object-lesson.org Open in urlscan Pro
2606:4700:3037::6815:26ea Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://object-lesson.org/
Effective URL:
https://object-lesson.org/
Submission: On December 13 via manual (December 13th 2023, 2:24:08 am UTC) from US — Scanned from DE

Summary HTTP 112 Redirects Behaviour Indicators

Summary

This website contacted 51 IPs in 8 countries across 36 domains to perform 112 HTTP transactions. The main IP is 2606:4700:3037::6815:26ea, located in United States and belongs to CLOUDFLARENET, US. The main domain is object-lesson.org.
TLS certificate: Issued by GTS CA 1P5 on November 30th 2023. Valid for: 3 months.

This is the only time object-lesson.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3035::ac43:8cc6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:303... 2606:4700:3037::6815:26ea	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
2	2a02:6ea0:c70... 2a02:6ea0:c700::19	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:2e8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:1691	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:4bd8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	130.211.23.194 130.211.23.194	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2606:4700:20:... 2606:4700:20::681a:346	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	216.58.206.38 216.58.206.38	15169 (GOOGLE) (GOOGLE)
2	34.95.69.49 34.95.69.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2606:4700:20:... 2606:4700:20::ac43:4bf1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	51.89.9.254 51.89.9.254	16276 (OVH) (OVH)
1 5	37.252.171.52 37.252.171.52	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2602:803:c003... 2602:803:c003:200::31	26667 (RUBICONPR...) (RUBICONPROJECT)
4	172.64.144.78 172.64.144.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	65.9.66.104 65.9.66.104	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:2250:8c00:a:e047:753:a221	16509 (AMAZON-02) (AMAZON-02)
1 2	34.120.135.53 34.120.135.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	54.216.91.216 54.216.91.216	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.117 162.19.138.117	16276 (OVH) (OVH)
1	35.190.39.111 35.190.39.111	15169 (GOOGLE) (GOOGLE)
1 3	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
16	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
2	2.19.217.60 2.19.217.60	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2.19.104.211 2.19.104.211	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6810:3865	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
1	35.244.159.8 35.244.159.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	67.202.105.21 67.202.105.21	32748 (STEADFAST) (STEADFAST)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
3 4	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
2 4	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	2a00:1450:400... 2a00:1450:4001:808::2006	15169 (GOOGLE) (GOOGLE)
2	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
112	51

1 2606:4700:3035::ac43:8cc6 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

object-lesson.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3037::6815:26ea (United States)

ASN13335 (CLOUDFLARENET, US)

object-lesson.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6ea0:c700::19 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

maxst.icons8.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:2e8 (United States)

ASN13335 (CLOUDFLARENET, US)

api.adinplay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1691 (United States)

ASN13335 (CLOUDFLARENET, US)

cadmus.script.ac	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:4bd8 (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:346 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.38 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com

i.clean.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.252.171.52 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c003:200::31 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.64.144.78 (United States)

ASN13335 (CLOUDFLARENET, US)

elb.the-ozone-project.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-104.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:8c00:a:e047:753:a221 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.135.53 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.216.91.216 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-216-91-216.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.117 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com

esp.rtbhouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

4bcd123ef94f2a8982f448db20d3b96e.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.19.217.60 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-217-60.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.104.211 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-104-211.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.21 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip21.67-202-105.static.steadfastdns.net

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.206.34 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.36.155 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:808::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f98.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 4bcd123ef94f2a8982f448db20d3b96e.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 148 ade.googlesyndication.com — Cisco Umbrella Rank: 293	169 KB
16	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	5 MB
12	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 ad.doubleclick.net — Cisco Umbrella Rank: 139 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 219 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515	513 KB
6	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 229 acdn.adnxs.com — Cisco Umbrella Rank: 610	25 KB
5	object-lesson.org 1 redirects object-lesson.org	9 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578	2 KB
4	the-ozone-project.com elb.the-ozone-project.com — Cisco Umbrella Rank: 4765	8 KB
4	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 537 eus.rubiconproject.com — Cisco Umbrella Rank: 588 token.rubiconproject.com — Cisco Umbrella Rank: 461	15 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 424 mug.criteo.com — Cisco Umbrella Rank: 2811	7 KB
3	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 1639 google-bidout-d.openx.net — Cisco Umbrella Rank: 1643	659 B
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 979 bcp.crwdcntrl.net — Cisco Umbrella Rank: 850	12 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 893 id5-sync.com — Cisco Umbrella Rank: 425	34 KB
2	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 714	414 B
2	4dex.io script.4dex.io — Cisco Umbrella Rank: 1628	25 KB
2	clean.gg i.clean.gg — Cisco Umbrella Rank: 1053	104 B
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 1018	1 KB
2	btloader.com btloader.com — Cisco Umbrella Rank: 931 api.btloader.com — Cisco Umbrella Rank: 1000	24 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 313	3 KB
2	adinplay.com api.adinplay.com — Cisco Umbrella Rank: 15619	196 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29 imasdk.googleapis.com — Cisco Umbrella Rank: 487	127 KB
2	icons8.com maxst.icons8.com — Cisco Umbrella Rank: 35542	111 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	65 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	33across.com ssc-cms.33across.com — Cisco Umbrella Rank: 904
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 864	7 KB
1	rtbhouse.com esp.rtbhouse.com — Cisco Umbrella Rank: 4118	431 B
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 2789	3 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 2133	1 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 631	13 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1740	8 KB
1	script.ac cadmus.script.ac — Cisco Umbrella Rank: 1814	46 KB
1	gstatic.com fonts.gstatic.com	8 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2189	255 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 204	68 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	78 KB
0	workers.dev Failed country.adinplay-venatus.workers.dev Failed
112	36

	Domain	Requested by
16	s0.2mdn.net	object-lesson.org s0.2mdn.net
16	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 4bcd123ef94f2a8982f448db20d3b96e.safeframe.googlesyndication.com pagead2.googlesyndication.com object-lesson.org s0.2mdn.net
8	tpc.googlesyndication.com	cadmus.script.ac 4bcd123ef94f2a8982f448db20d3b96e.safeframe.googlesyndication.com object-lesson.org s0.2mdn.net
5	ib.adnxs.com	1 redirects api.adinplay.com acdn.adnxs.com googleads.g.doubleclick.net
5	object-lesson.org	1 redirects object-lesson.org
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	elb.the-ozone-project.com	api.adinplay.com cadmus.script.ac elb.the-ozone-project.com static.cloudflareinsights.com
3	securepubads.g.doubleclick.net	api.adinplay.com cadmus.script.ac
2	googleads4.g.doubleclick.net	object-lesson.org
2	googleads.g.doubleclick.net	4bcd123ef94f2a8982f448db20d3b96e.safeframe.googlesyndication.com object-lesson.org
2	eus.rubiconproject.com	cadmus.script.ac eus.rubiconproject.com
2	4bcd123ef94f2a8982f448db20d3b96e.safeframe.googlesyndication.com	cadmus.script.ac
2	gum.criteo.com	1 redirects cadmus.script.ac
2	oajs.openx.net	1 redirects
2	onetag-sys.com	api.adinplay.com cadmus.script.ac
2	script.4dex.io	cadmus.script.ac
2	i.clean.gg	cadmus.script.ac
2	ad-delivery.net	object-lesson.org
2	cdn.jsdelivr.net	api.adinplay.com cadmus.script.ac
2	api.adinplay.com	object-lesson.org api.adinplay.com
2	maxst.icons8.com	object-lesson.org maxst.icons8.com
1	ade.googlesyndication.com
1	www.googletagservices.com	4bcd123ef94f2a8982f448db20d3b96e.safeframe.googlesyndication.com
1	www.google.com	cadmus.script.ac
1	token.rubiconproject.com	eus.rubiconproject.com
1	ssc-cms.33across.com	elb.the-ozone-project.com
1	google-bidout-d.openx.net	cadmus.script.ac
1	static.cloudflareinsights.com	elb.the-ozone-project.com
1	acdn.adnxs.com	cadmus.script.ac
1	mug.criteo.com
1	esp.rtbhouse.com	cadmus.script.ac
1	id5-sync.com	cdn.id5-sync.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	cdn.prod.uidapi.com	cadmus.script.ac
1	tags.crwdcntrl.net	cadmus.script.ac
1	invstatic101.creativecdn.com	cadmus.script.ac
1	cdn.id5-sync.com	cadmus.script.ac
1	static.criteo.net	cadmus.script.ac
1	oa.openxcdn.net	cadmus.script.ac
1	fastlane.rubiconproject.com	api.adinplay.com
1	ad.doubleclick.net	object-lesson.org
1	api.btloader.com	btloader.com
1	btloader.com	api.adinplay.com
1	imasdk.googleapis.com	api.adinplay.com
1	cadmus.script.ac	api.adinplay.com
1	fonts.gstatic.com	fonts.googleapis.com
1	region1.google-analytics.com	www.googletagmanager.com
1	fonts.googleapis.com	object-lesson.org
1	cdnjs.cloudflare.com	object-lesson.org
1	www.googletagmanager.com	object-lesson.org
0	country.adinplay-venatus.workers.dev Failed	api.adinplay.com
112	52

This site contains no links.

