mysteriousuniverse.org Open in urlscan Pro
172.67.67.46 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://mysteriousuniverse.org/
Effective URL:
https://mysteriousuniverse.org/
Submission: On February 16 via manual (February 16th 2021, 11:54:51 am UTC) from NZ

Summary HTTP 210 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 40 IPs in 8 countries across 35 domains to perform 210 HTTP transactions. The main IP is 172.67.67.46, located in United States and belongs to CLOUDFLARENET, US. The main domain is mysteriousuniverse.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 1st 2020. Valid for: a year.

This is the only time mysteriousuniverse.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 50	172.67.67.46 172.67.67.46	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2606:2800:133... 2606:2800:133:206e:1315:22a5:2006:24fd	15133 (EDGECAST) (EDGECAST)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
3	152.195.132.161 152.195.132.161	15133 (EDGECAST) (EDGECAST)
5	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1 3	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	65.9.95.127 65.9.95.127	16509 (AMAZON-02) (AMAZON-02)
2	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	37.252.173.27 37.252.173.27	29990 (ASN-APPNEX) (ASN-APPNEX)
4	68.71.249.118 68.71.249.118	20093 (ZEROLAG) (ZEROLAG)
6	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	23.37.38.181 23.37.38.181	16625 (AKAMAI-AS) (AKAMAI-AS)
1	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.162.133.150 178.162.133.150	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
7	34.200.78.134 34.200.78.134	14618 (AMAZON-AES) (AMAZON-AES)
10	3.123.191.65 3.123.191.65	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c1b::9b	15169 (GOOGLE) (GOOGLE)
1	199.232.196.134 199.232.196.134	54113 (FASTLY) (FASTLY)
8	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
2 14	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
29	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
3 4	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
2	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a00:1450:400... 2a00:1450:4001:80e::2006	15169 (GOOGLE) (GOOGLE)
1	151.101.13.108 151.101.13.108	54113 (FASTLY) (FASTLY)
2 11	23.218.208.246 23.218.208.246	16625 (AKAMAI-AS) (AKAMAI-AS)
1	67.202.110.21 67.202.110.21	32748 (STEADFAST) (STEADFAST)
1	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2 2	37.252.173.22 37.252.173.22	29990 (ASN-APPNEX) (ASN-APPNEX)
3 3	213.19.147.151 213.19.147.151	3356 (LEVEL3) (LEVEL3)
2 4	54.74.225.211 54.74.225.211	16509 (AMAZON-02) (AMAZON-02)
1	193.122.130.38 193.122.130.38	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
3 3	185.64.189.216 185.64.189.216	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 3	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1 1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	185.64.189.114 185.64.189.114	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	185.29.135.227 185.29.135.227	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 2	2620:116:800d... 2620:116:800d:21:8c6e:cf2c:8d6:9fb5	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.6.246 37.157.6.246	198622 (ADFORM) (ADFORM)
1 2	52.46.130.13 52.46.130.13	16509 (AMAZON-02) (AMAZON-02)
1 1	159.253.128.183 159.253.128.183	36351 (SOFTLAYER) (SOFTLAYER)
1 1	66.155.71.25 66.155.71.25	13768 (COGECO-PEER1) (COGECO-PEER1)
2 2	151.101.14.49 151.101.14.49	54113 (FASTLY) (FASTLY)
210	40

50 172.67.67.46 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

mysteriousuniverse.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)

adncdnend.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 152.195.132.161 (United States)

ASN15133 (EDGECAST, US)

revboostprocdnadsprod.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.9.95.127 (United States)

ASN16509 (AMAZON-02, US)

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.173.27 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 68.71.249.118 (United States)

ASN20093 (ZEROLAG, US)

udmserve.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

adnimation-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.37.38.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-38-181.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.150 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com

apex.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.200.78.134 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-78-134.compute-1.amazonaws.com

ssc.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 3.123.191.65 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-191-65.eu-central-1.compute.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1b::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.196.134 (United States)

ASN54113 (FASTLY, US)

mysteriousuniverse.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

adservice.google.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

7928b0d059175ec011f162638637c54a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.13.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 23.218.208.246 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-246.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.110.21 (United States)

ASN32748 (STEADFAST, US)
PTR: ip21.67-202-110.static.steadfastdns.net

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.149 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.173.22 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.151 (United Kingdom) 3 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.74.225.211 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-74-225-211.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.122.130.38 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)

sync.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.189.216 (United Kingdom) 3 redirects

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.194 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.114 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.135.227 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.246 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.130.13 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.253.128.183 (Amsterdam, Netherlands) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: b7.80.fd9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.25 (Portsmouth, United Kingdom) 1 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.14.49 (Frankfurt am Main, Germany) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
50	mysteriousuniverse.org 1 redirects mysteriousuniverse.org	2 MB
37	googlesyndication.com pagead2.googlesyndication.com 7928b0d059175ec011f162638637c54a.safeframe.googlesyndication.com tpc.googlesyndication.com	495 KB
21	doubleclick.net 4 redirects stats.g.doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net static.doubleclick.net cm.g.doubleclick.net	447 KB
20	ampproject.org cdn.ampproject.org	388 KB
10	sharethrough.com btlr.sharethrough.com	1 KB
10	casalemedia.com 2 redirects htlb.casalemedia.com ssum-sec.casalemedia.com dsum-sec.casalemedia.com	11 KB
8	33across.com ssc.33across.com ssc-cms.33across.com	4 KB
7	adnxs.com 2 redirects ib.adnxs.com acdn.adnxs.com secure.adnxs.com	22 KB
6	google.com 3 redirects adservice.google.com www.google.com	1 KB
6	openx.net adnimation-d.openx.net eu-u.openx.net us-u.openx.net	2 KB
6	criteo.com 1 redirects gum.criteo.com mug.criteo.com bidder.criteo.com	2 KB
5	pubmatic.com 5 redirects image8.pubmatic.com image2.pubmatic.com image4.pubmatic.com	3 KB
5	amazon-adsystem.com 1 redirects c.amazon-adsystem.com s.amazon-adsystem.com	35 KB
5	gstatic.com fonts.gstatic.com	63 KB
4	adsrvr.org 2 redirects match.adsrvr.org	1 KB
4	udmserve.net udmserve.net	4 KB
4	azureedge.net adncdnend.azureedge.net revboostprocdnadsprod.azureedge.net	93 KB
3	googletagservices.com www.googletagservices.com	80 KB
3	googleapis.com fonts.googleapis.com	2 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net	623 B
2	adform.net 2 redirects c1.adform.net	637 B
2	quantserve.com 2 redirects pixel.quantserve.com	910 B
2	1rx.io 2 redirects sync.1rx.io	1 KB
2	indexww.com js-sec.indexww.com	2 KB
2	criteo.net static.criteo.net	51 KB
2	sonobi.com apex.go.sonobi.com sync.go.sonobi.com	1 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	cloudflare.com cdnjs.cloudflare.com	389 KB
1	sitescout.com 1 redirects pixel-sync.sitescout.com	299 B
1	simpli.fi 1 redirects um.simpli.fi	624 B
1	mathtag.com 1 redirects sync.mathtag.com	598 B
1	technoratimedia.com sync.technoratimedia.com	299 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	585 B
1	google.be adservice.google.be	803 B
1	disqus.com mysteriousuniverse.disqus.com	2 KB
210	35

	Domain	Requested by
50	mysteriousuniverse.org	1 redirects mysteriousuniverse.org
29	tpc.googlesyndication.com	mysteriousuniverse.org 7928b0d059175ec011f162638637c54a.safeframe.googlesyndication.com cdn.ampproject.org
20	cdn.ampproject.org	securepubads.g.doubleclick.net
10	btlr.sharethrough.com	adncdnend.azureedge.net
8	securepubads.g.doubleclick.net	adncdnend.azureedge.net mysteriousuniverse.org securepubads.g.doubleclick.net
7	ssc.33across.com	adncdnend.azureedge.net
6	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
6	pagead2.googlesyndication.com	mysteriousuniverse.org securepubads.g.doubleclick.net tpc.googlesyndication.com
5	cm.g.doubleclick.net	4 redirects eu-u.openx.net
5	www.google.com	3 redirects mysteriousuniverse.org 7928b0d059175ec011f162638637c54a.safeframe.googlesyndication.com
5	fonts.gstatic.com	fonts.googleapis.com
4	match.adsrvr.org	2 redirects eu-u.openx.net ssum-sec.casalemedia.com
4	googleads.g.doubleclick.net	mysteriousuniverse.org 7928b0d059175ec011f162638637c54a.safeframe.googlesyndication.com
4	udmserve.net	adncdnend.azureedge.net
4	ib.adnxs.com	adncdnend.azureedge.net acdn.adnxs.com
3	ssum-sec.casalemedia.com	1 redirects js-sec.indexww.com ssum-sec.casalemedia.com
3	image8.pubmatic.com	3 redirects
3	eu-u.openx.net	adncdnend.azureedge.net eu-u.openx.net
3	static.doubleclick.net	7928b0d059175ec011f162638637c54a.safeframe.googlesyndication.com
3	www.googletagservices.com	revboostprocdnadsprod.azureedge.net securepubads.g.doubleclick.net 7928b0d059175ec011f162638637c54a.safeframe.googlesyndication.com
3	c.amazon-adsystem.com	adncdnend.azureedge.net c.amazon-adsystem.com
3	gum.criteo.com	1 redirects mysteriousuniverse.org
3	revboostprocdnadsprod.azureedge.net	mysteriousuniverse.org revboostprocdnadsprod.azureedge.net
3	fonts.googleapis.com	mysteriousuniverse.org securepubads.g.doubleclick.net
2	sync-tm.everesttech.net	2 redirects
2	s.amazon-adsystem.com	1 redirects ssum-sec.casalemedia.com
2	c1.adform.net	2 redirects
2	us-u.openx.net	eu-u.openx.net
2	pixel.quantserve.com	2 redirects
2	sync.1rx.io	2 redirects
2	secure.adnxs.com	2 redirects
2	js-sec.indexww.com	adncdnend.azureedge.net ssum-sec.casalemedia.com
2	static.criteo.net	adncdnend.azureedge.net static.criteo.net
2	7928b0d059175ec011f162638637c54a.safeframe.googlesyndication.com	mysteriousuniverse.org
2	mug.criteo.com	mysteriousuniverse.org
2	www.google-analytics.com	mysteriousuniverse.org www.google-analytics.com
2	cdnjs.cloudflare.com	mysteriousuniverse.org
1	pixel-sync.sitescout.com	1 redirects
1	um.simpli.fi	1 redirects
1	sync.mathtag.com	1 redirects
1	image4.pubmatic.com	1 redirects
1	image2.pubmatic.com	1 redirects
1	sync.technoratimedia.com
1	sync.targeting.unrulymedia.com	1 redirects
1	sync.go.sonobi.com
1	ssc-cms.33across.com	adncdnend.azureedge.net
1	acdn.adnxs.com	adncdnend.azureedge.net
1	adservice.google.com	mysteriousuniverse.org
1	adservice.google.be	mysteriousuniverse.org
1	mysteriousuniverse.disqus.com	mysteriousuniverse.org
1	stats.g.doubleclick.net	www.google-analytics.com
1	apex.go.sonobi.com	adncdnend.azureedge.net
1	bidder.criteo.com	adncdnend.azureedge.net
1	htlb.casalemedia.com	adncdnend.azureedge.net
1	adnimation-d.openx.net	adncdnend.azureedge.net
1	adncdnend.azureedge.net	mysteriousuniverse.org
210	56

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
mysterious-universe.myshopify.com
store.mysteriousuniverse.org

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-01` - `2021-08-01`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2020-11-16` - `2021-11-10`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
sa348gl.wpc.edgecastcdn.net DigiCert SHA2 Secure Server CA	`2020-04-17` - `2022-05-11`	2 years	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2020-08-04` - `2021-08-02`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-01-30` - `2021-04-28`	3 months	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
udmserve.net DigiCert SHA2 High Assurance Server CA	`2019-07-15` - `2021-10-14`	2 years	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2020-12-06` - `2022-01-07`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2019-10-01` - `2021-09-30`	2 years	crt.sh
*.sharethrough.com Amazon	`2020-09-09` - `2021-10-11`	a year	crt.sh
*.disqus.com DigiCert SHA2 Secure Server CA	`2020-04-20` - `2022-05-09`	2 years	crt.sh
*.google.be GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
misc-sni.google.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-01-30` - `2021-04-28`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
cdn.adnxs.com GlobalSign CloudSSL CA - SHA256 - G3	`2020-10-29` - `2021-04-14`	5 months	crt.sh
*.technoratimedia.com DigiCert SHA2 High Assurance Server CA	`2020-07-28` - `2021-10-01`	a year	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
s.amazon-adsystem.com Amazon	`2020-08-28` - `2021-08-20`	a year	crt.sh

This page contains 14 frames:

Primary Page: https://mysteriousuniverse.org/
Frame ID: 23E96E8258B0F1ABF8D8E8192210A274
Requests: 110 HTTP requests in this frame

Frame: https://7928b0d059175ec011f162638637c54a.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 2253AD2980071DDC17CE5C7915D0D42E
Requests: 13 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs
Frame ID: 96BFCD14C6E12A193EE5C5838EE676B0
Requests: 11 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs
Frame ID: CCE3602B883C9E61E0443718E71D0229
Requests: 18 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs
Frame ID: D4B0F8F5C9EE124B6201153B50846A6B
Requests: 17 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs
Frame ID: 73B676DE67C9AE6E383CA441A1551332
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 074BC5FD7B1637BB3F6CFCF436871548
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 85197BCEE30CE60B765EA2FE9FDCCE67
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=mysteriousuniverse.org
Frame ID: 0D6C7437293EEBE6B70DA0891EE9368B
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 20F36422264C6C70D9C6E95F026FBF52
Requests: 3 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=f2b9bd0e-4444-46b6-b6c2-7e41e62bf844&gdpr=1
Frame ID: C474D204BFCF776280B0CFD63D30B314
Requests: 7 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: A32FFA9A910580C8A7B500EA8F1A6C77
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=dhaJtmHSGr6ykdaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 73D474CC4A93AE68C2731DEE6F0591BD
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://mysteriousuniverse.org/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: A67B50FFF78A72832B34126FDFBF7F50
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://mysteriousuniverse.org/ HTTP 301
https://mysteriousuniverse.org/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

210
Requests

98 %
HTTPS

36 %
IPv6

35
Domains

56
Subdomains

40
IPs

8
Countries

4159 kB
Transfer

7675 kB
Size

6
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/mysteriousuniv

Search URL Search Domain Scan URL

URL: http://twitter.com/mysteriousuniv

Search URL Search Domain Scan URL

URL: https://mysterious-universe.myshopify.com/products/megapack-2008-2012

Search URL Search Domain Scan URL

URL: http://store.mysteriousuniverse.org/catalog/mega-value-pack/
Title: Buy Now

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://mysteriousuniverse.org/ HTTP 301
https://mysteriousuniverse.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 59

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fmysteriousuniverse.org%2F&domain=mysteriousuniverse.org&cw=1 HTTP 302
https://mug.criteo.com/sid?cpp=rmqvVHx6MFExM1pzKzVKek1IMllpWlZQTWFGeWNWOUlDcExFTS9GSGZPeTBVUlhEMCtiVmZBSUI1Y1VhOGprM1hGdzFNTEdVWkt0SjUyNmtzSExvZ3d2dzZxMk5aMVI0bExaeHRXVUhJRXI1UjdZZmZZK01UU3NZRkRkbkZWSytmZFNVMjY2Tmtzd2xtN0xMRUJQZkNCRUtCRlZHSU83RDVmUVl0L0Q3UzZUZDExOVlhT21TbFZYVVZEWDFDa25wcUJTSERQTTNvZFJHanFFMENFWkFMcjJXYWhwUHBXZjZlR0ZSOTBZanNEL2JIekRjPXw&cppv=2

Request Chain 156

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 158

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 182

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 190

https://secure.adnxs.com/getuid?https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bapnid%3D%24UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fdt%253D1%253Bapnid%253D%2524UID HTTP 302
https://udmserve.net/udm/fetch.pix?dt=1;apnid=3574069893829030642

Request Chain 191

https://sync.1rx.io/usersync2/underdogmedia HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3302084478 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3302084478 HTTP 302
https://sync.1rx.io/usersync/tradedesk/5aa5c8a4-3d8b-4674-a175-55a376f385f5 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-3cd5b55a-0374-4da1-8ef1-940240763cf8-003?redir=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Froid%3DRX-3cd5b55a-0374-4da1-8ef1-940240763cf8-003 HTTP 302
https://udmserve.net/udm/fetch.pix?roid=RX-3cd5b55a-0374-4da1-8ef1-940240763cf8-003

Request Chain 193

https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fpmid%253D%2523PMUID HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fpmid%253D%2523PMUID&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MUJDRUUyRjgtQjQxNy00NjNDLTk1OEMtMzQ4MTRFNzhFOENC&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?p=156505&pmc=1&pr=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fpmid%3D1BCEE2F8-B417-463C-958C-34814E78E8CB HTTP 302
https://udmserve.net/udm/fetch.pix?pmid=1BCEE2F8-B417-463C-958C-34814E78E8CB

Request Chain 194

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=8d67602b-b275-4900-9d3f-6e427ae4eb36

Request Chain 195

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=0rFjqIazZv_J42Os3eB8rIDlYq_Jsmiuh-cj7TDL

Request Chain 196

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=842875601262468215

Request Chain 199

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOK_H85SCNsmbkujoXFHknk&google_cver=1

Request Chain 200

https://ssum-sec.casalemedia.com/usermatch?d=https://mysteriousuniverse.org/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https://mysteriousuniverse.org/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 202

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YCuydbRDgVpleykQKV0-xQAABJIAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YCuydbRDgVpleykQKV0-xQAABJIAAAAB&dcc=t

Request Chain 204

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YCuydbRDgVpleykQKV0-xQAABJIAAAAB HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESENkIeLXG6kJTg1zJgdHwOms&google_cver=1

Request Chain 205

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YCuydbRDgVpleykQKV0.xQAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEE0sX6miYQQxTz5iw7ipVq4&google_cver=1&google_hm=2

Request Chain 206

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=8FC11585A53945EAB180537F0E58038F&gdpr=1

Request Chain 207

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1616068469

Request Chain 208

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YCuydgAAAJsh9SrK HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YCuydgAAAJsh9SrK&gdpr=1&_test=YCuydgAAAJsh9SrK

Request Chain 209

https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=mSOXfM0hkiuCcZd4lnKIeMt3lnuCIJx6zHVEHmD5

210 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
mysteriousuniverse.org/
Redirect Chain

http://mysteriousuniverse.org/
https://mysteriousuniverse.org/

86 KB
16 KB

1335ms
1289ms

Document
text/html

172.67.67.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mysteriousuniverse.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.67.46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed19e4874ec0c4720df74ac33d1ed97bf7ccde9ddaf6aab40a52312a287a40e5

Request headers

:method: GET
:authority: mysteriousuniverse.org
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 11:54:25 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d2ae65679947ae700658c095296ccdfae1613476464; expires=Thu, 18-Mar-21 11:54:24 GMT; path=/; domain=.mysteriousuniverse.org; HttpOnly; SameSite=Lax
vary: Accept-Encoding
x-cache-enabled: False
cache-control: s-max-age=604800, s-maxage=604800, max-age=60
sg-optimizer-cache-control: s-max-age=604800, s-maxage=604800, max-age=60
link: <https://mysteriousuniverse.org/wp-json/>; rel="https://api.w.org/"
x-httpd: 1
host-header: 6b7412fb82ca5edfd0917e3957f05d89
x-proxy-cache: MISS
x-proxy-cache-info: W NC:000000 UP:
cf-cache-status: DYNAMIC
cf-request-id: 084c4a1e0500004c015829e000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=m%2FyIVEAn28uvkjpI0fKuTOH1x37Eqh4%2BVsZ1sn1OLKQz6ALz4SWzkHtR4gDfp2r8hcKXGN7jwWA9c9Ftlh7hgiXlmYQQu8yfRN%2Fk5u%2FYgr%2BYOymEkB0r"}],"group":"cf-nel"}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 622712dcd8004c01-AMS
content-encoding: br

Redirect headers

Date: Tue, 16 Feb 2021 11:54:24 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 16 Feb 2021 12:54:24 GMT
Location: https://mysteriousuniverse.org/
cf-request-id: 084c4a1db00000fa9c8a8f5000000001
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FkyAVdrcQu%2FFOVNw0z%2BfFmHvrjHWBOq3qN6gUI4BmfEmOm9dH4kNh7csuMe1X44XFHnaMM39zzWBS2vZazUpH7BGHzJa3zkB8QpiK7WBXpfLHQm7GEgd"}],"max_age":604800,"group":"cf-nel"}
NEL: {"max_age":604800,"report_to":"cf-nel"}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 622712dc4b5cfa9c-AMS

GET
H2 200 style.min.css
mysteriousuniverse.org/wp-includes/css/dist/block-library/ 53 KB
8 KB 76ms
73ms Stylesheet
text/css 172.67.67.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mysteriousuniverse.org/wp-includes/css/dist/block-library/style.min.css
Requested by: Host: mysteriousuniverse.org
URL: https://mysteriousuniverse.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.67.46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 11:54:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 8855910
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
cf-request-id: 084c4a231700004c013bba5000000001
last-modified: Sat, 05 Sep 2020 13:11:14 GMT
server: cloudflare
etag: W/"5f538e72-d293"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PyWcFQctC8awWSyL1dRCOYlvABesYqlHgoePfmZYZemEoOZO%2BoBWX0m5jin5WsIkF54QmfqeABJHAfHX7Jeh8DZMgq6kboV070LDAZamzEcpIV0g4eDc"}],"group":"cf-nel"}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 622712e4ee5e4c01-AMS
expires: Fri, 05 Nov 2021 23:55:55 GMT

GET
H2 200 blocks.style.build.css
mysteriousuniverse.org/wp-content/plugins/metronet-profile-picture/dist/ 27 KB
3 KB 42ms
40ms Stylesheet
text/css 172.67.67.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mysteriousuniverse.org/wp-content/plugins/metronet-profile-picture/dist/blocks.style.build.css
Requested by: Host: mysteriousuniverse.org
URL: https://mysteriousuniverse.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.67.46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57cd1d26474ce5b3da3a5167accb4460197ae0e15a10d99dabb3e0ac35510bfc

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 11:54:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 9102223
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
cf-request-id: 084c4a231600004c016e3f8000000001
last-modified: Wed, 04 Mar 2020 17:45:48 GMT
server: cloudflare
etag: W/"5e5fe94c-6c4b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TyC7iWZ2YSNqOGvvTS1FqDQpu2M0mV%2BSalPrSlBXxTU5xnj2ynb%2FdkLWlbO2f4KDUrIihGgpSZla%2Be0zjb8594woiooMJ1H%2F8X0gVxKurNOtXnsnOKSY"}],"group":"cf-nel"}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 622712e4ee674c01-AMS
expires: Wed, 03 Nov 2021 03:30:42 GMT

