache-status: MISS
last-modified: Mon, 28 Sep 2020 14:38:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "382c-5b0609cf1e200"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q4dcRu4utx94FzUwFHSxO6yYX02q119HiAwcdQuc40qr6h0WAXNIv9wwXfcWICAInDSGFgUd31YSO%2FIBcvu62BNUpUFVAEG9f5ZF3Q9rziisqwrHesWetTpUPt7AbwDL2pmCF9cNOs9JnD2QvIk8tGgK6EU%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82f55c18f9e13ce0-CDG
alt-svc: h3=":443"; ma=86400
content-length: 14380

GET
H3 200 EJRSQgYoZZY2vCFuvAnt66qcVyvHpA.woff2
projectunderstood.com/wp-content/themes/basic/css/ 19 KB
19 KB 200ms
126ms Font
application/octet-stream 2606:4700:3031::6815:3e65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://projectunderstood.com/wp-content/themes/basic/css/EJRSQgYoZZY2vCFuvAnt66qcVyvHpA.woff2
Requested by: Host: projectunderstood.com
URL: https://projectunderstood.com/wp-content/themes/basic/css/css.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:3e65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba462692b44ec826922965ea262e87e2fa936c82383982380b10b898444cf90f

Request headers

Referer: https://projectunderstood.com/wp-content/themes/basic/css/css.css
Origin: https://tr.projectunderstood.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:16 GMT
cf-cache-status: MISS
last-modified: Mon, 28 Sep 2020 14:38:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "4b14-5b0609cf1e200"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dx9CWtpcGo4OgRdhbria0zjrQqEtlniVn0G%2FyyG5xZJoytYs9cLWAXWGRRcy1j%2FNCKDj5Qc360Lzl0%2FRNfkh%2BoXxcTU%2FBk8n1Q8CIuzBN2t0CQfW1jBcDANCzj8BMW%2BBC78aktxfpBSuJBhZYAr%2BPB%2FYTiA%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82f55c18f9d73ce0-CDG
alt-svc: h3=":443"; ma=86400
content-length: 19220

GET
H3 200 mem8YaGs126MiZpBA-UFW50bbck.woff2
projectunderstood.com/wp-content/themes/basic/css/ 11 KB
12 KB 162ms
90ms Font
application/octet-stream 2606:4700:3031::6815:3e65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://projectunderstood.com/wp-content/themes/basic/css/mem8YaGs126MiZpBA-UFW50bbck.woff2
Requested by: Host: projectunderstood.com
URL: https://projectunderstood.com/wp-content/themes/basic/css/css.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:3e65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28e9420a6d03a70b837b51c9fbe1bb1f819a3d4aa71bffa07f7c3e79d7dcf878

Request headers

Referer: https://projectunderstood.com/wp-content/themes/basic/css/css.css
Origin: https://tr.projectunderstood.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:16 GMT
cf-cache-status: MISS
last-modified: Mon, 28 Sep 2020 14:38:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "2c34-5b0609cf1e200"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5cKhxqObhCvSRwpyxIXQmKsYsZ%2Bdx5Wo4eFT3H5twv5opM4t9B4P8oj44S2lm%2FEWrlUIGCEMVFcSKQId8N6kbew%2BRjNKcKMGhpZlBgvDnndpJ2mUbcGJLDDCJvUqQLDwWNPPij3tTjTurcFdc%2B3qQ9PKa80%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82f55c18f9cf3ce0-CDG
alt-svc: h3=":443"; ma=86400
content-length: 11316

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 92 KB
30 KB 310ms
157ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/1dfd585c-f546-4b07-a88b-b1ae5aa10171/plugin.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

701e831e9e856519e112910b628f6809744d42231df3db400d6f852c96df7c51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tr.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30209
x-xss-protection: 0
server: cafe
etag: 304 / 19693 / 31079856 / config-hash: 11152387477177976423
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 02 Dec 2023 17:41:16 GMT

GET
H2 200 prebid7.17.0.js Show response
get.optad360.io/sf/ 492 KB
155 KB 33ms
33ms Script
application/javascript 2600:9000:225e:3000:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/prebid7.17.0.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/1dfd585c-f546-4b07-a88b-b1ae5aa10171/plugin.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:3000:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 529d5a06e1e90ceadfad7e6c2eaed6e9b868a35798345d5431c90f6024f15b55

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tr.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 17:35:08 GMT
content-encoding: gzip
via: 1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
last-modified: Mon, 03 Oct 2022 06:53:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 1641969
etag: W/"840fa482840c0b1f014b3c14f6e0ab2e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=360000000
x-amz-cf-id: E5nngQRekQRsg9hHnUkPaO2q3ehH9YQDl4wcgkKQcw3ISfA0yrxlJg==

GET
H2 200 branding-ads.svg
cdn.optad360.net/icons/ 7 KB
3 KB 128ms
29ms Image
image/svg+xml 2600:9000:206f:2600:f:a31d:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.optad360.net/icons/branding-ads.svg
Requested by: Host: tr.projectunderstood.com
URL: https://tr.projectunderstood.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:2600:f:a31d:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d04a8585ca1c9cbff59e413fe76da6b8dcf3c567cbc68ec436b852d7f1694df1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tr.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 00:50:58 GMT
content-encoding: gzip
via: 1.1 df7c0ba7857d5300ae11e7566c926f16.cloudfront.net (CloudFront)
last-modified: Wed, 22 Jun 2022 12:02:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 4812619
etag: W/"b0a3aa2e09d4ddd83150d7bd3347c5c0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=360000000
x-amz-cf-id: uLACXz5mUMw3kMqLwWymFgTS_n8yEzB1dQiyPUzq8xsWbtvLccZnuQ==

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 112ms
42ms XHR
application/json 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231202

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.17.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a787d539cf38c44227edae3b32f9baffcccf721d2ada015b732e11bac0db170

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://tr.projectunderstood.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 02 Dec 2023 17:41:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 6028
x-jsd-version: 1.0.1892
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230092-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"642-maGbSK4k2X9erGcOaUhCqMYsf3g"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cHSoGn7O1IXq7Kn0YORWWNhL%2BnmWuhh9cUtG5Ap2TUFFKBY6sKiEEFQTX7uMR4KojvMVI5LXW8rE%2FZspkFvnpLFozRd0BEQ8NXNVDZI8hwLs2oyf233SzIcRlGzpPflDJvcHFeEfLBoe2PNh%2FUA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 82f55c1a2b1e5019-WAW

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/ 432 KB
135 KB 73ms
72ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7e071e5b39d13cef80f7a46d854de133fd73c15d1351ebcf7e1f1b48821e7aeb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tr.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 11:36:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21908
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138259
x-xss-protection: 0
server: cafe
etag: 16445146976575771301
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 01 Dec 2024 11:36:08 GMT

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 117ms
31ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tr.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 21:28:48 GMT
content-encoding: gzip
age: 1455149
x-guploader-uploadid: ABPtcPorK7SdOx9D0-XbxZI-ucFoefeNDDoBI41rnJAKBKLzpPyd_Ilsabixqvym6_79HuCGK2OQIo2s49jtCyg8m0eHLqvG-9Ou
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Thu, 14 Nov 2024 21:28:48 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 122ms
60ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tr.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:17 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 27 Oct 2023 06:43:26 GMT
server: nginx
etag: W/"653b5c0e-a9a7"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 03 Dec 2023 17:41:17 GMT

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 152 KB
33 KB 115ms
48ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d050c56b76cb2dae10e3eadd8e8f5e83594db0916d25946bec2f662f69dd776d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tr.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 28 Nov 2023 11:19:25 GMT
server: cloudflare
x-amz-request-id: BZR8GMQN8YQPB3MT
age: 1437
etag: W/"d12fc51ceb66081fc72dabad6e4e0ded"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 82f55c1db9d6922f-FRA
x-amz-id-2: VLouWDaXXCnscw+X6da06u17BH5/BJ4fKVJ+T6deuxSu7zoisfg1ByetvB5bMmIgpQDV0Gdgq6w=

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
3 KB 124ms
31ms Script
text/javascript 2600:9000:2447:ec00:a:e047:753:a221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2447:ec00:a:e047:753:a221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tr.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date: Sat, 02 Dec 2023 10:03:28 GMT
Via: 1.1 459ec09472abb8544521a9b5cc6706ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS58-P5
Age: 27470
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 2776
Last-Modified: Thu, 19 Oct 2023 06:40:11 GMT
Server: AmazonS3
ETag: "a3a9a9ee8e72db69d54e805f0586c651"
Content-Type: text/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: d_MBgPTeM1h-wi-X3S26rgXZ_YbL6yQVwM88ezwFeSWR6RgX1YPkNQ==

GET
H3 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 75ms
41ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tr.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 37729
x-jsd-version: master
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230042-FRA, cache-ams21047-AMS
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=izQzNL1x59tkPYX6nxdHR%2FOE4dYWkDRAtuyh1qW%2Fpyh51PF4Du2Tz%2FLPaCwL5QtE8ycSUmgHVmuxkihuVqVIx8K6%2FHE9Fg1edjiJMzZCf9mPsJJU8KIgBJXogxYbgPac7JjZo7ENAwDXNCo2%2BN8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 82f55c1d8c193504-WAW

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 39 KB
12 KB 108ms
34ms Script
text/javascript 18.239.18.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.18.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-18-33.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tr.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 07:38:19 GMT
content-encoding: gzip
via: 1.1 02aeb7f16c6c229502db31b43fb88506.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:57 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P6
age: 43464
x-amz-server-side-encryption: AES256
etag: W/"e073e71ed7a44e6f9cdd72904fda5940"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: JSCGf9D5maPb_tvUjaLEeAtYMjPgLD51W1LChu73VRPwyarSyOYKAg==

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 110ms
43ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tr.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:17 GMT
via: 1.1 google, 1.1 google
last-modified: Thu, 03 Aug 2023 03:28:51 GMT
server: Google Frontend
etag: fc4e6bfe266081c4873c6f08c8298e5c
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: 5cbe59e2c6d8e8480a2256f03b6e4afc
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1207

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 192 KB
52 KB 984ms
984ms Fetch
text/plain 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=857575145445249&correlator=117382564172439&eid=31079856%2C31079525&output=ldjh&gdfp_req=1&vrg=202311280101&ptt=17&impl=fif&iu_parts=121764058%3A22563361973%2Cprojectunderstood.com_o3b_display_inter_o3b&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&ists=1&fas=8&sc=1&cookie_enabled=1&abxe=1&dt=1701538876982&lmt=1701538876&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ftr.projectunderstood.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1028957372.1701538877&ga_sid=1701538877&ga_hid=1412865121&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYtJz73MIxSABSAghkEhkKCnB1YmNpZC5vcmcYtJz73MIxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGLSc-9zCMUgAUgIIZBIXCghydGJob3VzZRi0nPvcwjFIAFICCGQSGQoKdWlkYXBpLmNvbRi0nPvcwjFIAFICCGQSFAoFb3BlbngYs5z73MIxSABSAghkEhsKDGlkNS1zeW5jLmNvbRi0nPvcwjFIAFICCGQ.&dlt=1701538875881&idt=1070&adks=1701249732&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3a57ce4f8d9c8aa6783e3ccf19c9b1a0a4a486630a725009084c1223419cabb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tr.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:17 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53585
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://tr.projectunderstood.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 23 KB
10 KB 545ms
545ms Fetch
text/plain 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=857575145445249&correlator=117382564172439&eid=31079856%2C31079525&output=ldjh&gdfp_req=1&vrg=202311280101&ptt=17&impl=fif&iu_parts=121764058%3A22563361973%2Cprojectunderstood.com_adi_ATF&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C970x250%7C970x300%7C728x90&ifi=2&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1701538876990&lmt=1701538876&adxs=315&adys=237&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ftr.projectunderstood.com%2F&vis=1&psz=0x-1&msz=970x-1&fws=128&ohw=0&ga_vid=1028957372.1701538877&ga_sid=1701538877&ga_hid=1412865121&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYtJz73MIxSABSAghkEhkKCnB1YmNpZC5vcmcYtJz73MIxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGLSc-9zCMUgAUgIIZBIXCghydGJob3VzZRi0nPvcwjFIAFICCGQSGQoKdWlkYXBpLmNvbRi0nPvcwjFIAFICCGQSFAoFb3BlbngYs5z73MIxSABSAghkEhsKDGlkNS1zeW5jLmNvbRi0nPvcwjFIAFICCGQ.&dlt=1701538875881&idt=1070&adks=1025734935&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e27d69f624b261e7a58aa22495e406ccd13705f25161affd1d875ca7531e2ee4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tr.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:17 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10618
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://tr.projectunderstood.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 68 KB
17 KB 1213ms
1212ms Fetch
text/plain 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=857575145445249&correlator=117382564172439&eid=31079856%2C31079525&output=ldjh&gdfp_req=1&vrg=202311280101&ptt=17&impl=fif&iu_parts=121764058%3A22563361973%2Cprojectunderstood.com_SF&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C750x100%7C970x90&ifi=3&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1701538876994&lmt=1701538876&adxs=436&adys=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ftr.projectunderstood.com%2F&vis=1&psz=0x-1&msz=728x-1&fws=640&ohw=0&ga_vid=1028957372.1701538877&ga_sid=1701538877&ga_hid=1412865121&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYtJz73MIxSABSAghkEhkKCnB1YmNpZC5vcmcYtJz73MIxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGLSc-9zCMUgAUgIIZBIXCghydGJob3VzZRi0nPvcwjFIAFICCGQSGQoKdWlkYXBpLmNvbRi0nPvcwjFIAFICCGQSFAoFb3BlbngYs5z73MIxSABSAghkEhsKDGlkNS1zeW5jLmNvbRi0nPvcwjFIAFICCGQ.&dlt=1701538875881&idt=1070&adks=77665054&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