Subject Issuer	Validity	Valid
object-lesson.org GTS CA 1P5	`2023-11-30` - `2024-02-28`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
1454623486.rsc.cdn77.org R3	`2023-11-26` - `2024-02-24`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
adinplay.com GTS CA 1P5	`2023-10-19` - `2024-01-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
script.ac E1	`2023-10-31` - `2024-01-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
btloader.com GTS CA 1P5	`2023-10-19` - `2024-01-17`	3 months	crt.sh
api.btloader.com GTS CA 1D4	`2023-12-08` - `2024-03-07`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
i.clean.gg GTS CA 1D4	`2023-11-14` - `2024-02-12`	3 months	crt.sh
script.4dex.io Cloudflare Inc ECC CA-3	`2023-10-23` - `2024-10-22`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-28` - `2024-01-28`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
the-ozone-project.com E1	`2023-10-26` - `2024-01-24`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-11-24` - `2024-02-22`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-10-24` - `2024-01-22`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
cdn.prod.uidapi.com R3	`2023-11-02` - `2024-01-31`	3 months	crt.sh
*.id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
esp.rtbhouse.com GTS CA 1D4	`2023-11-08` - `2024-02-06`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2023-08-24` - `2024-08-24`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-06` - `2024-09-30`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 16 frames:

Primary Page: https://object-lesson.org/
Frame ID: 02F96AFFBD7161A97398D6A5AEFF42C3
Requests: 46 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=object-lesson.org
Frame ID: A0432AB101032B872FBBAFC53360F1BC
Requests: 2 HTTP requests in this frame

Frame: https://4bcd123ef94f2a8982f448db20d3b96e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7EA50616BAB155A005D87E79D5592F7F
Requests: 1 HTTP requests in this frame

Frame: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&publisherId=OZONEAIP0001&siteId=1500000135&cb=1702434243975&bidder=ozone
Frame ID: 3FA827A823DB8E55068C7159F6CEA4DB
Requests: 4 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1702434243951
Frame ID: F167C9BF07527472D9F97B1CCDEED1C6
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 5A5804E71ED7DE8439D3C4DEF919875F
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: B92919E47936E9256E0719048DCA17FF
Requests: 3 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 9F9B3ADB8F28BD670BEACE16B9F794F6
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?ri=0010b00002QLYzgAAH&ru=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Frame ID: E967DD47358303216CF2FA8B2C7AA4AE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 74C161FE5F7B368A67F7D78EEE527AD0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 699DB4404CB6168F824571FF708D4F7E
Requests: 2 HTTP requests in this frame

Frame: https://4bcd123ef94f2a8982f448db20d3b96e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9A74BC891DC4DCEC1A07A8BE7C9F76FD
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYvd7jwAEwAQ&v=APEucNXmmh5RDDeuTVUQ8pdzq0yktmRPf8wkJvb9uGyMXas7Mbzz4VZU98_5BZ-JY-KeLdpsuLOYe-qWjnr8jy00mpvwR0PpO0jrgcDUHG0Qr2kcS3My_eaLvuyARs27b610vIxukVeWMU9WpUhx8U_zreFZ1bFbC7GqLg6wURq1cr3PXceyKD3GidSgjPMC1jPgO8hwdyTqLiGpGJYuDIlMWjH9CG2cxw
Frame ID: 114FBF401BD9AB02F88429BBB53EDDD1
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 08B23CB442E1C320781A5A756C827F5C
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/11373257365214757226/index.html?e=69&leftOffset=0&topOffset=0&c=E9CvFvWNks&t=1&renderingType=2&ev=01_250
Frame ID: CFCD84C526D3834A208591CA1C20F5BF
Requests: 17 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Frame ID: E409312729628FF9401D8050FF8CB939
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Object Lesson

Page URL History Show full URLs

http://object-lesson.org/ HTTP 301
https://object-lesson.org/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

112
Requests

94 %
HTTPS

57 %
IPv6

36
Domains

52
Subdomains

51
IPs

8
Countries

6737 kB
Transfer

9077 kB
Size

21
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://object-lesson.org/ HTTP 301
https://object-lesson.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

https://oajs.openx.net/esp?url=https%3A%2F%2Fobject-lesson.org%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fobject-lesson.org%2F&rid=esp&cc=1

Request Chain 43

https://gum.criteo.com/sid/json?origin=publishertagids&domain=object-lesson.org&sn=ChromeSyncframe&so=0&topUrl=object-lesson.org&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=YpIp7nxqT1hvT1ZrNWo1WFpkTENuRUFEbm8yVWZSdlk4azFTNGJUSUpWNSs4SkFGSnB5WEJxQ1ZqckR5a3NEbU5OOTUxbkZ2eDZUV1hzMmRaeWFCWXVmMW41b2x3NDB6UktDVGlZb01uWUh4eXQ0Z1ZjNDBGd2RhclFrWmNUYVhBNDY1V2I3ajFvOStIS2xOSzlBZm1zT1pQQVg3QjJEV0VXYkVTRDZSMUZmT3ZHQ0xtdllwSi9CaUM0VG50TEQ3ci9zOFhHNzJNZWJBTlNvTzNpVWpmUWdINFFyMWJVMm1mRHRCTTRuNDB5QytnVVpVWW1kbDdIMHM1WUIxUjV5Y2tHNFZsL2QxcDZvUURPSnJjNEhod3NjenBRSzVEYU84elBVQ3lVY2VhdTBiZzZhND18&cppv=2

Request Chain 71

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGL1cBQtvBTFl9DVEMW8sQ0&google_cver=1

Request Chain 72

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXkVxZypt1S0nqZE0--IbwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGL1cBQtvBTFl9DVEMW8sQ0&google_cver=1

Request Chain 73

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESECkz8wG1zwugwIri8203sF8&google_cver=1

Request Chain 74

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjI5Mzk4ODg4ODIyMjIwNDMyNw%3D%3D

112 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
object-lesson.org/
Redirect Chain

http://object-lesson.org/
https://object-lesson.org/

9 KB
4 KB

329ms
238ms

Document
text/html

2606:4700:3037::6815:26ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://object-lesson.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:26ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54e2780ee4f74cfad2ad06a6fabf5d8a53583cf4cfbff5847bec7b16243120ba

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 834abf9f2f3e662c-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 13 Dec 2023 02:24:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NrJdF%2FFUUfpRQXsCcQeYtyvqLYdzMj4ho%2BZxMP8UJlchNJCKdCvaZvMp%2FwjdQEPXZ13JujU9tJen78GTkzaZdBU%2FwgVfLjpaG2hMG2%2F7Kd01Cb%2Fw2lk6mIhY7anSMhtJ7Q6cGAzHhMSANdy72pmJpg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

CF-RAY: 834abf9dda602391-SJC
Cache-Control: max-age=3600
Connection: keep-alive
Date: Wed, 13 Dec 2023 02:24:02 GMT
Expires: Wed, 13 Dec 2023 03:24:02 GMT
Location: https://object-lesson.org/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eujhV8Kg2o2JTwpw0Mb%2FY4aETT%2FgABEAZEVxZI%2FOoidOYP9SuLaEli%2FuiINgqCgNe3HSUp7oBbWFtTp%2BWLyEYx7vb0phvheud69uIaOwoUu8e%2BBtSh8895CcfzjQ1341u%2FSINYh%2BGdEboQvaqqi6YA%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 218 KB
78 KB 141ms
53ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-HB5S6CHE9W

Requested by

Host: object-lesson.org
URL: https://object-lesson.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

87dca0be0e5fdf9c3203a21396c9a1403c97d2a3c7097f70cebbe2d673743d82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://object-lesson.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 02:24:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79444
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 13 Dec 2023 02:24:02 GMT

GET
H2 200 style.css
object-lesson.org/Assests/CSS/ 8 KB
3 KB 220ms
219ms Stylesheet
text/css 2606:4700:3037::6815:26ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://object-lesson.org/Assests/CSS/style.css?1702434242
Requested by: Host: object-lesson.org
URL: https://object-lesson.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:26ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c49ceb3787f491722be69f866a471f3600271403706e4354c3b46f27a884f312

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://object-lesson.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 02:24:02 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 09 Dec 2023 20:46:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"2062-6574d243-218d241c;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sx%2B1iK4SKaQkg%2FCozrpf9gvNqD8yhoYD06SMfPM%2FRa%2FCMPhnDFqjWXy3bq5Vk1avJE%2Fu%2BEAUKkhOM%2BAruwNNuyzW0XjIHgEbc8selVBM8UhAvdS4lDAV52gHn4KGrYklZEHBzKQygFK6XNnOgU7CWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 834abfa0b86a662c-AMS
alt-svc: h3=":443"; ma=86400
expires: Wed, 20 Dec 2023 02:24:02 GMT

GET
H2 200 line-awesome.min.css
maxst.icons8.com/vue-static/landings/line-awesome/line-awesome/1.3.0/css/ 88 KB
16 KB 160ms
40ms Stylesheet
text/css 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://maxst.icons8.com/vue-static/landings/line-awesome/line-awesome/1.3.0/css/line-awesome.min.css

Requested by

Host: object-lesson.org
URL: https://object-lesson.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

ce61a18cf084f15003798340044643f329ac5f90045acb2d9e778368bd799854

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://object-lesson.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 13 Dec 2023 02:24:02 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
x-age-lb: 47134635
x-77-cache: HIT
server-timing: -;dur=0;desc="Generate"
x-accel-date: 1655299607
x-77-nzt: EQwBw7WqEQH3qzfPAg
x-accel-expires: @1970659607
x-77-age: 47134635
x-cache-lb: HIT
last-modified: 2022-06-14T10:09:13.275Z
server: CDN77-Turbo
etag: W/"15e81-wb0UGHttyzbvrSHlFxH4lBgB3g8"
x-77-nzt-ray: 4c156224d493a6fcc2157965e8bedd2e
vary: Accept-Encoding, Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
access-control-allow-credentials: true
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/ 274 KB
68 KB 131ms
49ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.js

Requested by

Host: object-lesson.org
URL: https://object-lesson.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a93a88493aa32aab228bf4571c01207d3b42b0002409a454d404b4d8395bd55

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://object-lesson.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 02:24:02 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1291543
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 69049
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-4472c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SHD5OH3byb5VdtNz46nUsU4eHFOcizmIDDJSCsQnQu87l98SnunnRPCUYd6BfwzmLy1qBIbDspZKrqJgX1xQh8Db1wsPDVKNFyzupoqMRVQd5zg%2FiWtV24OqR32tUDGwEgmiJ%2Fsm4UrsloBGtk%2FbfbYj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 834abfa129851cc1-FRA
expires: Mon, 02 Dec 2024 02:24:02 GMT

GET
H2 200 aboutblank.js Show response
object-lesson.org/Assests/JS/ 1 KB
897 B 217ms
217ms Script
application/x-javascript 2606:4700:3037::6815:26ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://object-lesson.org/Assests/JS/aboutblank.js
Requested by: Host: object-lesson.org
URL: https://object-lesson.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:26ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2854f1442839ab6fb3c09e8f9372d4512ddfb1d56aeac6c3658c8e281c4089ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://object-lesson.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 02:24:02 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 09 Dec 2023 20:46:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"4e3-6574d243-840dc1;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JYBq2AgOGQIt9PIVFZ%2FdIw%2FyJy0R8oqXyre8r0wk%2BbnY%2FEadSIZQeBziSNuXhADlF3AIeM3YaGbPZIiQ%2FV3QWDtdGrzZeR1nXbC8ZrBisXPTXHQ2HcP9unfueXlJT99ZOTnMm32vjCLXNNZt3BDjWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 834abfa0b86b662c-AMS
alt-svc: h3=":443"; ma=86400
expires: Wed, 20 Dec 2023 02:24:02 GMT