GET
H2 200 ewd-ufaq-styles.css
mysteriousuniverse.org/wp-content/plugins/ultimate-faqs/css/ 13 KB
3 KB 41ms
38ms Stylesheet
text/css 172.67.67.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mysteriousuniverse.org/wp-content/plugins/ultimate-faqs/css/ewd-ufaq-styles.css
Requested by: Host: mysteriousuniverse.org
URL: https://mysteriousuniverse.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.67.46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4e4f37120fd559331e37e0e1b779ce9b54edbb1a16dd72079ed22485b6997cb

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 11:54:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 9102223
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
cf-request-id: 084c4a231700004c012b957000000001
last-modified: Fri, 18 Sep 2020 05:51:38 GMT
server: cloudflare
etag: W/"5f644aea-3391"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Z9CtyYp2F79Oj4PNvj9%2FFaoXg6IGA0E2CfXGmvKdwkH0km4nHKczZYVFWjYELp53fAk3iDSHa%2Bgcfxq5VS%2FrwyoV1cZmoX3UFhmpI8T0Evfn00pDdVEg"}],"group":"cf-nel"}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 622712e4fe6c4c01-AMS
expires: Wed, 03 Nov 2021 03:30:42 GMT

GET
H2 200 rrssb-min.css
mysteriousuniverse.org/wp-content/plugins/ultimate-faqs/css/ 11 KB
2 KB 41ms
39ms Stylesheet
text/css 172.67.67.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mysteriousuniverse.org/wp-content/plugins/ultimate-faqs/css/rrssb-min.css
Requested by: Host: mysteriousuniverse.org
URL: https://mysteriousuniverse.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.67.46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01e9aa918485075ccaa51eed8141a2fc0e0b4c5d7c1746180e2b072b2bea20ea

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 11:54:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 8574167
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
cf-request-id: 084c4a231700004c01428e5000000001
last-modified: Fri, 06 Nov 2020 19:44:30 GMT
server: cloudflare
etag: W/"5fa5a79e-2b47"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ogRiDjkOtgouF42uceEEVME0ibuu0ztr6jZzKFE%2B86euzkBuXO64Rz%2B4mA8Mo%2F0VzSiez4PHhTTM54aGV8rhC9ZTzWc9lMJoOR0rMRjTGh8CCtBdFgN4"}],"group":"cf-nel"}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 622712e4fe6e4c01-AMS
expires: Tue, 09 Nov 2021 06:11:38 GMT

GET
H2 200 frontend.min.css
mysteriousuniverse.org/wp-content/plugins/google-analytics-for-wordpress/assets/css/ 8 KB
1 KB 46ms
43ms Stylesheet
text/css 172.67.67.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mysteriousuniverse.org/wp-content/plugins/google-analytics-for-wordpress/assets/css/frontend.min.css
Requested by: Host: mysteriousuniverse.org
URL: https://mysteriousuniverse.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.67.46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90368b5a3711b1777dc287f535cfc1be62b69a362a1af847558cb7c44c7f3974

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 11:54:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3139868
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
cf-request-id: 084c4a231700004c0198b86000000001
last-modified: Mon, 21 Dec 2020 13:36:37 GMT
server: cloudflare
etag: W/"5fe0a4e5-1e0f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=goy0tv17YqBoDcqNzDPHZ3K7RsWhQFtP5uhlzqlMhPJzvBIc6VBeLM5%2Bue%2FuIOViAsiFTof7n0hU16CHTWgLDJFDjKNd6iFjcKOjbEULCZqbihMatrpu"}],"group":"cf-nel"}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 622712e4fe6f4c01-AMS
expires: Tue, 11 Jan 2022 03:43:17 GMT

GET
H2 200 css
fonts.googleapis.com/ 11 KB
728 B 18ms
15ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Exo%3A400%2C500italic%2C500%2C400italic%2C700italic%2C700%2C100italic%2C100%2C200italic%2C200%2C300italic%2C300

Requested by

Host: mysteriousuniverse.org
URL: https://mysteriousuniverse.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0dc85d603cf1d0a4ff07fffecf4a4e97939296787f04e34ff37e587ab6da6c77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 11:54:25 GMT
server: ESF
date: Tue, 16 Feb 2021 11:54:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Feb 2021 11:54:25 GMT

GET
H2 200 style.css
mysteriousuniverse.org/wp-content/themes/mysterious-universe-2/library/css/ 495 KB
65 KB 52ms
50ms Stylesheet
text/css 172.67.67.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mysteriousuniverse.org/wp-content/themes/mysterious-universe-2/library/css/style.css
Requested by: Host: mysteriousuniverse.org
URL: https://mysteriousuniverse.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.67.46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80ebbb04c13eceaaee7d9cf0ab31016b1b782051809ebe094a74698d3d17379f

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 11:54:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3043597
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
cf-request-id: 084c4a231800004c0177a17000000001
last-modified: Tue, 03 Dec 2019 16:50:30 GMT
server: cloudflare
etag: W/"5de69256-7bd22"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jHfAZ1k4jCS6%2BgvbKdF1axpHooWdDNb4CPpF987po1m4jj%2FC4E1%2FvkFofOYakMs8AMokmnFXQJXrAqvzI6PMaF%2FA5V5mGRssT%2F3O5Wr2broE0U%2FdsGSa"}],"group":"cf-nel"}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 622712e4fe724c01-AMS
expires: Wed, 12 Jan 2022 06:27:48 GMT

GET
H2 200 dropkick.css
mysteriousuniverse.org/wp-content/themes/mysterious-universe-2/library/js/ 2 KB
1 KB 42ms
40ms Stylesheet
text/css 172.67.67.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mysteriousuniverse.org/wp-content/themes/mysterious-universe-2/library/js/dropkick.css
Requested by: Host: mysteriousuniverse.org
URL: https://mysteriousuniverse.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.67.46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18a2c6cead9a9ddbfbb442e9085e5a53345737ded19554dff212202da4a779bc

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 11:54:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 9102223
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
cf-request-id: 084c4a231800004c01362c1000000001
last-modified: Wed, 19 Jul 2017 10:45:00 GMT
server: cloudflare
etag: W/"596f382c-9b3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OoGvfklLkpBsrhGfV7xpuLpS%2FDgIUP8Qx%2FkL8Dfuj3aMCifqbyVkS1J4LDJDuD0TFOzyMLbEyUTOziR90bB08RWK9ukRnWAc5VCh4IQkqyLnFEkFcGDU"}],"group":"cf-nel"}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 622712e4fe754c01-AMS
expires: Wed, 03 Nov 2021 03:30:42 GMT

GET
H2 200 frontend.css
mysteriousuniverse.org/wp-content/plugins/wishlist-member/ui/css/ 919 B
730 B 50ms
47ms Stylesheet
text/css 172.67.67.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mysteriousuniverse.org/wp-content/plugins/wishlist-member/ui/css/frontend.css
Requested by: Host: mysteriousuniverse.org
URL: https://mysteriousuniverse.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.67.46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6edba6dbe39470dfd0d3c64089effe1b03d33ba7020a1478c5acdc2e18c3bf8b

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 11:54:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 9109140
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
cf-request-id: 084c4a231800004c01408c9000000001
last-modified: Tue, 22 Sep 2020 18:42:05 GMT
server: cloudflare
etag: W/"5f6a457d-397"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oap8P7tc%2BG6PqWbgpK3OSOTIPksLp0uVT62QRlR1fgoGP30qnCYuAHBU%2BJSRHqQ9p0fgh5bVbMdcDHxZWWWwNpOchEcYKEPdq4Z2hcsQnB%2FQ7gBHDYvm"}],"group":"cf-nel"}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 622712e4fe774c01-AMS
expires: Wed, 03 Nov 2021 01:35:25 GMT

GET
H2 200 frontend.min.js Show response
mysteriousuniverse.org/wp-content/plugins/google-analytics-for-wordpress/assets/js/ 9 KB
3 KB 43ms
40ms Script
application/javascript 172.67.67.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mysteriousuniverse.org/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend.min.js
Requested by: Host: mysteriousuniverse.org
URL: https://mysteriousuniverse.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.67.46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63a6d926d277a3d64d30e349fa0ea2b0630e9801d173e1947ff3bd6060147ef4

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 11:54:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 9009973
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
cf-request-id: 084c4a231800004c0198b87000000001
last-modified: Thu, 01 Oct 2020 08:02:33 GMT
server: cloudflare
etag: W/"5f758d19-2452"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XrljOdley0rxfMHLt4RHEza5tFP0hbofs45lemYPu%2BUWS7cyH2PySRq7QdDtTdDNmZ3j3KIkJL6Z1bkSOJcwBEJD2TEdoRnQyZA41UUqkOUulxp84svf"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 622712e4fe784c01-AMS
expires: Thu, 04 Nov 2021 05:08:12 GMT

GET
H2 200 jquery.min.js Show response
mysteriousuniverse.org/wp-includes/js/jquery/ 87 KB
30 KB 76ms
74ms Script
application/javascript 172.67.67.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mysteriousuniverse.org/wp-includes/js/jquery/jquery.min.js
Requested by: Host: mysteriousuniverse.org
URL: https://mysteriousuniverse.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.67.46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 11:54:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5855280
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
cf-request-id: 084c4a231d00004c013c072000000001
last-modified: Thu, 10 Dec 2020 17:14:49 GMT
server: cloudflare
etag: W/"5fd25789-15d98"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tmGB8jmQrAWFmyJMW18Mk%2FDVUPZVpTDHBgtl%2BY5b2W3kVfw6MVxvFWQ12ytWH2cjZX4vHMcyuFeEm1e8iYOO7V%2BxgeQwFppmIXQudtMgfV%2FbYXJ2gcKX"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 622712e4fe7a4c01-AMS
expires: Fri, 10 Dec 2021 17:26:25 GMT

GET
H2 200 jquery-migrate.min.js Show response
mysteriousuniverse.org/wp-includes/js/jquery/ 11 KB
4 KB 76ms
73ms Script
application/javascript 172.67.67.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mysteriousuniverse.org/wp-includes/js/jquery/jquery-migrate.min.js
Requested by: Host: mysteriousuniverse.org
URL: https://mysteriousuniverse.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.67.46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 11:54:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5855280
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
cf-request-id: 084c4a232500004c012f3e9000000001
last-modified: Thu, 10 Dec 2020 17:14:49 GMT
server: cloudflare
etag: W/"5fd25789-2bd8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FAojjFvHK73zy1WDJmCA9XrLooYmXSMXiy8c%2FU6%2FVrBDuIPl6dhfkRtmOV5Tp3OACmWBBRZIFdi7aZFFGsafODcCA1yF1u6DwjQQftCNV%2BBLyOSTgHNK"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 622712e50ebd4c01-AMS
expires: Fri, 10 Dec 2021 17:26:25 GMT

GET
H2 200 modernizr.custom.min.js Show response
mysteriousuniverse.org/wp-content/themes/mysterious-universe-2/library/js/libs/ 15 KB
6 KB 50ms
48ms Script
application/javascript 172.67.67.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mysteriousuniverse.org/wp-content/themes/mysterious-universe-2/library/js/libs/modernizr.custom.min.js
Requested by: Host: mysteriousuniverse.org
URL: https://mysteriousuniverse.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.67.46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5498eab9ddd9c6790d3e401556c0daaa159bcf36708cb89fee8184bf38e4b7aa

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 11:54:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3042394
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
cf-request-id: 084c4a232400004c0198b88000000001
last-modified: Wed, 19 Jul 2017 10:45:00 GMT
server: cloudflare
etag: W/"596f382c-3b16"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wlHhT%2F3%2BuhsgPUgMNwrkxv2%2FqHt1bchVyuK%2Blplo1TzNkvuM86p3N%2BoSkiBWmqt1bSrgm3Qz%2BeRNJQ1QBzT21PW62IKo6cZMw1kDoBkQTJzsapgyQaP9"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 622712e50ec14c01-AMS
expires: Wed, 12 Jan 2022 06:47:51 GMT

GET
H2 200 jquery.flexslider-min.js Show response
mysteriousuniverse.org/wp-content/themes/mysterious-universe-2/library/js/ 16 KB
5 KB 72ms
70ms Script
application/javascript 172.67.67.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mysteriousuniverse.org/wp-content/themes/mysterious-universe-2/library/js/jquery.flexslider-min.js
Requested by: Host: mysteriousuniverse.org
URL: https://mysteriousuniverse.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.67.46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ae30a1e7df2c30a6e2d3b10e031c543e3d96f9089949f25c76ca11bae1f0b15

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 11:54:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3136993
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
cf-request-id: 084c4a232500004c01a2090000000001
last-modified: Wed, 19 Jul 2017 10:45:00 GMT
server: cloudflare
etag: W/"596f382c-3ffa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BHnO1jlGRt6aYw1lNIYtIQmlCgscceiguQdmEZhd20dxscsiidTbFr6hCCqHE89ITzhMHziXFqCDmndqRtiFUI2%2Bv%2BBsTl9b%2Ft4i5bBZU5Ad8jtL%2Bda1"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 622712e50ec24c01-AMS
expires: Tue, 11 Jan 2022 04:31:12 GMT

GET
H2 200 clipboard.min.js Show response
mysteriousuniverse.org/wp-content/themes/mysterious-universe-2/library/js/ 10 KB
3 KB 72ms
70ms Script
application/javascript 172.67.67.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mysteriousuniverse.org/wp-content/themes/mysterious-universe-2/library/js/clipboard.min.js
Requested by: Host: mysteriousuniverse.org
URL: https://mysteriousuniverse.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.67.46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74511bfa45ec3a55c3154e1af7e1307c713ccf58542611064d46f7ce48726d83

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 11:54:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3136993
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
cf-request-id: 084c4a232700004c012b95a000000001
last-modified: Wed, 19 Jul 2017 10:45:00 GMT
server: cloudflare
etag: W/"596f382c-2953"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=G6cv7MPike94EBxvXJLdXihYg6K8nHSA%2BCMK2SMv6uSzkHy27B7KzeR75w0%2Fg7TsCOzI%2FtT8y14ch1%2FupZdquLhmyXki3LGr2mCwNllDunjSCqEqtde4"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 622712e50ec54c01-AMS
expires: Tue, 11 Jan 2022 04:31:11 GMT

GET
H2 200 zxcvbn.js Show response
cdnjs.cloudflare.com/ajax/libs/zxcvbn/4.2.0/ 802 KB
350 KB 15ms
13ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/zxcvbn/4.2.0/zxcvbn.js

Requested by

Host: mysteriousuniverse.org
URL: https://mysteriousuniverse.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc69d847ee74a61c7c63d946991ce7024a6016f6e21e84011f114a961c3cea09

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 11:54:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2296535
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 357976
cf-request-id: 084c4a230f000097366daee000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:18:13 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04045-c884a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jVAzJd3X4FXwLx9XbEzkcj4oHuCaNmW%2BvoEmtDkePhv%2Bm87tzrhl4JSm6wC4DPj1Zj1flvcWwLVNa8k0g24at%2F2O94OByiR6%2BvTP8KXPjo7oC37DlDJsMQulkwDNmWK0QQ%3D%3D"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 622712e4eefd9736-FRA
expires: Sun, 06 Feb 2022 11:54:25 GMT

GET
H2 200 jquery.fitvids.js Show response
mysteriousuniverse.org/wp-content/themes/mysterious-universe-2/library/js/libs/ 3 KB
2 KB 72ms
71ms Script
application/javascript 172.67.67.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mysteriousuniverse.org/wp-content/themes/mysterious-universe-2/library/js/libs/jquery.fitvids.js
Requested by: Host: mysteriousuniverse.org
URL: https://mysteriousuniverse.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.67.46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07f79fbda35a2bf03f2940978670a2a53cf21e490ecce887bf92fc2e3f359293

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 11:54:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 9105425
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
cf-request-id: 084c4a232700004c015d2c7000000001
last-modified: Wed, 19 Jul 2017 10:45:00 GMT
server: cloudflare
etag: W/"596f382c-d16"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7ydrsVEJMJ2RpUuMvrsFjrN%2BC8nAL6fAv4PcmW7UsTfqK792KSGhUn5N19pqdzohiBe8T55iQunFUZFyV5IGpYZX%2FUcq%2Fj3Y3rJsjh5oFQxicZ6okM0K"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 622712e50ed34c01-AMS
expires: Wed, 03 Nov 2021 02:37:20 GMT

GET
H2 200 materialize.min.js Show response
cdnjs.cloudflare.com/ajax/libs/materialize/0.98.0/js/ 143 KB
39 KB 28ms
26ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/materialize/0.98.0/js/materialize.min.js

Requested by

Host: mysteriousuniverse.org
URL: https://mysteriousuniverse.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69bb8ac766d32a4a6779baff31e961623bfab4066f7c143654ac698b6c89e7ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 11:54:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 13479
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 39476
cf-request-id: 084c4a230f0000973683a45000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:12:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03efe-23a07"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hTAxvd5csl1aU%2Bq3bujz6XgVcASxDVt4Q%2BrYv%2BITNCkSwUbHDH0lIBRB89FBMhl0GwHTRFuy9yBDavZgScgiRCDLYNrhbMB4XC%2FPjaGrjEGTk2kCxIEtLEbrrzs3bWVttg%3D%3D"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 622712e4eefe9736-FRA
expires: Sun, 06 Feb 2022 11:54:25 GMT

GET
H2 200 dropkick.2.1.9.min.js Show response
mysteriousuniverse.org/wp-content/themes/mysterious-universe-2/library/js/ 17 KB
6 KB 72ms
71ms Script
application/javascript 172.67.67.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mysteriousuniverse.org/wp-content/themes/mysterious-universe-2/library/js/dropkick.2.1.9.min.js
Requested by: Host: mysteriousuniverse.org
URL: https://mysteriousuniverse.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.67.46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b817e06a793c479743836d6df14c3779d83b6d47bf5e9bda17fabe40d34c3e29

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 11:54:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 9008629
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
cf-request-id: 084c4a232800004c0174122000000001
last-modified: Wed, 19 Jul 2017 10:45:00 GMT
server: cloudflare
etag: W/"596f382c-433b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FOn7o%2FISgb7dUyJ3kJpvWlFrmiAaKp6pWzVssS3jOL8P8U3VX5cspbTLhuh%2B4K1jocqNCd5CeeiwRvhe7yLhKMsTB9GmrVfHGzRywyJz7J4lsAd0gyE5"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 622712e50ed44c01-AMS
expires: Thu, 04 Nov 2021 05:30:36 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 136 KB
48 KB 59ms
38ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: mysteriousuniverse.org
URL: https://mysteriousuniverse.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f43420ec7e4d0e64ace4a827d328e0f0f8daba0cdb7c55c6bad56bdb88b93f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 11:54:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 48458
x-xss-protection: 0
server: cafe
etag: 5055074899333445325
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 16 Feb 2021 11:54:25 GMT

GET
H2 200 adn.mu.js Show response
adncdnend.azureedge.net/adn-hb/ 248 KB
77 KB 28ms
7ms Script
application/javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adncdnend.azureedge.net/adn-hb/adn.mu.js
Requested by: Host: mysteriousuniverse.org
URL: https://mysteriousuniverse.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FC9) /
Resource Hash: 1e53e354dde97dced03c426eb61c98cfa592df46bb8e49d092345df733597f11

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 16 Feb 2021 11:54:25 GMT
content-encoding: gzip
content-md5: C3ckVLv1Ex4O9XQ5nSg2oQ==
age: 688
x-cache: HIT
content-length: 78769
x-ms-lease-status: unlocked
last-modified: Tue, 09 Feb 2021 09:27:32 GMT
server: ECAcc (frc/8FC9)
etag: 0x8D8CCDCED82A58D
vary: Accept-Encoding
content-type: application/javascript
x-ms-request-id: 610efb7d-a01e-002a-7958-04d74d000000
cache-control: max-age=86400
x-ms-version: 2009-09-19
expires: Wed, 17 Feb 2021 11:54:25 GMT

GET
H2 200 @2x-mu-logo.png
mysteriousuniverse.org/wp-content/themes/mysterious-universe-2/library/images/ 13 KB
14 KB 268ms
267ms Image
image/png 172.67.67.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mysteriousuniverse.org/wp-content/themes/mysterious-universe-2/library/images/@2x-mu-logo.png
Requested by: Host: mysteriousuniverse.org
URL: https://mysteriousuniverse.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.67.46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db5a67b878f0093b91a0ed985ecd85ceeefb3e7d09795e2ee25a3779753c951e

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 11:54:25 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 8582212
cf-polished: origSize=25990
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 13544
cf-request-id: 084c4a23f300004c019b198000000001
last-modified: Wed, 19 Jul 2017 10:46:00 GMT
server: cloudflare
etag: "596f3868-6586"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yojfakHeyRBs72YR2jEfoWm%2FHm8R%2BrStASnNF8MmGyS4YSr9VEsqsQThj8%2B70tqAesYmcHJaKq7OK87cqkwjTcXE8p3U1dRxBNAKl1dbSbGLpR99J58X"}],"group":"cf-nel"}
content-type: image/png
expires: Tue, 09 Nov 2021 03:57:33 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 622712e64a374c01-AMS
cf-bgj: imgq:100,h2pri

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: mysteriousuniverse.org
URL: https://mysteriousuniverse.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 4029
date: Tue, 16 Feb 2021 10:47:16 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Tue, 16 Feb 2021 12:47:16 GMT

GET
H2 200 wp-emoji-release.min.js Show response
mysteriousuniverse.org/wp-includes/js/ 14 KB
5 KB 59ms
58ms Script
application/javascript 172.67.67.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mysteriousuniverse.org/wp-includes/js/wp-emoji-release.min.js
Requested by: Host: mysteriousuniverse.org
URL: https://mysteriousuniverse.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.67.46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 11:54:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 8925639
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
cf-request-id: 084c4a23f300004c012c91f000000001
last-modified: Sat, 05 Sep 2020 13:11:14 GMT
server: cloudflare
etag: W/"5f538e72-37a6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=McOsstkKFQEhC%2FxYJgW3f7PBrNEFxodpZn0dkM1080gZRLo8Pbt5escHza1QGNEAEVzoFhJJBTa0ItEt9acDGP%2FbG02xnYzdug4qjFT6Wc%2BxWQbd1D7y"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 622712e64a384c01-AMS
expires: Fri, 05 Nov 2021 04:33:46 GMT

GET
H2 200 frontend.js Show response
mysteriousuniverse.org/wp-content/plugins/wishlist-member/ui/js/ 633 B
648 B 43ms
43ms Script
application/javascript 172.67.67.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mysteriousuniverse.org/wp-content/plugins/wishlist-member/ui/js/frontend.js
Requested by: Host: mysteriousuniverse.org
URL: https://mysteriousuniverse.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.67.46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 604dfae45d8e143eea0230d9887bbfd39651aaa2d68e6c532ddb796d06df60ca

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 11:54:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 7598148
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
cf-request-id: 084c4a237900004c015834e000000001
last-modified: Fri, 06 Nov 2020 19:44:54 GMT
server: cloudflare
etag: W/"5fa5a7b6-279"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QZb%2BBYQUSvaOpFJrU1JVvBjlSOUv8ColyzW0h%2FWOlyiCSZ89ZTWcGpqfOkPIDpbCaN5dbzXEI%2FBJieNIpbLaKnifh79mnY3r2fUgx%2B51ZdJGYlKXTEC5"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 622712e588234c01-AMS
expires: Sat, 20 Nov 2021 13:18:37 GMT