35849b3fb57c3205f49d0df25bafb135d043de21bcfab81124e9d82009da0000

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tr.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:18 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17244
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://tr.projectunderstood.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B9A9 6 KB
3 KB 277ms
108ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tr.projectunderstood.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 17:41:17 GMT
expires: Sun, 01 Dec 2024 17:41:17 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/ 39 KB
14 KB 75ms
75ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl_page_level_ads.js?cb=31079856

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af28e1fa0b7aabfa4a23153610823a18f340847984b430a7aec34e7bc96176b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tr.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 11:37:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21846
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13834
x-xss-protection: 0
server: cafe
etag: 7824500842389344896
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 01 Dec 2024 11:37:11 GMT

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
339 B 139ms
47ms XHR
application/json 54.170.64.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.170.64.73 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-170-64-73.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 3993aaef1fdc1440f898301200ff8d31490dd08f03fe787513c62d9da5e034df

Request headers

Referer: https://tr.projectunderstood.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:17 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://tr.projectunderstood.com
cache-control: no-cache
x-server: 10.45.5.4
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Ftr.projectunderstood.com%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Ftr.projectunderstood.com%2F&rid=esp&cc=1

85 B
194 B

132ms
131ms

Fetch
application/json

34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Ftr.projectunderstood.com%2F&rid=esp&cc=1
Protocol: H2
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: ee4faf9ebab090bf9695dfdc3bac6c59a2d78a57fcc66745ebb2d06e8b2b9fbc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tr.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:17 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-iM2fG7Vqw0DO4y/ETUH3qPz5VB8"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://tr.projectunderstood.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Sat, 02 Dec 2023 17:41:17 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://tr.projectunderstood.com
location: /esp?url=https%3A%2F%2Ftr.projectunderstood.com%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 204 increment Show response
id5-sync.com/api/esp/ 0
240 B 95ms
29ms XHR
text/plain 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://tr.projectunderstood.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://tr.projectunderstood.com
date: Sat, 02 Dec 2023 17:41:16 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame DB2F 15 KB
6 KB 94ms
33ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=tr.projectunderstood.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://tr.projectunderstood.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 17:41:16 GMT
server: Kestrel
server-processing-duration-in-ticks: 249947
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame DB2F
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=projectunderstood.com&sn=ChromeSyncframe&so=0&topUrl=tr.projectunderstood.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=JjjX_nxrenpnd0FHSG95bTdZTUNnSEZ6UHFhWHV1OEpyU0pyUThuaUNVb2d5NmtyandvTDhFKzh4NzFmcDdpTEdINWVCU2xEd1EyOTVRSDJ5M2VrVnFiZUsza3BMNHhvbVROUXhydC9NWVo5ZFZzbTJDSHZHMkVROXdQbW...

457 B
672 B

32ms
31ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=JjjX_nxrenpnd0FHSG95bTdZTUNnSEZ6UHFhWHV1OEpyU0pyUThuaUNVb2d5NmtyandvTDhFKzh4NzFmcDdpTEdINWVCU2xEd1EyOTVRSDJ5M2VrVnFiZUsza3BMNHhvbVROUXhydC9NWVo5ZFZzbTJDSHZHMkVROXdQbWpDSzRocGo4Z2ZkSGw4eGw3YWdRb1l1RGtOek5oU2JWczkzSnNNRmh6MkI3dUkwYnVOQi83Z3ZRaHBYSjVTK3dKSGJyZS9OcGd6Nk5pZWt4WUpDMGtjT1hBL2xRRzRHL0xhMk4rbGl1WnllR3pDaS84SGxuZjVpdlROdVBBNkVWOUtPUGZMMFJzOUlSTExnUHdqZHNXRGRuREFucFEzTjMySzlOQmRtNE5XWlpVMFJ1SlZTRT18&cppv=2

Requested by

Host: tr.projectunderstood.com
URL: https://tr.projectunderstood.com/

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

9dc9c082b165d273cce21481b4bab4db160c5c58093138cf997fd301e161bd91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:16 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 931005
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:16 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=JjjX_nxrenpnd0FHSG95bTdZTUNnSEZ6UHFhWHV1OEpyU0pyUThuaUNVb2d5NmtyandvTDhFKzh4NzFmcDdpTEdINWVCU2xEd1EyOTVRSDJ5M2VrVnFiZUsza3BMNHhvbVROUXhydC9NWVo5ZFZzbTJDSHZHMkVROXdQbWpDSzRocGo4Z2ZkSGw4eGw3YWdRb1l1RGtOek5oU2JWczkzSnNNRmh6MkI3dUkwYnVOQi83Z3ZRaHBYSjVTK3dKSGJyZS9OcGd6Nk5pZWt4WUpDMGtjT1hBL2xRRzRHL0xhMk4rbGl1WnllR3pDaS84SGxuZjVpdlROdVBBNkVWOUtPUGZMMFJzOUlSTExnUHdqZHNXRGRuREFucFEzTjMySzlOQmRtNE5XWlpVMFJ1SlZTRT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 290329
content-length: 0
expires: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 332ms
123ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311280101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

736da40e5af0afa88239975c23564bbf0b9ae596240190ec05e7c82b3953f6f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tr.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12254
x-xss-protection: 0

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame B938 0
167 B 105ms
37ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tr.projectunderstood.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Sat, 02 Dec 2023 17:41:17 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 container.html Show response
dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8443 6 KB
3 KB 73ms
73ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tr.projectunderstood.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 17:41:17 GMT
expires: Sun, 01 Dec 2024 17:41:17 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 80BB 624 B
827 B 265ms
113ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGI6Itv8BMAE&v=APEucNX0o1L2xPDxwyXr2ecSvWpZNlCp9AtwjM44KcIIUTPogMSJL4tMoM1pL4FX2DySk9ZGSfHMXbQL8hzS5D2kp01LMlTTU53rj0z5wBi8dAr7UPxkAFMzFNswyrHwSAvx6QAF96DQ50hCPpHkZf1NNVWbKE-41zXmT80YJ-Saxff2D6UbZk0p_xDBomB0BYGvNNBJjixNoVsy2r8sgy4BG3psfytTwg

Requested by

Host: dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com
URL: https://dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 17:41:17 GMT
expires: Sat, 02 Dec 2023 17:41:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 8443 89 KB
31 KB 302ms
151ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com
URL: https://dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sat, 02 Dec 2023 17:41:17 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8443 42 B
63 B 260ms
110ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BSdAR9kCHvxxCRQ4eR2iIcjaRDV-51CCC3UHIm73LEeEyDfBn7znxPMlwwQ6Ca2CLSScZuS9EcrNLcIoSwSYpF7ORATLj3RAaIp6g7q9ISW9PnNiY

Requested by

Host: dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com
URL: https://dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8443 0
20 B 261ms
111ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=17905860717562141444&x=1&ct=76

Requested by

Host: dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com
URL: https://dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 8443 3 KB
1 KB 236ms
83ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Host: dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com
URL: https://dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 22:17:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69820
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 22:17:37 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 8443 20 KB
9 KB 226ms
74ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com
URL: https://dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77947
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 20:02:10 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8443 202 KB
64 KB 278ms
120ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com
URL: https://dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 17:41:17 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 241ms
89ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tr.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 02 Dec 2023 17:41:17 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3DE8 13 KB
5 KB 73ms
72ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tr.projectunderstood.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 442
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 17:33:55 GMT
expires: Sun, 01 Dec 2024 17:33:55 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 98A1 829 B
1 KB 236ms
83ms Document
text/html 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

96d17e14de35a5fbb25b8f57a78582500d70b8c700026a17a12a920163568bb4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-tKzAh4uqAKrOYxoiSMLNpA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tr.projectunderstood.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-tKzAh4uqAKrOYxoiSMLNpA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 17:41:18 GMT
expires: Sat, 02 Dec 2023 17:41:18 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 80BB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOAl2Cn5V-3xrzz42UtBM10&google_cver=1

43 B
770 B

98ms
98ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOAl2Cn5V-3xrzz42UtBM10&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGI6Itv8BMAE&v=APEucNX0o1L2xPDxwyXr2ecSvWpZNlCp9AtwjM44KcIIUTPogMSJL4tMoM1pL4FX2DySk9ZGSfHMXbQL8hzS5D2kp01LMlTTU53rj0z5wBi8dAr7UPxkAFMzFNswyrHwSAvx6QAF96DQ50hCPpHkZf1NNVWbKE-41zXmT80YJ-Saxff2D6UbZk0p_xDBomB0BYGvNNBJjixNoVsy2r8sgy4BG3psfytTwg
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:18 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Jd4EXyB26tc%2Bac59YCaljdj%2FIdaiY7AgTrRSsvO3k71Y0bTwYZ23QUJH7MruR1d1v5WVhvJDX4hzHR6NoYQTV0N8XfNvdZS5mDw85OLDXcKJgsI%2Bbg7b88zbj%2Fk6xNPYBG9YAZZnB4MXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82f55c244b574541-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:18 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOAl2Cn5V-3xrzz42UtBM10&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 80BB
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWtsPZ3to2PWzmkKGuUQcwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOAl2Cn5V-3xrzz42UtBM10&google_cver=1

43 B
734 B

63ms
63ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOAl2Cn5V-3xrzz42UtBM10&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGI6Itv8BMAE&v=APEucNX0o1L2xPDxwyXr2ecSvWpZNlCp9AtwjM44KcIIUTPogMSJL4tMoM1pL4FX2DySk9ZGSfHMXbQL8hzS5D2kp01LMlTTU53rj0z5wBi8dAr7UPxkAFMzFNswyrHwSAvx6QAF96DQ50hCPpHkZf1NNVWbKE-41zXmT80YJ-Saxff2D6UbZk0p_xDBomB0BYGvNNBJjixNoVsy2r8sgy4BG3psfytTwg
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:18 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8oja7pJ0B6bW0VZRmOlEkB%2BZ3SpHbNJ5HcSADmpj2yd8NUUMj6e4fPKRG%2Fw1NX1ZXFVV8huHGu1SzNdzCxH386svrubc309T7ON%2ByU%2FQLKgVpKA1fS1l46rXQ43bAxCJGkRN2SurmPIzuw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82f55c248bf64541-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:18 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOAl2Cn5V-3xrzz42UtBM10&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 80BB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESELd4XTN5do5vnKNbU9cljDU&google_cver=1

43 B
839 B

33ms
33ms

Image
image/gif

185.89.210.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESELd4XTN5do5vnKNbU9cljDU&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGI6Itv8BMAE&v=APEucNX0o1L2xPDxwyXr2ecSvWpZNlCp9AtwjM44KcIIUTPogMSJL4tMoM1pL4FX2DySk9ZGSfHMXbQL8hzS5D2kp01LMlTTU53rj0z5wBi8dAr7UPxkAFMzFNswyrHwSAvx6QAF96DQ50hCPpHkZf1NNVWbKE-41zXmT80YJ-Saxff2D6UbZk0p_xDBomB0BYGvNNBJjixNoVsy2r8sgy4BG3psfytTwg

Protocol

Server

185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:18 GMT
an-x-request-uuid: f2c2d504-a08a-4bcb-9ac4-c6cd98379978
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 193.32.248.225; 193.32.248.225; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:18 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESELd4XTN5do5vnKNbU9cljDU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 80BB
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjE4ODAwMzEyMTQzMzU5NzMyNw%3D%3D

170 B
243 B

76ms
68ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjE4ODAwMzEyMTQzMzU5NzMyNw%3D%3D