GET
H2 200 options.js Show response
object-lesson.org/Assests/JS/ 760 B
658 B 223ms
223ms Script
application/x-javascript 2606:4700:3037::6815:26ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://object-lesson.org/Assests/JS/options.js?sd
Requested by: Host: object-lesson.org
URL: https://object-lesson.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:26ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ec0e3d252ae073496068fdd8f0210ce555babd0effc705294a7be37d23cfc3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://object-lesson.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 02:24:02 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 09 Dec 2023 20:46:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"2f8-6574d243-90b9e5;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u3QUYVmyIPX1Nro74lEx9HWhKAjsEG7x0GNpz1uKqkMdQJm%2FtQj4WzJqmHh4zGgbiEA3PzltWlHPw5pjynPQmqupGT3GMGeL0UVlUgh2yQOaSiuCGuviTfuo%2BSVKMwnEAvjM1N9NzzuybEtQQH9SNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 834abfa0b86c662c-AMS
alt-svc: h3=":443"; ma=86400
expires: Wed, 20 Dec 2023 02:24:02 GMT

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
1 KB 137ms
49ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins&family=Ubuntu:wght@300&display=swap

Requested by

Host: object-lesson.org
URL: https://object-lesson.org/Assests/CSS/style.css?1702434242

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

41100eef750fe9c683094fc8402c1e1cac61055b13390a3c1f1947f328095028

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://object-lesson.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 13 Dec 2023 02:24:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 13 Dec 2023 02:24:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 13 Dec 2023 02:24:02 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
255 B 135ms
49ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-HB5S6CHE9W&gtm=45je3bt0v9110631153&_p=1702434242665&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=176019623.1702434243&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702434242&sct=1&seg=0&dl=https%3A%2F%2Fobject-lesson.org%2F&dt=Object%20Lesson&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=996
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HB5S6CHE9W
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://object-lesson.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 02:24:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://object-lesson.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tag.min.js Show response
api.adinplay.com/libs/aiptag/pub/MNS/agario.cafe/ 622 KB
195 KB 244ms
117ms Script
application/javascript 2606:4700:20::681a:2e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.adinplay.com/libs/aiptag/pub/MNS/agario.cafe/tag.min.js
Requested by: Host: object-lesson.org
URL: https://object-lesson.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ee57c32e47799b9b63159b203c44f7384e6c67bfa77623f72af90fdd0d57b4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://object-lesson.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 02:24:03 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Tue, 12 Dec 2023 10:52:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65783b7d-9b9a0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=38ttLKE2v%2FuIL8RqKZ%2F6y2l1moIK3kA1QN8nUoevWzpIw9LYduBKDBDVp36fUGaKJ2X4ssaClYwsKqxf2umJYQVgyglSOtdv3k0dmwL%2FjutgAb1e2r45CuemhAmhj%2F4AXEQ5s0WvJJviBL9Pm9g%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800
access-control-allow-credentials: true
x-host: adinplay-2
cf-ray: 834abfa3cd664d68-FRA

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 125ms
39ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins&family=Ubuntu:wght@300&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://object-lesson.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:07:20 GMT
x-content-type-options: nosniff
age: 458203
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Dec 2024 19:07:20 GMT

GET
H2 200 la-solid-900.woff2
maxst.icons8.com/vue-static/landings/line-awesome/line-awesome/1.3.0/fonts/ 94 KB
95 KB 122ms
43ms Font
font/woff2 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://maxst.icons8.com/vue-static/landings/line-awesome/line-awesome/1.3.0/fonts/la-solid-900.woff2

Requested by

Host: maxst.icons8.com
URL: https://maxst.icons8.com/vue-static/landings/line-awesome/line-awesome/1.3.0/css/line-awesome.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

10a68e01209d939afa9318ee71601b0a6e10f025d4cd6d98a492d340b73941fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://maxst.icons8.com/vue-static/landings/line-awesome/line-awesome/1.3.0/css/line-awesome.min.css
Origin: https://object-lesson.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 13 Dec 2023 02:24:03 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-age-lb: 47134627
x-77-cache: HIT
server-timing: -;dur=0;desc="Generate"
x-accel-date: 1655299616
content-length: 96752
x-77-nzt: EQwBw7WqEQH3ozfPAg
x-accel-expires: @1970659616
x-77-age: 47134627
x-cache-lb: HIT
last-modified: 2022-06-14T10:09:13.271Z
server: CDN77-Turbo
etag: "179f0-idlTHAxwqHUd/4PBkXuqsfFqIHE"
x-77-nzt-ray: 4c1562247f93b900c31579652d19b406
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=315360000, public
access-control-allow-credentials: true
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 script.js Show response
cadmus.script.ac/d1r100yi8pmbig/ 130 KB
46 KB 154ms
50ms Script
application/javascript 2606:4700::6812:1691
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/MNS/agario.cafe/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1691 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d051d1f813bc205095514d9054dfe108093e6679fee2ba36bc312111f1c97cd0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://object-lesson.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 02:24:03 GMT
content-encoding: gzip
last-modified: Tue, 12 Dec 2023 18:09:52 GMT
server: cloudflare
age: 0
etag: W/"a069003e46286e23b087c2be136a16b98bb0d5a8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=600,stale-while-revalidate=3600,stale-if-error=86400
cf-ray: 834abfa5e8d89116-FRA

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 134ms
46ms Fetch
application/json 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231213

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/MNS/agario.cafe/tag.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9aba06edc588dd8f21418377916a4461ed698e7e6114dac354d3586028be54d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://object-lesson.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 13 Dec 2023 02:24:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 37389
x-jsd-version: 1.0.1902
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230091-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"634-TYzb/8jnowgM/pO+/pUXsjhGSAk"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZT5tLgSQ1p3TZciTWMsh%2FeE81HSVPv%2FUpM7ryyXORn0V5O2XSMFp%2BHVkgDPbDu0VA%2FjipfiWt50M8VvmHZowY8FLOZi8VLZyRMVT006d1I%2BSAW0aOXfP5SCiPMTsHe97w8FrDPzI3%2B3cp63drXM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 834abfa5dcaf5c68-FRA

GET /
country.adinplay-venatus.workers.dev/ 0
0

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 90 KB
29 KB 179ms
88ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/MNS/agario.cafe/tag.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

43256acda621aed6c70e89cbe07bb8fb0507a26322ba749c9e0a8b2a1ece45c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://object-lesson.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 02:24:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29423
x-xss-protection: 0
server: cafe
etag: 468 / 19704 / m202312060101 / config-hash: 6487957748488688722
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 13 Dec 2023 02:24:03 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 367 KB
126 KB 152ms
53ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/MNS/agario.cafe/tag.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6eab9c5940faf4875ba74f76ea909581bc577fad943041e12196621445175fd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://object-lesson.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 02:24:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128925
x-xss-protection: 0
expires: Wed, 13 Dec 2023 02:24:03 GMT

GET
H2 200 tag Show response
btloader.com/ 76 KB
24 KB 141ms
52ms Script
application/javascript 2606:4700:10::6816:4bd8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5130683165442048&upapi=true
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/MNS/agario.cafe/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4bd8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0713adb0392ce6dcf82357b62027b0e9caae4b4f6f657aeaf7b70536943d2044

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://object-lesson.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 02:24:03 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Wed, 13 Dec 2023 02:22:54 GMT
server: cloudflare
age: 66
etag: "e6bda6cc832cb5b884ef584ecf03ccaa"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges: bytes
cf-ray: 834abfa5d8c09229-FRA
content-length: 24282

GET
H2 200 adsbygoogle.js Show response
api.adinplay.com/libs/aiptag/assets/ 16 B
365 B 47ms
47ms Script
application/javascript 2606:4700:20::681a:2e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.adinplay.com/libs/aiptag/assets/adsbygoogle.js
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/MNS/agario.cafe/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 351b4bae56595d6878b3ffd7940ac231a0a85427f4cb1e5adb1952b71998f35a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://object-lesson.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 02:24:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 55323
x-host: adinplay-1
content-length: 16
last-modified: Wed, 04 Apr 2018 16:13:25 GMT
server: cloudflare
etag: "5ac4f9a5-10"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IGqMJnFTsOh1k8y7dHDMpL3ecFnU7kz828gx%2FpxdQBs4GX7Ko%2FyvBpwBU97r18usP0lMbjQJxcSYhXTAH%2Fywwwd2NTkLZk1uKqDToFBcWDdcX9WXGf2IcpBUBXU64Yi14Y0jU8EyoN8b9MYbG08%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 834abfa54e314d68-FRA

GET
H2 204 state Show response
api.btloader.com/mw/ 0
101 B 237ms
150ms Fetch 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/mw/state?bt_env=prod
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5130683165442048&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://object-lesson.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 13 Dec 2023 02:24:03 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 200 px.gif
ad-delivery.net/ 43 B
337 B 132ms
49ms Image
image/gif 2606:4700:20::681a:346
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: object-lesson.org
URL: https://object-lesson.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://object-lesson.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 02:24:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 157389
x-guploader-uploadid: ABPtcPqwrJ3LrgosBKTU_79B4X4Z_eWS1OiZqQ84AfRpoEA-rd5sICvevPFHFqhQumd6-MtpuPJbZbbfpw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WPrbcsgZDFmh0d0jAuBgDGNUDB0JFiLPesn7zsvQgdQSIXpHz7aMDiEnu22VfWE4HMp0ELvJ2RQBbaKRARB%2BU9zv1aeE7oXxz4HjaPULJ2aKaicrh2NU9BWIvfodPv%2BDyUiT%2FJ3PqR8GSzraxg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 834abfa6bd9e3803-FRA
expires: Mon, 11 Dec 2023 07:20:36 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
571 B 133ms
42ms Image
image/x-icon 216.58.206.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: object-lesson.org
URL: https://object-lesson.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://object-lesson.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 04:01:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80574
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 13 Dec 2023 04:01:09 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
918 B 130ms
47ms Image
image/gif 2606:4700:20::681a:346
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.44278753553147276
Requested by: Host: object-lesson.org
URL: https://object-lesson.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://object-lesson.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 02:24:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 157389
x-guploader-uploadid: ABPtcPqwrJ3LrgosBKTU_79B4X4Z_eWS1OiZqQ84AfRpoEA-rd5sICvevPFHFqhQumd6-MtpuPJbZbbfpw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=89JbxS3jRSVR88N%2FDizXoxERZ4Xofruuey4mS7XJ1QeU9SNFAyoyCQEQZSrzha3jK%2FQMNix20o0MWwes9z8q0AkKm%2BnmveDeV8tZJQKuStTKmrBsow6ANg9aC71d1mn96OuKKZi2ADq8G8N0jQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 834abfa6bd9b3803-FRA
expires: Mon, 11 Dec 2023 07:20:36 GMT