GET
H2 200 mpp-frontend.js Show response
mysteriousuniverse.org/wp-content/plugins/metronet-profile-picture/js/ 331 B
628 B 51ms
51ms Script
application/javascript 172.67.67.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mysteriousuniverse.org/wp-content/plugins/metronet-profile-picture/js/mpp-frontend.js
Requested by: Host: mysteriousuniverse.org
URL: https://mysteriousuniverse.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.67.46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b695f4e09490004246d228e02338f9d3c4591273e1f35bb0ebe63607c860e608

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 11:54:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 8853804
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
cf-request-id: 084c4a237800004c01503c7000000001
last-modified: Wed, 04 Mar 2020 17:45:48 GMT
server: cloudflare
etag: W/"5e5fe94c-14b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Ux9kR6nrwKnr4P8KA6vXvMlCMObSgU%2F8n4l0fFfZqDb16XqFfpiv5gP8F0XY71dSfsxvpxzYlopW2z4GpJpLOTWa2xPN3q%2BHRwvboJ4zcyVM13pU%2F3Si"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 622712e588294c01-AMS
expires: Sat, 06 Nov 2021 00:31:01 GMT

GET
H2 200 comment_count.js Show response
mysteriousuniverse.org/wp-content/plugins/disqus-comment-system/public/js/ 889 B
781 B 38ms
36ms Script
application/javascript 172.67.67.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mysteriousuniverse.org/wp-content/plugins/disqus-comment-system/public/js/comment_count.js
Requested by: Host: mysteriousuniverse.org
URL: https://mysteriousuniverse.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.67.46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cea0a05c5af6e21a409875328ed2e3dba79131b7c41f8ea07d0e0e02c7b7b59e

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 11:54:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 8671375
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
cf-request-id: 084c4a23f200004c013e808000000001
last-modified: Tue, 19 Mar 2019 15:22:13 GMT
server: cloudflare
etag: W/"5c910925-379"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2Fcew%2BislJPC%2BQg8gEXLqqttDxaH5THOdePbZ8who91PtBl54qQOvUGh7egTVQ3%2Be%2BR2Q5T2UWGT2C2A61xE7%2F4ll8U8Uss4xSJGjnKufOUrt5YsAUfeV"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 622712e64a324c01-AMS
expires: Mon, 08 Nov 2021 03:11:30 GMT

GET
H2 200 scripts.js Show response
mysteriousuniverse.org/wp-content/themes/mysterious-universe-2/library/js/ 23 KB
6 KB 154ms
153ms Script
application/javascript 172.67.67.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mysteriousuniverse.org/wp-content/themes/mysterious-universe-2/library/js/scripts.js
Requested by: Host: mysteriousuniverse.org
URL: https://mysteriousuniverse.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.67.46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a30cb9b1e1d66b68891c103caa338bf4ba6b08fbda0e69d59d2c27c932462cda

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 11:54:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3042394
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
cf-request-id: 084c4a23f300004c018caf0000000001
last-modified: Wed, 07 Mar 2018 21:40:48 GMT
server: cloudflare
etag: W/"5aa05c60-5dcc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MOGV4MCpjwV7Gnn2OTHBKn5my8NUxv%2FZPfAmw2E1S7lC4odg8xt3H3%2FQUV%2BRKQmp%2BFsITFg7jIub5JjRG8V%2FaNgrOPMRx0737EvsOErlJaIhBmgfQvYs"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 622712e64a344c01-AMS
expires: Wed, 12 Jan 2022 06:47:51 GMT

GET
H2 200 wp-embed.min.js Show response
mysteriousuniverse.org/wp-includes/js/ 1 KB
1013 B 48ms
47ms Script
application/javascript 172.67.67.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mysteriousuniverse.org/wp-includes/js/wp-embed.min.js
Requested by: Host: mysteriousuniverse.org
URL: https://mysteriousuniverse.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.67.46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 11:54:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3042394
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
cf-request-id: 084c4a23f300004c0155370000000001
last-modified: Wed, 24 Jun 2020 15:54:34 GMT
server: cloudflare
etag: W/"5ef3773a-59a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pI6xnMVgaYDysm9XVFPtCmfzFd14Z1dYxctQa25ABbSfBMlwoKzuORthB8m%2F%2BS6eJ5U7EdiHnXCQ7PQSsAIwtbM70oBDxPZGtJym8gxYNOJSiHIeG8QB"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 622712e64a364c01-AMS
expires: Wed, 12 Jan 2022 06:47:51 GMT

GET
H2 200 ProximaNova-Regular.woff2
mysteriousuniverse.org/wp-content/themes/mysterious-universe-2/library/fonts/ 26 KB
26 KB 387ms
387ms Font
font/woff2 172.67.67.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mysteriousuniverse.org/wp-content/themes/mysterious-universe-2/library/fonts/ProximaNova-Regular.woff2
Requested by: Host: mysteriousuniverse.org
URL: https://mysteriousuniverse.org/wp-content/themes/mysterious-universe-2/library/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.67.46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f2a4b21255f7d3b1a5515279df2068b92831bada623f9111e967981dd3639cf

Request headers

Origin: https://mysteriousuniverse.org
Referer: https://mysteriousuniverse.org/wp-content/themes/mysterious-universe-2/library/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 11:54:25 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5207710
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 26672
cf-request-id: 084c4a238e00004c012f3f5000000001
last-modified: Wed, 19 Jul 2017 10:45:00 GMT
server: cloudflare
etag: "596f382c-6830"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hP%2Bos%2FueKJXVT%2F%2FrrBVZ8oP9yuzctu2tMmLBK1W%2F4y7%2FJYPGUC04Qt4T5WlMTXUZDZc1k11SLxILiID7Sbr2Jkt%2BnmrsuvVgJRaVhXarUno2ITYBQT6v"}],"group":"cf-nel"}
content-type: font/woff2
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 622712e5a8994c01-AMS
expires: Sat, 18 Dec 2021 05:19:14 GMT

GET
H2 200 min.js Show response
revboostprocdnadsprod.azureedge.net/scripts/latest/ 46 KB
14 KB 118ms
25ms Script
application/x-javascript 152.195.132.161
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://revboostprocdnadsprod.azureedge.net/scripts/latest/min.js
Requested by: Host: mysteriousuniverse.org
URL: https://mysteriousuniverse.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.132.161 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F18) /
Resource Hash: 58f31ad080600e68857b0431046f837430204cb1451e461b76bf45b7248b6a44

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 16 Feb 2021 11:54:25 GMT
content-encoding: gzip
content-md5: H79uTyoNbMRqmOWgwbhcfw==
age: 16
x-cache: HIT
content-length: 13855
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Sun, 24 Jan 2021 12:18:09 GMT
server: ECAcc (frc/8F18)
etag: "0x8D8C0621CD77C2C+gzip"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 75d128d5-101e-000a-695a-04b5af000000
access-control-expose-headers: content-length
cache-control: public, max-age=30
x-ms-version: 2014-02-14

GET
H2 200 bokeh-1983176_1920-e1613402880937-643x440.jpg
mysteriousuniverse.org/wp-content/uploads/2021/02/ 24 KB
25 KB 173ms
172ms Image
image/jpeg 172.67.67.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mysteriousuniverse.org/wp-content/uploads/2021/02/bokeh-1983176_1920-e1613402880937-643x440.jpg
Requested by: Host: mysteriousuniverse.org
URL: https://mysteriousuniverse.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.67.46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 511a59af9a1cd5346f2d505dbf8fabeace9caa041562a0a27900b7f5597c58c1

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 11:54:25 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 9345
cf-polished: origSize=26207
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 24611
cf-request-id: 084c4a23f400004c017f8c3000000001
last-modified: Mon, 15 Feb 2021 15:28:01 GMT
server: cloudflare
etag: "602a9301-665f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=D5Jstu6FGco7CTVOZedo2D5n8oFQGzR9fqxcTe8xzQtlOTxz6kCN7S2nZS3D6D5%2F5GhbRsjyJP3EkOSK3vSoNL3QNJpViMYX19RF1gM4iofHuFVetDPb"}],"group":"cf-nel"}
content-type: image/jpeg
expires: Wed, 16 Feb 2022 09:18:40 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 622712e65a3b4c01-AMS
cf-bgj: imgq:100,h2pri

GET
H2 200 bigfoot-eyes-e1585904683513-643x440.jpeg
mysteriousuniverse.org/wp-content/uploads/2020/04/ 27 KB
28 KB 86ms
86ms Image
image/jpeg 172.67.67.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mysteriousuniverse.org/wp-content/uploads/2020/04/bigfoot-eyes-e1585904683513-643x440.jpeg
Requested by: Host: mysteriousuniverse.org
URL: https://mysteriousuniverse.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.67.46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47db3e0940f7ee5114dffd2aec22039e4ed24a73469ef09ae682367f17b57797

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 11:54:25 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 9661
cf-polished: origSize=30430
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 28119
cf-request-id: 084c4a23f400004c0162276000000001
last-modified: Fri, 03 Apr 2020 09:04:43 GMT
server: cloudflare
etag: "5e86fc2b-76de"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wicR71g04lKhhGvymCwDTLic3%2BxblDik72VB9KHAcQLbKc0YIk0nm5r0DW3168D9Bj57rS%2BSaPGdt1XbFe1vIL5rODkQQJk7UMt6vmS9QCG1RZVcqIAE"}],"group":"cf-nel"}
content-type: image/jpeg
expires: Wed, 16 Feb 2022 09:13:24 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 622712e65a3d4c01-AMS
cf-bgj: imgq:100,h2pri

GET
H2 200 Castle-643x440.jpg
mysteriousuniverse.org/wp-content/uploads/2021/02/ 38 KB
39 KB 52ms
51ms Image
image/jpeg 172.67.67.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mysteriousuniverse.org/wp-content/uploads/2021/02/Castle-643x440.jpg
Requested by: Host: mysteriousuniverse.org
URL: https://mysteriousuniverse.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.67.46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d57e43b085aa6b7b8d7cf1b30544f5b829d1645bf60282bb0c36c09b5ada9f7

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 11:54:25 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 9982
cf-polished: origSize=41403
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 39342
cf-request-id: 084c4a23f400004c0181935000000001
last-modified: Mon, 15 Feb 2021 16:29:31 GMT
server: cloudflare
etag: "602aa16b-a1bb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=aiSKc8gUz4NYLPQqWGx4I2lVY2MYciY9t50CLlDjJ4Uu%2Fsqaft355LvBvKgLS5NugNfHf9X7cBkk5wcT8zUa8k4bhocIFqbx0HhqimB9bP8%2BquRHsjV%2F"}],"group":"cf-nel"}
content-type: image/jpeg
expires: Wed, 16 Feb 2022 09:08:03 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 622712e65a3e4c01-AMS
cf-bgj: imgq:100,h2pri

GET
H2 200 crater-643x440.jpg
mysteriousuniverse.org/wp-content/uploads/2017/07/ 86 KB
86 KB 66ms
66ms Image
image/jpeg 172.67.67.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mysteriousuniverse.org/wp-content/uploads/2017/07/crater-643x440.jpg
Requested by: Host: mysteriousuniverse.org
URL: https://mysteriousuniverse.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.67.46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1a3dd68b6a752ff63b7d58f73f970b8c8f2f3e27243e41901d2cf8c7f144bcc

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 11:54:25 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 70532
cf-polished: origSize=95177
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 87818
cf-request-id: 084c4a23f800004c016f379000000001
last-modified: Wed, 05 Jul 2017 01:55:00 GMT
server: cloudflare
etag: "595c46f4-173c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Vcdi4Rs4N12qxk7myeV4yWnWoShAQS2zPSVn29zVGNLdna7ju19U6obsGZLbJZug82ClP1K%2F8pFTcsxanLBZ7uPyWi5rJETP6OVQheD3xOXw2LLiu60S"}],"group":"cf-nel"}
content-type: image/jpeg
expires: Tue, 15 Feb 2022 16:18:53 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 622712e65a3f4c01-AMS
cf-bgj: imgq:100,h2pri

GET
H2 200 ProximaNova-Light.woff2
mysteriousuniverse.org/wp-content/themes/mysterious-universe-2/library/fonts/ 26 KB
27 KB 57ms
56ms Font
font/woff2 172.67.67.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mysteriousuniverse.org/wp-content/themes/mysterious-universe-2/library/fonts/ProximaNova-Light.woff2
Requested by: Host: mysteriousuniverse.org
URL: https://mysteriousuniverse.org/wp-content/themes/mysterious-universe-2/library/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.67.46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33e2d3c3ee07a6289cc9dd56f1fb6b98194b2d23bfb7b79b7eccd49bf2201745

Request headers

Origin: https://mysteriousuniverse.org
Referer: https://mysteriousuniverse.org/wp-content/themes/mysterious-universe-2/library/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 11:54:25 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3132271
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 26744
cf-request-id: 084c4a23f900004c0198ba0000000001
last-modified: Wed, 19 Jul 2017 10:45:00 GMT
server: cloudflare
etag: "596f382c-6878"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=63tLDdN7vzHVuMLGwaWSgBuKczKqc4QcDqhHY4FA0PsRAKf4OD1uZ%2FcEVkg5uISJZB1%2F9Zgtg81P2PR9CqKL7r2r5x%2F3NcGWX5PY0GJtQktGHVFGLMB%2F"}],"group":"cf-nel"}
content-type: font/woff2
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 622712e65a524c01-AMS
expires: Tue, 11 Jan 2022 05:49:54 GMT

GET
H2 200 icomoon.ttf
mysteriousuniverse.org/wp-content/themes/mysterious-universe-2/library/fonts/ 13 KB
13 KB 173ms
172ms Font
application/octet-stream 172.67.67.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mysteriousuniverse.org/wp-content/themes/mysterious-universe-2/library/fonts/icomoon.ttf?dxmv7v
Requested by: Host: mysteriousuniverse.org
URL: https://mysteriousuniverse.org/wp-content/themes/mysterious-universe-2/library/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.67.46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9aa42775805f242195339c169a464aeaa26dadf5e6bb21a61ccaffb0ac744062

Request headers

Origin: https://mysteriousuniverse.org
Referer: https://mysteriousuniverse.org/wp-content/themes/mysterious-universe-2/library/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 11:54:25 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 9105424
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 13060
cf-request-id: 084c4a23f900004c019c947000000001
last-modified: Wed, 19 Jul 2017 10:45:00 GMT
server: cloudflare
etag: "596f382c-3304"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hGOeEGmTVSF4dgxQTXfdLrmeIm2pL0ScowQFGMUStL0w917gVZgwHaVSo6cRMlFrIg2APhMTewMeHFHqYFZs7hj9Kcuznn0mSmEM5%2B0VBrhXT6Dwm%2Bpa"}],"group":"cf-nel"}
content-type: application/octet-stream
cache-control: max-age=15552000
accept-ranges: bytes
cf-ray: 622712e65a564c01-AMS
expires: Sun, 02 May 2021 02:37:21 GMT

GET
H2 200 ProximaNova-Semibold.woff2
mysteriousuniverse.org/wp-content/themes/mysterious-universe-2/library/fonts/ 26 KB
26 KB 75ms
75ms Font
font/woff2 172.67.67.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mysteriousuniverse.org/wp-content/themes/mysterious-universe-2/library/fonts/ProximaNova-Semibold.woff2
Requested by: Host: mysteriousuniverse.org
URL: https://mysteriousuniverse.org/wp-content/themes/mysterious-universe-2/library/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.67.46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62266c84ab962ac752a1741e4906605d4ce39f13fc400ea24d4f6bff584df0e3

Request headers

Origin: https://mysteriousuniverse.org
Referer: https://mysteriousuniverse.org/wp-content/themes/mysterious-universe-2/library/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 11:54:25 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 9098538
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 26428
cf-request-id: 084c4a23f900004c01872bd000000001
last-modified: Wed, 19 Jul 2017 10:45:00 GMT
server: cloudflare
etag: "596f382c-673c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SDQkLOfuYc8842fipQwmTWFaqa%2FuhBcstjBspViBXU7AOUSoNfJPk9ejhd%2FqIUshi26GUV2AQfxqAxRuH1OmP0H6CC0tA3VWIbFqROhFJ6xAlGl3vwgL"}],"group":"cf-nel"}
content-type: font/woff2
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 622712e65a5a4c01-AMS
expires: Wed, 03 Nov 2021 04:32:07 GMT

GET
H2 200 plus-label.png
mysteriousuniverse.org/wp-content/themes/mysterious-universe-2/library/images/ 481 B
977 B 46ms
44ms Image
image/png 172.67.67.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mysteriousuniverse.org/wp-content/themes/mysterious-universe-2/library/images/plus-label.png
Requested by: Host: mysteriousuniverse.org
URL: https://mysteriousuniverse.org/wp-content/themes/mysterious-universe-2/library/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.67.46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6bda1da8ba39ccabff5418970af5d7427b7caade0c408b7d8652ffe502d1244

Request headers

Referer: https://mysteriousuniverse.org/wp-content/themes/mysterious-universe-2/library/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 11:54:25 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6108585
cf-polished: origSize=980
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 481
cf-request-id: 084c4a243b00004c019c367000000001
last-modified: Wed, 19 Jul 2017 10:46:00 GMT
server: cloudflare
etag: "596f3868-3d4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=D83QgqidYZsEFDwjmYXzgHPzl15vT1iaNzgLPiCXEzuMV5sSwq3p%2BlS4%2BnVRR8KHSr%2FokCmoQVP0m%2B33lg%2Bm%2BHSd6PVXXNdDVzg4kIkFMX8Bd7VRJ2i%2F"}],"group":"cf-nel"}
content-type: image/png
expires: Tue, 07 Dec 2021 19:04:40 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 622712e6cb954c01-AMS
cf-bgj: imgq:100,h2pri

GET
H2 200 23..06_banner-999x540.jpg
mysteriousuniverse.org/wp-content/uploads/2021/02/ 72 KB
72 KB 185ms
184ms Image
image/jpeg 172.67.67.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mysteriousuniverse.org/wp-content/uploads/2021/02/23..06_banner-999x540.jpg
Requested by: Host: mysteriousuniverse.org
URL: https://mysteriousuniverse.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.67.46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a588d6eb976b66028a3c0cfb319ee5fa957a7d113164817dd1d568b11b195002

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 11:54:25 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 627
cf-polished: origSize=76668
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 73245
cf-request-id: 084c4a243b00004c01362e9000000001
last-modified: Tue, 16 Feb 2021 11:43:01 GMT
server: cloudflare
etag: "602bafc5-12b7c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8sUnza12MeMk8YQh1l7H4BmOs734yJH%2FDN8OvBY4Wlq7fG58BpEkt%2BDggetWsE34M28AGGzZLlKadvRFby6tOxJSWK2AW%2B2vm5hwEjTSwGOUNyfLNEJT"}],"group":"cf-nel"}
content-type: image/jpeg
expires: Wed, 16 Feb 2022 11:43:58 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 622712e6cb974c01-AMS
cf-bgj: imgq:100,h2pri

GET
H2 200 bokeh-1983176_1920-e1613402880937-999x540.jpg
mysteriousuniverse.org/wp-content/uploads/2021/02/ 41 KB
41 KB 187ms
186ms Image
image/jpeg 172.67.67.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mysteriousuniverse.org/wp-content/uploads/2021/02/bokeh-1983176_1920-e1613402880937-999x540.jpg
Requested by: Host: mysteriousuniverse.org
URL: https://mysteriousuniverse.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.67.46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9c29957d15c87c5b16e7dc1eb8f44cbd088f05a93dc43388cf2e51e048c5961

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 11:54:25 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 9345
cf-polished: origSize=44644
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 41783
cf-request-id: 084c4a243c00004c013e813000000001
last-modified: Mon, 15 Feb 2021 15:28:01 GMT
server: cloudflare
etag: "602a9301-ae64"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oLV0%2BVZmf5b8LxKaQfNEgqABTWDzWzW46F0YI4%2B2G8OAZViC7yNtL18gqpSnaNUi1sac0WkysLyHZ2XI8GSE%2BxJ5mZkMCzifWRcvv2a4iz1ZUNZs%2BSb3"}],"group":"cf-nel"}
content-type: image/jpeg
expires: Wed, 16 Feb 2022 09:18:40 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 622712e6cb994c01-AMS
cf-bgj: imgq:100,h2pri

GET
H2 200 bigfoot-eyes-e1585904683513-999x540.jpeg
mysteriousuniverse.org/wp-content/uploads/2020/04/ 48 KB
48 KB 154ms
152ms Image
image/jpeg 172.67.67.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mysteriousuniverse.org/wp-content/uploads/2020/04/bigfoot-eyes-e1585904683513-999x540.jpeg
Requested by: Host: mysteriousuniverse.org
URL: https://mysteriousuniverse.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.67.46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07b4db5e8a7481014ce06d277fdc6e8f2f44c17f762fcec93569be3404bee11a

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 11:54:25 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 9623
cf-polished: origSize=52252
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 48702
cf-request-id: 084c4a243c00004c019c94e000000001
last-modified: Fri, 03 Apr 2020 09:04:43 GMT
server: cloudflare
etag: "5e86fc2b-cc1c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xCa3EIXlYv6FzwM%2BuK557wZe7UWaLpTuvH0SpvUTah30RN8Wh5PNcnJsE%2FUc0bWpM6u5im5TrY7gRLsirY54ytPBoBxZBtAr5NTkQS6EGxax68Ux4bZL"}],"group":"cf-nel"}
content-type: image/jpeg
expires: Wed, 16 Feb 2022 09:14:02 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 622712e6cb9b4c01-AMS
cf-bgj: imgq:100,h2pri

GET
H2 200 Castle-999x540.jpg
mysteriousuniverse.org/wp-content/uploads/2021/02/ 76 KB
76 KB 38ms
37ms Image
image/jpeg 172.67.67.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mysteriousuniverse.org/wp-content/uploads/2021/02/Castle-999x540.jpg
Requested by: Host: mysteriousuniverse.org
URL: https://mysteriousuniverse.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.67.46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0ca9f592c57d5de6e3d2edeb8b8447bf14331c3fdb6fb869fed503ca4bebac6

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 11:54:25 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 9877
cf-polished: origSize=81626
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 77818
cf-request-id: 084c4a243c00004c013bbcd000000001
last-modified: Mon, 15 Feb 2021 16:29:31 GMT
server: cloudflare
etag: "602aa16b-13eda"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=B0%2FmUlectnstpghZ3G0sjT08oCclZNCuoS5lp1XLLmcAujb17%2FHf7LlMAE%2Bm0qOhlTwHv7KV2GTsryDsmib1ntSt2rZk6c9VZ0l22TtW51ZYiSgn0Uwi"}],"group":"cf-nel"}
content-type: image/jpeg
expires: Wed, 16 Feb 2022 09:09:47 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 622712e6cb9c4c01-AMS
cf-bgj: imgq:100,h2pri