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:18 GMT
an-x-request-uuid: 8b0de6fc-5e6c-4570-ba30-ec6700b09723
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjE4ODAwMzEyMTQzMzU5NzMyNw%3D%3D
x-proxy-origin: 193.32.248.225; 193.32.248.225; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8443 0
20 B 109ms
109ms Ping
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1745145623244&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8443 0
20 B 109ms
109ms Ping
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1745145623244&version=m202309260101&ct=76&x=1&cor=17905860717562140000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 8443 110 KB
42 KB 115ms
114ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C7gqgLQlBDs9XB03OJ4V1FEYqPbsdXDNnmODye9FG95OOOBzMuOuJMUQuUWco-jnp6k_kQ7mP9HOLwCpMBxWzs-yrpmHMrNdvpf_jPW9m0veZuFwv7srg7Pc6PejzdgXS8CAqfiQwZECIadyj7bRYJrWkNBuEk-36vufdlyMU8uVyHLGQ&dbm_d=AKAmf-C6YUVE4RjMic1IAPnGz24EmBLqlW5_VMcQVgS2zAXdh9MXrUypXvtd-5W3kEBXeVtbgJn9dT1X8Kh09ieX8hArxOJ0WA0VPflX79U4aDcCvuJK3nkwyAjG86OzcjD4_mng27mCvzc9RNep-7Qw7MhXtWpmSkRVGzBlrGbCQJ1GQQ9OrfXCSLZyRJ3cmNi3fCdJb9VRxs8MZUpK0yzJVeU_gyRHrjUI41jpE9pNgvEsr0VRGZMxe5MqVRnlQ1C7upo0yCjwG5U7fx7ZbJpz7wHlI24t4rMQzvoMEs54sqZeozcKt44X6_rCvSs0M7nnhvDooeUliNRdGlCpRZ7UFvtmH1Ef0HehPxQGwfI0g8TxegzBlgbRhPaYz27Y5foxq7EFVGYjQWoPeuKxoBjDI07iM4M4WSKNDbmOz2UpHdFsc3t-g9M_b7a4vArJ6ULTvObudHVf_Wfn2LGwQhsg1VIf0XLZG5SnZtEuDNKHrsDc3bzyGj-F8wt666GoupUH7iqZZ0CC0kY0yWEXc2VgkC0ylukA2t3PVcy9cpjZpkWWIuNQSCkm4liGZ8GTckVFGGPudZdBeTTC_gnHu9e4-PdQP6TAuFKTfPvwl-tbze3QxwO0GSiFF4iR-5xiQeXXblnoh2oIM6D8Dbo2NOznGl_HyflZVoANwWQaTxmMg2ZvESv5VXVcMmy_9kc7RLX2IoqwhvKC5junI4TyeN_qbnMnYQGgmyKnLK1s_3MaJjFnAuHu4LHqBoVwjZG22Arf7T2l4sQRtFggDFPvl2HI9ne66RFPOHVX5bfBTaSJTCpeuvryhJUT1aXQ9-TCHhThxhDQzWcy5UrPEvXfo-I4z1EDJbebM8z4sgRXsR5pXp8GGS0zcoGLtiYJQzHJV60Z96IpKpYR3fykc67_Bp2X-Qrv83RZz24fYjFbNQJhscEkhp296PtoRfPl2Ni1H-0aDJzFm-4wTTXRxFZPcQpId_kKnr5QyfIPDbEuDv2O0l6OUZSVuhgG79t7RRYadiQ-YfVAnexgF8XgXsl1MbJzTEDl1uo9nnMX5cwf9NIVSv5cmKh1uEUzhON_RvrUmXzipl7Obtm8tD8bCV7jQMk_wNWaccblxn3MDvo8FQujC7yUrEXFsTj0G1tVF10jYg3H1jj4O0p5I_q92q_1C69c-GvuPdIqM98VTJxQqsaZACCzgVW7PtHsK4TMOi2yUZIlzz_EhZZsN4I3bnp9sSrj_StPw8XQcAwm6tY9n4YhIS_deHXiuS1gf1kkwOj67tqpHUcdZxqrdpvDVWkx7AeUkK6ylyVI02LokmKBxTC9p8Y2Gu6-tNe9MXhwLdY1CV-kg2zJCgqQeGth7p-3bEng126qO0RxzhxdIHkIF1w6RIm14rQxr66NjDLSP0KQHMnwSj6BHNcXZwbR1YhgpvTXzlcwNCKpwWyBNkI9rxZkR95LgvURibO3c-d9sbu-G2nKwCHaxGUsYBKZxbqAwY0xberTQ5OPs-69d1nNl970dYTps26Le2bzHmp2gIT68Cfj7w13Df7RMpc29jO0A9bSfUpIb-nGmDE7rFX2VhHGqGuh_uFCbZ_p5G14WqyTiw8HcYtMsURx2OrWYkuGvHNzdGX4_s_f6NUyUs0tYb59zNtwbtEO3l1xyTtfjwivagcCeU0sSXI5H2__-ow5p8yPAyuEQNc7h2rmbMusXRWcOaMuQ85liuTiceXaQ_6_Kj7KzmUREZlaML1xtqr6q-n4N9BLSPvpQJI7W2Q9y8H_9qwIKXdlKcTKYt2HLX19BLVBEPr0oWXRDqEpyZLw4B2-fv4yWkIZNi-cEoglHafTOE9r_7wbuzYr7YY1Ld2I419ht1-eMYUr0UFPb5MSq9NfWF7YKbLMyYh3DtfBy6hbyb_TL3s0WeObbcL_slYX-TihDXt48GoIUcw65dukJzAS2v_UENmiIRk_0jt9gS6qNrxncSFECKfrRzVQgDhRTruWKLYGPrsuKgMlrlUfQbbfDCTE7sU1kJe2BGI87L3XVWdNCo8fpfCvbtCJdjiHqsFnS0UTMbT3JaAxrnIV320-yuDi2Pa0EIw8reb1PyExCtxA0vC19L1FTlvMoARLYy4vYjjI8XOi1_yKpfnZwfe2Y1bEZnbPHECFb4G8Kxq8f26aV9dmJn7JIcXWdKsDlOvi4KZmoRFUwToz8Sb0KocnBm9PSuUMXFrWuCZdXuvplz6Ph0uCpegMAWWyqObciqxzhlTjbB_m4NF4mMhfMrT-_7_S2WdQ09yH26gojTx3BesP2I9_UvN1rRF2MZs1ACztLNA9rLazdghHi4q1BulOvnL3eNhWzqtdJFKVHa3QRL8_2G37XJh20UMnIfWwCHu5HiRK1cpHX4zpgtDX7tPx8KmvTjoOjXFotub3EzrYHonIzBOEOT6NLxpJpmFlg5XmWaiq7c3nb81n2HvSl6dOxD7dcbRJJvyk4mELtBbV6ExNxRZJvMcIwxaBCYeX2-YdGWgjsVlrQ1QOlrqwchQWejy11GlLU_JPAAeJM_y3-oatWJiusN6IuVty6lNxhs4r493D_yWpEG_Mb98mzSqQnv9BGXHZGUEubrrnZvGTofz2E-nQV0Oe6gwRyrT3AxkRrR73fRIfoipRLjHHMqFq-ztr-6lCaepVmD9K_XQZ6RGHveNJwtgBc1IcJlhTx89-K1Gm2l_3O9sNPBSw0v_Q7iS5I5jVIj2iYwH2I0B-RmI6CCpDoN32BCmXesWl-rgLmkWoDcMKzLbEzeLWpCmLOHsHUciCeReGNoERI-fYL_0cNp7P_o0Gi5AQlskxEIKobsV1o2kJ2nauN5VMVykqBeA9wnvGdbeSeftlDTocsqLaqKmU4AybUfF9pj6RFSIes2EFQ5fGRAV_I7V8CJJnzcfvMiN1ZVP3JbXQ5nuS-8Szk1s4INxPmL7isSaAkuf2P83Zw0kaF-on49POnlOKMHLwk4vqqE9OClEKy4QhJfwevc2Xr82pAY-G3quN350qW7tZCSkkN7zjN6cqWxTLAZGl8gSMfFSWvHoxqzJYyUQvjVu0vKcp3Mzuczli8XKIcSkgOcYFVP6BcIuilX70rhYxYm0RbWblvReFzuqS0PUJHA3_N6qH-geoDob4TTPPCOzaU1IbdvSaxcdqwSgxXlgxumeKl8zdjZFRD-Pwl9PqGLQePyY-0_JOrcW6OVfl-U8EiaAeUL_6GeQ7EcOtB2WR4BaVJYzaA--SQGoumpdfuY5F81ZI8hQUYVodMxHgGzQzbV-4M_bCJP1Hef27DBc8kiHyFBW97yiYzntWMfWrYZIThhoMbj3Dj6qcPQeZKtrs8D13Wx1eojl5Nvfsl9lXPeQyjDs7WWVDoLApkfowF6GWbP_JQoUkoMVdwqJ2rDnAcgUqq9eEoCecJZ0fLLX1GAAeoOh95u2x4YLa6ZXTJaSnNAyIdpsgXGzVEmAL55FHHZIrG1bEKGGMsxM72abnFvdYFU93vb3qZ9xxDQU3TPanxH-tirTi7jIpH6RU1cpuYKsSw9WEOKF52uAZjjpuQZfilpm4utsEjOYM7JihSa8r4k0Y08eu_hj7xok_ScBSu0UXXZOkCIVOemK0Uf1yM490jftHjs9KzInutN4GA4Nld-cfXoJTI9wKznEBi_T45g4cEhkaIY4PK8Vs5B_uvIy5NCF5jgB6hI5Fb5beFIdEGbHTg9lo3GEYl3VBLQIbO5K7ZSQmumRc8vWLy9OFrBwpvV-7h8ESI9dVzLVclnXKnFUzxOw_xSMC3MZHRr87vFFGgXaEYTBy7aXZWYhiZH4XZ5seofEullmD9iD4CwiyepMW7PFd3doLv6MTKvT0ZGwT3Njtvx1PNZcD_6_JlFNF4t1lPdV0n6mea4jhhZtFqK6u4myzDT2Sl826d_GbkYaX1XRpot2xRCuEPljft2X5dJFshxHk91gnlywU-WAuyK6f38-IPVqOYm6zXqwYshsOBwxytvzgude-xBJWDOpIvErx8JojkZnKqYxZX2-zSL4Vx5vKiN63EZnTrW2-035tQU13HKMBQqRHNevN8-Jili3spjVM201KtiilJyfVjmy_TNMZv3lAITVt_tSS5r1mDQgE7PvZ581BXzpPlz9zpqPJrfieSWhL0eLaJCUP0EU5hjdd1tuiE2P0GPDOeUGm3jPfe4JHwiCs1yW2Bbje6TCrfHs_OEAwiL-ZVMdvw_DHjYUzEm7HFJctNDELb-knM-23GnmUM7zli8ZjLdXMHTotwk091lZ0sQYVPMmdluk&cid=CAQSTgDICaaND5f-MuL5EJbmRfF9-3Pu69VViNCbtGzRtUYObBk_97gUkQA5PKb7ZIq2YikgKT-dAaCq82ZwXIQYMJpxHpSENf5D-LcQeUvrRBgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Ftr.projectunderstood.com%2F&ds=l&xdt=1&iif=1&cor=17905860717562140000&adk=250412560&idt=355&cac=0&dtd=11

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af2b59089300d371d58015a7e2fcc2cd71251a6f8df7dcc6b2039d9c7a93c7a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42832
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 3DE8 39 KB
15 KB 75ms
75ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 08:15:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33963
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 01 Dec 2024 08:15:15 GMT

GET
H3 200 container.html Show response
dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5423 6 KB
3 KB 73ms
73ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tr.projectunderstood.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 17:41:17 GMT
expires: Sun, 01 Dec 2024 17:41:17 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 98A1 0
0 109ms
109ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311280101&jk=857575145445249&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H2 200 css2
fonts.googleapis.com/ Frame 5423 4 KB
744 B 242ms
89ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com
URL: https://dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 02 Dec 2023 17:41:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 02 Dec 2023 16:29:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 02 Dec 2023 17:41:18 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 3DEB 14 KB
1 KB 233ms
86ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: tr.projectunderstood.com
URL: https://tr.projectunderstood.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 02 Dec 2023 17:41:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 02 Dec 2023 17:22:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 02 Dec 2023 17:41:18 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 3DEB 2 KB
822 B 75ms
75ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: tr.projectunderstood.com
URL: https://tr.projectunderstood.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77948
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 20:02:10 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 3DEB 24 KB
9 KB 77ms
76ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js

Requested by

Host: tr.projectunderstood.com
URL: https://tr.projectunderstood.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77948
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9305
x-xss-protection: 0
server: cafe
etag: 13635642240219548939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 20:02:10 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8F63 143 B
228 B 74ms
74ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: tr.projectunderstood.com
URL: https://tr.projectunderstood.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2216
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 17:04:22 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 3DEB 3 KB
1 KB 106ms
106ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Host: tr.projectunderstood.com
URL: https://tr.projectunderstood.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 22:17:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69821
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 22:17:37 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 3DEB 20 KB
8 KB 77ms
77ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: tr.projectunderstood.com
URL: https://tr.projectunderstood.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77948
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 20:02:10 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3DEB 202 KB
64 KB 108ms
107ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: tr.projectunderstood.com
URL: https://tr.projectunderstood.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 17:41:18 GMT

GET
H2 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame 3DEB 37 KB
16 KB 235ms
75ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: tr.projectunderstood.com
URL: https://tr.projectunderstood.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 10:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 372723
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 26 Feb 2024 10:09:15 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/ Frame 5423 22 KB
9 KB 76ms
76ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com
URL: https://dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bbbf189ee0fd46edc91bdc96aeac86c78c35c8d497ecd9a786ef318ccb62e985

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 22:46:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68073
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9189
x-xss-protection: 0
server: cafe
etag: 14682237860056745894
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 22:46:45 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 5423 205 B
521 B 252ms
94ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com
URL: https://dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:28:44 GMT
x-content-type-options: nosniff
age: 259954
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 28 Nov 2024 17:28:44 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 5423 604 B
695 B 253ms
95ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com
URL: https://dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:04:20 GMT
x-content-type-options: nosniff
age: 110218
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 30 Nov 2024 11:04:20 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3DE8 0
10 B 100ms
100ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ZsII7A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:18 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012310301456000/ Frame 5975 196 KB
56 KB 227ms
73ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tr.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 29 Nov 2023 17:10:37 GMT
age: 261041
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56081
x-xss-protection: 0
server: sffe
etag: "6a17d296884b026a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 28 Nov 2024 17:10:37 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 5975 15 KB
5 KB 399ms
244ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tr.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 30 Nov 2023 21:48:00 GMT
age: 157998
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5225
x-xss-protection: 0
server: sffe
etag: "0b7142e00666043e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 29 Nov 2024 21:48:00 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 5975 95 KB
29 KB 361ms
207ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tr.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 02 Dec 2023 01:47:30 GMT
age: 57228
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29077
x-xss-protection: 0
server: sffe
etag: "7b1f1965b6cd6fda"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 01 Dec 2024 01:47:30 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 5975 5 KB
2 KB 403ms
249ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tr.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 01 Dec 2023 22:04:26 GMT
age: 70612
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1911
x-xss-protection: 0
server: sffe
etag: "5b0a82507b260c6e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 30 Nov 2024 22:04:26 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 5975 40 KB
13 KB 405ms
252ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tr.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 29 Nov 2023 17:10:37 GMT
age: 261041
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12952
x-xss-protection: 0
server: sffe
etag: "9817e561a46c70fa"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 28 Nov 2024 17:10:37 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 5975 4 KB
1 KB 156ms
84ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tr.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 02 Dec 2023 17:41:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 02 Dec 2023 17:15:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 02 Dec 2023 17:41:18 GMT

GET
H3 200 tr.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 5975 3 KB
3 KB 76ms
76ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/tr.png