POST
H2 200 1a Show response
i.clean.gg/ 0
104 B 129ms
129ms XHR
application/octet-stream 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://object-lesson.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 13 Dec 2023 02:24:03 GMT
via: 1.1 google
server: nginx/1.21.6
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 204 1a
i.clean.gg/ Frame 0
0 224ms
129ms Preflight
text/plain 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://object-lesson.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=utf-8
date: Wed, 13 Dec 2023 02:24:03 GMT
server: nginx/1.21.6
via: 1.1 google

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/ 431 KB
432 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://object-lesson.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 13:14:16 GMT
x-content-type-options: nosniff
age: 47387
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 441821
x-xss-protection: 0
server: cafe
etag: 6854214708762155125
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 11 Dec 2024 13:14:16 GMT

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ 483 B
1 KB 138ms
49ms Script
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://object-lesson.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Wed, 13 Dec 2023 02:24:03 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Mon, 27 Nov 2023 07:14:08 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 1210664
ETag: W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=53KCMPc7xWHBx9HXEcmvKKOXpULqGcCahvnhbqlmy9hvgmQd9YJGvP%2BcFm6nleZw3oosfh%2B%2BxVlIIV5hna%2BiJg5ROdWOXTIpfDpBjE59CgxdLfT9plKT%2F11U24bUT6TYfNe%2FwxFE4tEqEmQ5"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 834abfa8883a9bd0-FRA

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
414 B 132ms
43ms Fetch
application/json 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/MNS/agario.cafe/tag.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://object-lesson.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://object-lesson.org
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 10 KB
5 KB 357ms
273ms Fetch
application/json 37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/MNS/agario.cafe/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

ecf14e41331fdcc22ceb5c5bb59599db799c8b7d282207f7a092d101e18f68b7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://object-lesson.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 02:24:04 GMT
content-encoding: gzip
an-x-request-uuid: a1365b11-b03d-47e4-9993-fb37900f7987
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://object-lesson.org
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.104; 80.255.7.104; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 438 B
963 B 127ms
40ms Fetch
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23042&site_id=360062&zone_id=2685800&size_id=15&alt_size_ids=2%2C55%2C57&rp_schain=1.0,1!adinplay.com,MNS,1,,,&rf=https%3A%2F%2Fobject-lesson.org%2F&tg_i.domain=object-lesson.org&tg_i.page=https%3A%2F%2Fobject-lesson.org%2F&tg_i.pbadslot=%2F421469808%2C22580759626%2Fagario.cafe_970x250&tk_flint=pbjs_lite_v8.10.0&l_pb_bid_id=62644c881bc505&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F421469808%2C22580759626%2Fagario.cafe_970x250&slots=1&rand=0.7440213672699134
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/MNS/agario.cafe/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 1a19ec914b57f811881dc2b78fc0b6516f00b5deb10e937ad75ef14a29b4a157

Request headers

Referer: https://object-lesson.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 02:24:03 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://object-lesson.org
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 438
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 auction Show response
elb.the-ozone-project.com/openrtb2/ 2 B
841 B 149ms
81ms Fetch
text/plain 172.64.144.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elb.the-ozone-project.com/openrtb2/auction
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/MNS/agario.cafe/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.144.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://object-lesson.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 02:24:03 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://object-lesson.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 834abfa86afd4504-TXL
content-length: 2
expires: 0

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 131ms
38ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://object-lesson.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 18:27:07 GMT
content-encoding: gzip
age: 547016
x-guploader-uploadid: ABPtcPrGkX9WdEfraM_2GOgvO4XFku4h6LV8hSZGRCBWDldVHkLv6s4LjI-J4Ekw5y2K4Y2B5aE
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Thu, 05 Dec 2024 18:27:07 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 43 KB
13 KB 181ms
88ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

2f1ad4ec7176f493b16e0d186f222e3484248cbb48f82289c736a0877f2d5894

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://object-lesson.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 02:24:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 05 Dec 2023 05:12:22 GMT
server: nginx
etag: W/"656eb136-aa2f"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 14 Dec 2023 02:24:03 GMT

GET
H3 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 91ms
49ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://object-lesson.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 02:24:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3105
x-jsd-version: master
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230031-FRA
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BO%2F0R3XV5vRWJhy4Phsd6incgBNHGDYk8dSAMIaV5a6iHy2XxAlVeM8n0vhRnysNGg1nPE0vSw%2BJrcNZx2O%2FnMBy%2FcOPjKrIDhkZBrCdfpzoXJszqIx%2BisZmGwGyyGz%2BmGvuqZ5eD0OjeU7tVvA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 834abfa85a111e33-FRA

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 152 KB
33 KB 142ms
52ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65d03eb82a79a732d7c0180593c4f5dc98a8fac5c20c3a5446c4f14bf93d280a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://object-lesson.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 02:24:03 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 07 Dec 2023 12:57:20 GMT
server: cloudflare
x-amz-request-id: SB3XV3WX7D3TRQY4
age: 2127
etag: W/"5fcefeebf5ddc7b2ddf2435967e63de9"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 834abfa899d2372f-FRA
x-amz-id-2: XK/uEyn2Io5UalpG02MciRCI2T5BGC42ZH9PVGUjT++wf10oqSqzOVRQs4UsI2d0cvzgX31ynXk=

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 172ms
57ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://object-lesson.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 02:24:03 GMT
via: 1.1 google, 1.1 google
last-modified: Thu, 03 Aug 2023 03:28:51 GMT
server: Google Frontend
etag: fc4e6bfe266081c4873c6f08c8298e5c
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: 6fb4346d75af55fe4bbf221824cc22c2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1207

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 39 KB
12 KB 134ms
43ms Script
text/javascript 65.9.66.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-104.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://object-lesson.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 04:20:01 GMT
content-encoding: gzip
via: 1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 79678
x-amz-server-side-encryption: AES256
etag: W/"e073e71ed7a44e6f9cdd72904fda5940"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: 7tfXm3q0ZsuH4K5yxZOlwb4rAKzH7QVhJwmWx3rVy9ecBS1gAdBupw==

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
3 KB 166ms
39ms Script
text/javascript 2600:9000:2250:8c00:a:e047:753:a221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:8c00:a:e047:753:a221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://object-lesson.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date: Tue, 12 Dec 2023 06:19:35 GMT
Via: 1.1 1b3f5dc0b3c577dc5e7394bf12aed238.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P2
Age: 72269
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 2776
Last-Modified: Thu, 19 Oct 2023 06:40:11 GMT
Server: AmazonS3
ETag: "a3a9a9ee8e72db69d54e805f0586c651"
Content-Type: text/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: q1NCbEhb3bNQsy0nSV-GiFIhzz9rHkNStvwzAPQ3qeOh9eAfOdV_TQ==

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/ 75 KB
24 KB 180ms
99ms Fetch
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://object-lesson.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Wed, 13 Dec 2023 02:24:04 GMT
Content-Encoding: br
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 27 Nov 2023 07:14:07 GMT
Server: cloudflare
ETag: W/"6faf3acfde3bb82adada71be4fc1deb0"
Vary: Origin, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=roZcmuaDOlzINgAvJG%2FqGDTGZMXL5XE9YlNvsNZQDnCgrSXQwcNlruBDYbcuonoO1iXG8Zd7JnzyBfIi7ELzH4J8z967QYQ%2F3GezjKc9fJ1jkFqyjHSmZB22KzZceS7iTSKh4v0QVpKjyK8d"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: public, max-age=1800
CF-RAY: 834abfa95d66381a-FRA

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fobject-lesson.org%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fobject-lesson.org%2F&rid=esp&cc=1

85 B
193 B

151ms
150ms

Fetch
application/json

34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fobject-lesson.org%2F&rid=esp&cc=1
Protocol: H2
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: beb19a8039b49d8e37578e086e7c821c49e1a760b5af66ffedcbe2214323e874

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://object-lesson.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 02:24:04 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-oAo8kex2UB1wX0RytRfOSaSLtzc"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://object-lesson.org
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Wed, 13 Dec 2023 02:24:04 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://object-lesson.org
location: /esp?url=https%3A%2F%2Fobject-lesson.org%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
336 B 183ms
55ms XHR
application/json 54.216.91.216
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.216.91.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-216-91-216.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 06c08db2560ef122f6fd4a753de0c0f81976bb4c107c543ee0a40299f729cdb1

Request headers

Referer: https://object-lesson.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 02:24:04 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://object-lesson.org
cache-control: no-cache
x-server: 10.45.21.153
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 204 increment Show response
id5-sync.com/api/esp/ 0
233 B 129ms
40ms XHR
text/plain 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://object-lesson.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://object-lesson.org
date: Wed, 13 Dec 2023 02:24:03 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

POST
H2 200 encrypt Show response
esp.rtbhouse.com/ 157 B
431 B 150ms
58ms Fetch
application/json 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 81ee54ee7f027955a1eea20e7c6e6cc8e6993bda807a284c4482d5d1cf2e9896

Request headers

Referer: https://object-lesson.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 13 Dec 2023 02:24:04 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: fd906b066538f1f91dad2b486efe966c
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With
content-length: 157
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame A043 15 KB
6 KB 144ms
48ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=object-lesson.org

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

fd8c1cf4274cae5e1e5a37133cc23b80392ef88c43b798d3748f43948dbb53f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://object-lesson.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 13 Dec 2023 02:24:03 GMT
server: Kestrel
server-processing-duration-in-ticks: 252151
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2

200

sid Show response
mug.criteo.com/ Frame A043
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=object-lesson.org&sn=ChromeSyncframe&so=0&topUrl=object-lesson.org&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=YpIp7nxqT1hvT1ZrNWo1WFpkTENuRUFEbm8yVWZSdlk4azFTNGJUSUpWNSs4SkFGSnB5WEJxQ1ZqckR5a3NEbU5OOTUxbkZ2eDZUV1hzMmRaeWFCWXVmMW41b2x3NDB6UktDVGlZb01uWUh4eXQ0Z1ZjNDBGd2RhclFrWm...