GET
H2 200 crater-999x540.jpg
mysteriousuniverse.org/wp-content/uploads/2017/07/ 148 KB
149 KB 75ms
73ms Image
image/jpeg 172.67.67.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mysteriousuniverse.org/wp-content/uploads/2017/07/crater-999x540.jpg
Requested by: Host: mysteriousuniverse.org
URL: https://mysteriousuniverse.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.67.46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ec03b27bc73e0acc94040f78bb0c45f2c2b2e62e3484314d82453619a7e9207

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 11:54:25 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 70531
cf-polished: origSize=165010
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 151843
cf-request-id: 084c4a243d00004c01a5950000000001
last-modified: Wed, 05 Jul 2017 01:55:00 GMT
server: cloudflare
etag: "595c46f4-28492"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hSbkDXIHLcCm9kLbtXAGdOYjrfcBd6m14ST9NRpsF%2FGrJpGB53RajoZ8YFtDHiWkOWQdYCtWSHRAUITwJ1PYJj3UJp5tzFQxIXp48ugDp4P1%2FlORw7oo"}],"group":"cf-nel"}
content-type: image/jpeg
expires: Tue, 15 Feb 2022 16:18:54 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 622712e6cb9d4c01-AMS
cf-bgj: imgq:100,h2pri

GET
H2 200 1074287049_0_21_1000_562_1000x541_80_0_0_c5da0aa4380d7624199d112dc00e53e6-999x540.jpg
mysteriousuniverse.org/wp-content/uploads/2021/02/ 44 KB
44 KB 126ms
125ms Image
image/jpeg 172.67.67.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mysteriousuniverse.org/wp-content/uploads/2021/02/1074287049_0_21_1000_562_1000x541_80_0_0_c5da0aa4380d7624199d112dc00e53e6-999x540.jpg
Requested by: Host: mysteriousuniverse.org
URL: https://mysteriousuniverse.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.67.46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5fad181a670fe03dadf24466ed738a3b02e759117f532d7686c74b5a1edaae50

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 11:54:25 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 70878
cf-polished: origSize=45532
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 44576
cf-request-id: 084c4a243d00004c0139a59000000001
last-modified: Mon, 15 Feb 2021 09:45:13 GMT
server: cloudflare
etag: "602a42a9-b1dc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=otpIIhMf2oj%2FNsg2vKEJvUX3Ok1h5MjApoHmOqwkV94mY1cEkFkkzsSiod8CZ037RlftMSV0Qot%2BfpZyXfpv4jJLnSiZ42kMpoxRoty7lmTPfiWXor5L"}],"group":"cf-nel"}
content-type: image/jpeg
expires: Tue, 15 Feb 2022 16:13:07 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 622712e6cb9f4c01-AMS
cf-bgj: imgq:100,h2pri

GET
H2 200 breaking-2-999x540.jpg
mysteriousuniverse.org/wp-content/uploads/2020/08/ 53 KB
53 KB 105ms
103ms Image
image/jpeg 172.67.67.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mysteriousuniverse.org/wp-content/uploads/2020/08/breaking-2-999x540.jpg
Requested by: Host: mysteriousuniverse.org
URL: https://mysteriousuniverse.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.67.46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd204e9fbf2347f706cd6a1b89984fe9869e4d161716867066299c656ddf6f68

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 11:54:25 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3037938
cf-polished: origSize=56803
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 53999
cf-request-id: 084c4a243d00004c012c92b000000001
last-modified: Fri, 07 Aug 2020 10:18:12 GMT
server: cloudflare
etag: "5f2d2a64-dde3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=iMRNgzWQsBaxtLM8oyA0Nir%2B3r%2BAz08Adfmza1LnRReWL3t9fWRxaGyJAxRxZOIOPLbQbqApnUeEl1M%2BWwVehw96y6VqsRRvrweKFJ4UexYsWkiBASWx"}],"group":"cf-nel"}
content-type: image/jpeg
expires: Wed, 12 Jan 2022 08:02:07 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 622712e6cba24c01-AMS
cf-bgj: imgq:100,h2pri

GET
H2 200 pewter-goblet-4124903_1920-e1613321845675-999x540.jpg
mysteriousuniverse.org/wp-content/uploads/2021/02/ 101 KB
101 KB 59ms
58ms Image
image/jpeg 172.67.67.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mysteriousuniverse.org/wp-content/uploads/2021/02/pewter-goblet-4124903_1920-e1613321845675-999x540.jpg
Requested by: Host: mysteriousuniverse.org
URL: https://mysteriousuniverse.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.67.46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76e2066263c18d15d009539979a186a90bddafd2c828df2d1050f0e1dc63d713

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 11:54:25 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 95700
cf-polished: origSize=108238
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 102935
cf-request-id: 084c4a243e00004c017e04b000000001
last-modified: Sun, 14 Feb 2021 16:57:25 GMT
server: cloudflare
etag: "60295675-1a6ce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NuiCoXcGh7DPlCJpMO5MA2R8VFCQhc0v3DCyCI%2B6F17SnZ3sQsxG656pUzU%2FdYALQknBIcMifgJ3%2BkXWPsayYcz70fXdHdYWhCj2HxHUZHJ5e0hvfLaA"}],"group":"cf-nel"}
content-type: image/jpeg
expires: Tue, 15 Feb 2022 09:19:25 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 622712e6cba44c01-AMS
cf-bgj: imgq:100,h2pri

GET
H2 200 4UaOrEtFpBISc36j2jDu5w.woff2
fonts.gstatic.com/s/exo/v12/ 20 KB
20 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/exo/v12/4UaOrEtFpBISc36j2jDu5w.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Exo%3A400%2C500italic%2C500%2C400italic%2C700italic%2C700%2C100italic%2C100%2C200italic%2C200%2C300italic%2C300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a418f7ec3567130ba266bedd69716a557c2700073c6bd7eb38763f320218ec7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://mysteriousuniverse.org
Referer: https://fonts.googleapis.com/css?family=Exo%3A400%2C500italic%2C500%2C400italic%2C700italic%2C700%2C100italic%2C100%2C200italic%2C200%2C300italic%2C300
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Feb 2021 01:35:50 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 21:09:44 GMT
server: sffe
age: 296315
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20220
x-xss-protection: 0
expires: Sun, 13 Feb 2022 01:35:50 GMT

GET
H2 200 ProximaNova-Bold.woff2
mysteriousuniverse.org/wp-content/themes/mysterious-universe-2/library/fonts/ 26 KB
26 KB 94ms
94ms Font
font/woff2 172.67.67.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mysteriousuniverse.org/wp-content/themes/mysterious-universe-2/library/fonts/ProximaNova-Bold.woff2
Requested by: Host: mysteriousuniverse.org
URL: https://mysteriousuniverse.org/wp-content/themes/mysterious-universe-2/library/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.67.46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1c14bc9d947ca49cc1afedb7f5acd6e097fd0694bc41b981d071996e6725c9d

Request headers

Origin: https://mysteriousuniverse.org
Referer: https://mysteriousuniverse.org/wp-content/themes/mysterious-universe-2/library/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 11:54:25 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3132271
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 26436
cf-request-id: 084c4a243e00004c014290c000000001
last-modified: Wed, 19 Jul 2017 10:45:00 GMT
server: cloudflare
etag: "596f382c-6744"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Odcltsm8E0%2F8qFkClJGgorWZ8xwyGVPNmb9MCBGlAy9FOyaJ3QbdvS4Ux42kBAmQ9HP%2BskKDpnQr17fyvO57Jj6r73RUAskZ5EKW30EsUUtdNSX1mTFy"}],"group":"cf-nel"}
content-type: font/woff2
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 622712e6cba54c01-AMS
expires: Tue, 11 Jan 2022 05:49:54 GMT

GET
H2 200 hiroshi-ishiguro-robot-cyborg-creator-19tdigbpace105.jpg.ximg_.l_8_m.smart_-999x540.jpg
mysteriousuniverse.org/wp-content/uploads/2021/02/ 51 KB
52 KB 49ms
49ms Image
image/jpeg 172.67.67.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mysteriousuniverse.org/wp-content/uploads/2021/02/hiroshi-ishiguro-robot-cyborg-creator-19tdigbpace105.jpg.ximg_.l_8_m.smart_-999x540.jpg
Requested by: Host: mysteriousuniverse.org
URL: https://mysteriousuniverse.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.67.46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 131487cc539c82755975796d981e0ceda3781d0c24f7602285eb1d88a25dd18a

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 11:54:25 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 96110
cf-polished: origSize=53860
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 52507
cf-request-id: 084c4a24ad00004c0156aa4000000001
last-modified: Sun, 14 Feb 2021 09:59:11 GMT
server: cloudflare
etag: "6028f46f-d264"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZLwxsa7U%2BOJZ1FeVkGCoTOJGOZ0LWYsQo8c5FlznrYulBWNr5AEbrs3rj3BCteSjC3vzCCRa%2FV4N64Sb8xGEvn9YpFBc9M1HLHuZOY66ncj2izCoyw8A"}],"group":"cf-nel"}
content-type: image/jpeg
expires: Tue, 15 Feb 2022 09:12:35 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 622712e77dd64c01-AMS
cf-bgj: imgq:100,h2pri

GET
H2 200 Mask-999x540.jpg
mysteriousuniverse.org/wp-content/uploads/2021/02/ 72 KB
72 KB 67ms
67ms Image
image/jpeg 172.67.67.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mysteriousuniverse.org/wp-content/uploads/2021/02/Mask-999x540.jpg
Requested by: Host: mysteriousuniverse.org
URL: https://mysteriousuniverse.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.67.46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9fee70ca8b935418d1c16c1b38426d21da84eb9ace24dfc85fc1924d00c4edbe

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 11:54:25 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 96293
cf-polished: origSize=75835
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 73652
cf-request-id: 084c4a24b900004c012c157000000001
last-modified: Sun, 14 Feb 2021 04:35:32 GMT
server: cloudflare
etag: "6028a894-1283b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OCvBRfd0%2FgKLcXHUhteOlRAkMEHgHTkZea8E%2FERwL89RtW6k4tiWxEheX%2BK3UfIVT7RtGHQvxm9ZfnHtMQny0dSugu%2Fwynsj29RrcL4Vp8M9Bd%2BSB2Gq"}],"group":"cf-nel"}
content-type: image/jpeg
expires: Tue, 15 Feb 2022 09:09:31 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 622712e77dd74c01-AMS
cf-bgj: imgq:100,h2pri

GET
H2 200 Screen-Shot-2019-08-19-at-5.07.39-PM-999x540.png
mysteriousuniverse.org/wp-content/uploads/2021/02/ 694 KB
695 KB 38ms
38ms Image
image/png 172.67.67.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mysteriousuniverse.org/wp-content/uploads/2021/02/Screen-Shot-2019-08-19-at-5.07.39-PM-999x540.png
Requested by: Host: mysteriousuniverse.org
URL: https://mysteriousuniverse.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.67.46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e2ee67641d5211a85e62f42f79b0d1bd55fb3144dc602072ff6a44b6f1f02a8

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 11:54:25 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 153691
cf-polished: origSize=811420
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 710766
cf-request-id: 084c4a24ad00004c015538b000000001
last-modified: Sun, 14 Feb 2021 10:49:53 GMT
server: cloudflare
etag: "60290051-c619c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WkWaIMuXr2Gh96nTiY48GMVrl7IicSMBbJdZTYX90nROND6vdh971TgJnxTEqN1z%2BEYJk%2FuJ6%2F9Ecp%2FM%2BUEWAY63oIVS4CGWRihH2Jxu8u9cMsbA1HCc"}],"group":"cf-nel"}
content-type: image/png
expires: Mon, 14 Feb 2022 17:12:53 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 622712e77dd84c01-AMS
cf-bgj: imgq:100,h2pri

GET
H2 200 Ghost-1-999x540.jpg
mysteriousuniverse.org/wp-content/uploads/2021/02/ 74 KB
74 KB 109ms
109ms Image
image/jpeg 172.67.67.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mysteriousuniverse.org/wp-content/uploads/2021/02/Ghost-1-999x540.jpg
Requested by: Host: mysteriousuniverse.org
URL: https://mysteriousuniverse.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.67.46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c250aef157e0599cc2aabfe98bc4859f1128c1960500b77974d212fc70a9514

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 11:54:25 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 154011
cf-polished: origSize=77625
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 75370
cf-request-id: 084c4a24ae00004c019c379000000001
last-modified: Sun, 14 Feb 2021 02:54:23 GMT
server: cloudflare
etag: "602890df-12f39"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1hKI8VGyRppgYvr0GNHBRDpkij1iXk7Z1ycpwsoDTmce4TeXcGfGEDTO8BJG%2B6q%2FI3I95E7uvfQ1DW41HzoXTe45cNwjWoTNMEWblgAp7IEQlWNrmF2Q"}],"group":"cf-nel"}
content-type: image/jpeg
expires: Mon, 14 Feb 2022 17:07:34 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 622712e77ddb4c01-AMS
cf-bgj: imgq:100,h2pri

GET
H2 200 science-fiction-4255632_1920-e1613222853238-999x540.jpg
mysteriousuniverse.org/wp-content/uploads/2021/02/ 45 KB
46 KB 43ms
43ms Image
image/jpeg 172.67.67.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mysteriousuniverse.org/wp-content/uploads/2021/02/science-fiction-4255632_1920-e1613222853238-999x540.jpg
Requested by: Host: mysteriousuniverse.org
URL: https://mysteriousuniverse.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.67.46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8568c9c938f0e8d92403150ba7ecab4a5b607b308a9d81cc349e28f59578c8da

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 11:54:25 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 182106
cf-polished: origSize=49951
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 46356
cf-request-id: 084c4a24ae00004c0139a6f000000001
last-modified: Sat, 13 Feb 2021 13:27:34 GMT
server: cloudflare
etag: "6027d3c6-c31f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=temchlD9SOS4Js8699bSCWZk4gQg8SlreNFq%2BZlK1Fa7nUsiChGjSefIb2L1a287kQjdlVQx4h2rseR5d7%2BO1zDZkRRO1OyFNL7BQRzBLhCc%2Bjsq2%2B%2FV"}],"group":"cf-nel"}
content-type: image/jpeg
expires: Mon, 14 Feb 2022 09:19:19 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 622712e77ddc4c01-AMS
cf-bgj: imgq:100,h2pri

GET
H2 200 ewscripps.brightspotcdn-999x540.jpg
mysteriousuniverse.org/wp-content/uploads/2021/02/ 32 KB
33 KB 66ms
66ms Image
image/jpeg 172.67.67.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mysteriousuniverse.org/wp-content/uploads/2021/02/ewscripps.brightspotcdn-999x540.jpg
Requested by: Host: mysteriousuniverse.org
URL: https://mysteriousuniverse.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.67.46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8171586206e3897704baf9ec73c0bebdf3410b5fddc9407fa62561163d92655b

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 11:54:25 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 182192
cf-polished: origSize=34410
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 33041
cf-request-id: 084c4a24b000004c015538c000000001
last-modified: Sat, 13 Feb 2021 10:21:38 GMT
server: cloudflare
etag: "6027a832-866a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MAk6DwE2D1Sy8XUUqndAalUuMxOTyZkCOhFo%2FQcB2mWvNKATBnSFtt2lgdLwjVCYrUMNmIgvR%2BEUHl6hj7HNeIPaO1GM%2FUpJLhzCjycL64aqK0u83iao"}],"group":"cf-nel"}
content-type: image/jpeg
expires: Mon, 14 Feb 2022 09:17:53 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 622712e77dde4c01-AMS
cf-bgj: imgq:100,h2pri

GET
H2 200 sidebar-plus-ad-graphic.png
mysteriousuniverse.org/wp-content/themes/mysterious-universe-2/library/images/content/ 9 KB
10 KB 67ms
67ms Image
image/png 172.67.67.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mysteriousuniverse.org/wp-content/themes/mysterious-universe-2/library/images/content/sidebar-plus-ad-graphic.png
Requested by: Host: mysteriousuniverse.org
URL: https://mysteriousuniverse.org/wp-content/themes/mysterious-universe-2/library/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.67.46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5054ac7eb27432e1bfc75abc76eec2e2fae00c034e421784105fcc2a836d2807

Request headers

Referer: https://mysteriousuniverse.org/wp-content/themes/mysterious-universe-2/library/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 11:54:25 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 8577099
cf-polished: origSize=11087
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 9656
cf-request-id: 084c4a24ae00004c013c099000000001
last-modified: Wed, 19 Jul 2017 10:46:00 GMT
server: cloudflare
etag: "596f3868-2b4f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zYJkmR%2Fa5WvnuNyQAWjNaOoOT9ig99BTTGRwk%2Bh3COZt72JjtxrsQWVXzBOIf1joOYHE%2FDzEYyDkq%2F6nkRBsk8UH3K%2FloBBjf0HdbmPKQq6kAT8CW2Tp"}],"group":"cf-nel"}
content-type: image/png
expires: Tue, 09 Nov 2021 05:22:46 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 622712e77de04c01-AMS
cf-bgj: imgq:100,h2pri

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 4 B
395 B 46ms
13ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=790411376&t=pageview&_s=1&dl=https%3A%2F%2Fmysteriousuniverse.org%2F&ul=en-us&de=UTF-8&dt=Mysterious%20Universe&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABCAAAAC~&jid=546358427&gjid=1731851473&cid=1528077849.1613476466&tid=UA-10374297-1&_gid=1275760365.1613476466&_r=1&_slc=1&did=dZGIzZG&z=1966025116

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 16 Feb 2021 11:54:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mysteriousuniverse.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 67ms
22ms Other
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fmysteriousuniverse.org%2F&domain=mysteriousuniverse.org&cw=1

Protocol

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://mysteriousuniverse.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: https://mysteriousuniverse.org
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1984
date: Tue, 16 Feb 2021 11:54:25 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 115 KB
30 KB 171ms
75ms Script
application/javascript 65.9.95.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adn-hb/adn.mu.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 130eab0b79272570e565d77bb286b5755b9aae8f33efe8af7a2689bf8eabb859

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 11:50:09 GMT
content-encoding: gzip
server: Server
age: 256
etag: d7c8ebbead57940cf77ae4183f7ff01a
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 b9288402a0a891e0bbaca832ecabae61.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: PRG50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-version-id: pkiOsnrw5ub40d2SPOSAjPBBoA7O4uIM
x-amz-cf-id: 4OtztBaKpQ6-AfH9Ag6PPCMyOoW4znUT5J-8d_Sj8yrkSCNlJNQglA==

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fmysteriousuniverse.org%2F&domain=mysteriousuniverse.org&cw=1
https://mug.criteo.com/sid?cpp=rmqvVHx6MFExM1pzKzVKek1IMllpWlZQTWFGeWNWOUlDcExFTS9GSGZPeTBVUlhEMCtiVmZBSUI1Y1VhOGprM1hGdzFNTEdVWkt0SjUyNmtzSExvZ3d2dzZxMk5aMVI0bExaeHRXVUhJRXI1UjdZZmZZK01UU3NZRkRkbk...

369 B
645 B

65ms
22ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=rmqvVHx6MFExM1pzKzVKek1IMllpWlZQTWFGeWNWOUlDcExFTS9GSGZPeTBVUlhEMCtiVmZBSUI1Y1VhOGprM1hGdzFNTEdVWkt0SjUyNmtzSExvZ3d2dzZxMk5aMVI0bExaeHRXVUhJRXI1UjdZZmZZK01UU3NZRkRkbkZWSytmZFNVMjY2Tmtzd2xtN0xMRUJQZkNCRUtCRlZHSU83RDVmUVl0L0Q3UzZUZDExOVlhT21TbFZYVVZEWDFDa25wcUJTSERQTTNvZFJHanFFMENFWkFMcjJXYWhwUHBXZjZlR0ZSOTBZanNEL2JIekRjPXw&cppv=2

Requested by

Host: mysteriousuniverse.org
URL: https://mysteriousuniverse.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

6f8d232e8911fed1c01cb9483f0604caac23576096d3f5561fa5e015defee434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Tue, 16 Feb 2021 11:54:25 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2254
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Tue, 16 Feb 2021 11:54:25 GMT
location: https://mug.criteo.com/sid?cpp=rmqvVHx6MFExM1pzKzVKek1IMllpWlZQTWFGeWNWOUlDcExFTS9GSGZPeTBVUlhEMCtiVmZBSUI1Y1VhOGprM1hGdzFNTEdVWkt0SjUyNmtzSExvZ3d2dzZxMk5aMVI0bExaeHRXVUhJRXI1UjdZZmZZK01UU3NZRkRkbkZWSytmZFNVMjY2Tmtzd2xtN0xMRUJQZkNCRUtCRlZHSU83RDVmUVl0L0Q3UzZUZDExOVlhT21TbFZYVVZEWDFDa25wcUJTSERQTTNvZFJHanFFMENFWkFMcjJXYWhwUHBXZjZlR0ZSOTBZanNEL2JIekRjPXw&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://mysteriousuniverse.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2185
content-length: 482
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
718 B 80ms
27ms XHR
application/json 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adn-hb/adn.mu.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 16 Feb 2021 11:54:25 GMT
X-Proxy-Origin: 82.102.19.136; 82.102.19.136; 539.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.253:80
AN-X-Request-Uuid: f58855e4-b065-425e-9c10-4fb8db4b5789
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://mysteriousuniverse.org
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK img.fetch Show response
udmserve.net/udm/ 10 KB
2 KB 658ms
174ms XHR
application/x-javascript 68.71.249.118
ZEROLAG

General

Check archive.org

Show headers Download Go to

Full URL: https://udmserve.net/udm/img.fetch?tid=1&dt=10&sid=14920&sizes=300x600%2C300x250%2C300x250%2C336x280%2C300x250%2C336x280%2C300x250%2C336x280%2C300x250%2C728x90%2C468x60&version=3.5V
Requested by: Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adn-hb/adn.mu.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 68.71.249.118 , United States, ASN20093 (ZEROLAG, US),
Reverse DNS
Software: /
Resource Hash: dec14ea70c877a7cad300aeb183e1585ec95bea1ab67d73f56be8c3cf226219d

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 16 Feb 2021 11:54:26 GMT
Content-Encoding: gzip
P3p: NOI DSP CURa ADMa DEVa PSAa PSDa OUR IND UNI COM NAV INT
Access-Control-Allow-Origin: https://mysteriousuniverse.org
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/x-javascript
Content-Length: 1728
Expires: 0

GET
H2 200 arj Show response
adnimation-d.openx.net/w/1.0/ 174 B
564 B 740ms
685ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adnimation-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fmysteriousuniverse.org%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=b3c61863-0ac8-479e-80cb-461f1f9bfe7f%2C6d14ecf0-930c-4dbe-8fb6-b04bfa692ca1%2C6bc4d683-920a-493c-abad-d61a9ca18f35%2C751ce022-2a7a-46d0-8284-ba47a8e7ea3b%2C19302eac-9520-4230-ac9f-04afff5f595f%2C6e1645e3-e469-4f66-8e97-655e98df4781%2Cf9a934df-31d4-44cd-a8d8-688d5bf13548&nocache=1613476465918&pubcid=cb322e5b-0fdb-4514-b00e-294a97c105c7&schain=1.0%2C1!adnimation.com%2C20200018%2C1%2C%2C%2C&aus=300x600%7C300x250%7C300x250%7C336x280%2C300x250%7C336x280%2C300x250%7C336x280%2C300x250%7C728x90%2C468x60&divIds=div-gpt-ad-1500210453292-7%2Cdiv-gpt-ad-1500210453292-6%2Cdiv-gpt-ad-1500210453292-5%2Cdiv-gpt-ad-1500210453292-3%2Cdiv-gpt-ad-1500210453292-2%2Cdiv-gpt-ad-1500210453292-1%2Cdiv-gpt-ad-1500210453292-0&auid=540146339%2C540146339%2C540146339%2C540146339%2C540146339%2C540146339%2C540146339
Requested by: Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adn-hb/adn.mu.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.202.0 /
Resource Hash: 08841be6bbed6dde3ab820b30dc3d3e892b9fabbe04c266ca209cc522c3ee2cd