Requested by

Host: tr.projectunderstood.com
URL: https://tr.projectunderstood.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e5a886321d0e00c13f7abff03ca39fd782f42997fd34bcbf4fc93718f3670cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tr.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 23:30:15 GMT
x-content-type-options: nosniff
server: cafe
age: 65463
etag: 9957912877679239782
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3057
x-xss-protection: 0
expires: Sat, 02 Dec 2023 23:30:15 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 5975 344 B
368 B 75ms
75ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: tr.projectunderstood.com
URL: https://tr.projectunderstood.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tr.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 01:58:41 GMT
x-content-type-options: nosniff
server: cafe
age: 56557
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Sun, 03 Dec 2023 01:58:41 GMT

GET
H3 200 6592766407814317453
tpc.googlesyndication.com/simgad/13403596245567100500/ Frame 5975 25 KB
25 KB 79ms
79ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13403596245567100500/6592766407814317453

Requested by

Host: tr.projectunderstood.com
URL: https://tr.projectunderstood.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23b1762b8a6a1845e8915181a994255ef2259eec624e034a8dcd6adb8816603a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tr.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 16:30:02 GMT
x-content-type-options: nosniff
age: 4276
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25310
x-xss-protection: 0
last-modified: Sun, 15 Oct 2023 15:02:32 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 01 Dec 2024 16:30:02 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/1509591724079332205/ Frame 5975 986 B
1013 B 107ms
107ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1509591724079332205/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Host: tr.projectunderstood.com
URL: https://tr.projectunderstood.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

558073f842416b7972ae28b7fd616036d5c24f917c599de7673ca8efbffb9183

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tr.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 11:42:10 GMT
x-content-type-options: nosniff
age: 194348
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 986
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 10:50:27 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 29 Nov 2024 11:42:10 GMT

GET
DATA 200
OK truncated
/ Frame 5975 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 953931d9ee3cb8318ba361a299c4646860d87be959540d9918947df8a272dfc7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1854208/76774455/ Frame 8443 46 KB
12 KB 153ms
49ms Script
application/javascript 54.76.149.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1854208/76774455/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1014933263&ias_pubId=pub-5512390705137507&ias_chanId=1&ias_placementId=20808097378&bidurl=https://tr.projectunderstood.com/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0iMfQsf5mCqjt-nSsbfJ1VY
Requested by: Host: tr.projectunderstood.com
URL: https://tr.projectunderstood.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.149.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-149-61.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: f4887cda91a3ccd88b86a3ab02dd1dbefa8afc03b08280c4b8ad770f7a8051a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:18 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 8443 111 KB
39 KB 233ms
75ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: tr.projectunderstood.com
URL: https://tr.projectunderstood.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com/
Origin: https://dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 07:40:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36050
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 03 Dec 2023 07:40:28 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/ Frame 8443 11 KB
4 KB 75ms
75ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C7gqgLQlBDs9XB03OJ4V1FEYqPbsdXDNnmODye9FG95OOOBzMuOuJMUQuUWco-jnp6k_kQ7mP9HOLwCpMBxWzs-yrpmHMrNdvpf_jPW9m0veZuFwv7srg7Pc6PejzdgXS8CAqfiQwZECIadyj7bRYJrWkNBuEk-36vufdlyMU8uVyHLGQ&dbm_d=AKAmf-C6YUVE4RjMic1IAPnGz24EmBLqlW5_VMcQVgS2zAXdh9MXrUypXvtd-5W3kEBXeVtbgJn9dT1X8Kh09ieX8hArxOJ0WA0VPflX79U4aDcCvuJK3nkwyAjG86OzcjD4_mng27mCvzc9RNep-7Qw7MhXtWpmSkRVGzBlrGbCQJ1GQQ9OrfXCSLZyRJ3cmNi3fCdJb9VRxs8MZUpK0yzJVeU_gyRHrjUI41jpE9pNgvEsr0VRGZMxe5MqVRnlQ1C7upo0yCjwG5U7fx7ZbJpz7wHlI24t4rMQzvoMEs54sqZeozcKt44X6_rCvSs0M7nnhvDooeUliNRdGlCpRZ7UFvtmH1Ef0HehPxQGwfI0g8TxegzBlgbRhPaYz27Y5foxq7EFVGYjQWoPeuKxoBjDI07iM4M4WSKNDbmOz2UpHdFsc3t-g9M_b7a4vArJ6ULTvObudHVf_Wfn2LGwQhsg1VIf0XLZG5SnZtEuDNKHrsDc3bzyGj-F8wt666GoupUH7iqZZ0CC0kY0yWEXc2VgkC0ylukA2t3PVcy9cpjZpkWWIuNQSCkm4liGZ8GTckVFGGPudZdBeTTC_gnHu9e4-PdQP6TAuFKTfPvwl-tbze3QxwO0GSiFF4iR-5xiQeXXblnoh2oIM6D8Dbo2NOznGl_HyflZVoANwWQaTxmMg2ZvESv5VXVcMmy_9kc7RLX2IoqwhvKC5junI4TyeN_qbnMnYQGgmyKnLK1s_3MaJjFnAuHu4LHqBoVwjZG22Arf7T2l4sQRtFggDFPvl2HI9ne66RFPOHVX5bfBTaSJTCpeuvryhJUT1aXQ9-TCHhThxhDQzWcy5UrPEvXfo-I4z1EDJbebM8z4sgRXsR5pXp8GGS0zcoGLtiYJQzHJV60Z96IpKpYR3fykc67_Bp2X-Qrv83RZz24fYjFbNQJhscEkhp296PtoRfPl2Ni1H-0aDJzFm-4wTTXRxFZPcQpId_kKnr5QyfIPDbEuDv2O0l6OUZSVuhgG79t7RRYadiQ-YfVAnexgF8XgXsl1MbJzTEDl1uo9nnMX5cwf9NIVSv5cmKh1uEUzhON_RvrUmXzipl7Obtm8tD8bCV7jQMk_wNWaccblxn3MDvo8FQujC7yUrEXFsTj0G1tVF10jYg3H1jj4O0p5I_q92q_1C69c-GvuPdIqM98VTJxQqsaZACCzgVW7PtHsK4TMOi2yUZIlzz_EhZZsN4I3bnp9sSrj_StPw8XQcAwm6tY9n4YhIS_deHXiuS1gf1kkwOj67tqpHUcdZxqrdpvDVWkx7AeUkK6ylyVI02LokmKBxTC9p8Y2Gu6-tNe9MXhwLdY1CV-kg2zJCgqQeGth7p-3bEng126qO0RxzhxdIHkIF1w6RIm14rQxr66NjDLSP0KQHMnwSj6BHNcXZwbR1YhgpvTXzlcwNCKpwWyBNkI9rxZkR95LgvURibO3c-d9sbu-G2nKwCHaxGUsYBKZxbqAwY0xberTQ5OPs-69d1nNl970dYTps26Le2bzHmp2gIT68Cfj7w13Df7RMpc29jO0A9bSfUpIb-nGmDE7rFX2VhHGqGuh_uFCbZ_p5G14WqyTiw8HcYtMsURx2OrWYkuGvHNzdGX4_s_f6NUyUs0tYb59zNtwbtEO3l1xyTtfjwivagcCeU0sSXI5H2__-ow5p8yPAyuEQNc7h2rmbMusXRWcOaMuQ85liuTiceXaQ_6_Kj7KzmUREZlaML1xtqr6q-n4N9BLSPvpQJI7W2Q9y8H_9qwIKXdlKcTKYt2HLX19BLVBEPr0oWXRDqEpyZLw4B2-fv4yWkIZNi-cEoglHafTOE9r_7wbuzYr7YY1Ld2I419ht1-eMYUr0UFPb5MSq9NfWF7YKbLMyYh3DtfBy6hbyb_TL3s0WeObbcL_slYX-TihDXt48GoIUcw65dukJzAS2v_UENmiIRk_0jt9gS6qNrxncSFECKfrRzVQgDhRTruWKLYGPrsuKgMlrlUfQbbfDCTE7sU1kJe2BGI87L3XVWdNCo8fpfCvbtCJdjiHqsFnS0UTMbT3JaAxrnIV320-yuDi2Pa0EIw8reb1PyExCtxA0vC19L1FTlvMoARLYy4vYjjI8XOi1_yKpfnZwfe2Y1bEZnbPHECFb4G8Kxq8f26aV9dmJn7JIcXWdKsDlOvi4KZmoRFUwToz8Sb0KocnBm9PSuUMXFrWuCZdXuvplz6Ph0uCpegMAWWyqObciqxzhlTjbB_m4NF4mMhfMrT-_7_S2WdQ09yH26gojTx3BesP2I9_UvN1rRF2MZs1ACztLNA9rLazdghHi4q1BulOvnL3eNhWzqtdJFKVHa3QRL8_2G37XJh20UMnIfWwCHu5HiRK1cpHX4zpgtDX7tPx8KmvTjoOjXFotub3EzrYHonIzBOEOT6NLxpJpmFlg5XmWaiq7c3nb81n2HvSl6dOxD7dcbRJJvyk4mELtBbV6ExNxRZJvMcIwxaBCYeX2-YdGWgjsVlrQ1QOlrqwchQWejy11GlLU_JPAAeJM_y3-oatWJiusN6IuVty6lNxhs4r493D_yWpEG_Mb98mzSqQnv9BGXHZGUEubrrnZvGTofz2E-nQV0Oe6gwRyrT3AxkRrR73fRIfoipRLjHHMqFq-ztr-6lCaepVmD9K_XQZ6RGHveNJwtgBc1IcJlhTx89-K1Gm2l_3O9sNPBSw0v_Q7iS5I5jVIj2iYwH2I0B-RmI6CCpDoN32BCmXesWl-rgLmkWoDcMKzLbEzeLWpCmLOHsHUciCeReGNoERI-fYL_0cNp7P_o0Gi5AQlskxEIKobsV1o2kJ2nauN5VMVykqBeA9wnvGdbeSeftlDTocsqLaqKmU4AybUfF9pj6RFSIes2EFQ5fGRAV_I7V8CJJnzcfvMiN1ZVP3JbXQ5nuS-8Szk1s4INxPmL7isSaAkuf2P83Zw0kaF-on49POnlOKMHLwk4vqqE9OClEKy4QhJfwevc2Xr82pAY-G3quN350qW7tZCSkkN7zjN6cqWxTLAZGl8gSMfFSWvHoxqzJYyUQvjVu0vKcp3Mzuczli8XKIcSkgOcYFVP6BcIuilX70rhYxYm0RbWblvReFzuqS0PUJHA3_N6qH-geoDob4TTPPCOzaU1IbdvSaxcdqwSgxXlgxumeKl8zdjZFRD-Pwl9PqGLQePyY-0_JOrcW6OVfl-U8EiaAeUL_6GeQ7EcOtB2WR4BaVJYzaA--SQGoumpdfuY5F81ZI8hQUYVodMxHgGzQzbV-4M_bCJP1Hef27DBc8kiHyFBW97yiYzntWMfWrYZIThhoMbj3Dj6qcPQeZKtrs8D13Wx1eojl5Nvfsl9lXPeQyjDs7WWVDoLApkfowF6GWbP_JQoUkoMVdwqJ2rDnAcgUqq9eEoCecJZ0fLLX1GAAeoOh95u2x4YLa6ZXTJaSnNAyIdpsgXGzVEmAL55FHHZIrG1bEKGGMsxM72abnFvdYFU93vb3qZ9xxDQU3TPanxH-tirTi7jIpH6RU1cpuYKsSw9WEOKF52uAZjjpuQZfilpm4utsEjOYM7JihSa8r4k0Y08eu_hj7xok_ScBSu0UXXZOkCIVOemK0Uf1yM490jftHjs9KzInutN4GA4Nld-cfXoJTI9wKznEBi_T45g4cEhkaIY4PK8Vs5B_uvIy5NCF5jgB6hI5Fb5beFIdEGbHTg9lo3GEYl3VBLQIbO5K7ZSQmumRc8vWLy9OFrBwpvV-7h8ESI9dVzLVclnXKnFUzxOw_xSMC3MZHRr87vFFGgXaEYTBy7aXZWYhiZH4XZ5seofEullmD9iD4CwiyepMW7PFd3doLv6MTKvT0ZGwT3Njtvx1PNZcD_6_JlFNF4t1lPdV0n6mea4jhhZtFqK6u4myzDT2Sl826d_GbkYaX1XRpot2xRCuEPljft2X5dJFshxHk91gnlywU-WAuyK6f38-IPVqOYm6zXqwYshsOBwxytvzgude-xBJWDOpIvErx8JojkZnKqYxZX2-zSL4Vx5vKiN63EZnTrW2-035tQU13HKMBQqRHNevN8-Jili3spjVM201KtiilJyfVjmy_TNMZv3lAITVt_tSS5r1mDQgE7PvZ581BXzpPlz9zpqPJrfieSWhL0eLaJCUP0EU5hjdd1tuiE2P0GPDOeUGm3jPfe4JHwiCs1yW2Bbje6TCrfHs_OEAwiL-ZVMdvw_DHjYUzEm7HFJctNDELb-knM-23GnmUM7zli8ZjLdXMHTotwk091lZ0sQYVPMmdluk&cid=CAQSTgDICaaND5f-MuL5EJbmRfF9-3Pu69VViNCbtGzRtUYObBk_97gUkQA5PKb7ZIq2YikgKT-dAaCq82ZwXIQYMJpxHpSENf5D-LcQeUvrRBgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Ftr.projectunderstood.com%2F&ds=l&xdt=1&iif=1&cor=17905860717562140000&adk=250412560&idt=355&cac=0&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 19:58:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78197
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 19:58:01 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 8443 31 KB
12 KB 75ms
75ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

43c9555701d17579571d962cfee37868f4769995820a96abf451623b0528c92c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 22:51:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67769
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11894
x-xss-protection: 0
server: cafe
etag: 8278194740845609983
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 22:51:49 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 8443 41 KB
14 KB 96ms
96ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: tr.projectunderstood.com
URL: https://tr.projectunderstood.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84970
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 18:05:08 GMT