467 B
669 B

46ms
46ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=YpIp7nxqT1hvT1ZrNWo1WFpkTENuRUFEbm8yVWZSdlk4azFTNGJUSUpWNSs4SkFGSnB5WEJxQ1ZqckR5a3NEbU5OOTUxbkZ2eDZUV1hzMmRaeWFCWXVmMW41b2x3NDB6UktDVGlZb01uWUh4eXQ0Z1ZjNDBGd2RhclFrWmNUYVhBNDY1V2I3ajFvOStIS2xOSzlBZm1zT1pQQVg3QjJEV0VXYkVTRDZSMUZmT3ZHQ0xtdllwSi9CaUM0VG50TEQ3ci9zOFhHNzJNZWJBTlNvTzNpVWpmUWdINFFyMWJVMm1mRHRCTTRuNDB5QytnVVpVWW1kbDdIMHM1WUIxUjV5Y2tHNFZsL2QxcDZvUURPSnJjNEhod3NjenBRSzVEYU84elBVQ3lVY2VhdTBiZzZhND18&cppv=2

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

9199b41208eac8f4ef94510e8f0fce8b0fad4c9e7cb62b8f75205b9fce5892aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 02:24:03 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 964572
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 13 Dec 2023 02:24:03 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=YpIp7nxqT1hvT1ZrNWo1WFpkTENuRUFEbm8yVWZSdlk4azFTNGJUSUpWNSs4SkFGSnB5WEJxQ1ZqckR5a3NEbU5OOTUxbkZ2eDZUV1hzMmRaeWFCWXVmMW41b2x3NDB6UktDVGlZb01uWUh4eXQ0Z1ZjNDBGd2RhclFrWmNUYVhBNDY1V2I3ajFvOStIS2xOSzlBZm1zT1pQQVg3QjJEV0VXYkVTRDZSMUZmT3ZHQ0xtdllwSi9CaUM0VG50TEQ3ci9zOFhHNzJNZWJBTlNvTzNpVWpmUWdINFFyMWJVMm1mRHRCTTRuNDB5QytnVVpVWW1kbDdIMHM1WUIxUjV5Y2tHNFZsL2QxcDZvUURPSnJjNEhod3NjenBRSzVEYU84elBVQ3lVY2VhdTBiZzZhND18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 250170
content-length: 0
expires: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 23 KB
10 KB 449ms
448ms Fetch
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=689026392550482&correlator=2194650924458654&eid=31079828%2C31080123&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fif&iu_parts=421469808%3A22580759626%2Cagario.cafe_970x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C970x90%7C300x250%7C728x90&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1702434244192&lmt=1702434244&adxs=315&adys=65&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fobject-lesson.org%2F&vis=1&psz=1440x1923&msz=970x-1&fws=4&ohw=970&ga_vid=176019623.1702434243&ga_sid=1702434244&ga_hid=2026232217&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY9Yn0h8YxSABSAghkEhkKCnB1YmNpZC5vcmcY1Ir0h8YxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGPSJ9IfGMUgAUgIIZBKBAQoIcnRiaG91c2USbHJ0aHJSQkpoU2dDSENwOHdTUU16b0xuUnM1c2k0Qk9GSDl3NVBtV0Nyek8xTEJMcU05Y29wQmY1Vk9DZms5SHBQUXRyRjRQUk5GUS9lUnhSTlFKY3gyWHR4Yjc2b1dEd2cvTHRwbXhyQThNPRi9jPSHxjFIABIZCgp1aWRhcGkuY29tGPWJ9IfGMUgAUgIIZBIUCgVvcGVueBj0ifSHxjFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGJWM9IfGMUgAUgIIag..&dlt=1702434242648&idt=1154&prev_scp=CDT%3Dno%26richmedia%3Dno%26GS%3DNo%26update_id%3D7.0%252012%252F12%252F23%252011%253A52%252065783b7de8ce9%26FC%3D1%26OS%3DOther%26Conc%3DNo%26hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D300x250%26hb_pb_appnexus%3D0.09%26hb_adid_appnexus%3D9dd9981c344812%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.09%26hb_adid%3D9dd9981c344812%26hb_bidder%3Dappnexus&adks=2515300683&frm=20

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff82fcb219c32ff6356e13836b80e241788ee546d5b4422039a976f86b46bcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://object-lesson.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 02:24:04 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10287
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://object-lesson.org
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 171ms
86ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312060101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fe7de3cc7aa24cf945fc92fd0342dd2e86677a765768f55ef544c9b97da478d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://object-lesson.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 02:24:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12062
x-xss-protection: 0

GET
H2 200 container.html Show response
4bcd123ef94f2a8982f448db20d3b96e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7EA5 6 KB
3 KB 167ms
48ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4bcd123ef94f2a8982f448db20d3b96e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://object-lesson.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 13 Dec 2023 02:24:04 GMT
expires: Thu, 12 Dec 2024 02:24:04 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 load-cookie.html Show response
elb.the-ozone-project.com/static/ Frame 3FA8 12 KB
5 KB 77ms
77ms Document
text/html 172.64.144.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&publisherId=OZONEAIP0001&siteId=1500000135&cb=1702434243975&bidder=ozone
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.144.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92ac93ce412cb8b3ae0e0c249c23659700b1095048333afd8f8ad62325f3af53

Request headers

Referer: https://object-lesson.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 834abfaadce94504-TXL
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 13 Dec 2023 02:24:04 GMT
expires: 0
last-modified: Tue, 12 Dec 2023 11:25:00 GMT
pragma: no-cache
server: cloudflare
vary: Origin, Accept-Encoding

GET
H2 204 /
onetag-sys.com/usync/ Frame F167 0
0 40ms
39ms Document
text/plain 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1702434243951

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://object-lesson.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-store
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 5A58 281 B
555 B 153ms
46ms Document
text/html 2.19.217.60
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.217.60 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-217-60.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://object-lesson.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 13 Dec 2023 02:24:04 GMT
ETag: "280525-119-60930cbd3cec0"
Last-Modified: Thu, 02 Nov 2023 19:57:23 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame B929 52 KB
17 KB 197ms
49ms Document
text/html 2.19.104.211
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.104.211 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-104-211.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://object-lesson.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Wed, 13 Dec 2023 02:24:04 GMT
ETag: "623de86a-cf34"
Expires: Thu, 14 Dec 2023 02:24:06 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame 3FA8 20 KB
7 KB 161ms
75ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&publisherId=OZONEAIP0001&siteId=1500000135&cb=1702434243975&bidder=ozone
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://elb.the-ozone-project.com/
Origin: https://elb.the-ozone-project.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 02:24:04 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 834abfabf96630d6-FRA

POST
H2 200 cookie_sync Show response
elb.the-ozone-project.com/ Frame 3FA8 9 KB
2 KB 77ms
77ms XHR
text/plain 172.64.144.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elb.the-ozone-project.com/cookie_sync
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&publisherId=OZONEAIP0001&siteId=1500000135&cb=1702434243975&bidder=ozone
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.144.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ce3042356b2a5a3608316a32c376d5d10c95b6c2c67be3cc7f87c416a380a96

Request headers

Referer: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&publisherId=OZONEAIP0001&siteId=1500000135&cb=1702434243975&bidder=ozone
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 02:24:04 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://elb.the-ozone-project.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 834abfab6d544504-TXL
expires: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 136ms
50ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://object-lesson.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 02:24:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 13 Dec 2023 02:24:04 GMT

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 9F9B 0
167 B 141ms
48ms Document
text/html 35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://object-lesson.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Wed, 13 Dec 2023 02:24:04 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 5A58 46 KB
13 KB 47ms
47ms Script
text/html 2.19.217.60
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.217.60 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-217-60.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 76070df611804934210bcda9d3437432186cf0729e5eb8e7e4a41b91e67af0a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Wed, 13 Dec 2023 02:24:04 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 Dec 2023 16:52:50 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=52051
Connection: keep-alive
Content-Length: 13232
Expires: Wed, 13 Dec 2023 16:51:35 GMT

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame E967 0
0 490ms
156ms Document
text/plain 67.202.105.21
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?ri=0010b00002QLYzgAAH&ru=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&publisherId=OZONEAIP0001&siteId=1500000135&cb=1702434243975&bidder=ozone
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.21 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip21.67-202-105.static.steadfastdns.net
Software: 33XP018 /
Resource Hash

Request headers

Referer: https://elb.the-ozone-project.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

date: Wed, 13 Dec 2023 02:24:04 GMT
server: 33XP018
x-33x-status: 2000208

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame B929 0
594 B 39ms
39ms Script
text/html 37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 02:24:04 GMT
an-x-request-uuid: 0a050a69-2364-4d07-bb14-633afc6b4847
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.104; 80.255.7.104; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 5A58 7 B
380 B 200ms
40ms XHR
application/json 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: 3db54fddb1cb324ce2cdd5a6ec3dc2dd
Expires: 0

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 74C1 13 KB
5 KB 40ms
39ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://object-lesson.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 23055
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 19:59:49 GMT
expires: Wed, 11 Dec 2024 19:59:49 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 699D 829 B
1 KB 136ms
49ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b8f9acdc29aa23379bd700df2d4acb2fa10bd2f022685f1a9295bd6394b6b673

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-NtRqpQcBuZazAt5n_c3EJQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://object-lesson.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-NtRqpQcBuZazAt5n_c3EJQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 13 Dec 2023 02:24:04 GMT
expires: Wed, 13 Dec 2023 02:24:04 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 container.html Show response
4bcd123ef94f2a8982f448db20d3b96e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9A74 6 KB
3 KB 41ms
40ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4bcd123ef94f2a8982f448db20d3b96e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1r100yi8pmbig/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://object-lesson.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 13 Dec 2023 02:24:04 GMT
expires: Thu, 12 Dec 2024 02:24:04 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 74C1 39 KB
15 KB 118ms
39ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 19:12:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25870
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Dec 2024 19:12:54 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 114F 624 B
826 B 167ms
80ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYvd7jwAEwAQ&v=APEucNXmmh5RDDeuTVUQ8pdzq0yktmRPf8wkJvb9uGyMXas7Mbzz4VZU98_5BZ-JY-KeLdpsuLOYe-qWjnr8jy00mpvwR0PpO0jrgcDUHG0Qr2kcS3My_eaLvuyARs27b610vIxukVeWMU9WpUhx8U_zreFZ1bFbC7GqLg6wURq1cr3PXceyKD3GidSgjPMC1jPgO8hwdyTqLiGpGJYuDIlMWjH9CG2cxw