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 16 Feb 2021 11:54:26 GMT
content-encoding: gzip
server: OXGW/16.202.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://mysteriousuniverse.org
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 163
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 25 B
376 B 284ms
233ms XHR
application/json 23.37.38.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=295574&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2225ca7eff3c0e349%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fmysteriousuniverse.org%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adnimation.com%22%2C%22sid%22%3A%2220200018%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2226c2f3d8aca3741%22%2C%22ext%22%3A%7B%22siteID%22%3A%22295574%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%222782d50114b045e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22295573%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2228913e63a231345%22%2C%22ext%22%3A%7B%22siteID%22%3A%22295573%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%222918f34616305ae%22%2C%22ext%22%3A%7B%22siteID%22%3A%22295572%22%2C%22sid%22%3A%22336x280%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22307f1a2bedae957%22%2C%22ext%22%3A%7B%22siteID%22%3A%22295573%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22312b95f898f94d1%22%2C%22ext%22%3A%7B%22siteID%22%3A%22295572%22%2C%22sid%22%3A%22336x280%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22325076e409f23a6%22%2C%22ext%22%3A%7B%22siteID%22%3A%22295573%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2233cd289b6d97743%22%2C%22ext%22%3A%7B%22siteID%22%3A%22295572%22%2C%22sid%22%3A%22336x280%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22344538bbb0cd149%22%2C%22ext%22%3A%7B%22siteID%22%3A%22295573%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2235fd3ff2ea5f2c5%22%2C%22ext%22%3A%7B%22siteID%22%3A%22295571%22%2C%22sid%22%3A%22468x60%22%7D%2C%22banner%22%3A%7B%22w%22%3A468%2C%22h%22%3A60%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2236dc266ec842f75%22%2C%22ext%22%3A%7B%22siteID%22%3A%22295570%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adn-hb/adn.mu.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-38-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7e13fb66279fff7b4624d616cb5e77522cfba3275b38c25f1a2e844c68c2e3e0

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 16 Feb 2021 11:54:26 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[BE], RC:[], CN:[EU], CIP:[82.102.19.136], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
content-type: application/json
access-control-allow-origin: https://mysteriousuniverse.org
x-cs-client-geo: 28
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 45
x-ak-client-geo: 28
expires: Tue, 16 Feb 2021 11:54:26 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
717 B 85ms
36ms XHR
application/json 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adn-hb/adn.mu.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 16 Feb 2021 11:54:25 GMT
X-Proxy-Origin: 82.102.19.136; 82.102.19.136; 539.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.90:80
AN-X-Request-Uuid: b3ca8712-7a7d-478f-a40c-324cbe7270d0
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://mysteriousuniverse.org
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
152 B 57ms
19ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.21.0&cb=55418606483
Requested by: Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adn-hb/adn.mu.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://mysteriousuniverse.org
date: Tue, 16 Feb 2021 11:54:25 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ 221 B
796 B 78ms
20ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2254e34ab439d430a%22%3A%22582b1466c56f4f2bd82c%7C300x600%22%2C%2255b0595801f756e%22%3A%22582b1466c56f4f2bd82c%7C300x250%22%2C%2256360afaca327ea%22%3A%22582b1466c56f4f2bd82c%7C300x250%22%2C%22573a9591798ce12%22%3A%22582b1466c56f4f2bd82c%7C336x280%2C300x250%22%2C%2258571e6cb702028%22%3A%22582b1466c56f4f2bd82c%7C336x280%2C300x250%22%2C%225915f930f0e5f7d%22%3A%22582b1466c56f4f2bd82c%7C336x280%2C300x250%22%2C%2260a46dadcd15a1f%22%3A%22582b1466c56f4f2bd82c%7C728x90%2C468x60%22%7D&ref=https%3A%2F%2Fmysteriousuniverse.org%2F&s=d4ee9490-49ab-4d1b-8dfa-a13ce3906918&pv=74758542-976f-4e10-8b9a-df8156425245&vp=desktop&lib_name=prebid&lib_v=4.21.0&us=5&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adnimation.com%22%2C%22sid%22%3A%2220200018%22%2C%22hp%22%3A1%7D%5D%7D&userid=%7B%22pubcid%22%3A%22cb322e5b-0fdb-4514-b00e-294a97c105c7%22%7D

Requested by

Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adn-hb/adn.mu.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

47805a89ba20d1ea9412d8e24c92d09979474478c85f19c78e5237b26833d98b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 16 Feb 2021 11:54:25 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-132
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://mysteriousuniverse.org
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 175
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 66 B
639 B 321ms
107ms XHR
application/json 34.200.78.134
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=dhaJtmHSGr6ykdaKlId8sQ
Requested by: Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adn-hb/adn.mu.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.200.78.134 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-200-78-134.compute-1.amazonaws.com
Software: / 33Across
Resource Hash: 1735607651409989d409148f7bb40448d0a0bd05dfa02009d6ff7d3d34e641bc

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 16 Feb 2021 11:54:26 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://mysteriousuniverse.org
access-control-allow-credentials: true

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 66 B
649 B 401ms
187ms XHR
application/json 34.200.78.134
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=dhaJtmHSGr6ykdaKlId8sQ
Requested by: Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adn-hb/adn.mu.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.200.78.134 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-200-78-134.compute-1.amazonaws.com
Software: / 33Across
Resource Hash: 80d7d00b313fb67740ade8be1822f9ab57ee62d51f883c39f9e84329ba95ea8e

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 16 Feb 2021 11:54:26 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://mysteriousuniverse.org
access-control-allow-credentials: true

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 64 B
640 B 333ms
119ms XHR
application/json 34.200.78.134
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=dhaJtmHSGr6ykdaKlId8sQ
Requested by: Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adn-hb/adn.mu.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.200.78.134 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-200-78-134.compute-1.amazonaws.com
Software: / 33Across
Resource Hash: 74654c72a0d572d3233096979d5f31ff0ef6dc352e68778354b2c0fc006845f5

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 16 Feb 2021 11:54:26 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://mysteriousuniverse.org
access-control-allow-credentials: true

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 66 B
650 B 332ms
118ms XHR
application/json 34.200.78.134
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=dhaJtmHSGr6ykdaKlId8sQ
Requested by: Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adn-hb/adn.mu.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.200.78.134 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-200-78-134.compute-1.amazonaws.com
Software: / 33Across
Resource Hash: b3982dd523d30b12a00627dc23dc23419f13511add8aa88fefaaef375feed04f

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 16 Feb 2021 11:54:26 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://mysteriousuniverse.org
access-control-allow-credentials: true

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 66 B
646 B 401ms
187ms XHR
application/json 34.200.78.134
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=dhaJtmHSGr6ykdaKlId8sQ
Requested by: Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adn-hb/adn.mu.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.200.78.134 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-200-78-134.compute-1.amazonaws.com
Software: / 33Across
Resource Hash: 7c6587309083334f2f53742f5a4402e914bf25a76c51252a4b6558b8e20c150f

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 16 Feb 2021 11:54:26 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://mysteriousuniverse.org
access-control-allow-credentials: true

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 66 B
644 B 333ms
120ms XHR
application/json 34.200.78.134
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=dhaJtmHSGr6ykdaKlId8sQ
Requested by: Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adn-hb/adn.mu.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.200.78.134 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-200-78-134.compute-1.amazonaws.com
Software: / 33Across
Resource Hash: e76928708e65e70ed832a3a738938b96e67dceb8b7e707b8154b275cc7adfc8c

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 16 Feb 2021 11:54:26 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://mysteriousuniverse.org
access-control-allow-credentials: true

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 66 B
642 B 401ms
188ms XHR
application/json 34.200.78.134
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=dhaJtmHSGr6ykdaKlId8sQ
Requested by: Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adn-hb/adn.mu.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.200.78.134 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-200-78-134.compute-1.amazonaws.com
Software: / 33Across
Resource Hash: 2afe6aff74c27197c2fe97af2717aae62ff16aabbb1af52271bed11390f0120b

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 16 Feb 2021 11:54:26 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://mysteriousuniverse.org
access-control-allow-credentials: true

POST
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
118 B 98ms
39ms XHR
text/plain 3.123.191.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by: Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adn-hb/adn.mu.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.191.65 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-191-65.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://mysteriousuniverse.org
date: Tue, 16 Feb 2021 11:54:26 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
118 B 104ms
46ms XHR
text/plain 3.123.191.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by: Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adn-hb/adn.mu.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.191.65 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-191-65.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://mysteriousuniverse.org
date: Tue, 16 Feb 2021 11:54:26 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
118 B 120ms
62ms XHR
text/plain 3.123.191.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by: Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adn-hb/adn.mu.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.191.65 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-191-65.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://mysteriousuniverse.org
date: Tue, 16 Feb 2021 11:54:26 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
119 B 95ms
38ms XHR
text/plain 3.123.191.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by: Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adn-hb/adn.mu.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.191.65 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-191-65.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://mysteriousuniverse.org
date: Tue, 16 Feb 2021 11:54:26 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
118 B 97ms
39ms XHR
text/plain 3.123.191.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by: Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adn-hb/adn.mu.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.191.65 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-191-65.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://mysteriousuniverse.org
date: Tue, 16 Feb 2021 11:54:26 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
118 B 97ms
39ms XHR
text/plain 3.123.191.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by: Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adn-hb/adn.mu.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.191.65 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-191-65.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://mysteriousuniverse.org
date: Tue, 16 Feb 2021 11:54:26 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
118 B 103ms
46ms XHR
text/plain 3.123.191.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by: Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adn-hb/adn.mu.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.191.65 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-191-65.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://mysteriousuniverse.org
date: Tue, 16 Feb 2021 11:54:26 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
118 B 97ms
40ms XHR
text/plain 3.123.191.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by: Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adn-hb/adn.mu.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.191.65 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-191-65.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://mysteriousuniverse.org
date: Tue, 16 Feb 2021 11:54:26 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
118 B 96ms
39ms XHR
text/plain 3.123.191.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by: Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adn-hb/adn.mu.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.191.65 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-191-65.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://mysteriousuniverse.org
date: Tue, 16 Feb 2021 11:54:26 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
118 B 97ms
41ms XHR
text/plain 3.123.191.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by: Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adn-hb/adn.mu.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.191.65 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-191-65.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://mysteriousuniverse.org
date: Tue, 16 Feb 2021 11:54:26 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
90 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-10374297-1&cid=1528077849.1613476466&jid=546358427&gjid=1731851473&_gid=1275760365.1613476466&_u=YEBAAUAACAAAAC~&z=1274871320

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 16 Feb 2021 11:54:25 GMT
content-type: text/plain
access-control-allow-origin: https://mysteriousuniverse.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK count.js Show response
mysteriousuniverse.disqus.com/ 1 KB
2 KB 85ms
28ms Script
application/javascript 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://mysteriousuniverse.disqus.com/count.js

Requested by

Host: mysteriousuniverse.org
URL: https://mysteriousuniverse.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 16 Feb 2021 11:54:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 1573079
P3P: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Connection: keep-alive
Content-Length: 871
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 28 Jan 2021 23:50:44 GMT
Server: nginx
ETag: "60134dd4-367"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=300
X-Amz-Cf-Pop: DFW3-C1
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
X-Amz-Cf-Id: eqGT5SkgpFSvtvJxgQ5TkBsN-blSoz7iaumQNZ-2dR6b5Zv1ZK_0Nw==

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 77ms
27ms Other
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1361
date: Tue, 16 Feb 2021 11:54:25 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
375 B 110ms
109ms XHR
text/javascript 65.9.95.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fmysteriousuniverse.org%2F&pid=WwW7RBklXlUlK&cb=0&ws=1600x1200&v=7.59.00&t=1700&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22300x600%22%5D%2C%22sn%22%3A%22MysteriousUniverse%2Fmysteriousu_sidebanner_300x600_sticky%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22MysteriousUniverse%2Fmysteriousu_sidebanner_300x250_2%22%7D%2C%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22MysteriousUniverse%2Fmysteriousu_sidebanner_300x250_1%22%7D%2C%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%22336x280%22%2C%22300x250%22%5D%2C%22sn%22%3A%22MysteriousUniverse%2Fmysteriousu_midbanner_article_3%22%7D%2C%7B%22sd%22%3A%224%22%2C%22s%22%3A%5B%22336x280%22%2C%22300x250%22%5D%2C%22sn%22%3A%22MysteriousUniverse%2Fmysteriousu_midbanner_article_2%22%7D%2C%7B%22sd%22%3A%225%22%2C%22s%22%3A%5B%22336x280%22%2C%22300x250%22%5D%2C%22sn%22%3A%22MysteriousUniverse%2Fmysteriousu_midbanner_article_1%22%7D%2C%7B%22sd%22%3A%226%22%2C%22s%22%3A%5B%22728x90%22%2C%22468x60%22%5D%2C%22sn%22%3A%22MysteriousUniverse%2Fmysteriousu_topbanner_article%22%7D%5D&cfgv=0&schain=1.0%2C1!adnimation.com%2C20200018%2C1%2C%2C%2C&pubid=5dff1804-8b85-4514-bcc6-4b8fb563a913&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 11:54:26 GMT
via: 1.1 b9288402a0a891e0bbaca832ecabae61.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: PRG50-C1
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://mysteriousuniverse.org
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: EfeX6uetP33XxLjbRx9C2VvGqI5y-dWGA_SoNh5t_Eczix8gVTc9dQ==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 153ms
61ms XHR
application/javascript 65.9.95.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: 8kbPIzTLk7_TMvnggUSDACBTugDfX2qC
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 12418
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 29 Jan 2021 06:42:57 GMT
server: AmazonS3
date: Tue, 16 Feb 2021 08:27:29 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 ca6609f4a83e693c532f54c00146f5f8.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: PRG50-C1
x-amz-cf-id: 9CS5BenwZ4LJfHJUpcGQ2YVnYtkGRHvJtamFvnTgSJW-iWznl0aSGw==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 56 KB
19 KB 86ms
31ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adn-hb/adn.mu.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

d76aacb2aa3a566f0baf336650acaed2b9c545f88ea10bf1fb040327982cb28b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 11:54:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "785 / 211 of 1000 / last-modified: 1613471994"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19422
x-xss-protection: 0
expires: Tue, 16 Feb 2021 11:54:26 GMT

GET
H3-Q050 200 pubads_impl_2021021101.js Show response
securepubads.g.doubleclick.net/gpt/ 289 KB
101 KB 70ms
39ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js?31060147

Requested by

Host: mysteriousuniverse.org
URL: https://mysteriousuniverse.org/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

a533e6ac10f159c258a7737b2a63378e910622fcc61e6c90be14d6d95328fb64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 11:54:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 11 Feb 2021 09:38:54 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 103545
x-xss-protection: 0
expires: Tue, 16 Feb 2021 11:54:26 GMT

GET
H2 200 addresses.json Show response
revboostprocdnadsprod.azureedge.net/config/ 501 B
897 B 100ms
25ms XHR
application/octet-stream 152.195.132.161
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://revboostprocdnadsprod.azureedge.net/config/addresses.json
Requested by: Host: revboostprocdnadsprod.azureedge.net
URL: https://revboostprocdnadsprod.azureedge.net/scripts/latest/min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.132.161 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FD4) /
Resource Hash: 4e3a5d4a93912f646d85f40c41cced056c0bfe005125b7c80e5af25464e9318f

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 16 Feb 2021 11:54:26 GMT
content-md5: PWe5SpmK0k70j3GJAm3NiQ==
age: 178
x-ms-meta-cbmodifiedtime: Sun, 15 Oct 2017 10:12:47 GMT
x-cache: HIT
content-length: 501
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Sun, 16 Dec 2018 20:12:59 GMT
server: ECAcc (frc/8FD4)
etag: "0x8D66392DFE6C1FA"
content-type: application/octet-stream
access-control-allow-origin: *
x-ms-request-id: 13c6cd53-101e-0001-6b5a-04addb000000
access-control-expose-headers: content-length
cache-control: public, max-age=180
x-ms-version: 2014-02-14
accept-ranges: bytes

GET
H2 200 amap.json Show response
revboostprocdnadsprod.azureedge.net/adsdata/c28258c1-3c87-4fa3-9a6f-e2d08e9b86af/ 597 B
592 B 25ms
25ms XHR
application/json 152.195.132.161
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://revboostprocdnadsprod.azureedge.net/adsdata/c28258c1-3c87-4fa3-9a6f-e2d08e9b86af/amap.json
Requested by: Host: revboostprocdnadsprod.azureedge.net
URL: https://revboostprocdnadsprod.azureedge.net/scripts/latest/min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.132.161 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FF0) /
Resource Hash: 3d39d927bb4cb859f1352377394dd7bf0d34338e8ea811ec52361082d8a3ee4f

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 16 Feb 2021 11:54:26 GMT
content-encoding: gzip
content-md5: 7AzCuNLWztSNKVAhgs/ncg==
age: 8
x-cache: HIT
content-length: 396
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Wed, 06 Feb 2019 06:32:38 GMT
server: ECAcc (frc/8FF0)
etag: "0x8D68BFCE385E1AB+gzip"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 5210d4a4-601e-002c-105a-042e1b000000
access-control-expose-headers: content-length
cache-control: public, max-age=30
x-ms-version: 2014-02-14

GET
H2 200 integrator.js Show response
adservice.google.be/adsid/ 109 B
803 B 60ms
28ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.be/adsid/integrator.js?domain=mysteriousuniverse.org

Requested by

Host: mysteriousuniverse.org
URL: https://mysteriousuniverse.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Feb 2021 11:54:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
803 B 48ms
28ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=mysteriousuniverse.org

Requested by

Host: mysteriousuniverse.org
URL: https://mysteriousuniverse.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Feb 2021 11:54:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 320 KB
39 KB 524ms
524ms XHR
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=228222520886625&correlator=1813666346958163&output=ldjh&impl=fifs&eid=21068773%2C21068891%2C21069980%2C31060147%2C31060156%2C21069740&vrg=2021021101&ptt=17&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20210216&iu_parts=30438525%2CMysteriousUniverse%2Cmysteriousu_sidebanner_300x600_sticky%2Cmysteriousu_sidebanner_300x250_2%2Cmysteriousu_sidebanner_300x250_1%2Cmysteriousu_midbanner_article_3%2Cmysteriousu_midbanner_article_2%2Cmysteriousu_midbanner_article_1%2Cmysteriousu_topbanner_article&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5%2C%2F0%2F1%2F6%2C%2F0%2F1%2F7%2C%2F0%2F1%2F8&prev_iu_szs=300x600%2C300x250%2C300x250%2C300x250%7C336x280%2C300x250%7C336x280%2C300x250%7C336x280%2C468x60%7C728x90&prev_scp=amznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2&cust_params=refreshIteration%3D0%26ImpressionNumber%3D0&cookie_enabled=1&bc=31&abxe=1&lmt=1613476466&dt=1613476466922&dlt=1613476465414&idt=1481&frm=20&biw=1600&bih=1200&oid=3&adxs=1115%2C1115%2C1115%2C-9%2C-9%2C451%2C155&adys=2471%2C1426%2C1176%2C-9%2C-9%2C1827%2C563&adks=1895883553%2C3448965918%2C276638480%2C1927591895%2C1374660099%2C2428246437%2C2594631967&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fmysteriousuniverse.org%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=360x600%7C300x500%7C300x500%7C0x-1%7C0x-1%7C892x4368%7C1366x5029&msz=300x-1%7C300x-1%7C300x-1%7C0x-1%7C0x-1%7C892x250%7C1290x60&ga_vid=1528077849.1613476466&ga_sid=1613476467&ga_hid=790411376&ga_wpids=UA-10374297-1&fws=516%2C516%2C516%2C2%2C2%2C4%2C4&ohw=1600%2C1600%2C1600%2C0%2C0%2C1600%2C1600

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js?31060147

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

34c5b3ab84ba37d3260b990132df9c3ae33f04a924f0d42636d678483224f75f

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CP-grJ2s7u4CFdfauwgd0UkF1Q&gqi=&layout=/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CP-grJ2s7u4CFdfauwgd0UkF1Q&gqi=&layout=/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1,-1,-1,-1,-1,-1,-1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39148
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1,-1,-1,-1
pragma: no-cache
server: cafe
date: Tue, 16 Feb 2021 11:54:27 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://mysteriousuniverse.org
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
7928b0d059175ec011f162638637c54a.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 45ms
14ms Other
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://7928b0d059175ec011f162638637c54a.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: mysteriousuniverse.org
URL: https://mysteriousuniverse.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 25ms
6ms Other
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: mysteriousuniverse.org
URL: https://mysteriousuniverse.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 56 KB
20 KB 34ms
14ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: revboostprocdnadsprod.azureedge.net
URL: https://revboostprocdnadsprod.azureedge.net/scripts/latest/min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db02299b6b00e309b02a69a06dc6e37d6196d07695026501d2aeb0770b62e095

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 11:54:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "785 / 668 of 1000 / last-modified: 1613471914"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 19420
x-xss-protection: 0
expires: Tue, 16 Feb 2021 11:54:26 GMT

GET
H3-Q050 200 container.html Show response
7928b0d059175ec011f162638637c54a.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 2253 6 KB
3 KB 34ms
20ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7928b0d059175ec011f162638637c54a.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: mysteriousuniverse.org
URL: https://mysteriousuniverse.org/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 7928b0d059175ec011f162638637c54a.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://mysteriousuniverse.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://mysteriousuniverse.org/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2973
date: Tue, 16 Feb 2021 11:54:26 GMT
expires: Wed, 16 Feb 2022 11:54:26 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 36ms
21ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js?31060147

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80a1ae567d396855243284e674876bb0d856f0e7a18d3c0142f0828513716dfe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 11:54:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1612960672666234"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28344
x-xss-protection: 0
expires: Tue, 16 Feb 2021 11:54:27 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
232 B 42ms
42ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sz&pvsid=228222520886625&r=300x250%7C336x280&w=336&h=280&a=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Feb 2021 11:54:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012010270040000/ Frame 96BF 180 KB
51 KB 31ms
4ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js?31060147

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2ab9ac436910017b9a2ca7db0e981bad3638db97f576d713eaa9b302e06c094

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 438954
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51478
x-xss-protection: 0
server: sffe
date: Thu, 11 Feb 2021 09:58:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "0305d7d21a7fe4a1"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Feb 2022 09:58:33 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 96BF 13 KB
5 KB 58ms
31ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js?31060147

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 1096
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4850
x-xss-protection: 0
server: sffe
date: Tue, 16 Feb 2021 11:36:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "77bd676d834aaa8d"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Feb 2022 11:36:11 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 96BF 90 KB
27 KB 58ms
32ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js?31060147