GET
DATA 200
OK truncated
/ Frame 8443 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8c600955bda18251f148c00a5f5e5277e6348c48310b95fda5a46d714cd81886

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8F63
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

83ms
82ms

Document
text/html

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com
URL: https://dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 17:41:18 GMT
expires: Sat, 02 Dec 2023 17:41:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 17:41:18 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 7448 38 KB
13 KB 75ms
75ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 570158
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 26 Nov 2023 03:18:40 GMT
expires: Mon, 25 Nov 2024 03:18:40 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5975 15 KB
16 KB 274ms
72ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tr.projectunderstood.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:39:21 GMT
x-content-type-options: nosniff
age: 90117
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 16:39:21 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5975 15 KB
15 KB 292ms
90ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tr.projectunderstood.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 13:37:09 GMT
x-content-type-options: nosniff
age: 14649
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 13:37:09 GMT

GET
H2 200 main.19.8.461.js Show response
static.adsafeprotected.com/ Frame 8443 213 KB
66 KB 202ms
49ms Script
application/javascript 2600:9000:2304:1e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.461.js
Requested by: Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjss/st/1854208/76774455/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1014933263&ias_pubId=pub-5512390705137507&ias_chanId=1&ias_placementId=20808097378&bidurl=https://tr.projectunderstood.com/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0iMfQsf5mCqjt-nSsbfJ1VY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:1e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5d60c053b0001fc62bddd8d273be2d45bd62085f6179c57e1d2ae8fc6be54819

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 09:25:14 GMT
x-amz-version-id: SsS9NfODLbDHY8VzzB.lL2F1gs9DY59I
content-encoding: gzip
via: 1.1 429f4d0dffb8bf0b68cf2d9d500542f8.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-P1
age: 893765
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Wed, 22 Nov 2023 09:25:12 GMT
server: AmazonS3
etag: W/"315b08a0e21410ecc940dd381f9a8dd0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: iz96CQJnJvqcnL5cpA7QSzD5EWxGDmWXwhVYD-ob1L0w4-HotD-YSw==

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 7448 39 KB
15 KB 75ms
75ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 08:15:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33963
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 01 Dec 2024 08:15:15 GMT

GET
H3 200 a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js Show response
pagead2.googlesyndication.com/bg/ Frame BFEF 50 KB
19 KB 78ms
77ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js

Requested by

Host: tr.projectunderstood.com
URL: https://tr.projectunderstood.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 11:42:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 194330
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19601
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Nov 2024 11:42:28 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/9009933704752229913/SAMSUNG_LED_TV_970x250/ Frame 2FD3 115 KB
22 KB 234ms
77ms Document
text/html 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9009933704752229913/SAMSUNG_LED_TV_970x250/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8246163d437186835f2f43c99a5285b1dcda302dae29bca1c038028bcc25f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 244221
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 22524
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 29 Nov 2023 21:50:57 GMT
expires: Thu, 28 Nov 2024 21:50:57 GMT
last-modified: Fri, 24 Nov 2023 13:29:44 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8443 0
0 238ms
105ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstwj4_47O-1gWBS_WHTC4KJLVH1BQtlrtvzSvBIkuR2jFqOEEb3yAX4AXm9w-X11pPiB55U-rkvedRmLC8F9WpYgC2Y9Hp6RWg9guFVNw174vfqclqLni1AaxgZB2LHPenBINj1L3kDkbC7KE7QcvS1SZZ4NQb9dV-ERnxGmNc3dX0Y0IP3v4zTDabQLfup3sS4LVTgQoNelXMQZx8hx-ulvi1rI-x47ATECBlNJzP7p4KwSv059x1GRvroXdEb4xCzHqcC9hiPFshgO-T4nBlVVB8V-0m4msFVzS5NPstQWwvw-hPXoh9-NnNzJSGT-2QV4po3awauLcDIGGxtHkNG_6GJNIXZzs-vPdgjeuNPsLdVsyLfz38FGAsjjZrJFrC4yMHPCv_jot0LLeC51CvWoVKemPRXBy8pwlwI_2yo66gjPKPAI79CfNiRlth_Sf8A6jNZZwhkMc3TaP63Ve3-Nf_3l1KG2NQx9n-TbbWikraugSZS2p7Ul26NKxsskIv4xBFAt1agTgqHWJmYc9hlRmdNsFbpOsfbxGWfOh8jhNkQOK9He5bZzyXvsvcglSV5fmy4ZP7rBOhy0AdpPm-bn6Ox-DD8KSryalG0eFsbUJghxqsdC2u4WuPpvB2HvRzRMqHBbxQt93u3MvRysrzwcBnG0w-GJ2U7WHQoiY8X0vDx1qrvwhWhvFVtRKejWUKL29mMGnTIZ98_ukWG3in6RI5ql-n0nJTMoYRausSpyM1fa2uj0lJc8DmJ-ND3-IUxQ7IiU4En0lbD2n-y-03HL88YwS20abPfciQ3RY6T3SRKZnYrWLNU-Le_bMLLp2ujVZLEjy_ZaINSSuiiee65N5--v8uRSFMJg54jcI4XHB8QuP3S-0YPubRYMaHqU_Je8gYnSmZ_5mheY1GBLbucWGGNlh6B-qZ2tASnZTPVyM9EN31mmisXPhCz0-Mkm0gspZ75VQrV_wMYprqxkFrKpZ0W7RwR1javdUWET1yuoSX5LI6wT57bSzkRPI94Ok7x9y3hKSY5Q1pEC5NyrZ1f8_7Z_zMNnpUoi4K1ual5pvxh6Omb2ftNjoGFELcWWZ1oThrcSJVcUDicWS33omtVW4GJF-IS_UCDhgeSNno4Vszv_irZw4lCdqmqeBs-Un52_RTSCh4n5-61jQqu7u9ef5EsWRdC9i3F7YUjBzg7dnAfM1F8Plj80DnEozGnBNvC72OeARbpJjWecEIU1M5KgaYAd6cDV8sC5r5n0hT-jedgr95VTS6M58Nr3hYk78k4cimnGbNTwdyahNyHC6yWevtRe-f0wlZExKqzOvqlFwSVATxkOQbE5c-opmv_YfjOMbTzAxqZHmtraXy1PZrGpSJuOtqvqg3lmptTlRtOWLR_y11uMkbKT_wf7_jO-u7p1ooCzEk__V4Q-YFVGAXlXiRAEnSvcAIt20yM-ncUYZnCfRD8whEQa39yoeuLy58QGaQidUBqPxTB-4Y9qa4W3k6pFmFOeXNww-7s78l12SA0_MRul63hgvYJr6ZDvA&sai=AMfl-YRlEoVNj0UGhOJgX7rjcqhEpqTZ7_WZRK_c7FawFCegddYV0eQxJWq10l53DJtNU8MFvMIQhjpCsm8qfA9pwkmVKqVo0Ntl1HhyB0-1DRSKEFdO9IqBgsvnQAuugitIJO3lcVMel0hw3c1l6AXbLy905Bfz8EkJ-GBTgU3rgSrRAOJFHAZO3kwUkiU9FHTe5KdY9YrzN2UgsU3RkrY79NIW5daQ4LQpU2Lh7HlD2c56OEdih0AAJy_Cdd22GqVDRHTPZVr8c9-e3dlrvD6kiLvfeywQVQ4R1AP5X1itE_kOd7HGtiS0UReCXXcpSZQ&sig=Cg0ArKJSzBa9yTWP8UDWEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=373&cbvp=1&cstd=372&cisv=r20231129.85456&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: tr.projectunderstood.com
URL: https://tr.projectunderstood.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 02 Dec 2023 17:41:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 93656
tags.bluekai.com/site/ Frame 8443 62 B
572 B 266ms
179ms Image
image/gif 69.192.160.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/93656?limit=0&phint=event%3Dimp&phint=aid%3D6531095&phint=cid%3D30972058&phint=crid%3D206015541&phint=pid%3D382004351
Requested by: Host: dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com
URL: https://dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-160-219.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Sat, 02 Dec 2023 17:41:18 GMT
content-length: 62
bk-server: 41e
content-type: image/gif

GET
H/1.1 204
No Content visit.jpg
tps.doubleverify.com/ Frame 5975 0
162 B 221ms
48ms Image
text/plain 130.211.44.5
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tps.doubleverify.com/visit.jpg?ctx=28754477&cmp=3152924&sid=1619877&plc=69746816&adsrv=178&btreg=&btadsrv=&crt=&tagtype=&dvtagver=6.1.img&cbvp=2
Requested by: Host: tr.projectunderstood.com
URL: https://tr.projectunderstood.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tr.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 02 Dec 2023 17:41:18 GMT
Cache-Control: max-age=0
Connection: keep-alive
Expires: 12/01/2023 17:41:18

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 5975 0
0 120ms
119ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cq5dUPWxrZf6NNqGU7_UPh6a8wAWh_L6vdPbawoOJEtnZHhABIKqAwyJglfrwgYwHoAHvieLdA8gBCakChxZyOYpCsj7gAgCoAwHIAwqqBJkCT9Dhcd3jmV9dDtzBoQAmhJAtqnmUgeLef8SZCtqrcQMkEsIgKyTLqbUqv1XZFuE8aPBV4EQpXBsrQnBAcb3XWgw2BFUOOpgsmIYk_0fIFm7kSwNCSt5Dig8f01eZDLAZeINaii0E9KXWXN4_9CJH5AOOGWzhPMCRwGl_y_7y1LKmS1EJQ6gQNmSqlie2zcNoINMRy-P7lgOkDLVEiYCicTYtXIzc2lUFsBBzqPsBjKOubkSy6Uz0GL7LnL6QHleHTS1viT7i34EqKYlFqTf0YjHfKVW6HeMqagMidT_dyjbYUu-TSs3F3ejlJiFibSCrGm-f3irxHx0KdTVxhgDYH_x29LUoEtlfnUvXrc77mfqGxYpVg_mCLorABLaFn5PNBOAEAYgF38-f50ygBi6AB6CbqHWoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBCe4TTSCB8IgOGAEBABGB0yAqoCOgKAQEi9_cE6WP7g2aKm8YID8ggbYWR4LXN1YnN5bi05MTYxODYzNjg1ODI2OTU2mgleaHR0cHM6Ly93d3cudGVsZWtvbS5kZS9zdGFydC9tYWdlbnRhLXRhcmlmZS15b3VuZz93dF9tYz1kYXJfbWZtbXlveHhfMzE1MjkyNDoxMTE1Njg2NDo2MTQ1NzQyM4AKA8gLAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAuINEwjHntqipvGCAxUhyrsIHQcTD1i4E-QD2BMD0BUBmBYBgBcBshceChwIABIUcHViLTIzODIwMTI1MjI5NzkxMDgYku8h&sigh=h42Edj3XFyQ&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTgDICaaN9XLMghsuAYpwzsvhJOhMeKCzHtNJfRcVrtDRuTgZDU95kMyCdO42dwtO2OiAAX9Mk51cFzxKFCh6GSBggCRodRDJKHElVXGKohgB&template_id=484&cbvp=2
Requested by: Host: tr.projectunderstood.com
URL: https://tr.projectunderstood.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tr.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7448 0
20 B 112ms
112ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BVdOLPmxrZb6YBJbnx_APnOKOqAsAAAAAOAHgBAI&bg=!FxSlFFvNAAY3kmNgF5I7ADQBe5WfOHoTAH6oWFm1WhNutimLdOfqgltCAsgmbRo0LnXKU76wG4Prf7k2RRoQxgMIt2mEAgAAAH1SAAAAAmgBB5kDDuOWPR0Q2E-qUwprjYvSDaBe_GKVPdNcveH_ETFgeGRnh2iON-77Fu113pJW2nsFGQbhOxl2qPDZ3LXB0XSHGWNRlI2VyJ-mvTb0kUsaTekxMP7qc-wzHfgv9D-842gZtJu4xx0x7KcHrM9KTk2vnjqnk03V9vkIY1HhZs1egesp4ZeuxOAQgG_3GcgIdcQ0vxXEJPQayftd75MMwTd8njB_1E7yhzfafOtTeK5gwbWAWAGQIv1qKmao6_c0KYKkm3UXNTi_gzS-9_w5iFJ2gSJrXb8FKuquMrOsXAv0UXB58wZeE7y22zq2MZgEu_Q0zkCQMd624-lYj3QBGYFbvnQDUm0Xy6Yl0Nu04APT-wRuRKabbNHDwwXq15xS_Xp8B-N-3VT_1dwPP8JQVIMrRnfE67kEzWzRuOClmK_Bcm6xHb0w7_2yhRd0l5ikrQnYiprzbyg5DM6bTS9AZ35PJn-SWe6RZ9LpQXpYMyl2G8550mcwSWQli8EKL51pSsyWi-N2P0-op8Bau7WBO8Qd7Llr62zY_R6VF2y57QZWgMoIfV4ihXUtHN5ZqMHHQh63q6_D38wQw8xMQkFKnJyJq8jv4qkYREnOImTWdIymeeb0oXh6ZjBnnRlSKDqJxNPk8BX5fpH3cwHWQceycfnc9GtG-IDUWyHC4KT2IMqDSIP0jKtSXuSUG1dNDRHBXRgH0g1MwQSqH4ubuLvBvmf7yewaEkhzp3PoOUB9RNI2Idv6C2-grNYbLV52VNLJO7_18ZfGJvZM-La0NxjEVVjYijZaTjVJ5J0L0pCIOe9f7kTxtUWwPyAPvOaKFesMesJDIkRm-cnrVn4chye-WOxAj9LOsQKdZCyrReKPOWbjpVNP1uMBiUTsjoS2wQWYc-nbIBeaaYB3oCcA8eKIQeN0rLzRB5vQ5IXQReJRxj7yUA574YoNwotIy6Q1D6X1MrHhxMoImXWqpcHUCfdCO-V1PI-pINEhvJGEsqhAjyiOtBAhyyuS3cAp4XES53Bd6j1HB0hfS98HX1zCH7jbdwLm