Requested by

Host: 4bcd123ef94f2a8982f448db20d3b96e.safeframe.googlesyndication.com
URL: https://4bcd123ef94f2a8982f448db20d3b96e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4bcd123ef94f2a8982f448db20d3b96e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Dec 2023 02:24:04 GMT
expires: Wed, 13 Dec 2023 02:24:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 9A74 89 KB
31 KB 155ms
140ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 4bcd123ef94f2a8982f448db20d3b96e.safeframe.googlesyndication.com
URL: https://4bcd123ef94f2a8982f448db20d3b96e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4bcd123ef94f2a8982f448db20d3b96e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 02:24:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 13 Dec 2023 02:24:04 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9A74 42 B
63 B 87ms
73ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CXIvxJxWklPpkp4xSOyP0fyQ2VPihYV3HwuFVhzO5BWvle3LIggFCAGCsPr76lJ8CeWoWb1avt1H1JSK1U-vG9ou6GdzGehiiIq0JrIzkY9CvhnoA

Requested by

Host: 4bcd123ef94f2a8982f448db20d3b96e.safeframe.googlesyndication.com
URL: https://4bcd123ef94f2a8982f448db20d3b96e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4bcd123ef94f2a8982f448db20d3b96e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 02:24:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 9A74 3 KB
1 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: 4bcd123ef94f2a8982f448db20d3b96e.safeframe.googlesyndication.com
URL: https://4bcd123ef94f2a8982f448db20d3b96e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4bcd123ef94f2a8982f448db20d3b96e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 14:10:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43990
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Dec 2023 14:10:54 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 9A74 20 KB
8 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 4bcd123ef94f2a8982f448db20d3b96e.safeframe.googlesyndication.com
URL: https://4bcd123ef94f2a8982f448db20d3b96e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4bcd123ef94f2a8982f448db20d3b96e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1785
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Dec 2023 01:54:19 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9A74 203 KB
65 KB 137ms
49ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 4bcd123ef94f2a8982f448db20d3b96e.safeframe.googlesyndication.com
URL: https://4bcd123ef94f2a8982f448db20d3b96e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4bcd123ef94f2a8982f448db20d3b96e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 02:24:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65486
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702315402350014"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Dec 2023 02:24:04 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 699D 0
0 82ms
74ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312060101&jk=689026392550482&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 74C1 0
10 B 39ms
39ms Image
text/plain 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Px9MVQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 02:24:04 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 114F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGL1cBQtvBTFl9DVEMW8sQ0&google_cver=1

43 B
341 B

53ms
53ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGL1cBQtvBTFl9DVEMW8sQ0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYvd7jwAEwAQ&v=APEucNXmmh5RDDeuTVUQ8pdzq0yktmRPf8wkJvb9uGyMXas7Mbzz4VZU98_5BZ-JY-KeLdpsuLOYe-qWjnr8jy00mpvwR0PpO0jrgcDUHG0Qr2kcS3My_eaLvuyARs27b610vIxukVeWMU9WpUhx8U_zreFZ1bFbC7GqLg6wURq1cr3PXceyKD3GidSgjPMC1jPgO8hwdyTqLiGpGJYuDIlMWjH9CG2cxw
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 02:24:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rmpudzaF%2Bv0ZsZc4ya0xD0NsFpKyQSzO4YF%2BwrJ35OxMhElFUOOlRXRkpmw9vVxoqYhUKeUTu44cemSJ5pU7ZapP%2BQxtbP8W%2B6fF6PgxOL388mYlrN56NmBZDGyWJ376YJNuIvzYwpSHUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 834abfafddc758d8-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 13 Dec 2023 02:24:05 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGL1cBQtvBTFl9DVEMW8sQ0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 114F
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXkVxZypt1S0nqZE0--IbwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGL1cBQtvBTFl9DVEMW8sQ0&google_cver=1

43 B
775 B

57ms
56ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGL1cBQtvBTFl9DVEMW8sQ0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYvd7jwAEwAQ&v=APEucNXmmh5RDDeuTVUQ8pdzq0yktmRPf8wkJvb9uGyMXas7Mbzz4VZU98_5BZ-JY-KeLdpsuLOYe-qWjnr8jy00mpvwR0PpO0jrgcDUHG0Qr2kcS3My_eaLvuyARs27b610vIxukVeWMU9WpUhx8U_zreFZ1bFbC7GqLg6wURq1cr3PXceyKD3GidSgjPMC1jPgO8hwdyTqLiGpGJYuDIlMWjH9CG2cxw
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 02:24:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=joYORtqKQqFjE0KV%2Fa9j6rQq6OjrcF9Sf2RUNLhVD%2F%2BnTiQkfDJ0%2Fx3y4TbllUVAHeFXbNSe7ZpQ14Pj2JVJOqiH4lqNfyDlQO%2Bm0l4Sq6qqlNJ550PYe2NdS3ZcR7Dln%2BZHCop8kzu%2FZg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 834abfb06e3a4510-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 13 Dec 2023 02:24:05 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGL1cBQtvBTFl9DVEMW8sQ0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 114F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESECkz8wG1zwugwIri8203sF8&google_cver=1

43 B
841 B

39ms
39ms

Image
image/gif

37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESECkz8wG1zwugwIri8203sF8&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYvd7jwAEwAQ&v=APEucNXmmh5RDDeuTVUQ8pdzq0yktmRPf8wkJvb9uGyMXas7Mbzz4VZU98_5BZ-JY-KeLdpsuLOYe-qWjnr8jy00mpvwR0PpO0jrgcDUHG0Qr2kcS3My_eaLvuyARs27b610vIxukVeWMU9WpUhx8U_zreFZ1bFbC7GqLg6wURq1cr3PXceyKD3GidSgjPMC1jPgO8hwdyTqLiGpGJYuDIlMWjH9CG2cxw

Protocol

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 02:24:05 GMT
an-x-request-uuid: fb9afb20-8502-4cfc-9e10-946b0d8af869
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.104; 80.255.7.104; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 13 Dec 2023 02:24:05 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESECkz8wG1zwugwIri8203sF8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 114F
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjI5Mzk4ODg4ODIyMjIwNDMyNw%3D%3D

170 B
243 B

101ms
49ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjI5Mzk4ODg4ODIyMjIwNDMyNw%3D%3D

Requested by

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 02:24:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 13 Dec 2023 02:24:04 GMT
an-x-request-uuid: 94ad7e14-4e99-48ee-a74b-4c9fe28d57da
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjI5Mzk4ODg4ODIyMjIwNDMyNw%3D%3D
x-proxy-origin: 80.255.7.104; 80.255.7.104; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 rum Show response
elb.the-ozone-project.com/cdn-cgi/ Frame 3FA8 0
137 B 30ms
30ms XHR
text/plain 172.64.144.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://elb.the-ozone-project.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.144.78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&publisherId=OZONEAIP0001&siteId=1500000135&cb=1702434243975&bidder=ozone
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type: application/json

Response headers

date: Wed, 13 Dec 2023 02:24:04 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://elb.the-ozone-project.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 834abfaeffdc4504-TXL