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 318229
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27668
x-xss-protection: 0
server: sffe
date: Fri, 12 Feb 2021 19:30:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1304c1c0caf7ca3c"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Feb 2022 19:30:38 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 96BF 3 KB
1 KB 68ms
41ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js?31060147

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 201340
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1350
x-xss-protection: 0
server: sffe
date: Sun, 14 Feb 2021 03:58:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "12c034eb739190af"
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 14 Feb 2022 03:58:47 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 96BF 41 KB
13 KB 67ms
41ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js?31060147

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 9409
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13075
x-xss-protection: 0
server: sffe
date: Tue, 16 Feb 2021 09:17:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1e8a1dae72af56cd"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Feb 2022 09:17:38 GMT

GET
DATA 200
OK truncated
/ Frame 96BF 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 57817eee1ca81491b3688acf8d3603dcffd933f11a7552f771d4bbf56dec271e

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012010270040000/ Frame CCE3 180 KB
50 KB 34ms
14ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js?31060147

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2ab9ac436910017b9a2ca7db0e981bad3638db97f576d713eaa9b302e06c094

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 438954
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51478
x-xss-protection: 0
server: sffe
date: Thu, 11 Feb 2021 09:58:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "0305d7d21a7fe4a1"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Feb 2022 09:58:33 GMT

GET
H3-Q050 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame CCE3 13 KB
5 KB 43ms
20ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js?31060147

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 404883
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4850
x-xss-protection: 0
server: sffe
date: Thu, 11 Feb 2021 19:26:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "77bd676d834aaa8d"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Feb 2022 19:26:24 GMT

GET
H3-Q050 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame CCE3 90 KB
27 KB 44ms
21ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js?31060147

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 318229
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27668
x-xss-protection: 0
server: sffe
date: Fri, 12 Feb 2021 19:30:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1304c1c0caf7ca3c"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Feb 2022 19:30:38 GMT

GET
H3-Q050 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame CCE3 3 KB
1 KB 45ms
22ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js?31060147

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 201340
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1350
x-xss-protection: 0
server: sffe
date: Sun, 14 Feb 2021 03:58:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "12c034eb739190af"
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 14 Feb 2022 03:58:47 GMT

GET
H3-Q050 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame CCE3 41 KB
13 KB 46ms
23ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js?31060147

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 9409
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13075
x-xss-protection: 0
server: sffe
date: Tue, 16 Feb 2021 09:17:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1e8a1dae72af56cd"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Feb 2022 09:17:38 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame CCE3 6 KB
1 KB 54ms
38ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js?31060147

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5018230bc803da921c5e52b4c9e13973754ca8819e302dfe47320decd606a335

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 10:34:08 GMT
server: ESF
date: Tue, 16 Feb 2021 11:54:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Feb 2021 11:54:27 GMT

GET
H3-Q050 200 2076313506083323656
tpc.googlesyndication.com/simgad/16329105880814382488/ Frame CCE3 59 KB
59 KB 54ms
36ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16329105880814382488/2076313506083323656

Requested by

Host: mysteriousuniverse.org
URL: https://mysteriousuniverse.org/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b459c989eba7420bb183c8294ce41fbe2063d4b7fa347226cd847ef0394a2af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 16:17:23 GMT
x-content-type-options: nosniff
age: 329824
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60463
x-xss-protection: 0
last-modified: Fri, 27 Nov 2020 15:39:46 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Feb 2022 16:17:23 GMT

GET
H3-Q050 404 downsize_200k_v1
tpc.googlesyndication.com/simgad/5492461909624764709/ Frame CCE3 43 B
65 B 128ms
111ms Image
image/gif 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5492461909624764709/downsize_200k_v1?w=100&h=100

Requested by

Host: mysteriousuniverse.org
URL: https://mysteriousuniverse.org/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 11:54:27 GMT
x-content-type-options: nosniff
server: sffe
x-dns-prefetch-control: off
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=0
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Tue, 16 Feb 2021 11:54:27 GMT

GET
DATA 200
OK truncated
/ Frame CCE3 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame CCE3 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 768b4f6e8caf7ba70fad40010edeccc45e4dba9e8948e1fc7ba823d153c5bb90

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012010270040000/ Frame D4B0 180 KB
50 KB 28ms
16ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js?31060147

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2ab9ac436910017b9a2ca7db0e981bad3638db97f576d713eaa9b302e06c094

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 438954
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51478
x-xss-protection: 0
server: sffe
date: Thu, 11 Feb 2021 09:58:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "0305d7d21a7fe4a1"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Feb 2022 09:58:33 GMT

GET
H3-Q050 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame D4B0 13 KB
6 KB 46ms
24ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js?31060147

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 404883
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4850
x-xss-protection: 0
server: sffe
date: Thu, 11 Feb 2021 19:26:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "77bd676d834aaa8d"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Feb 2022 19:26:24 GMT

GET
H3-Q050 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame D4B0 90 KB
27 KB 47ms
24ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js?31060147

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 318229
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27668
x-xss-protection: 0
server: sffe
date: Fri, 12 Feb 2021 19:30:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1304c1c0caf7ca3c"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Feb 2022 19:30:38 GMT

GET
H3-Q050 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame D4B0 3 KB
1 KB 50ms
27ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js?31060147

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 201340
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1350
x-xss-protection: 0
server: sffe
date: Sun, 14 Feb 2021 03:58:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "12c034eb739190af"
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 14 Feb 2022 03:58:47 GMT

GET
H3-Q050 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame D4B0 41 KB
13 KB 50ms
28ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js?31060147

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 9409
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13075
x-xss-protection: 0
server: sffe
date: Tue, 16 Feb 2021 09:17:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1e8a1dae72af56cd"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Feb 2022 09:17:38 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame D4B0 6 KB
701 B 45ms
38ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js?31060147

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5018230bc803da921c5e52b4c9e13973754ca8819e302dfe47320decd606a335

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 10:38:15 GMT
server: ESF
date: Tue, 16 Feb 2021 11:54:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Feb 2021 11:54:27 GMT

GET
H3-Q050 200 2076313506083323656
tpc.googlesyndication.com/simgad/16329105880814382488/ Frame D4B0 59 KB
59 KB 36ms
29ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16329105880814382488/2076313506083323656

Requested by

Host: mysteriousuniverse.org
URL: https://mysteriousuniverse.org/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b459c989eba7420bb183c8294ce41fbe2063d4b7fa347226cd847ef0394a2af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 16:17:23 GMT
x-content-type-options: nosniff
age: 329824
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60463
x-xss-protection: 0
last-modified: Fri, 27 Nov 2020 15:39:46 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Feb 2022 16:17:23 GMT

GET
H3-Q050 404 downsize_200k_v1
tpc.googlesyndication.com/simgad/5492461909624764709/ Frame D4B0 43 B
128 B 46ms
38ms Image
image/gif 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5492461909624764709/downsize_200k_v1?w=100&h=100

Requested by

Host: mysteriousuniverse.org
URL: https://mysteriousuniverse.org/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 11:54:27 GMT
x-content-type-options: nosniff
server: sffe
x-dns-prefetch-control: off
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=0
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Tue, 16 Feb 2021 11:54:27 GMT

GET
DATA 200
OK truncated
/ Frame D4B0 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame D4B0 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d2e4637c169009f07f558e1e5b0bf8578f1deeb4d3cfb0daf6d08da0e11be4d

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012010270040000/ Frame 73B6 180 KB
50 KB 24ms
20ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js?31060147

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2ab9ac436910017b9a2ca7db0e981bad3638db97f576d713eaa9b302e06c094

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 438954
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51478
x-xss-protection: 0
server: sffe
date: Thu, 11 Feb 2021 09:58:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "0305d7d21a7fe4a1"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Feb 2022 09:58:33 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 73B6 13 KB
5 KB 43ms
37ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js?31060147

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 1096
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4850
x-xss-protection: 0
server: sffe
date: Tue, 16 Feb 2021 11:36:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "77bd676d834aaa8d"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Feb 2022 11:36:11 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 73B6 90 KB
27 KB 44ms
38ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js?31060147

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 318229
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27668
x-xss-protection: 0
server: sffe
date: Fri, 12 Feb 2021 19:30:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1304c1c0caf7ca3c"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Feb 2022 19:30:38 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 73B6 3 KB
1 KB 49ms
43ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js?31060147

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 201340
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1350
x-xss-protection: 0
server: sffe
date: Sun, 14 Feb 2021 03:58:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "12c034eb739190af"
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 14 Feb 2022 03:58:47 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 73B6 41 KB
13 KB 49ms
44ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js?31060147

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 9409
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13075
x-xss-protection: 0
server: sffe
date: Tue, 16 Feb 2021 09:17:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1e8a1dae72af56cd"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Feb 2022 09:17:38 GMT

GET
DATA 200
OK truncated
/ Frame 73B6 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f83df8caa943c3fc51fdec01e2f5f7e677e70bbfededdba81891f1344a8c3f97

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 14750094611846059126
tpc.googlesyndication.com/simgad/ Frame 96BF 42 KB
42 KB 19ms
14ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14750094611846059126?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmRmfEhzwMfeEhIsbJdtDoPS2tIQA

Requested by

Host: mysteriousuniverse.org
URL: https://mysteriousuniverse.org/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e3cbfc6dd37917b0e8d3e864170a78cf47cb97d5d21d5205345c152cb1fb9eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 16:53:32 GMT
x-content-type-options: nosniff
last-modified: Wed, 27 Dec 2017 18:25:39 GMT
server: sffe
age: 68455
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42539
x-xss-protection: 0
expires: Tue, 15 Feb 2022 16:53:32 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 96BF 2 KB
2 KB 23ms
17ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: mysteriousuniverse.org
URL: https://mysteriousuniverse.org/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Feb 2021 22:08:22 GMT
x-content-type-options: nosniff
server: cafe
age: 49565
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 16 Feb 2021 22:08:22 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 96BF 295 B
389 B 15ms
11ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: mysteriousuniverse.org
URL: https://mysteriousuniverse.org/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Feb 2021 22:07:26 GMT
x-content-type-options: nosniff
server: cafe
age: 49621
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 16 Feb 2021 22:07:26 GMT

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 96BF 0
0 65ms
60ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CTu7xcrIrYICgPNe17_UP0ZOVqA3rvZf0XIuw1e3JBp3j86WLFxABIOWf7ixgufjHgNwBoAG_-9jzA8gBAuACAKgDAcgDCKoE5AFP0JgtL86LpAWVC98OnukczV8vO3cjLEWjJ4fSMBaC1Pe2jgngVY-rvjGY_EWBqMKjBKXaeca9o0bKzl4h_H5hfbesDnuoUXo3k-ZaGNEsrzJgeAnC4biGjJVtidfsqgQdFKBiZew-RitX9sJWwZqRBhpeJRLbZ8GbpU7OOwfjD6qe0wcDnM5DwUZ5nV5ysu9UWhYPZCKFKIKU0A0I0-c0UgTQd12ZfvESVzMSQCtcFrihJwioGNnaCaB25Vfencl3od200wlGO8omhl8A2FxzPu10S22707ofU4MJgQ7TZKSr8M7ABIXD5p9D4AQBkgUECAQYAZIFBAgFGASgBgKAB6mEpwyoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQ6LYE0ggJCIDhgFAQARgf8ggbYWR4LXN1YnN5bi0yMTA5NzQxNzc5NDM4ODE2gAoDyAsB2BMMshcaChgIABIUcHViLTg1NzMzMjU5NDAxNTI2OTQ&sigh=Uo4Q1_lmIw4&tpd=AGWhJmvBdDWOcjvjKD-Mjm5phAcGHJ1zDCW6smeyU1udRlTFSw
Requested by: Host: mysteriousuniverse.org
URL: https://mysteriousuniverse.org/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame CCE3 2 KB
3 KB 15ms
10ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: mysteriousuniverse.org
URL: https://mysteriousuniverse.org/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Feb 2021 22:08:22 GMT
x-content-type-options: nosniff
server: cafe
age: 49565
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 16 Feb 2021 22:08:22 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame CCE3 295 B
320 B 15ms
11ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: mysteriousuniverse.org
URL: https://mysteriousuniverse.org/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Feb 2021 22:07:26 GMT
x-content-type-options: nosniff
server: cafe
age: 49621
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 16 Feb 2021 22:07:26 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame CCE3 0
0 20ms
14ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRzDXsJY_GzbcfpKXdxgXKfl0rmULlhh7HdTyB-KENs8PXHJdmJ4Pg-j19Pnmhr4kMXyyTL
Requested by: Host: mysteriousuniverse.org
URL: https://mysteriousuniverse.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame CCE3 0
0 64ms
60ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C9FQAcrIrYIGgPNe17_UP0ZOVqA24m527Yd2wx4TLDNzZHhABIOWf7ixgufjHgNwBoAHIpdOHA8gBCakCeqI5bt6DhT7gAgCoAwHIAwqqBO0BT9CjhqLQ-nvsAhUyv3aLHC2NqFLWr0P2RX-Glu0TZ-BsMJe6lE-tfDl_z3QhogS_7QPb2wfrwp6RfOHMLXoJGbwyh8fsde9c2CJ-OVYXnZByMIQNOcMggxK2RIjn5iSvR4l2TyOz0tOT585nwuQCjKji4lbNqnX2JnwLgSbKr77pojKgO9sr-eEiLsF65n1VODJJaCEL9UiEPcB_9rsbvEG5buYR7qMdrOy3vnxAauJxTceaYUymz82FhutnxeVQ546zqYhlN6uhx-b1uNjvVXwzS7heco9JbxPJHrRlE5E22MYSBtHqdPkn4MAIwAT86rrgqAPgBAGSBQQIBBgBkgUECAUYBKAGLoAHoNqseKgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCo-gXSCAkIgOGAUBABGB_yCBthZHgtc3Vic3luLTIxMDk3NDE3Nzk0Mzg4MTaACgPICwHYEw2IFBGYFgGyFxoKGAgAEhRwdWItODU3MzMyNTk0MDE1MjY5NA&sigh=Eb2DCaAxQpA&template_id=484&tpd=AGWhJmt8ZAJfze06roIDAZwqxQQjGKiuei5ibo1jYkD3liBZog
Requested by: Host: mysteriousuniverse.org
URL: https://mysteriousuniverse.org/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D4B0 2 KB
2 KB 15ms
10ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: mysteriousuniverse.org
URL: https://mysteriousuniverse.org/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Feb 2021 22:08:22 GMT
x-content-type-options: nosniff
server: cafe
age: 49565
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 16 Feb 2021 22:08:22 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D4B0 295 B
320 B 22ms
17ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: mysteriousuniverse.org
URL: https://mysteriousuniverse.org/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Feb 2021 22:07:26 GMT
x-content-type-options: nosniff
server: cafe
age: 49621
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 16 Feb 2021 22:07:26 GMT

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame D4B0 0
0 64ms
60ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CViAIcrIrYISgPNe17_UP0ZOVqA24m527Yd2wx4TLDNzZHhABIOWf7ixgufjHgNwBoAHIpdOHA8gBCakCeqI5bt6DhT7gAgCoAwHIAwqqBOoBT9CC-VSq9cCtdBqOvCvGzpJQHhZihPWlqNm49iDMzlyJleZmaPBIpxizGIr16qt-Lmkb-a-ukkOioMLF3mURxzyU4VeGgwEZHLbUGMmF_JB3APrdV7MVAd8dFlawpHjV7-imsR-3elgvU3VIJVR5by6FjUo1tyKKNVEfMbDNPL2Fmh919A2x6aWVp-Fu_ECn6LFmOPJi5QFCHaEpRVsKVQqN5ga9rQTDo_-eDSjVs69q-Se_Z1MHdPQprOqNr-s2JMNz9fGbvEhXvNhpFvO5TsODSKDfj1bZXbsUI0mS7_YteF1JX5ytS4k-wAT86rrgqAPgBAGSBQQIBBgBkgUECAUYBKAGLoAHoNqseKgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCyoAbSCAkIgOGAUBABGB_yCBthZHgtc3Vic3luLTIxMDk3NDE3Nzk0Mzg4MTaACgPICwHYEw2IFBGYFgGyFxoKGAgAEhRwdWItODU3MzMyNTk0MDE1MjY5NA&sigh=fW70dWR7pZY&template_id=484&tpd=AGWhJmu6WAbQMSTlH3j1Ai4GSxz_Ilp3M3Y2SB-UZn1qYEPxJw
Requested by: Host: mysteriousuniverse.org
URL: https://mysteriousuniverse.org/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 6669091971701902345
tpc.googlesyndication.com/simgad/ Frame 73B6 93 KB
93 KB 34ms
30ms Image
image/gif 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6669091971701902345

Requested by

Host: mysteriousuniverse.org
URL: https://mysteriousuniverse.org/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42163748273af122b599efb4cbe3441949d5df65b4029f9d75fbfe2f79e864c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:59:38 GMT
x-content-type-options: nosniff
age: 438889
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95004
x-xss-protection: 0
last-modified: Tue, 29 Dec 2020 13:34:13 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Feb 2022 09:59:38 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 73B6 2 KB
2 KB 21ms
17ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: mysteriousuniverse.org
URL: https://mysteriousuniverse.org/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Feb 2021 22:08:22 GMT
x-content-type-options: nosniff
server: cafe
age: 49565
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 16 Feb 2021 22:08:22 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 73B6 295 B
320 B 23ms
19ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: mysteriousuniverse.org
URL: https://mysteriousuniverse.org/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Feb 2021 22:07:26 GMT
x-content-type-options: nosniff
server: cafe
age: 49621
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 16 Feb 2021 22:07:26 GMT

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 73B6 0
0 64ms
61ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CJ-WTcrIrYIWgPNe17_UP0ZOVqA3azavzYNmpqK_-DNzZHhABIOWf7ixgufjHgNwBoAGen5PrA8gBA6kCKNGFxVZctD7gAgCoAwHIAwiqBOUBT9BV_qVeNgvm-Win6SJMh-Ytzc_YCXcAJTydcPy4QwCEX5zp7yLHxqdA4s0cn7BXEvgfhHcvj18GPchCNn6WuJ-1m8kqvJZYwffssQ6PhwLpJPf0KdyU9wu393GdPFx2CUx80arGOiTvEolu35_8uwLyZSlHUbCmMqJ_dRBtPVLWDlIwxJmfy4PJSnw2jePDn_qDQ8K2ujb0rOqkPtuMNQsyNcvb9rVorqJziRliM41EsnbTPtEai_ICG2K_E8RjGEhvhoYv1T66NnEPhMC0w4w16v3DL2l3X49PN6fUfXScs9DqpcAEn9OQhagD4AQBkgUECAQYAZIFBAgFGASgBgOAB-_omDioB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQnMEF0ggJCIDhgFAQARgf8ggbYWR4LXN1YnN5bi0yMTA5NzQxNzc5NDM4ODE2gAoDyAsB2BMNshcaChgIABIUcHViLTg1NzMzMjU5NDAxNTI2OTQ&sigh=rGW55kcGh_U&tpd=AGWhJmsQI7z4Wd6KMXSMGv_dJHZDoDW0ARuElQ6c3BXF06r6Sw
Requested by: Host: mysteriousuniverse.org
URL: https://mysteriousuniverse.org/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 58ms
34ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021021101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js?31060147

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a475d9228d56795c9b9d1d435ad02cb660705b709bfd3133afa67dae2aa3bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Feb 2021 11:54:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6485
x-xss-protection: 0

GET
H3-Q050 200 ssrh.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 2253 84 KB
30 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/ssrh.js

Requested by

Host: 7928b0d059175ec011f162638637c54a.safeframe.googlesyndication.com
URL: https://7928b0d059175ec011f162638637c54a.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b5312cb2f154f2bd64ee8746195a63df254d10bfd107a61eec3d5d38dd48bff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7928b0d059175ec011f162638637c54a.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 09:20:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9257
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30063
x-xss-protection: 0
server: cafe
etag: 16132151104434394549
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 17 Feb 2021 09:20:10 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame CCE3 11 KB
11 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://mysteriousuniverse.org
Referer: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 16:25:25 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 70142
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Tue, 15 Feb 2022 16:25:25 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame CCE3 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://mysteriousuniverse.org
Referer: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 05:54:43 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:52 GMT
server: sffe
age: 21584
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11180
x-xss-protection: 0
expires: Wed, 16 Feb 2022 05:54:43 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame D4B0 11 KB
11 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://mysteriousuniverse.org
Referer: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 16:25:25 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 70142
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Tue, 15 Feb 2022 16:25:25 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame D4B0 11 KB
11 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://mysteriousuniverse.org
Referer: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 05:54:43 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:52 GMT
server: sffe
age: 21584
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11180
x-xss-protection: 0
expires: Wed, 16 Feb 2022 05:54:43 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: mysteriousuniverse.org
URL: https://mysteriousuniverse.org/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 11:54:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Tue, 16 Feb 2021 11:54:27 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 96BF
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

58ms
39ms

Image
text/html

2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: mysteriousuniverse.org
URL: https://mysteriousuniverse.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Tue, 16 Feb 2021 11:54:27 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 80 KB
26 KB 51ms
23ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adn-hb/adn.mu.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 3be9a1246aa3ef95d4da2d2f20529572b3eb729256c03cd42c5097ce16956d3d

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 11:54:27 GMT
content-encoding: gzip
last-modified: Thu, 04 Feb 2021 10:56:33 GMT
server: nginx
etag: W/"601bd2e1-13f72"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Wed, 17 Feb 2021 11:54:27 GMT

GET
H3-Q050

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 73B6
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

38ms
38ms

Image
text/html

2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Tue, 16 Feb 2021 11:54:27 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/ Frame 2253 18 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/abg_lite_fy2019.js

Requested by

Host: 7928b0d059175ec011f162638637c54a.safeframe.googlesyndication.com
URL: https://7928b0d059175ec011f162638637c54a.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4db6732268b3d9330df1068351b18e2fd1c1c6da87b5953259b022a19ddfe7a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7928b0d059175ec011f162638637c54a.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 11:08:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2750
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7377
x-xss-protection: 0
server: cafe
etag: 10747045913157086108
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Mar 2021 11:08:37 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/ Frame 2253 3 KB
2 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/window_focus_fy2019.js

Requested by

Host: 7928b0d059175ec011f162638637c54a.safeframe.googlesyndication.com
URL: https://7928b0d059175ec011f162638637c54a.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7928b0d059175ec011f162638637c54a.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 11:11:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2554
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Mar 2021 11:11:53 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2253 107 KB
33 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7928b0d059175ec011f162638637c54a.safeframe.googlesyndication.com
URL: https://7928b0d059175ec011f162638637c54a.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

782db5605136a4b7d143bfdacf544a921cd7b8b2bd8c1fcfb1ff51baeb1d4cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7928b0d059175ec011f162638637c54a.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 11:54:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1612960666436283"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 33367
x-xss-protection: 0
expires: Tue, 16 Feb 2021 11:54:27 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/ Frame 2253 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 7928b0d059175ec011f162638637c54a.safeframe.googlesyndication.com
URL: https://7928b0d059175ec011f162638637c54a.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