Requested by

Host: dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com
URL: https://dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 114ms
113ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311280101&jk=857575145445249&bg=!cHOlczzNAAY3kmNgF5I7ADQBe5WfOG7QC9aHqBwLJa0AJNhkErcBktKYdgRD4xIKtwysXPE76vUSrudHjXWnNxYzAuFaAgAAAEJSAAAAAmgBBwoAXsKlzcxDJ0K_2dsDsR5PbbcnEnMFbmtpUy7LRivcMgg79sNm2Osg8s91Y3l6peXG4PCidQ8SOLo4paFbEhlgsc_aqcL76l8dq2Xw3q7xQfyZh_ia2gsEE2fzD1pU8TCZAsBSpTH18pcTSbrSn57amEQwwyWVeWvEk5sEZhzWCB7_EZoMN6mjmkWU3F_4Rs9Op1ePFXuO5NyphZL5UTFJHe2topIXpDrW_7tNYcVmplHVW9t82iDbQzhxCg1jMgCHOuMm-bdfPNXvw8t_BSkwlr8Vei0sSlo60EjhqvrfdNlwInXceWH-q7Fqth4s1N0INq13H1N20oE__B1X9Zs0QCoXMzgJMYM27PIbhTPnlRAzkz9tjUxo7an_3oVdmVqsff52L7XdykyhxenEBV180TgriQCo-7uoOIkhNVTWl3Hkneq84fxJMrTnFGwrBKPyxmbzgNMpMVBYBqvUdgAkSZIRKhaPxyvw6Hy3pSYxOmwNZhxAKaE-7t9NI5eC420Q8TgW3HJkZCFJ-wtpuLjU_o4oLfU13toQKq_miq4V6U0O403T4N7o7IhwqYkCjCmGwolIj0P8HtJSNLr-nXEcABBtMfMjGJjfCEiYWhm2ybSIuXqzYWrUjiDgSnIHIO5fLNj9XwM732sQ6a4Dd_O878gYuDRfLs4ESqbJ2TVDp8POS6CJKSRCDON5eGjvAX324EW4PqrK11eILK2Vz4_sBN1fnAlgNHZAHlyatBhLPvz9yp5s5lVJ9KPbwaTk-HLZ8Yoj5rTrXdFeB5EGf2Zl9ntBYxCgkzkSriw0SqXMK0fjFgMVMG1D6EoGJFf7498GGYxUfJa1gLncqXN7Er4fjrirCpw2afQJDg_rBbtt3KF3xnC3hB1-wSMFezAQ1Q4Fmyc6WblsQG6R21Tg7D2BvjnBGcR3i1hnAS0tfVi2ZW8gLt6XdXV6GX14a9ROimcnHHSN9NO349xwoBrAs5ueQiXJHWeL4nGhRVCZ_atyyNi28bwt1kR0e3-uWi1Jq1wgOiV_MiQTleJiBXAqf0k-2-jyBHvPfN91MF09iWs9EVVToA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tr.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame 8443
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1854208/76774455/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1014933263&ias_pubId=pub-5512390705137507&ias_chanId=1&ias_placementId=20808097378&bi...
https://static.adsafeprotected.com/skeleton.js?bundleId=${BUNDLE_ID}&ias_xappb=

17 B
465 B

42ms
42ms

Script
application/javascript

2600:9000:2304:1e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js?bundleId=${BUNDLE_ID}&ias_xappb=
Requested by: Host: dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com
URL: https://dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2600:9000:2304:1e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 01:45:55 GMT
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via: 1.1 429f4d0dffb8bf0b68cf2d9d500542f8.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-P1
age: 12585324
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: ZtvZjexClOlbT2_FbRWJHbjFGB_93CuL1-DkcB1ReGc26s0QQnLuiQ==

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:18 GMT
server: nginx
x-server-name: app08.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js?bundleId=${BUNDLE_ID}&ias_xappb=
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 4B79 91 KB
92 KB 47ms
47ms Script
application/javascript 2600:9000:2304:1e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com
URL: https://dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:1e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 01:38:18 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
via: 1.1 429f4d0dffb8bf0b68cf2d9d500542f8.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-P1
age: 23212980
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 93606
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: "1f3488247c90bb5de253d3d0cb3b7458"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: QtUJO5EIXUtEpFGKdFn94Bm8a_XXY5vF2osUbjZikaHGVbsK9fS4_Q==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 8443 43 B
216 B 582ms
192ms Image
image/gif 2600:1f13:800:7782:a96c:a327:c5b:2536
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1854208&asId=67e4a3fc-8be4-4fa8-b0c0-e36ab478591d&tv=%7Bc:vFmmSu,pingTime:-3,time:301,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:288%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:301,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:288,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B22~0%5D,as:%5B22~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tXiXJgx+11%7C12%7C13%7C14*.1854208-76774455%7C141%7C142%7C143%7C15%7C1611%7C1612%7C17,idMap:14*,rmeas:1,rend:0,renddet:DIV,siq:289%7D&br=c
Requested by: Host: dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com
URL: https://dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:a96c:a327:c5b:2536 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:19 GMT
server: nginx
x-server-name: dt08.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 8443 43 B
215 B 585ms
196ms Image
image/gif 2600:1f13:800:7782:a96c:a327:c5b:2536
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1854208&asId=67e4a3fc-8be4-4fa8-b0c0-e36ab478591d&tv=%7Bc:vFmmSu,pingTime:-6,time:301,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:301,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:288,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B22~0%5D,as:%5B22~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tXiXJgx+11%7C12%7C13%7C14*.1854208-76774455%7C141%7C142%7C143%7C15%7C1611%7C1612%7C17,idMap:14*,rmeas:1,rend:0,renddet:DIV,siq:289%7D&tpiLookup=ao:tr.projectunderstood.com*&br=c
Requested by: Host: dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com
URL: https://dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:a96c:a327:c5b:2536 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:19 GMT
server: nginx
x-server-name: dt06.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 8443 43 B
215 B 587ms
207ms Image
image/gif 2600:1f13:800:7782:a96c:a327:c5b:2536
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1854208&asId=67e4a3fc-8be4-4fa8-b0c0-e36ab478591d&tv=%7Bc:vFmmSE,pingTime:-2,time:311,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:879,beZ:880,mfA:1156,cmA:1157,inA:1157,inZ:1159,prA:1159,prZ:1164,si:1167,poA:1168,poZ:1177,cmZ:1177,mfZ:1177,loA:1180,loZ:1181,ltA:1190,ltZ:1190,mdA:880,mdZ:1133%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:970.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:288%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:311,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:288,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B32~0%5D,as:%5B32~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tXiXJgx+11%7C12%7C13%7C14*.1854208-76774455%7C141%7C142%7C143%7C15%7C1611%7C1612%7C17,idMap:14*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:DIV,siq:289,sinceFw:22,readyFired:true%7D&br=c
Requested by: Host: dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com
URL: https://dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:a96c:a327:c5b:2536 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:19 GMT
server: nginx
x-server-name: dt04.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 DcmEnabler_01_250.js Show response
s0.2mdn.net/879366/ Frame 2FD3 32 KB
11 KB 76ms
76ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9009933704752229913/SAMSUNG_LED_TV_970x250/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9009933704752229913/SAMSUNG_LED_TV_970x250/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:05:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2120
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11558
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 03 Dec 2023 17:05:58 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8443 0
0 97ms
96ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstwj4_47O-1gWBS_WHTC4KJLVH1BQtlrtvzSvBIkuR2jFqOEEb3yAX4AXm9w-X11pPiB55U-rkvedRmLC8F9WpYgC2Y9Hp6RWg9guFVNw174vfqclqLni1AaxgZB2LHPenBINj1L3kDkbC7KE7QcvS1SZZ4NQb9dV-ERnxGmNc3dX0Y0IP3v4zTDabQLfup3sS4LVTgQoNelXMQZx8hx-ulvi1rI-x47ATECBlNJzP7p4KwSv059x1GRvroXdEb4xCzHqcC9hiPFshgO-T4nBlVVB8V-0m4msFVzS5NPstQWwvw-hPXoh9-NnNzJSGT-2QV4po3awauLcDIGGxtHkNG_6GJNIXZzs-vPdgjeuNPsLdVsyLfz38FGAsjjZrJFrC4yMHPCv_jot0LLeC51CvWoVKemPRXBy8pwlwI_2yo66gjPKPAI79CfNiRlth_Sf8A6jNZZwhkMc3TaP63Ve3-Nf_3l1KG2NQx9n-TbbWikraugSZS2p7Ul26NKxsskIv4xBFAt1agTgqHWJmYc9hlRmdNsFbpOsfbxGWfOh8jhNkQOK9He5bZzyXvsvcglSV5fmy4ZP7rBOhy0AdpPm-bn6Ox-DD8KSryalG0eFsbUJghxqsdC2u4WuPpvB2HvRzRMqHBbxQt93u3MvRysrzwcBnG0w-GJ2U7WHQoiY8X0vDx1qrvwhWhvFVtRKejWUKL29mMGnTIZ98_ukWG3in6RI5ql-n0nJTMoYRausSpyM1fa2uj0lJc8DmJ-ND3-IUxQ7IiU4En0lbD2n-y-03HL88YwS20abPfciQ3RY6T3SRKZnYrWLNU-Le_bMLLp2ujVZLEjy_ZaINSSuiiee65N5--v8uRSFMJg54jcI4XHB8QuP3S-0YPubRYMaHqU_Je8gYnSmZ_5mheY1GBLbucWGGNlh6B-qZ2tASnZTPVyM9EN31mmisXPhCz0-Mkm0gspZ75VQrV_wMYprqxkFrKpZ0W7RwR1javdUWET1yuoSX5LI6wT57bSzkRPI94Ok7x9y3hKSY5Q1pEC5NyrZ1f8_7Z_zMNnpUoi4K1ual5pvxh6Omb2ftNjoGFELcWWZ1oThrcSJVcUDicWS33omtVW4GJF-IS_UCDhgeSNno4Vszv_irZw4lCdqmqeBs-Un52_RTSCh4n5-61jQqu7u9ef5EsWRdC9i3F7YUjBzg7dnAfM1F8Plj80DnEozGnBNvC72OeARbpJjWecEIU1M5KgaYAd6cDV8sC5r5n0hT-jedgr95VTS6M58Nr3hYk78k4cimnGbNTwdyahNyHC6yWevtRe-f0wlZExKqzOvqlFwSVATxkOQbE5c-opmv_YfjOMbTzAxqZHmtraXy1PZrGpSJuOtqvqg3lmptTlRtOWLR_y11uMkbKT_wf7_jO-u7p1ooCzEk__V4Q-YFVGAXlXiRAEnSvcAIt20yM-ncUYZnCfRD8whEQa39yoeuLy58QGaQidUBqPxTB-4Y9qa4W3k6pFmFOeXNww-7s78l12SA0_MRul63hgvYJr6ZDvA&sai=AMfl-YRlEoVNj0UGhOJgX7rjcqhEpqTZ7_WZRK_c7FawFCegddYV0eQxJWq10l53DJtNU8MFvMIQhjpCsm8qfA9pwkmVKqVo0Ntl1HhyB0-1DRSKEFdO9IqBgsvnQAuugitIJO3lcVMel0hw3c1l6AXbLy905Bfz8EkJ-GBTgU3rgSrRAOJFHAZO3kwUkiU9FHTe5KdY9YrzN2UgsU3RkrY79NIW5daQ4LQpU2Lh7HlD2c56OEdih0AAJy_Cdd22GqVDRHTPZVr8c9-e3dlrvD6kiLvfeywQVQ4R1AP5X1itE_kOd7HGtiS0UReCXXcpSZQ&sig=Cg0ArKJSzBa9yTWP8UDWEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=729&vt=11&dtpt=356&dett=3&cstd=372&cisv=r20231129.85456&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: tr.projectunderstood.com
URL: https://tr.projectunderstood.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:41:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 MM_Logo.png
s0.2mdn.net/sadbundle/9009933704752229913/SAMSUNG_LED_TV_970x250/ Frame 2FD3 3 KB
3 KB 76ms
76ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9009933704752229913/SAMSUNG_LED_TV_970x250/MM_Logo.png

Requested by

Host: dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com
URL: https://dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56117de2cf08b5d0327cc94bf47e7a4fe556920874f080e5eb7b02cb234e3bdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9009933704752229913/SAMSUNG_LED_TV_970x250/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 09:27:22 GMT
x-content-type-options: nosniff
age: 461637
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2724
x-xss-protection: 0
last-modified: Fri, 24 Nov 2023 13:29:44 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 26 Nov 2024 09:27:22 GMT

GET
H3 200 SA_Logo.png
s0.2mdn.net/sadbundle/9009933704752229913/SAMSUNG_LED_TV_970x250/ Frame 2FD3 2 KB
2 KB 145ms
144ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9009933704752229913/SAMSUNG_LED_TV_970x250/SA_Logo.png

Requested by

Host: dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com
URL: https://dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

908f6906d3570603577f7e7cbd42273756c4cb6aac3c2b8cdfde852c9b80f4e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9009933704752229913/SAMSUNG_LED_TV_970x250/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 09:27:22 GMT
x-content-type-options: nosniff
age: 461637
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1972
x-xss-protection: 0
last-modified: Fri, 24 Nov 2023 13:29:44 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 26 Nov 2024 09:27:22 GMT

GET
H3 200 cta1.png
s0.2mdn.net/sadbundle/9009933704752229913/SAMSUNG_LED_TV_970x250/ Frame 2FD3 1 KB
1 KB 118ms
116ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9009933704752229913/SAMSUNG_LED_TV_970x250/cta1.png

Requested by

Host: dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com
URL: https://dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49b092f42f9ed5e7b25e9a5c5609686048d37e667faac9ada20f9147f0c8d911