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9A74 0
20 B 73ms
73ms Ping
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8277734553144&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4bcd123ef94f2a8982f448db20d3b96e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 02:24:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9A74 0
20 B 73ms
73ms Ping
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8277734553144&version=m202309260101&ct=76&x=1&cor=7775790040503099000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4bcd123ef94f2a8982f448db20d3b96e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 02:24:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 9A74 104 KB
40 KB 86ms
86ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A6VxqWiJk18Ayb0Zp-SRpYAwHg-AJD6RggCzLomKVHJS6jhVmMQlXQip9hCmvhRH970cXaU7pd1nxmOd6I2k-OMQsXwK7Cn1N-LWjo-vmgr6pGqgNlFJ5HL1XkMFCXifRfVl08Bk9DCxEsQWbLuJJW0vcwj8W8TC04K2VGo58JkrUJSS8&dbm_d=AKAmf-BlA2mGU3j7fbm2sJOvrZL1eZUtDe3cAwiUnjORir5_OscnHowUJ17Bv68Q08Pco8u3Y10iUH-qqn4lgIPXwuBiW4dsQZ9aa7dCRo02BEfTG-kPBDGXfekaW5hixMvqROo_H7uhAzwFjTb0yjcdUyyIX3dpbXqZOZE9vjdCZLt7N37hNnMu9DQ5FWYfsXQFDfWk1gWr9xVSKmStdN9ET2pS4iTmxzAKfTXLS_xb9ldOv8QTpPRpX7q2Tp2JGV-nNTXiwDsk1zWzSlU-w48-8Bb8Hlxe_Pm_eN2UcjBDfWrpUQkAUREshOHn-Iceq2a8POQ2BVWzba-BzMJLkqElDn-Su38L7r0iX9swxopvwBKnOm0Goiq1fS4bDGirx_TVejCJBks637vYr1_q2f7CQv58Fks4Ia4O6I5H5ZLA6-Fye_kiFmvHm8OaJjVd0zg6t7dpDDFwQYtNq0AyuAEGcg3Wq9VmcRvFJ0YpygdVoS_YXjBMyXWKWRAOURwlRSSFfmVrRy1M7SOAGIeJFJ7-a9BPSZjCtkQ5AO3lPtIfjcbi_gWH-bpAJlW3k3qprU02FdMFJYGnJ4SRXosc15VoIGk43AXl2ZHTqv4eIbkFaT4Rn1mlDkJ1OxpX-EF7WSshqEcGbG9_XNR1Mw_XTOMkhXkO9dHmTtQTHwwXSJdroyht4-6ywKfQBtWMKNdeLq_57rg32-4Ft7RorVZXQ-1kjIIUorVfsDkhk5euQv_mvq4KMZY3CRgfyndD2slMKUTfEHN2qRq3hWlP7Auj-9gZJT8BrCtdzeyYWhsIv7RSS4kXGMwMzkEl6-aaAfGMfA5mhG9uizunqydDqIpyqbEEQZkThtAxOOfK1R0lklJT4JtEBsz11u1-SQZJEPSGWxdSluv4-JyIIXZJEqIqol9qMrU4XaoyezWndBo4eZzTvo-moj-7_FPUDxnSBqo_P8kzSyfQQNOhOcHnsNvrU9C022CfbhcgcFTLdGMyiOOUqkOEUMdPltuU-ZkzpZvtIHFSwZkDLFvxhNjl6W_j0G4IKtcDjLPBvlXwkO6wtvxEnXoDAAvwrWedaja9Pnuzo2rTAM-Rf4rRX6Mgh49sZodTIP_-c-b190Ktxbso3kYfqW9xPzYRkuk1hiIvn7UXse9zV875vX7DqGqOQcZWJ_Rev2XJMKTAM57VCw6TyikPEIoUSyqO9s2hFOtIFaHjXXJg0lTwkcfKMLdN6P2PxRY0jzlQ_5FDtAMniBTfuXl0DXafElceGka7iezYBNJz1g_6qPLgk99JKI6jmFw67bLf7XuMm5PHLFEBcFXfzIhghnMpxzT_AT1jHLCPnNFm_I126rMkqzftOUjLDfjDAlTWfuDhoukueAmCmM0pjUOQDrTNsU2HhbqEzMxWYqgwueCQLGAbyVDQu-KKSYgFsbDOpm4AfNaCOGs7HsVHL8hVAxzantcotYaYVF4giu8wR-MZ23fMVdzTQaPoi_z8KJgyFY9PMC-BoLwFdh_Hw3r1NNbsg8G7v84w_dXDHKi38VpmvxKAL3KfczHjnl9CT-8_UvtBFQBsikZAn12oqcapVsmXSJky7jPWuRs08r52CkZWFPbCXfg-T48bpiWYKanS0yh1N_8Sq9sx1gaz7VJBC2a0T-Re4BDqrC4h-uLQRr4i6-0ouRG6vdXGxEsAD3rX8bTqfUPF1aZkjb_np5mPa9OWBMBxJB5zxqt1ry8MtVC7aN3xeCiI_Svm123gr_nbaAC9jBaNdTRIEzDHLWWpsxjVlcoAloqU85V7Nkryz5CfimD2HV46so0Q3TMAXzF7CxrdZEBGTCjfQrlbDSxOr1ldCrymZ5ZK3_BbC_rwylgAnceGnoEsxdQ9FVykYMmv0SatRJ-snkfnfxx6tMznSQarNa9W8h_BeJ55C-46BfAdP1wEy2Jlo_rNtLfKJetBYOeCXPyllnCsPAIWcMh45gUbr9OJju9hIN4Ulo2f8Q2Y2BbgEbiX-4HqqjLr-TH6qncQnm0cATx24P8ZYXKki8f2BbVdNHBY5Ebcmo-EcPmm-ta6KX3VDJ6Zg62GfrNXirtqs6pSPIB1YgXmQSTwm6kkfwOUnA_bDQNAEwl8hsiB9_8TwdQhN9nLRQZQVwKyefNNJUFsq3sjWWwMxCoWNNmKwxz7dUBQApOTXyT8lBYxDgfMWDXl2-PKHDuPgCIFt6CjeNLw8gMmShn5Xjx9_kvQFuMPH6-ESx5NTZtWFiKHexOmZ3UQgYqvdH8Xmd7Iw-R0Eq4-Qip44aQiW6OZybHOHYV06MVUiNr48inC8DNJYxcd-p4qLPI_uwWRjqvF0ncz5J_6Kc_1hLjx8pL9iZ2DCr2SJPbyD1mDWUlNlf8woh_oXV2RXR2K5DjvFvmEKBFUps20fe0sEzIx0uSgSLdFDskDQJ5M_knzSHkfjVzQDjNq9LEQ6DXX-hKE-Xi50eVqapt0WVOoYf4KQUfdJytMyg522hI9TGAgs_lEcPKAVIHOP5biNkS2QLA41YsZ676Ui2aS3z9_fxWepQ5mKiD0YKu8fyH4jW_Wz7uMWA2u8JHGAD7nyPxhnwf5kTk7DIj8BO3jQ5TRUoUGGRu3QFznZEuS8Qfk73i6eb__0wXQoJXH7CQSSXNT9ebljG1SG6rWK7lPpl9cijzYFWjp2k-IAz5HLTXXOlIbowLqUqBiElvv_XsEwJ-CxLub4hDVwGFcrWlH6xXze__KVMzWoGn-A4sqKGh52z4N7_XCr0RxZ-KwSUnP-UlJBz7N7R5NC8KB4MrPkqpDR9kWSAxT9Grf7sg_ovcrnayACqbNod0K_I604TQStMt1UcRd-cm3GGnL6asAWmWP1Nyf_Xt_5zJE2wIDzC1W6nkr7qMjLKP7q8cICrB6Ph19ZGfRZuhWqZFfWLMevzExMOnzCC5rYqljnnundJdw1WC0Tj9U17kX6pJ8k7BfqcMrnnacr0SVkh0bC5RJg5eHKI9WlDRojlUhqqJgaucMI-C-PdiEpQlRPb6NISzuUV2xOBN_aQbb_1SxJYq3ldrlEgC6TVFe9a-ZJBBzi1iwfes_gSe0meDTZpMNt1o5bNRh8p5gUHO3-NWSSP4MKSQgGwcv3-C3YypIdlgpRK1xY0MEUAeLToeADapBwfZhx7GmLPWUm5wT6wNNDeKKOaIImCqD-B81O-iXxm_LulQLhFvIeKA6cLqb1YH1uUUkT12JJtNzHBS77f5ZH9UzaGKXlXxqvRy_Kes9-DdprujR8BWGMCTMskUuf7ie90rne_iAjWDs6d07iimjuQg5tEdmXs_w3y0DzqV-KKgUzzjvG3rCFWxg0lHHJcxzq_jmCtUcVluMBUGCXL1fs5fV6VfgyUsLBipa8rEGwQoPvhxc1vR0MQqZOsAHSsTfdwNStedxR3xoYt49ZdvGaM-EyMLIXMA0BqVIe-k3rBkWKtc1vMW8vKirnB79OCB8VmojjP04jWiVRaTk6mfVQKWL1AxZmUXlceT6yFr-kXNeKts5X-0i3bXYRgBsQvReiSCXfj98ayP-XWoU42zkuUfkA6p-IFF-KR6pdOKa2stvI_hjbHi4RhdRNpAAl7yF-j-OKaoF7_EBL46QorlbDUbs6J2cNOeTCGXUeJEfOFMJM8EGGJiQ7VFX2efcUYi0DukglW1h0ukAheSTNmrBvc9hmJcFYXggTFwEab0KsAC0ABIXvQOvjn6QiGQ5u6iqo2Ocj2BOaHUi3sN3GsaQOuHEFJjbVpbIbTpDZLF07xbYI6RrsnhYEy54vJvICSq_Tij4leoOfhLTtBxD9OJRb4YLnmdi_wXK-UlxEDL23SYHXGCBOi-2172vFGi6U1nP3A9Ktl5tlXMnRmuKYbclZ6Q-_NHv_kQoJcL26V0_NXoMY0lNm-9OcKaY53yVFfwuf90DZGSEQkxuGn1XtTFRsjt1_DdF8wiDSstqWozLZ5VRdQmJkvrN77FCV_HanO9lWHjn8qh8ieloln8pDijn_mU4cw&cid=CAQSTgDICaaNVdXeEDXPA4jSBWghhcoRhlXnMHYjTRfoB7dP7bzIF3BQTlx8yZLRJ3i1fgtZwX_iEcEh3tT2WG2KnSsdDPVFd99cQG511k_vERgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fobject-lesson.org%2F&ds=l&xdt=1&iif=1&cor=7775790040503099000&adk=3944675603&idt=172&cac=0&dtd=23

Requested by

Host: object-lesson.org
URL: https://object-lesson.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af484671b8226d18a72d6851a9657da04f40994e0ce23dbad38087b72749d74f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4bcd123ef94f2a8982f448db20d3b96e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 02:24:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40414
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 9A74 172 KB
61 KB 151ms
39ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: object-lesson.org
URL: https://object-lesson.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4bcd123ef94f2a8982f448db20d3b96e.safeframe.googlesyndication.com/
Origin: https://4bcd123ef94f2a8982f448db20d3b96e.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 23:49:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9301
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 13 Dec 2023 23:49:04 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 9A74 11 KB
4 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp.js

Requested by

Host: object-lesson.org
URL: https://object-lesson.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4bcd123ef94f2a8982f448db20d3b96e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:57:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1567
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 14415875674906819925
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Dec 2023 01:57:58 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 9A74 31 KB
12 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite.js

Requested by

Host: object-lesson.org
URL: https://object-lesson.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4bcd123ef94f2a8982f448db20d3b96e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 20:42:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20498
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11943
x-xss-protection: 0
server: cafe
etag: 4141415479739543000
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Dec 2023 20:42:27 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 9A74 41 KB
14 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: object-lesson.org
URL: https://object-lesson.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4bcd123ef94f2a8982f448db20d3b96e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 375537
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Dec 2024 18:05:08 GMT

GET
DATA 200
OK truncated
/ Frame 9A74 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 505436b9e9ace9e5c085a83a21c86e254d85beb9fe86cab82fa92a55b8dcbe41