718d8e9bf93740a3a90b67e53219319342074524b2dede8ba219eea4c41ea0c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7928b0d059175ec011f162638637c54a.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 11:14:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2418
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6139
x-xss-protection: 0
server: cafe
etag: 15217341015479086142
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Mar 2021 11:14:09 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 2253 0
0 15ms
14ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSfs2S6exitTx5fPI-81OwNhH233mevWIDWTFq_Ci7Q54PWLYsR7v1KFl7JqNyZZ3KJsSxl
Requested by: Host: 7928b0d059175ec011f162638637c54a.safeframe.googlesyndication.com
URL: https://7928b0d059175ec011f162638637c54a.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://7928b0d059175ec011f162638637c54a.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 074B 12 KB
5 KB 8ms
6ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: mysteriousuniverse.org
URL: https://mysteriousuniverse.org/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://mysteriousuniverse.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://mysteriousuniverse.org/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Tue, 16 Feb 2021 10:50:58 GMT
expires: Wed, 16 Feb 2022 10:50:58 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3809
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame CCE3 2 KB
3 KB 6ms
6ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Feb 2021 22:08:22 GMT
x-content-type-options: nosniff
server: cafe
age: 49565
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 16 Feb 2021 22:08:22 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame CCE3 295 B
389 B 6ms
6ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Feb 2021 22:07:26 GMT
x-content-type-options: nosniff
server: cafe
age: 49621
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 16 Feb 2021 22:07:26 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D4B0 2 KB
2 KB 7ms
6ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Feb 2021 22:08:22 GMT
x-content-type-options: nosniff
server: cafe
age: 49565
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 16 Feb 2021 22:08:22 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D4B0 295 B
320 B 7ms
7ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Feb 2021 22:07:26 GMT
x-content-type-options: nosniff
server: cafe
age: 49621
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 16 Feb 2021 22:07:26 GMT

GET
H3-Q050 200 6669091971701902345
tpc.googlesyndication.com/simgad/ Frame 73B6 93 KB
93 KB 7ms
7ms Image
image/gif 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6669091971701902345

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42163748273af122b599efb4cbe3441949d5df65b4029f9d75fbfe2f79e864c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:59:38 GMT
x-content-type-options: nosniff
age: 438889
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95004
x-xss-protection: 0
last-modified: Tue, 29 Dec 2020 13:34:13 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Feb 2022 09:59:38 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 73B6 2 KB
2 KB 8ms
8ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Feb 2021 22:08:22 GMT
x-content-type-options: nosniff
server: cafe
age: 49565
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 16 Feb 2021 22:08:22 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 73B6 295 B
320 B 8ms
8ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Feb 2021 22:07:26 GMT
x-content-type-options: nosniff
server: cafe
age: 49621
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 16 Feb 2021 22:07:26 GMT

GET
H2 200 2771478782288828378_16169350474060610799.jpeg
static.doubleclick.net/dynamic/5/147289008/ Frame 2253 60 KB
61 KB 28ms
7ms Image
image/jpeg 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/147289008/2771478782288828378_16169350474060610799.jpeg

Requested by

Host: 7928b0d059175ec011f162638637c54a.safeframe.googlesyndication.com
URL: https://7928b0d059175ec011f162638637c54a.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e8b2babefc65e62c2d2e963b74031fd4c2e5d9f249e476eb4c85cb3d9e8f480

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7928b0d059175ec011f162638637c54a.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 13:34:02 GMT
x-content-type-options: nosniff
last-modified: Sat, 12 Dec 2020 23:40:28 GMT
server: sffe
age: 426025
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61720
x-xss-protection: 0
expires: Fri, 11 Feb 2022 13:34:02 GMT

GET
H2 200 801998345148639068_10883850358760681294.jpeg
static.doubleclick.net/dynamic/5/147289008/ Frame 2253 175 KB
175 KB 44ms
23ms Image
image/jpeg 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/147289008/801998345148639068_10883850358760681294.jpeg

Requested by

Host: 7928b0d059175ec011f162638637c54a.safeframe.googlesyndication.com
URL: https://7928b0d059175ec011f162638637c54a.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74d497396ffc1bf6b14b75b195f74152d518bf3c5e5bf1fcbdf9b280ed02d8b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7928b0d059175ec011f162638637c54a.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 09:27:42 GMT
x-content-type-options: nosniff
last-modified: Sat, 12 Dec 2020 23:40:28 GMT
server: sffe
age: 8805
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 179220
x-xss-protection: 0
expires: Wed, 16 Feb 2022 09:27:42 GMT

GET
H2 200 7044032519633617967_18168631645851677246.jpeg
static.doubleclick.net/dynamic/5/147289008/ Frame 2253 49 KB
49 KB 35ms
14ms Image
image/jpeg 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/147289008/7044032519633617967_18168631645851677246.jpeg

Requested by

Host: 7928b0d059175ec011f162638637c54a.safeframe.googlesyndication.com
URL: https://7928b0d059175ec011f162638637c54a.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf5e2bd68ceda22be1be3c6e1d1670d810dea3b0b5ac785c7375de3468b06a74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7928b0d059175ec011f162638637c54a.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 08:02:33 GMT
x-content-type-options: nosniff
last-modified: Sat, 12 Dec 2020 23:55:56 GMT
server: sffe
age: 359514
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50237
x-xss-protection: 0
expires: Sat, 12 Feb 2022 08:02:33 GMT

GET
H3-Q050 200 220026885948565098
tpc.googlesyndication.com/simgad/ Frame 2253 8 KB
8 KB 9ms
9ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/220026885948565098

Requested by

Host: 7928b0d059175ec011f162638637c54a.safeframe.googlesyndication.com
URL: https://7928b0d059175ec011f162638637c54a.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fba3318b98d0d36f2917f8f149f934faec8f1515d0f73338f75123b0dcb8c6b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7928b0d059175ec011f162638637c54a.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 09 Feb 2021 13:23:44 GMT
x-content-type-options: nosniff
age: 599443
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8424
x-xss-protection: 0
last-modified: Wed, 12 Sep 2018 13:01:40 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Feb 2022 13:23:44 GMT

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 2253 0
0 62ms
61ms Fetch
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CJqEFcrIrYP-fPNe17_UP0ZOVqA3J0t-6YZq29cCQCIu-uMeSDxABIOWf7ixgufjHgNwBoAHvhe2VA8gBCakCKNGFxVZctD7gAgCoAwHIAwqqBOQBT9CVfFJKYs2KSASUrmazj7WmDt499yyVIB_LZ4o6WuH0MOMiLhHNPCpD8wijOUk-m_3mIwAf9X1hx9sw7kZf9RJT4ENY9KzPOus1mrsI6TwFuUWu8lrx7-YaeKIXbNvb0UEZ7rtlaeXYhVXRLMmDeb0zVPJib5dtCYLNvZsElLTs_ivTaMSA7BJ_lLUfiEMXstJZ59jB52iFN0x2-Zt6yDvrwq5QTCaq81v7vvVUpFGoFmcpD5vtlDlgASRmWSuE6kc6blihJUkt3rr_qUt5cvoocSAi-Dtuku_-o3yDa9zioJuDwASbs87n3gHgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHosvVgAGoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEJrnDdIICQiA4YBQEAEYH_IIG2FkeC1zdWJzeW4tMjEwOTc0MTc3OTQzODgxNoAKA8gLAdgTC4gUAbIXGgoYCAASFHB1Yi04NTczMzI1OTQwMTUyNjk0&sigh=NhuzFNMSlqw&template_id=494&tpd=AGWhJmsXfm7aamaei95JniXsJS97eE0D49RxqRroQhgk0OazMA
Requested by: Host: mysteriousuniverse.org
URL: https://mysteriousuniverse.org/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://7928b0d059175ec011f162638637c54a.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8519 143 B
235 B 6ms
6ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 7928b0d059175ec011f162638637c54a.safeframe.googlesyndication.com
URL: https://7928b0d059175ec011f162638637c54a.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://7928b0d059175ec011f162638637c54a.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUm-4WJQFZro-oOFEptE7DHoJQo2aWi14VR6fw4NwbKjPhPH-kuKHHmyrhGb; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://7928b0d059175ec011f162638637c54a.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 16 Feb 2021 11:25:56 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1711
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 2253 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ee9873f5b78aeef25c283d226719ae42ac3e43685791fbeba3fc0165f1f51d34

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 0D6C 0
150 B 23ms
22ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=mysteriousuniverse.org

Requested by

Host: mysteriousuniverse.org
URL: https://mysteriousuniverse.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?topUrl=mysteriousuniverse.org
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://mysteriousuniverse.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://mysteriousuniverse.org/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
server-processing-duration-in-ticks: 1651
date: Tue, 16 Feb 2021 11:54:27 GMT
content-length: 0

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 80 KB
26 KB 43ms
18ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 3be9a1246aa3ef95d4da2d2f20529572b3eb729256c03cd42c5097ce16956d3d

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 11:54:28 GMT
content-encoding: gzip
last-modified: Thu, 04 Feb 2021 10:56:33 GMT
server: nginx
etag: W/"601bd2e1-13f72"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Wed, 17 Feb 2021 11:54:28 GMT

GET
H3-Q050 200 KMBS0uYb27SoXpRfeqhVXCVI9MZcOZ5lTWsq5C5IQSA.js Show response
pagead2.googlesyndication.com/bg/ Frame 074B 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/KMBS0uYb27SoXpRfeqhVXCVI9MZcOZ5lTWsq5C5IQSA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28c052d2e61bdbb4a85e945f7aa8555c2548f4c65c399e654d6b2ae42e484120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 14 Feb 2021 02:51:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Feb 2021 09:15:00 GMT
server: sffe
age: 205350
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6236
x-xss-protection: 0
expires: Mon, 14 Feb 2022 02:51:58 GMT

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8519
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
156 B

38ms
38ms

Document
text/html

2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: 7928b0d059175ec011f162638637c54a.safeframe.googlesyndication.com
URL: https://7928b0d059175ec011f162638637c54a.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUm-4WJQFZro-oOFEptE7DHoJQo2aWi14VR6fw4NwbKjPhPH-kuKHHmyrhGb; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 16 Feb 2021 11:54:28 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Tue, 16-Feb-2021 12:54:28 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Tue, 16 Feb 2021 11:54:28 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 16 Feb 2021 11:54:28 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
23 B 41ms
40ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021021101&jk=228222520886625&bg=!lZalltXNAAXRs2QT0TsAKQB2-Dxav3rckXCuniHIODukH3wYN7krUG3EWJMC2OZpnl9MC7HonC14AgAAAFhSAAAADWgBBwoBdHmRkeZ_sSaLkQHv99W4-v3cvrpyxrrDO-BRVDxVaFXUoUg_gPjPFDT0D1l8Sm24Uaxm8cDoqsIMpHVUuUojBwB3fXsUYu-_8KjDSr6RA184PwM7NyttwuPGVsiY6Th_-VjvYp8oNeK7X4g6zoq7OV63NSavYvry5PEgBmCE-Ulibu5Js2E9aILm8WLPTETmYanmNfOJX5DZTZVnmmTixy8dhyJcdo9L-FWchJx-IcsGhIscoGU2rWcKhTCEr1TONqImaPw7PsX1cVzwSrf3oarh1sIh1tHkEeY3UG0weHy4WLYpChf900xcj1OJz81abVf7C-A0duvKMpV8WE3yshG12XFmGNK07M6WLGKHasJjn6yaXCAIRxBqsRIqb7iyNzL8XYisGax2TnKMhwDw02-l_HF5NZASLVM4JZjc0lVNy9MvowTJxHnWVaslUfGwBweSjP5wlcDu8VyMSqddglDfQWD3HQ2XxbJyRfY3pM3iKC2x1ZkB2FrxOhIXaRuZAfxNuSlCS8xrkg4LhhhPd3456WYpLm_4mFNMEX_5XOzhMysi0P5BYsFTP3YjdomdYvniBZziyx3e9lg0FZ1-YZAuNbcVMmsuPgIM_cLXXEa0s8EaoobbgGdUjwfpyrY-WwvKIUrY3lJ5a1O_IVIOJ7Hx7UPaJRalT2cxk0Wm3vL-h5-rkjHwKl0STM-2uAatq48-5TouagX1FfJjA2slhGYsQgZI3BtiZ-_M0VDc2qsIxX_v4072LW020Hla8sOfnlSvYttxsta6JLsrEglzCTZNRNoCOmMr8n9K6r5PyD-CL5EGuppSrnXR4MD-_RGlOq5ku0liiaglzDr6tbLR8Mdqx5D-BeAFNwpg2UfEQVvyLeuzb-fro1bi-Ms9F0fS7JpAHw7GcEv3xQkSWT912stLyDu2vvCCHv8xkCohvFQxa7KToaZVau3XAGYXMPDnOuUPS5IivU3t47HlJYnr1zD8QmGWcfKWv-dtcUjMDTnwNMaCjaro_hcgwVPx8hzjW2tZxvyPkOuECQPd8b2ohxM__LRHME2Vigm25msQGq8bl78zbXzBSYwPcyNbAsnzXq2Eg_n85NV3qsxoNL24E48ud6M63fgIwDgCgRCPBqw

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Feb 2021 11:54:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 73B6 42 B
94 B 41ms
41ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsufP70whZjvQueL660RbkiL_qEuvo0YPD9FtDEbyqQ0d_AelHVQ6KeS7SN7YM8GgQ-PIe6_0wrkBIhaCEt5TljP7-2J8LbJxp6E1xJgxNc9CFBCHACp8jb3nPWcYQ&sai=AMfl-YQPkw1MCNM5Cju3THkw_fYomHcFxSezzu1u-6NHXduIfrAv46S_KJ0ZKYqPR-XYmVmCitWenMo8aM8bw1z_VM9N9wgEqOxATJTDr054OtnxN28ldMctHqc4h4h7YpRh&sig=Cg0ArKJSzM9r0czU7PKXEAE&cid=CAASPeRoS_SncaI4XFG1lZfC1sFE_bJbFIlp-MjIjhGKStXZJB3YdaOfz1KddhyIJKulF69eWywD-89Ruq-xlLA&id=ampim&o=436,563&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1004&mtos=0,0,1004,1004,1004&tos=0,0,1004,0,0&tfs=265&tls=1269&g=100&h=100&tt=1269&r=v&avms=ampa&adk=2594631967

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Feb 2021 11:54:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 20F3 52 KB
17 KB 79ms
25ms Document
text/html 151.101.13.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adn-hb/adn.mu.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://mysteriousuniverse.org/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://mysteriousuniverse.org/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Fri, 05 Feb 2021 21:11:46 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 16 Feb 2021 11:54:29 GMT
Age: 21860
X-Served-By: cache-lga21935-LGA, cache-fra19165-FRA
X-Cache: HIT, HIT
X-Cache-Hits: 79504, 188329
X-Timer: S1613476470.733466,VS0,VE0
Vary: Accept-Encoding

GET
H2 200 pd Show response
eu-u.openx.net/w/1.0/ Frame C474 668 B
728 B 35ms
33ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=f2b9bd0e-4444-46b6-b6c2-7e41e62bf844&gdpr=1
Requested by: Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adn-hb/adn.mu.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.202.0 /
Resource Hash: b6d2b0f5b96b4dbe3fb5abd3fcb4e8c42372993798cfe73eade1674a25d90659

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=6&ph=f2b9bd0e-4444-46b6-b6c2-7e41e62bf844&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://mysteriousuniverse.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=cb322e5b-0fdb-4514-b00e-294a97c105c7|1613476465
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://mysteriousuniverse.org/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=cb322e5b-0fdb-4514-b00e-294a97c105c7|1613476465; Version=1; Expires=Wed, 16-Feb-2022 11:54:29 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1613476469|gekin0vNiygu; Version=1; Expires=Wed, 03-Mar-2021 11:54:29 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.202.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Tue, 16 Feb 2021 11:54:29 GMT
content-type: text/html
content-length: 416
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame A32F 2 KB
1 KB 67ms
21ms Document
text/html 23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adn-hb/adn.mu.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host: js-sec.indexww.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://mysteriousuniverse.org/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://mysteriousuniverse.org/

Response headers

Server: Apache
Last-Modified: Thu, 11 Feb 2021 16:12:45 GMT
ETag: "e20015-90b-5bb11ca420f07"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Tue, 16 Feb 2021 11:54:29 GMT
Content-Length: 1151
Connection: keep-alive

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame 73D4 0
0 349ms
113ms Document
text/plain 67.202.110.21
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=dhaJtmHSGr6ykdaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by: Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adn-hb/adn.mu.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.110.21 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip21.67-202-110.static.steadfastdns.net
Software: 33XP005 /
Resource Hash

Request headers

:method: GET
:authority: ssc-cms.33across.com
:scheme: https
:path: /ps/?m=xch&rt=html&ru=deb&id=dhaJtmHSGr6ykdaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://mysteriousuniverse.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://mysteriousuniverse.org/

Response headers

x-33x-status: 2000208
server: 33XP005
date: Tue, 16 Feb 2021 11:54:29 GMT

GET
H/1.1 200
OK us
sync.go.sonobi.com/ 0
478 B 79ms
19ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bsono%3D%5BUID%5D%0A%0A

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 16 Feb 2021 11:54:29 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

fetch.pix
udmserve.net/udm/
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bapnid%3D%24UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fdt%253D1%253Bapnid%253D%2524UID
https://udmserve.net/udm/fetch.pix?dt=1;apnid=3574069893829030642

43 B
595 B

162ms
162ms

Image
image/gif

68.71.249.118
ZEROLAG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udmserve.net/udm/fetch.pix?dt=1;apnid=3574069893829030642
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 68.71.249.118 , United States, ASN20093 (ZEROLAG, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 16 Feb 2021 11:54:29 GMT
Cache-Control: max-age=43200
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Pragma: no-cache
Date: Tue, 16 Feb 2021 11:54:29 GMT
X-Proxy-Origin: 82.102.19.136; 82.102.19.136; 536.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.150:80
AN-X-Request-Uuid: 835cb948-daf6-400a-994c-cfd7aa0802c0
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://udmserve.net/udm/fetch.pix?dt=1;apnid=3574069893829030642
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

fetch.pix
udmserve.net/udm/
Redirect Chain

https://sync.1rx.io/usersync2/underdogmedia
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3302084478
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3302084478
https://sync.1rx.io/usersync/tradedesk/5aa5c8a4-3d8b-4674-a175-55a376f385f5
https://sync.targeting.unrulymedia.com/csync/RX-3cd5b55a-0374-4da1-8ef1-940240763cf8-003?redir=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Froid%3DRX-3cd5b55a-0374-4da1-8ef1-940240763cf8-003
https://udmserve.net/udm/fetch.pix?roid=RX-3cd5b55a-0374-4da1-8ef1-940240763cf8-003

43 B
618 B

171ms
162ms

Image
image/gif

68.71.249.118
ZEROLAG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udmserve.net/udm/fetch.pix?roid=RX-3cd5b55a-0374-4da1-8ef1-940240763cf8-003
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 68.71.249.118 , United States, ASN20093 (ZEROLAG, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 16 Feb 2021 11:54:30 GMT
Cache-Control: max-age=43200
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Date: Tue, 16 Feb 2021 11:54:29 GMT
Server: Tengine
ETag: RX3cd5b55a03744da18ef1940240763cf8003
Transfer-Encoding: chunked
P3P: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location: https://udmserve.net/udm/fetch.pix?roid=RX-3cd5b55a-0374-4da1-8ef1-940240763cf8-003
Connection: keep-alive
Content-Type: text/html

GET
H2 204 services
sync.technoratimedia.com/ 0
299 B 309ms
102ms Image
text/plain 193.122.130.38
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.technoratimedia.com/services?srv=cs&pid=54&cb=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bsncr%3D[USER_ID]
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 193.122.130.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 11:54:29 GMT
via: 1.1 varnish
server: nginx
age: 0
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 952180419
access-control-allow-origin: https://mysteriousuniverse.org/
access-control-allow-credentials: true

GET
H/1.1

200
OK

fetch.pix
udmserve.net/udm/
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%...
https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MUJDRUUyRjgtQjQxNy00NjNDLTk1OEMtMzQ4MTRFNzhFOENC&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?p=156505&pmc=1&pr=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fpmid%3D1BCEE2F8-B417-463C-958C-34814E78E8CB
https://udmserve.net/udm/fetch.pix?pmid=1BCEE2F8-B417-463C-958C-34814E78E8CB

43 B
611 B

259ms
162ms

Image
image/gif

68.71.249.118
ZEROLAG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udmserve.net/udm/fetch.pix?pmid=1BCEE2F8-B417-463C-958C-34814E78E8CB
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 68.71.249.118 , United States, ASN20093 (ZEROLAG, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://mysteriousuniverse.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 16 Feb 2021 11:54:30 GMT
Cache-Control: max-age=43200
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://udmserve.net/udm/fetch.pix?pmid=1BCEE2F8-B417-463C-958C-34814E78E8CB
Date: Tue, 16 Feb 2021 11:54:30 GMT
X-Cnection: close
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Content-Length: 396
Content-Type: text/html; charset=iso-8859-1

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame C474
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=8d67602b-b275-4900-9d3f-6e427ae4eb36

43 B
106 B

32ms
32ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=8d67602b-b275-4900-9d3f-6e427ae4eb36
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=f2b9bd0e-4444-46b6-b6c2-7e41e62bf844&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.202.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=f2b9bd0e-4444-46b6-b6c2-7e41e62bf844&gdpr=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Feb 2021 11:54:29 GMT
via: 1.1 google
server: OXGW/16.202.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Tue, 16 Feb 2021 11:54:55 GMT
Server: MT3 3518 2f03077 master cdg-pixel-x3
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=8d67602b-b275-4900-9d3f-6e427ae4eb36
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 16 Feb 2021 11:54:54 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame C474
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=0rFjqIazZv_J42Os3eB8rIDlYq_Jsmiuh-cj7TDL

43 B
122 B

34ms
32ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=0rFjqIazZv_J42Os3eB8rIDlYq_Jsmiuh-cj7TDL
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=f2b9bd0e-4444-46b6-b6c2-7e41e62bf844&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.202.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=f2b9bd0e-4444-46b6-b6c2-7e41e62bf844&gdpr=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Feb 2021 11:54:29 GMT
via: 1.1 google
server: OXGW/16.202.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 16 Feb 2021 11:54:29 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=0rFjqIazZv_J42Os3eB8rIDlYq_Jsmiuh-cj7TDL
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame C474
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=842875601262468215

43 B
106 B

32ms
31ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=842875601262468215
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=f2b9bd0e-4444-46b6-b6c2-7e41e62bf844&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.202.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=f2b9bd0e-4444-46b6-b6c2-7e41e62bf844&gdpr=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Feb 2021 11:54:29 GMT
via: 1.1 google
server: OXGW/16.202.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 16 Feb 2021 11:54:29 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=842875601262468215
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame C474 70 B
265 B 106ms
33ms Image
image/gif 54.74.225.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=189e1102-a65c-7ae3-ead8-e1a2f3e6363a&gdpr=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=f2b9bd0e-4444-46b6-b6c2-7e41e62bf844&gdpr=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.74.225.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-74-225-211.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=f2b9bd0e-4444-46b6-b6c2-7e41e62bf844&gdpr=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Feb 2021 11:54:29 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame C474 170 B
243 B 91ms
33ms Image
image/png 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MzRmMWMyYzgtNmYyYi0yNDQ3LWZmMzgtYmIxYjM5MDRmODVh