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9009933704752229913/SAMSUNG_LED_TV_970x250/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 09:27:22 GMT
x-content-type-options: nosniff
age: 461637
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1375
x-xss-protection: 0
last-modified: Fri, 24 Nov 2023 13:29:44 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 26 Nov 2024 09:27:22 GMT

GET
H3 200 Prod1.png
s0.2mdn.net/sadbundle/9009933704752229913/SAMSUNG_LED_TV_970x250/ Frame 2FD3 28 KB
28 KB 90ms
88ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9009933704752229913/SAMSUNG_LED_TV_970x250/Prod1.png

Requested by

Host: dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com
URL: https://dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f515c2beba72b4755f00a586ebf9c2b5841f573b014634de932c708d4750637a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9009933704752229913/SAMSUNG_LED_TV_970x250/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 09:27:22 GMT
x-content-type-options: nosniff
age: 461637
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28762
x-xss-protection: 0
last-modified: Fri, 24 Nov 2023 13:29:44 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 26 Nov 2024 09:27:22 GMT

GET
H3 200 Preis1.png
s0.2mdn.net/sadbundle/9009933704752229913/SAMSUNG_LED_TV_970x250/ Frame 2FD3 3 KB
3 KB 82ms
81ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9009933704752229913/SAMSUNG_LED_TV_970x250/Preis1.png

Requested by

Host: dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com
URL: https://dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2771ac48a5ff1e4321e0d8b46d051407faa5286ce54c8182a98f83d0b3a64392

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9009933704752229913/SAMSUNG_LED_TV_970x250/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 09:27:22 GMT
x-content-type-options: nosniff
age: 461637
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3466
x-xss-protection: 0
last-modified: Fri, 24 Nov 2023 13:29:44 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 26 Nov 2024 09:27:22 GMT

GET
H3 200 Visual2.png
s0.2mdn.net/sadbundle/9009933704752229913/SAMSUNG_LED_TV_970x250/ Frame 2FD3 15 KB
15 KB 118ms
117ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9009933704752229913/SAMSUNG_LED_TV_970x250/Visual2.png

Requested by

Host: dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com
URL: https://dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

364e7d9579b7bacf0b896fc736b8df46151f5a58c5c3ef29316a0de760f534f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9009933704752229913/SAMSUNG_LED_TV_970x250/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 09:27:22 GMT
x-content-type-options: nosniff
age: 461637
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15248
x-xss-protection: 0
last-modified: Fri, 24 Nov 2023 13:29:44 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 26 Nov 2024 09:27:22 GMT

GET
H3 200 cta.png
s0.2mdn.net/sadbundle/9009933704752229913/SAMSUNG_LED_TV_970x250/ Frame 2FD3 1 KB
1 KB 80ms
79ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9009933704752229913/SAMSUNG_LED_TV_970x250/cta.png

Requested by

Host: dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com
URL: https://dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5cda435b0a19fc100b73f0d7db0df2008fd76ca1bd3ad1e6e131bde7a26fd873

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9009933704752229913/SAMSUNG_LED_TV_970x250/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 02:07:41 GMT
x-content-type-options: nosniff
age: 228818
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1265
x-xss-protection: 0
last-modified: Fri, 24 Nov 2023 13:29:44 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 29 Nov 2024 02:07:41 GMT

GET
H3 200 Visual1.png
s0.2mdn.net/sadbundle/9009933704752229913/SAMSUNG_LED_TV_970x250/ Frame 2FD3 2 KB
2 KB 177ms
176ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9009933704752229913/SAMSUNG_LED_TV_970x250/Visual1.png

Requested by

Host: dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com
URL: https://dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8bdff1f9c7de9c2b8941b2a6f97255f020d997f65635777212f0f84012ed44d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9009933704752229913/SAMSUNG_LED_TV_970x250/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 09:27:22 GMT
x-content-type-options: nosniff
age: 461637
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2470
x-xss-protection: 0
last-modified: Fri, 24 Nov 2023 13:29:44 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 26 Nov 2024 09:27:22 GMT

GET
H3 200 Visual.png
s0.2mdn.net/sadbundle/9009933704752229913/SAMSUNG_LED_TV_970x250/ Frame 2FD3 11 KB
11 KB 192ms
191ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9009933704752229913/SAMSUNG_LED_TV_970x250/Visual.png

Requested by

Host: dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com
URL: https://dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8673e6024b8c4c4c4c3e59ec5f58a99fda9c42942f2f08c5772cbe0d64ab26f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9009933704752229913/SAMSUNG_LED_TV_970x250/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 09:27:22 GMT
x-content-type-options: nosniff
age: 461637
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10877
x-xss-protection: 0
last-modified: Fri, 24 Nov 2023 13:29:44 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 26 Nov 2024 09:27:22 GMT

GET
H3 200 Bild.jpg
s0.2mdn.net/sadbundle/9009933704752229913/SAMSUNG_LED_TV_970x250/ Frame 2FD3 40 KB
40 KB 145ms
145ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9009933704752229913/SAMSUNG_LED_TV_970x250/Bild.jpg

Requested by

Host: dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com
URL: https://dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7c6f44e9902b0c50233f3f80d8fab2a49f14e3252551e943ed40e9fb368ef42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9009933704752229913/SAMSUNG_LED_TV_970x250/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:48:33 GMT
x-content-type-options: nosniff
age: 107566
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41096
x-xss-protection: 0
last-modified: Fri, 24 Nov 2023 13:29:44 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 30 Nov 2024 11:48:33 GMT

GET
H3 200 Gradient.png
s0.2mdn.net/sadbundle/9009933704752229913/SAMSUNG_LED_TV_970x250/ Frame 2FD3 9 KB
9 KB 181ms
180ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9009933704752229913/SAMSUNG_LED_TV_970x250/Gradient.png

Requested by

Host: dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com
URL: https://dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b80a97004f7accf1167f5fc09e36a10dfbd72228e78af954b201ec9681129ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9009933704752229913/SAMSUNG_LED_TV_970x250/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 09:27:22 GMT
x-content-type-options: nosniff
age: 461637
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8933
x-xss-protection: 0
last-modified: Fri, 24 Nov 2023 13:29:44 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 26 Nov 2024 09:27:22 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 8443 43 B
215 B 223ms
193ms Image
image/gif 2600:1f13:800:7782:a96c:a327:c5b:2536
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1854208&asId=67e4a3fc-8be4-4fa8-b0c0-e36ab478591d&tv=%7Bc:vFmmYh,pingTime:-10,time:660,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTkuMC42MDQ1LjE5OSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1701538879089%7C%7C9d828ff931d44fdde10fd7bd0f64c52a%7C%7C9d9fcb00733e98b40e93b73c4ea99695%7C%7Cf5e561f32624a858e2a4ab55020201af%7C%7C3221919da89c4bf2a44c5757146769e0%7C%7C9bacc1db89bebd395e655b2d64ba211c%7C%7C33ab817063e3ff9b5dac673b8088bc16%7C%7Cf99f003204b893264bf75f94a5fd867d%7C%7C1663701684%7D
Requested by: Host: dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com
URL: https://dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:a96c:a327:c5b:2536 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:19 GMT
server: nginx
x-server-name: dt16.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8443 42 B
174 B 114ms
114ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsutgr_MukTAUC0jmlynQP2VDSPBL1dRVTDYEv6NayeEramT7PPErImfuwFdLzSma2jITs0VRa4gmnEri6D_IsfSAZ6zjXkZb_ts-nxZjawgCOa-SBsUnRSK6_nRvw3aNNvFoznSrUl3mWZw&sai=AMfl-YQvpZhUbAM8bbfS9LjkKnj4wNGTx3n3nDZ8uPbvgGwHWLzhUabwRRnFUWxy5F8GxD1zJEQ0CTo4AoC9y0qKMMFQ6nBakl4e4NV-hdc9xY6z_WfxpHWoODw3K2KqjaLRxN814sopycEskLr5BrnxcBfrTUu5DSwnjRw&sig=Cg0ArKJSzMl3X2BqqsQFEAE&cid=CAQSTgDICaaND5f-MuL5EJbmRfF9-3Pu69VViNCbtGzRtUYObBk_97gUkQA5PKb7ZIq2YikgKT-dAaCq82ZwXIQYMJpxHpSENf5D-LcQeUvrRBgB&id=lidar2&mcvt=1000&p=219,315,469,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1025734935&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701538877550&rpt=710&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 5975 42 B
64 B 113ms
113ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuzR_vG8vH6q8jxVQtAt0NA3HQIUliCcmRQJDMO93YPhrdHOBCpH25i5Ky4eduzgtiJ-TPc7xFDqkOjv9Ijzl9GWr2xwYqL19ZcQNMAu2O2X0H5l2PtjdSDkKmVHzukM_-NCZjpf2L3ljRBaYwoy9_YBzntx9m5GbAiXk_dPL9IdqS8XvA096tEo9XQ2uls3wUs6kLdweT1fn8YHzILeoVLydNkoOQ58SSey82uUpW7UNUG5ypir_HRhgf36kSwLRJonIgdb8qkg89FQwLNCEibkwCMMn0DMkqlp8tmVar6vtPTUCqLUGUAOQ4hAZdibav4iI5nD96oOeihSiyGZ1MMwFK_Fklf8oLeK9yQy_vkK0hpgvyx7z-BnI2AKTBOkc14BTGjMzZbhqRDel1tGcNcLJm3HIvIl7q3Jfh1un_g8tVRaXqcS5nXI4hAKukzIXaLCqVAUsw4BMfGpRCFXv4CAEe2hC_fvZ8TD-Z7CN2xq7qprD8FsrdqIkYHFbg6wx2eeezuqMK14peDJ2Hl1jFbhn3cFmABvJ8UrhhnaGIwPS_7GgNnEBK_AuLZKCAIEZcNv6ZsMDHzeTNOhBkQ-ePbgc5SZD8tEebIAFG2xaOE5QsTXj6h3snhM287qc3CYQRI9baoY7-S1v5OteV57NwQTIcWijKwtgcfUOmErviBgtQObxvJ3J-wCg7gUrCrcY2j_Q2EykzAsDz5EcO7Hq-CvfRC1VcYbBJvJOjVBP2m0vHkmsjA5i75uUraJGvJpW3ruMuQ6foTEcLbDv1g9MNK_0fRMxKV4IpKND9L5PA9kTRhY01zsAySOpyVscNGoWXgAz6JbolF7N6b-hUdTjnmaIYnUOQ-_hZ-R7WWyvi4klHR_NYPFcpAQO3QZyEHd5tdrk7x-sXKMkes_wbRkb6gJRwn1Y6im11K_GnC-Cp3O2x2Q1gsQ9hs3fhmXu-gD2iOzTsyX5d_QsmFRNuRpmXVhhXFcmOlzdV4A5lcZLI5hhOReII9U5z0xUdCAPk_0CcBky4XLCwJuRovOiveD1VpfuvKkGCbOsR29EkWNbMR8cVPVgQ3WZejP31PBigdvmkqT5-2alNp69RdEto45eaoSS-YacSBp3UXuor07BWkyqObkQAJDre5pq3FezZAK83p90hEhqjyry8XJfp_FaAcWbbWjQjjbn7vcyTAj1h1lkT4bOvebXrXbqikn-hfMFhUopZPP3hAmUSY5npL6Xz1B0AwEq4kmwM8qc9ogCQkx8S9LCd5AQoJByTQtKag_c3zoRSn37RdUDGCWVjw8RMxKbnEGs1yEM04DEG4HG5MCFdMEsOKsJ2bEEIyR4GR-PxJjQeAdWuI_sdZ6creg-Cn_ZlvYEf7m6T6_jASxUKDuEgH7CTfu6B_XT3UarC4b5XnQJ2UcrhcXMPyleqCnz5WaCL7dQkPRxoOfZn0oTd7p77Sbr8MGwnmrWc0NEE-wvCI6M_1M4k14nOhSyjI&sai=AMfl-YQXlUpPHy1714Ec1KHrKrk2hs3CsiFgIoDwdB5Eg66rCbweOl7p2JdRjsvpQndOFdbjvMOwRP-Ivw2SiEieGqsCIKSvHLPHUGAGsPE26h2EbbkpkCszTJBuEh7OYj0Dw_UDawhiugAcRvxlc6H3rzNqE6UsUwLj9uxxHrfpNeIUflDpQxVQ&sig=Cg0ArKJSzHYYCS8nK8W8EAE&cid=CAQSTgDICaaN9XLMghsuAYpwzsvhJOhMeKCzHtNJfRcVrtDRuTgZDU95kMyCdO42dwtO2OiAAX9Mk51cFzxKFCh6GSBggCRodRDJKHElVXGKohgB&id=ampim&o=315,1100&d=970,100&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=435&tls=1435&g=100&h=100&tt=1436&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tr.projectunderstood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 8443 43 B
215 B 192ms
192ms Image
image/gif 2600:1f13:800:7782:a96c:a327:c5b:2536
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1854208&asId=67e4a3fc-8be4-4fa8-b0c0-e36ab478591d&tv=%7Bc:vFmn94,time:1329,type:e,im:%7Bpci:%7Btdr:1003%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:24,o:1305,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:288,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1026~0,0~100%5D,as:%5B1026~970.250%5D%7D%7D,%7Bsl:i,t:1305,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B24~100%5D,as:%5B24~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:589,fm:tXiXJgx+11%7C12%7C13%7C14*.1854208-76774455%7C141%7C142%7C143%7C15%7C1611%7C1612%7C17,idMap:14*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:289,sis:420%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:a96c:a327:c5b:2536 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:19 GMT
server: nginx
x-server-name: dt24.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8443 0
20 B 109ms
109ms Ping
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1745145623244&version=m202309260101&ct=76&x=1&cor=17905860717562140000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 8443 43 B
215 B 194ms
194ms Image
image/gif 2600:1f13:800:7782:a96c:a327:c5b:2536
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1854208&asId=67e4a3fc-8be4-4fa8-b0c0-e36ab478591d&tv=%7Bc:vFmnoO,pingTime:1,time:2305,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:288%7D,%7Bpiv:100,vs:i,r:,t:1305%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1000,o:1305,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:288,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1026~0,0~100%5D,as:%5B1026~970.250%5D%7D%7D,%7Bsl:i,t:1305,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1000~100%5D,as:%5B1000~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:194,fm:tXiXJgx+11%7C12%7C13%7C14*.1854208-76774455%7C141%7C142%7C143%7C15%7C1611%7C1612%7C17,idMap:14*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:289,sis:420%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:a96c:a327:c5b:2536 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:20 GMT
server: nginx
x-server-name: dt04.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 8443 43 B
215 B 193ms
193ms Image
image/gif 2600:1f13:800:7782:a96c:a327:c5b:2536
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1854208&asId=67e4a3fc-8be4-4fa8-b0c0-e36ab478591d&tv=%7Bc:vFmnoP,pingTime:1,time:2306,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:288%7D,%7Bpiv:100,vs:i,r:,t:1305%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1001,o:1305,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:288,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1026~0,0~100%5D,as:%5B1026~970.250%5D%7D%7D,%7Bsl:i,t:1305,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:194,fm:tXiXJgx+11%7C12%7C13%7C14*.1854208-76774455%7C141%7C142%7C143%7C15%7C1611%7C1612%7C17,idMap:14*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:289,sis:420%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:a96c:a327:c5b:2536 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:41:20 GMT
server: nginx
x-server-name: dt08.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

Verdicts & Comments Add Verdict or Comment

157 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ds1.biz/	1970-01-20 17:22:10	Name: uuid Value: b236ca7a-7ba5-4c16-ada3-a0c109d2421c
.yadro.ru/	1970-01-21 01:23:20	Name: FTID Value: 1bQsmy1dNy8h1bQsmy003Tip
tr.projectunderstood.com/	1970-01-20 17:22:10	Name: _pbjs_userid_consent_data Value: 6683316680106290
.projectunderstood.com/	1970-01-21 01:24:34	Name: _sharedID Value: cae2bf10-d390-4979-a28a-57e0a46a4c5d
.yadro.ru/	1970-01-21 01:23:20	Name: VID Value: 0HoqKa1Lhb8h1bQsmy0038gW
.projectunderstood.com/	1970-01-20 16:38:58	Name: lotame_domain_check Value: projectunderstood.com
.criteo.com/	1970-01-21 02:00:34	Name: uid Value: 194f0dfb-f227-4498-93e1-8a83b444e029
.criteo.com/	1970-01-21 02:00:34	Name: receive-cookie-deprecation Value: 1
.projectunderstood.com/	1970-01-21 02:00:34	Name: cto_bundle Value: Bkc-UV94eHRlelY0NmRrUkFNVEQlMkJyRnVYSlNCaFYlMkZPUzdwM1VzNXVyUmZiSWFUVnhmdEJTSnlyVVQ4SUc1ZXJBcmM0WjJwVW9PNVB1aiUyRnByd2k2JTJCTVoxc3RDTGVwMERPWG85aG5wVWlEZ1A4d2NEVCUyQk9hZlpwNmRaR2o1QkhPRHZIaG9XeE41bmpBJTJGTlZhY0ZWbng3N2FTY0RTelJueFBScXk1TWFpYkhTczFBeWclM0Q
.openx.net/	1970-01-21 01:24:34	Name: i Value: 8139c760-aaa3-42a9-b149-ae6269df5218\|1701538877
.doubleclick.net/	1970-01-21 02:00:34	Name: IDE Value: AHWqTUnqH6Wenk250YOcFsXpkQTKtaavSapSPFMnWDRuRqvQGVGVPUSeRnlwXw7D
.doubleclick.net/	1970-01-20 16:38:59	Name: test_cookie Value: CheckForPermission
.casalemedia.com/	1970-01-21 01:24:34	Name: CMID Value: ZWtsPZ3to2PWzmkKGuUQcwAA
.casalemedia.com/	1970-01-20 18:48:34	Name: CMPS Value: 1158
.casalemedia.com/	1970-01-20 18:48:34	Name: CMPRO Value: 1158
.adnxs.com/	1970-01-20 18:48:34	Name: uuid2 Value: 2188003121433597327
.doubleclick.net/	1970-01-20 20:58:10	Name: APC Value: AfxxVi7jWsHSInOOZvhewwsGcXOk2VGh2iLOX1kM65x0lwOUHDF-Qw
.adnxs.com/	1970-01-20 18:48:34	Name: anj Value: dTM7k!M41.D>6NRF']wIg2IlddxQ8'!]tbPl1M>e)ZlrFUfJ+tGXxo<QJl6qX7uu6Fo''>C[-m9Iddts[80.iGOMn93If)y3KL9D3I?+qOKTf5
.projectunderstood.com/	1970-01-21 02:00:34	Name: __gads Value: ID=24a749d12fa327b0:T=1701538877:RT=1701538877:S=ALNI_MYqGGI782Hjxw7iohUvMzfDc7Ea1g
.projectunderstood.com/	1970-01-21 02:00:34	Name: __gpi Value: UID=00000d019fd3e444:T=1701538877:RT=1701538877:S=ALNI_MYhSXjy5Lo_JdJRhTbXSg6qD82-kQ
.doubleclick.net/	1970-01-20 16:39:02	Name: DSID Value: NO_DATA
.bluekai.com/	1970-01-20 20:58:10	Name: bkdc Value: phx
.bluekai.com/	1970-01-20 20:58:10	Name: bkpa Value: KJyN0AWvQY9xxBcENBqHSDyU63SnH9ABoWQB7qXyVdfcPh5nPOT+tK7QhOvQnp+7Y4smVE3zmjDZYt2FV6/B7o3+NHeXS/ezMt5P9hR66S9qkI2NOZO96Q2iO0Ez
.bluekai.com/	1970-01-20 20:58:10	Name: bku Value: ts6O9e8LStVMJR1+

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bcp.crwdcntrl.net
cdn.ampproject.org
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.optad360.net
cdn.prod.uidapi.com
cm.g.doubleclick.net
counter.yadro.ru
dbd7af56879dbc005a72c819dabf9d5e.safeframe.googlesyndication.com
ds1.biz
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
get.optad360.io
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
invstatic101.creativecdn.com
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
projectunderstood.com
s0.2mdn.net
securepubads.g.doubleclick.net
static.adsafeprotected.com
static.criteo.net
tags.bluekai.com
tags.crwdcntrl.net
tpc.googlesyndication.com
tps.doubleverify.com
tr.projectunderstood.com
www.google.com
www.googletagservices.com
www.gstatic.com
104.18.36.155
130.211.44.5
142.250.186.162
142.250.186.66
162.19.138.116
18.239.18.33
185.89.210.244
2600:1f13:800:7782:a96c:a327:c5b:2536
2600:9000:206f:2600:f:a31d:75c0:93a1
2600:9000:225e:3000:11:a4de:2580:93a1
2600:9000:2304:1e00:8:48e:53c0:93a1
2600:9000:2447:ec00:a:e047:753:a221
2606:4700:10::ac43:266a
2606:4700:3031::6815:3e65
2606:4700:3034::ac43:ded3
2606:4700:3037::6815:55ef
2606:4700::6810:5514
2a00:1450:4001:800::2002
2a00:1450:4001:808::2006
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2001
2a00:1450:4001:812::2002
2a00:1450:4001:81c::2001
2a00:1450:4001:81c::2002
2a00:1450:4001:81c::2004
2a00:1450:4001:830::2003
2a00:1450:4001:831::200a
2a02:2638:3::3
2a02:2638:3::c
34.102.146.192
34.120.135.53
34.96.70.87
35.244.159.8
54.170.64.73
54.76.149.61
69.192.160.219
88.212.202.52
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b80a97004f7accf1167f5fc09e36a10dfbd72228e78af954b201ec9681129ac
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c134dba842b45b5f70eb86f2504bec4beb54b274ce6073e3be3c815b011ede0
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
1245c1a072bf0abcdebec57d0cbcd07268ebbfb0f67a0a30d8221a786c0537cb
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1e5a886321d0e00c13f7abff03ca39fd782f42997fd34bcbf4fc93718f3670cc
23b1762b8a6a1845e8915181a994255ef2259eec624e034a8dcd6adb8816603a
2771ac48a5ff1e4321e0d8b46d051407faa5286ce54c8182a98f83d0b3a64392
28e9420a6d03a70b837b51c9fbe1bb1f819a3d4aa71bffa07f7c3e79d7dcf878
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
35849b3fb57c3205f49d0df25bafb135d043de21bcfab81124e9d82009da0000
364e7d9579b7bacf0b896fc736b8df46151f5a58c5c3ef29316a0de760f534f1
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
3993aaef1fdc1440f898301200ff8d31490dd08f03fe787513c62d9da5e034df
3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43c9555701d17579571d962cfee37868f4769995820a96abf451623b0528c92c
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
49b092f42f9ed5e7b25e9a5c5609686048d37e667faac9ada20f9147f0c8d911
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
529d5a06e1e90ceadfad7e6c2eaed6e9b868a35798345d5431c90f6024f15b55
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
558073f842416b7972ae28b7fd616036d5c24f917c599de7673ca8efbffb9183
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56117de2cf08b5d0327cc94bf47e7a4fe556920874f080e5eb7b02cb234e3bdd
5a787d539cf38c44227edae3b32f9baffcccf721d2ada015b732e11bac0db170
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5cda435b0a19fc100b73f0d7db0df2008fd76ca1bd3ad1e6e131bde7a26fd873
5d60c053b0001fc62bddd8d273be2d45bd62085f6179c57e1d2ae8fc6be54819
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
701e831e9e856519e112910b628f6809744d42231df3db400d6f852c96df7c51
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
736da40e5af0afa88239975c23564bbf0b9ae596240190ec05e7c82b3953f6f4
7e071e5b39d13cef80f7a46d854de133fd73c15d1351ebcf7e1f1b48821e7aeb
8246163d437186835f2f43c99a5285b1dcda302dae29bca1c038028bcc25f52c
8c600955bda18251f148c00a5f5e5277e6348c48310b95fda5a46d714cd81886
8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e
908653e565065624258af55804140c34816635950acf4fd4d4b640701ff774dc
908f6906d3570603577f7e7cbd42273756c4cb6aac3c2b8cdfde852c9b80f4e4
94f2f09efe1f39eb579729aad1ef06f35cdc4376c9c3ce45316fc735c4ad2e05
953931d9ee3cb8318ba361a299c4646860d87be959540d9918947df8a272dfc7
96d17e14de35a5fbb25b8f57a78582500d70b8c700026a17a12a920163568bb4
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
9dc9c082b165d273cce21481b4bab4db160c5c58093138cf997fd301e161bd91
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ae2b3292ce4d22938259dd7e2d411ef3e498276837fbcc0475af40237b608f1f
af28e1fa0b7aabfa4a23153610823a18f340847984b430a7aec34e7bc96176b6
af2b59089300d371d58015a7e2fcc2cd71251a6f8df7dcc6b2039d9c7a93c7a2
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783
ba462692b44ec826922965ea262e87e2fa936c82383982380b10b898444cf90f
bbbf189ee0fd46edc91bdc96aeac86c78c35c8d497ecd9a786ef318ccb62e985
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
c3a57ce4f8d9c8aa6783e3ccf19c9b1a0a4a486630a725009084c1223419cabb
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
c72e519279e29b3811f910204dd1c7755411ff3c6e145f1cec2fd1be22a19a20
cfc3639783b53cb6fac8067a01bef53d2f1d98eb83089c2ef7f1805a8a360521
d04a8585ca1c9cbff59e413fe76da6b8dcf3c567cbc68ec436b852d7f1694df1
d050c56b76cb2dae10e3eadd8e8f5e83594db0916d25946bec2f662f69dd776d
d8673e6024b8c4c4c4c3e59ec5f58a99fda9c42942f2f08c5772cbe0d64ab26f
d8bdff1f9c7de9c2b8941b2a6f97255f020d997f65635777212f0f84012ed44d
e27d69f624b261e7a58aa22495e406ccd13705f25161affd1d875ca7531e2ee4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e548abcd8734bfcf8b4ebbbca1af98f9e8ae1e0ff884c0971f29498a4fc108f4
e6a1d72ce09ab03a2e8085c37683f627e0242d1549f5c413730edd75486a85e3
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ee4faf9ebab090bf9695dfdc3bac6c59a2d78a57fcc66745ebb2d06e8b2b9fbc
ee5d738d637e6ae6e5f7683fa41aadc91e1b9ff9e722d474f2192c66dc955925
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4887cda91a3ccd88b86a3ab02dd1dbefa8afc03b08280c4b8ad770f7a8051a0
f515c2beba72b4755f00a586ebf9c2b5841f573b014634de932c708d4750637a
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7c6f44e9902b0c50233f3f80d8fab2a49f14e3252551e943ed40e9fb368ef42
fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1

tr.projectunderstood.com Open in urlscan Pro 2606:4700:3034::ac43:ded3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

128 Requests

94 %HTTPS

62 %IPv6

27 Domains

40 Subdomains

40 IPs

6 Countries

1638 kBTransfer

4479 kBSize

24 Cookies

43 Outgoing links

Page URL History

Redirected requests

128 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

tr.projectunderstood.com Open in urlscan Pro
2606:4700:3034::ac43:ded3 Public Scan

Screenshot
Live screenshot

Full Image

128
Requests

94 %
HTTPS

62 %
IPv6

27
Domains

40
Subdomains

40
IPs

6
Countries

1638 kB
Transfer

4479 kB
Size

24
Cookies

128 HTTP transactions
3 data transactions