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=f2b9bd0e-4444-46b6-b6c2-7e41e62bf844&gdpr=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=f2b9bd0e-4444-46b6-b6c2-7e41e62bf844&gdpr=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Feb 2021 11:54:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame C474
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOK_H85SCNsmbkujoXFHknk&google_cver=1

43 B
106 B

32ms
31ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOK_H85SCNsmbkujoXFHknk&google_cver=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=f2b9bd0e-4444-46b6-b6c2-7e41e62bf844&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.202.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=f2b9bd0e-4444-46b6-b6c2-7e41e62bf844&gdpr=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Feb 2021 11:54:29 GMT
via: 1.1 google
server: OXGW/16.202.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 16 Feb 2021 11:54:29 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOK_H85SCNsmbkujoXFHknk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame A67B
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https://mysteriousuniverse.org/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https://mysteriousuniverse.org/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
3 KB

75ms
75ms

Document
text/html

23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https://mysteriousuniverse.org/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 45fc51b49ea908635e2f07d5cf53e52e9bac6f271efd362502dd76c1ae3d9e78

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://js-sec.indexww.com/um/ixmatch.html
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMID=YCuydbRDgVpleykQKV0.xQAA; CMPS=1132
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://js-sec.indexww.com/um/ixmatch.html

Response headers

Server: Apache
Content-Type: text/html
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1746
Expires: Tue, 16 Feb 2021 11:54:29 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 16 Feb 2021 11:54:29 GMT
Connection: keep-alive
Set-Cookie: CMID=YCuydbRDgVpleykQKV0.xQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 16 Feb 2022 11:54:29 GMT CMPS=1132;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 17 May 2021 11:54:29 GMT CMPRO=1170;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 17 May 2021 11:54:29 GMT CMRUM3=2d602bb27505a0&40602bb27505a0&5a602bb27505a0&27602bb2750b40&51602bb27505a0&f1602bb27505a00&58602bb27505a0&e6602bb27527600;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 16 Feb 2022 11:54:29 GMT CMST=YCuydWArsnUA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 17 Feb 2021 11:54:29 GMT

Redirect headers

Server: Apache
Content-Length: 345
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?d=https://mysteriousuniverse.org/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Tue, 16 Feb 2021 11:54:29 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 16 Feb 2021 11:54:29 GMT
Connection: keep-alive
Set-Cookie: CMID=YCuydbRDgVpleykQKV0.xQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 16 Feb 2022 11:54:29 GMT CMPS=1132;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 17 May 2021 11:54:29 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 20F3 0
744 B 26ms
26ms Script
text/html 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/dmp/async_usersync.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 16 Feb 2021 11:54:29 GMT
X-Proxy-Origin: 82.102.19.136; 82.102.19.136; 539.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.72:80
AN-X-Request-Uuid: 69e5c886-6e06-4943-8aa9-5399c150fdb9
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame A67B
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YCuydbRDgVpleykQKV0-xQAABJIAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YCuydbRDgVpleykQKV0-xQAABJIAAAAB&dcc=t

43 B
720 B

127ms
126ms

Image
image/gif

52.46.130.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YCuydbRDgVpleykQKV0-xQAABJIAAAAB&dcc=t
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://mysteriousuniverse.org/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.46.130.13 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://ssum-sec.casalemedia.com/usermatch?d=https://mysteriousuniverse.org/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 16 Feb 2021 11:54:30 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 16 Feb 2021 11:54:30 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YCuydbRDgVpleykQKV0-xQAABJIAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame A67B 70 B
264 B 47ms
46ms Image
image/gif 54.74.225.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?cm_user_id=YCuydbRDgVpleykQKV0.xQAA&gdpr=1&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://mysteriousuniverse.org/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.74.225.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-74-225-211.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ssum-sec.casalemedia.com/usermatch?d=https://mysteriousuniverse.org/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Feb 2021 11:54:29 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame A67B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YCuydbRDgVpleykQKV0-xQAABJIAAAAB
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESENkIeLXG6kJTg1zJgdHwOms&google_cver=1

43 B
315 B

28ms
28ms

Image
image/gif

23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESENkIeLXG6kJTg1zJgdHwOms&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://mysteriousuniverse.org/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/usermatch?d=https://mysteriousuniverse.org/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 16 Feb 2021 11:54:29 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Tue, 16 Feb 2021 11:54:29 GMT

Redirect headers

pragma: no-cache
date: Tue, 16 Feb 2021 11:54:29 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESENkIeLXG6kJTg1zJgdHwOms&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame A67B
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YCuydbRDgVpleykQKV0.xQAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEE0sX6miYQQxTz5iw7ipVq4&google_cver=1&google_hm=2

43 B
1 KB

48ms
29ms

Image
image/gif

23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEE0sX6miYQQxTz5iw7ipVq4&google_cver=1&google_hm=2
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://mysteriousuniverse.org/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/usermatch?d=https://mysteriousuniverse.org/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 16 Feb 2021 11:54:30 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 16 Feb 2021 11:54:30 GMT

Redirect headers

pragma: no-cache
date: Tue, 16 Feb 2021 11:54:30 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEE0sX6miYQQxTz5iw7ipVq4&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 330
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame A67B
Redirect Chain

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=8FC11585A53945EAB180537F0E58038F&gdpr=1

43 B
1 KB

38ms
35ms

Image
image/gif

23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=8FC11585A53945EAB180537F0E58038F&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://mysteriousuniverse.org/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/usermatch?d=https://mysteriousuniverse.org/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 16 Feb 2021 11:54:30 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 16 Feb 2021 11:54:30 GMT

Redirect headers

date: Tue, 16 Feb 2021 11:54:29 GMT
x-content-type-options: nosniff
server: nginx
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=8FC11585A53945EAB180537F0E58038F&gdpr=1
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Mon, 15 Feb 2021 11:54:29 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame A67B
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1616068469

43 B
1 KB

30ms
30ms

Image
image/gif

23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1616068469
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://mysteriousuniverse.org/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/usermatch?d=https://mysteriousuniverse.org/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 16 Feb 2021 11:54:30 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 16 Feb 2021 11:54:30 GMT

Redirect headers

pragma: no-cache
date: Tue, 16 Feb 2021 11:54:29 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1616068469
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame A67B
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YCuydgAAAJsh9SrK
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YCuydgAAAJsh9SrK&gdpr=1&_test=YCuydgAAAJsh9SrK

43 B
1 KB

32ms
31ms

Image
image/gif

23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YCuydgAAAJsh9SrK&gdpr=1&_test=YCuydgAAAJsh9SrK
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://mysteriousuniverse.org/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/usermatch?d=https://mysteriousuniverse.org/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 16 Feb 2021 11:54:30 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 16 Feb 2021 11:54:30 GMT

Redirect headers

pragma: no-cache
date: Tue, 16 Feb 2021 11:54:30 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1613476470.112527,VS0,VE0
x-served-by: cache-fra19141-FRA
x-cache: HIT
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YCuydgAAAJsh9SrK&gdpr=1&_test=YCuydgAAAJsh9SrK
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame A67B
Redirect Chain

https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=mSOXfM0hkiuCcZd4lnKIeMt3lnuCIJx6zHVEHmD5

43 B
1014 B

76ms
33ms

Image
image/gif

23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=mSOXfM0hkiuCcZd4lnKIeMt3lnuCIJx6zHVEHmD5
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://mysteriousuniverse.org/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/usermatch?d=https://mysteriousuniverse.org/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 16 Feb 2021 11:54:29 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 16 Feb 2021 11:54:29 GMT

Redirect headers

pragma: no-cache
date: Tue, 16 Feb 2021 11:54:29 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=mSOXfM0hkiuCcZd4lnKIeMt3lnuCIJx6zHVEHmD5
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame A67B 43 B
424 B 22ms
21ms Image
image/gif 23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?YCuydbRDgVpleykQKV0.xQAA%261170
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://mysteriousuniverse.org/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/usermatch?d=https://mysteriousuniverse.org/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 16 Feb 2021 11:54:29 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "761e21-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=897
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 16 Feb 2021 12:09:26 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 20F3 0
744 B 26ms
26ms Script
text/html 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/dmp/async_usersync.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 16 Feb 2021 11:54:30 GMT
X-Proxy-Origin: 82.102.19.136; 82.102.19.136; 539.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.71:80
AN-X-Request-Uuid: 4ba9ecce-31a6-4355-b3cc-4b57dd0f3179
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Verdicts & Comments Add Verdict or Comment

129 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
mysteriousuniverse.org/	1970-01-19 16:54:28	Name: _pbjs_userid_consent_data Value: 3524755945110770
.mysteriousuniverse.org/	1970-01-20 09:42:28	Name: _ga Value: GA1.2.1528077849.1613476466
.mysteriousuniverse.org/	1970-01-19 16:11:16	Name: _gat Value: 1
.mysteriousuniverse.org/	1970-01-19 16:12:42	Name: _gid Value: GA1.2.1275760365.1613476466
.mysteriousuniverse.org/	1970-01-20 00:56:52	Name: _pubcid Value: cb322e5b-0fdb-4514-b00e-294a97c105c7
.mysteriousuniverse.org/	1970-01-19 16:54:28	Name: __cfduid Value: d2ae65679947ae700658c095296ccdfae1613476464

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://mysteriousuniverse.org/wp-includes/js/jquery/jquery-migrate.min.js(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.2
console-api	log	URL: https://adncdnend.azureedge.net/adn-hb/adn.mu.js(Line 3) Message: A9 bids back [object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
console-api	info	URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs(Line 9) Message: Powered by AMP ⚡ HTML – Version 2010270040000 https://mysteriousuniverse.org/
console-api	info	URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs(Line 9) Message: Powered by AMP ⚡ HTML – Version 2010270040000 https://mysteriousuniverse.org/
console-api	info	URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs(Line 9) Message: Powered by AMP ⚡ HTML – Version 2010270040000 https://mysteriousuniverse.org/
console-api	info	URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs(Line 9) Message: Powered by AMP ⚡ HTML – Version 2010270040000 https://mysteriousuniverse.org/

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7928b0d059175ec011f162638637c54a.safeframe.googlesyndication.com
acdn.adnxs.com
adncdnend.azureedge.net
adnimation-d.openx.net
adservice.google.be
adservice.google.com
apex.go.sonobi.com
bidder.criteo.com
btlr.sharethrough.com
c.amazon-adsystem.com
c1.adform.net
cdn.ampproject.org
cdnjs.cloudflare.com
cm.g.doubleclick.net
dsum-sec.casalemedia.com
eu-u.openx.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
htlb.casalemedia.com
ib.adnxs.com
image2.pubmatic.com
image4.pubmatic.com
image8.pubmatic.com
js-sec.indexww.com
match.adsrvr.org
mug.criteo.com
mysteriousuniverse.disqus.com
mysteriousuniverse.org
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.quantserve.com
revboostprocdnadsprod.azureedge.net
s.amazon-adsystem.com
secure.adnxs.com
securepubads.g.doubleclick.net
ssc-cms.33across.com
ssc.33across.com
ssum-sec.casalemedia.com
static.criteo.net
static.doubleclick.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.go.sonobi.com
sync.mathtag.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
tpc.googlesyndication.com
udmserve.net
um.simpli.fi
us-u.openx.net
www.google-analytics.com
www.google.com
www.googletagservices.com
142.250.185.194
142.250.186.34
151.101.13.108
151.101.14.49
152.195.132.161
159.253.128.183
172.67.67.46
178.162.133.149
178.162.133.150
178.250.0.157
178.250.2.131
185.29.135.227
185.64.189.114
185.64.189.216
185.64.190.80
193.122.130.38
199.232.196.134
213.19.147.151
23.218.208.246
23.37.38.181
2606:2800:133:206e:1315:22a5:2006:24fd
2606:4700::6810:125e
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2a00:1450:4001:800::2002
2a00:1450:4001:801::2002
2a00:1450:4001:802::2001
2a00:1450:4001:808::2001
2a00:1450:4001:809::200a
2a00:1450:4001:80e::2006
2a00:1450:4001:80f::2001
2a00:1450:4001:812::2004
2a00:1450:4001:827::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::2003
2a00:1450:400c:c1b::9b
2a02:2638:1::3
2a02:2638::1c
3.123.191.65
34.200.78.134
35.244.159.8
37.157.6.246
37.252.173.22
37.252.173.27
52.46.130.13
54.74.225.211
65.9.95.127
66.155.71.25
67.202.110.21
68.71.249.118
01e9aa918485075ccaa51eed8141a2fc0e0b4c5d7c1746180e2b072b2bea20ea
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07b4db5e8a7481014ce06d277fdc6e8f2f44c17f762fcec93569be3404bee11a
07f79fbda35a2bf03f2940978670a2a53cf21e490ecce887bf92fc2e3f359293
08841be6bbed6dde3ab820b30dc3d3e892b9fabbe04c266ca209cc522c3ee2cd
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0dc85d603cf1d0a4ff07fffecf4a4e97939296787f04e34ff37e587ab6da6c77
130eab0b79272570e565d77bb286b5755b9aae8f33efe8af7a2689bf8eabb859
131487cc539c82755975796d981e0ceda3781d0c24f7602285eb1d88a25dd18a
1735607651409989d409148f7bb40448d0a0bd05dfa02009d6ff7d3d34e641bc
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18a2c6cead9a9ddbfbb442e9085e5a53345737ded19554dff212202da4a779bc
1e53e354dde97dced03c426eb61c98cfa592df46bb8e49d092345df733597f11
28c052d2e61bdbb4a85e945f7aa8555c2548f4c65c399e654d6b2ae42e484120
2afe6aff74c27197c2fe97af2717aae62ff16aabbb1af52271bed11390f0120b
33e2d3c3ee07a6289cc9dd56f1fb6b98194b2d23bfb7b79b7eccd49bf2201745
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
34c5b3ab84ba37d3260b990132df9c3ae33f04a924f0d42636d678483224f75f
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3a418f7ec3567130ba266bedd69716a557c2700073c6bd7eb38763f320218ec7
3be9a1246aa3ef95d4da2d2f20529572b3eb729256c03cd42c5097ce16956d3d
3d39d927bb4cb859f1352377394dd7bf0d34338e8ea811ec52361082d8a3ee4f
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e8b2babefc65e62c2d2e963b74031fd4c2e5d9f249e476eb4c85cb3d9e8f480
42163748273af122b599efb4cbe3441949d5df65b4029f9d75fbfe2f79e864c7
45fc51b49ea908635e2f07d5cf53e52e9bac6f271efd362502dd76c1ae3d9e78
477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb
47805a89ba20d1ea9412d8e24c92d09979474478c85f19c78e5237b26833d98b
47db3e0940f7ee5114dffd2aec22039e4ed24a73469ef09ae682367f17b57797
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4db6732268b3d9330df1068351b18e2fd1c1c6da87b5953259b022a19ddfe7a5
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e3a5d4a93912f646d85f40c41cced056c0bfe005125b7c80e5af25464e9318f
4e3cbfc6dd37917b0e8d3e864170a78cf47cb97d5d21d5205345c152cb1fb9eb
5018230bc803da921c5e52b4c9e13973754ca8819e302dfe47320decd606a335
5054ac7eb27432e1bfc75abc76eec2e2fae00c034e421784105fcc2a836d2807
50a475d9228d56795c9b9d1d435ad02cb660705b709bfd3133afa67dae2aa3bb
511a59af9a1cd5346f2d505dbf8fabeace9caa041562a0a27900b7f5597c58c1
5498eab9ddd9c6790d3e401556c0daaa159bcf36708cb89fee8184bf38e4b7aa
57817eee1ca81491b3688acf8d3603dcffd933f11a7552f771d4bbf56dec271e
57cd1d26474ce5b3da3a5167accb4460197ae0e15a10d99dabb3e0ac35510bfc
58f31ad080600e68857b0431046f837430204cb1451e461b76bf45b7248b6a44
5b459c989eba7420bb183c8294ce41fbe2063d4b7fa347226cd847ef0394a2af
5e2ee67641d5211a85e62f42f79b0d1bd55fb3144dc602072ff6a44b6f1f02a8
5fad181a670fe03dadf24466ed738a3b02e759117f532d7686c74b5a1edaae50
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
604dfae45d8e143eea0230d9887bbfd39651aaa2d68e6c532ddb796d06df60ca
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
62266c84ab962ac752a1741e4906605d4ce39f13fc400ea24d4f6bff584df0e3
63a6d926d277a3d64d30e349fa0ea2b0630e9801d173e1947ff3bd6060147ef4
69bb8ac766d32a4a6779baff31e961623bfab4066f7c143654ac698b6c89e7ba
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c250aef157e0599cc2aabfe98bc4859f1128c1960500b77974d212fc70a9514
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
6edba6dbe39470dfd0d3c64089effe1b03d33ba7020a1478c5acdc2e18c3bf8b
6f8d232e8911fed1c01cb9483f0604caac23576096d3f5561fa5e015defee434
718d8e9bf93740a3a90b67e53219319342074524b2dede8ba219eea4c41ea0c4
74511bfa45ec3a55c3154e1af7e1307c713ccf58542611064d46f7ce48726d83
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
74654c72a0d572d3233096979d5f31ff0ef6dc352e68778354b2c0fc006845f5
74d497396ffc1bf6b14b75b195f74152d518bf3c5e5bf1fcbdf9b280ed02d8b8
768b4f6e8caf7ba70fad40010edeccc45e4dba9e8948e1fc7ba823d153c5bb90
76e2066263c18d15d009539979a186a90bddafd2c828df2d1050f0e1dc63d713
782db5605136a4b7d143bfdacf544a921cd7b8b2bd8c1fcfb1ff51baeb1d4cbc
7ae30a1e7df2c30a6e2d3b10e031c543e3d96f9089949f25c76ca11bae1f0b15
7c6587309083334f2f53742f5a4402e914bf25a76c51252a4b6558b8e20c150f
7e13fb66279fff7b4624d616cb5e77522cfba3275b38c25f1a2e844c68c2e3e0
7ec03b27bc73e0acc94040f78bb0c45f2c2b2e62e3484314d82453619a7e9207
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
7f2a4b21255f7d3b1a5515279df2068b92831bada623f9111e967981dd3639cf
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
80a1ae567d396855243284e674876bb0d856f0e7a18d3c0142f0828513716dfe
80d7d00b313fb67740ade8be1822f9ab57ee62d51f883c39f9e84329ba95ea8e
80ebbb04c13eceaaee7d9cf0ab31016b1b782051809ebe094a74698d3d17379f
8171586206e3897704baf9ec73c0bebdf3410b5fddc9407fa62561163d92655b
8568c9c938f0e8d92403150ba7ecab4a5b607b308a9d81cc349e28f59578c8da
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e
8d2e4637c169009f07f558e1e5b0bf8578f1deeb4d3cfb0daf6d08da0e11be4d
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f43420ec7e4d0e64ace4a827d328e0f0f8daba0cdb7c55c6bad56bdb88b93f1
90368b5a3711b1777dc287f535cfc1be62b69a362a1af847558cb7c44c7f3974
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
9aa42775805f242195339c169a464aeaa26dadf5e6bb21a61ccaffb0ac744062
9b5312cb2f154f2bd64ee8746195a63df254d10bfd107a61eec3d5d38dd48bff
9d57e43b085aa6b7b8d7cf1b30544f5b829d1645bf60282bb0c36c09b5ada9f7
9fee70ca8b935418d1c16c1b38426d21da84eb9ace24dfc85fc1924d00c4edbe
a30cb9b1e1d66b68891c103caa338bf4ba6b08fbda0e69d59d2c27c932462cda
a533e6ac10f159c258a7737b2a63378e910622fcc61e6c90be14d6d95328fb64
a588d6eb976b66028a3c0cfb319ee5fa957a7d113164817dd1d568b11b195002
a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1
a9c29957d15c87c5b16e7dc1eb8f44cbd088f05a93dc43388cf2e51e048c5961
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1a3dd68b6a752ff63b7d58f73f970b8c8f2f3e27243e41901d2cf8c7f144bcc
b2ab9ac436910017b9a2ca7db0e981bad3638db97f576d713eaa9b302e06c094
b3982dd523d30b12a00627dc23dc23419f13511add8aa88fefaaef375feed04f
b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42
b695f4e09490004246d228e02338f9d3c4591273e1f35bb0ebe63607c860e608
b6d2b0f5b96b4dbe3fb5abd3fcb4e8c42372993798cfe73eade1674a25d90659
b817e06a793c479743836d6df14c3779d83b6d47bf5e9bda17fabe40d34c3e29
bd204e9fbf2347f706cd6a1b89984fe9869e4d161716867066299c656ddf6f68
c0ca9f592c57d5de6e3d2edeb8b8447bf14331c3fdb6fb869fed503ca4bebac6
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
cea0a05c5af6e21a409875328ed2e3dba79131b7c41f8ea07d0e0e02c7b7b59e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf5e2bd68ceda22be1be3c6e1d1670d810dea3b0b5ac785c7375de3468b06a74
d1c14bc9d947ca49cc1afedb7f5acd6e097fd0694bc41b981d071996e6725c9d
d4e4f37120fd559331e37e0e1b779ce9b54edbb1a16dd72079ed22485b6997cb
d76aacb2aa3a566f0baf336650acaed2b9c545f88ea10bf1fb040327982cb28b
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
db02299b6b00e309b02a69a06dc6e37d6196d07695026501d2aeb0770b62e095
db5a67b878f0093b91a0ed985ecd85ceeefb3e7d09795e2ee25a3779753c951e
dec14ea70c877a7cad300aeb183e1585ec95bea1ab67d73f56be8c3cf226219d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e6bda1da8ba39ccabff5418970af5d7427b7caade0c408b7d8652ffe502d1244
e76928708e65e70ed832a3a738938b96e67dceb8b7e707b8154b275cc7adfc8c
e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee
ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d
ed19e4874ec0c4720df74ac33d1ed97bf7ccde9ddaf6aab40a52312a287a40e5
ee9873f5b78aeef25c283d226719ae42ac3e43685791fbeba3fc0165f1f51d34
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f83df8caa943c3fc51fdec01e2f5f7e677e70bbfededdba81891f1344a8c3f97
fba3318b98d0d36f2917f8f149f934faec8f1515d0f73338f75123b0dcb8c6b2
fc69d847ee74a61c7c63d946991ce7024a6016f6e21e84011f114a961c3cea09

mysteriousuniverse.org Open in urlscan Pro 172.67.67.46 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

210 Requests

98 %HTTPS

36 %IPv6

35 Domains

56 Subdomains

40 IPs

8 Countries

4159 kBTransfer

7675 kBSize

6 Cookies

4 Outgoing links

Page URL History

Redirected requests

210 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

mysteriousuniverse.org Open in urlscan Pro
172.67.67.46 Public Scan

Screenshot
Live screenshot

Full Image

210
Requests

98 %
HTTPS

36 %
IPv6

35
Domains

56
Subdomains

40
IPs

8
Countries

4159 kB
Transfer

7675 kB
Size

6
Cookies

210 HTTP transactions
3 data transactions