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 08B2 38 KB
13 KB 40ms
40ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: object-lesson.org
URL: https://object-lesson.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4bcd123ef94f2a8982f448db20d3b96e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 61838
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 09:13:27 GMT
expires: Wed, 11 Dec 2024 09:13:27 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 08B2 39 KB
15 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 19:12:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25871
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Dec 2024 19:12:54 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 08B2 0
20 B 76ms
75ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BsFcixRV5ZZlxjaT27w_v74iwCQAAAAA4AeAEAg&bg=!S0ilSAfNAAY3kmNgF5I7ADQBe5WfOEmnpzENMeBnFKu-_l5Jw7GdkBeByx0vFmXhQwON432rYNsa_l0vrsSU_F24GeceAgAAAChSAAAAAWgBB5kDResX93Tp3dsZOwXV8ddzoSKcurGIQa2hp1RkrBseVUXaF2XLgvDSboLMA3S5q31wXBPb6x7oO7sugy-TK4z630PrCfukDDnDHQGrp9cE1dC6avHlule3MPyuUF5nJwxoLlemDbtfAjTD855ndl_hOnSq8hL0KSg1wqWKLSxVR6tvBAPDk05G-V0uUVbLQOzkVrpXJQBrWnqaFxKobPqWpL5tC9rC5_82rW2R6qohc9w56xF7BTOKjwgjmcF26y0WmlT0zbV-JF-qgFB5LUKiOyKosa6a2Xj2ao1NMkI5wZpHUn4EKQPSoKhADw9FhcXmKQA_1kt5ZZ3IPrK7ttp0rcu_0hb7spM9hu9ixQCX8zv5CqLQf9fTXUxuF9MXVaVb4F6jKekWWKOOp5NUaRnWJ_A-8dRRnxSm8lLkloIDIqV9K0ilj4bTJc7jAAzWBXf-YxOqXJUXNiOx0exn41pcaLj_pWG5l1uQ8Cw-IYTq-iysgf6bmNmfrbBAbWrDJEZy6HOkm-7dEbBGRa2lJ2Chd2xB26OiJfXmd2wWjJaqOOGwdrcQksuxUS1RYJVictTnzdWJouSsof6-0mBehJvyqE8O7NAU7Fp6qccyOKKX9AcLLuJz-PNtRcrVOoUK4SweDIY-byJ_1-cg-6WJSInNF6lwNs3lGLajOK5n-tfAXWk_nelenO0_H_LtgFFqZK5PjKp0LnDDqJv1Pecvy-Z1iiNkWr0KdbYgbN_Tt0PiBUE7PD7rLDS1RZpwnpFhP1sAb_quZD4Dwl21Lp-vfXsm3jxtyUiGZcfsJaB9mNhaejNnoAWyuWe-5fmsNSP5v8SqOK0-N8_EXYFKik72vR74_swan8Gx93J1xnjGHx9xKreKto-aXX-0ZBm-iO93z_q-81p0T8fZjVTVMvPp7R27GSxTl-V16cP2Dy1ydxfp2VDB7Il1VHxJaW7h5YHStpvz9WS_kORARQ0TPbB6LrS-wRfZGg53Y3tTPM6nm46gLPjeN68BohECM1X4rJHoImyKd88OSL0lUtdZrTTqjPIefd-1HI5zCBabPqelaJQS5ls2mjVPBjs7jtuU2teGbRUGCUfrLYyQryqYF61Ny6LZbZkHsbi-6g

Requested by

Host: 4bcd123ef94f2a8982f448db20d3b96e.safeframe.googlesyndication.com
URL: https://4bcd123ef94f2a8982f448db20d3b96e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 02:24:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/11373257365214757226/ Frame CFCD 673 B
436 B 128ms
48ms Document
text/html 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11373257365214757226/index.html?e=69&leftOffset=0&topOffset=0&c=E9CvFvWNks&t=1&renderingType=2&ev=01_250

Requested by

Host: object-lesson.org
URL: https://object-lesson.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4ef2d6f2ff37b033705dc9279aab372d596ccb7e5ccadc245d14cd0ed9db434

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4bcd123ef94f2a8982f448db20d3b96e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 408
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 13 Dec 2023 02:24:05 GMT
expires: Thu, 12 Dec 2024 02:24:05 GMT
last-modified: Fri, 01 Sep 2023 16:26:26 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9A74 0
0 188ms
86ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuSR3eydAbQSpXiPqRle-kMN9Oy3HI5G_tBZJHpuwtcMFA0ELEq95j-vApMyJzAgZ5ziMftrdAq93KVh2DSaJK3X_xuUprQxHJpMNH1upXYXDl3p_j0tVMXAy2EiOmcArfmmU6Vl4-0-Oi3oC8LCB7EFdTrkEbThEfHVJFITt6RkrOrZbWLhi-z1NAmNvnCHgUUBJh12BgR-cjFC2T67TKp3QanGBKkw35kVCKDHRqofU498FQj75HoLJwA8W2VBNQfr6gxwVCRVYF9Fgfl2U7X3BFsp9G1ANDUKC9ieChrJ9AdsHGusBPVChk-pN5ofWZQaFojhEcol0ufzVFA9Plhi9asXZgIp3UE-ZrNEZf3vw__SArPq0_i_0ZuXCYrqbGEYU1Pz8pEWmh8JltJ_2zlx8vLPJ6S8ySiIeTrMzRqgah0a_klzLC383iX-czSGhMZdTBAvaMCKC1vc2AaHvviLMnNevicR-LnhlBzSyz2cmQVXCfkKpAwUxd53nVTL2e77lFyf6mGNDHsK8wYuFd-oblJXcG8rnlPbQT0CnvUS6nDRRB5EogdhFPXK3UEu8auGlzvH9yt0cLbvhRXXOojdOoo3Z3tUPYVLGm4n6VntmLgEKyWu0z6rPIMMLXbNPJUDqThE1twBil3kew2rBqRuYCHZc2tIDF5ao60ujfLkk7W6Dt4o7i2VPW2eZOv5_LYHhIuzsdHmsGUAUaFX8r8FYj5fBMfcuNBSbbUMW_HwxQvR8r7zm1EsIdQkF23QQbabNn6vVRrttVgxp6VsMf4zh9_KBUilmPOTSWvBPcy4R5qAGaDUvQx7UVPISjTbzphwO_bUqou8Aq3HUKP3AWt_QN-lOzypIfFclwFfNAYC5rYBhwkcEwLGp6I6MKhcgKP_uE6K8SzN-BvO_Q1M3cd1de1ChkTt6STr6MMLkEv3iekZvbBaNRFrg0tJ5GAn91x-PpmsP2Ut6xSuWpFBRMuqpNCpdZsLwpPh7VmsdIk--N_rAFJLuizqrCOJOH6v2_674vtiotzjqwUknpDttxvcUyTJEv3BsfgSVYLELN_VE9pDyQzNG4r4NY5CyQ-AwDmDpJZip0Mlf3NrG0EhW-fC6BA3nOoMfr5pecMViUws4puoooOfHqUm4uVEdqW2ZbQEBUVxaCv8bQ7wQ58afoSTc-87wyf0ALlTh7FheYoTvgM3Kb3v1q-LuFdg4l8fZPdXPUuFu9nvsjGe6CKDeA4DGjvmpzenLUnCG-trY1SixcFlhLHk8Y-rqM55G05o_MuKAoSYtXXfOhUACNvJTTSCKCOTJsNFVYLMwQ8KS7deIHHr5ggMLoXL1tYO4BAZpFW5B3k96gT3_qd64E7oKvE5_iE-cdfOhPsgWhj2Nn5Id_zg-DdYqxr8dpcO9_pZA6Eytnmq7woxcF82KloIMdyLhIMopGIlZxEjVPc_-MUPgJLYMbOM1rdpeayLAmCKhZDPA&sai=AMfl-YTrgHi0CHQqz_s-e7ER_wc3ZBib2R4QkFcOo7iNHLoituLkvsg0-sAcc2zqIaVjT-uPUVvhALsoO-QdKpTs6PloGki8eZRH8SRaIBFTFHjAdM1YwgfCPovf6i6n-yTJITC9bwnSnDC_pQ-RpikwAFA6ASBFiaZvqRsjWqRtW53RsZlDWJPKsPjhsPqjVEHF29CSOMOnBtXqOpT0yi-TuPg9H1oQC4DQesUmRb9kF9QM4BAP8Ro8eYMzBvN4jxK6CyA5XHx2_rmhnWn43WLndS59GQursggU9iAfwQ&sig=Cg0ArKJSzN984Neuvt1LEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=236&cbvp=1&cstd=224&cisv=r20231207.41054&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: object-lesson.org
URL: https://object-lesson.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4bcd123ef94f2a8982f448db20d3b96e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 13 Dec 2023 02:24:05 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 74ms
74ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312060101&jk=689026392550482&bg=!wsGlwY7NAAY3kmNgF5I7ADQBe5WfOJPYM-GkkPt6LHWMxllaj_zvpOKakiwVrXYImKLfsEAIgpX2r86UmuJu7hS3jZ_SAgAAADhSAAAAAWgBBwoAD5Pj9F6iubDstFa3PvxBZZkDGwUU_smfEJUXyzgYwXp6EXOkbGe7AN7s2PJk31bzQvKXSA-B0qMWve1nuU8V_m8QXRIKKqMt2beiHC_X8iFjGBMS3Ao9vDg3fg-MQPQwvJ-zKHlljyAY0L8WHgWURFVbYk7JGyjyuNV8KUVYxHGkObMpoAlfF_YXXyQgQvi5_mDsWNRatc8tYzW0pyINpAF2gRpaLrtRozdjLNiXYMlrq5CwuTt15sQRIRarqa0xE3-BrHi_sOZ34pjban5x01Y2fHd0FEJFTsgsdM2-zcHyYfgbYQ720kqgOkucKSSwX_8Qv23aMJjUnFyzd90uFkWrvQ0fwnpi-FADeMcgXbA4JEtXzPDBJItUL1Vd34v_-T8GMcY-WxpnlT6ve6f6B4OqHVcAak1Rdn28qCU46oHc-2hrOfuuZzLO6I-9KtqVxWPisHjchampWV3PRJSazgNGrhLrbpnouw2zVAbSFKeZZbMR-9q2V6_p4YmHBYrmcE57aEjbcTdB3WAqZzZZOEx-cfm9MH17_At0833oIj8w8vo3rx1PKy9t0zGcya0Yyqrv2iWX_pnM95LZzbvt7sXRC97Tp1xT_6uZdFxEwB1sfGg9m5lz1QGbcA_7QWWKYy1H9ci-SwyPFd1mro2dA_68T2AuJfEVni8twa8pzkHDEVbj5k2uj_HT8kx2M_RWVNoQKxdOBQ8RVKONPaoQGvY9KIHO8jReHSg3De1VBbh5-hZi2e94HWEkPd4aKaHMTzmiUGUkoarhMI7M6R8AzmIRd4gjUQ4e5PWFfX6umsxQ--ftoMkNZ3SOiH6jQSdu5rkh8gGheQ0vNmukRX6P0xz8B2yuUu1y-CgvPyoUB_411tKF-W_DLLEggJXa0gF_jj1Ma9XHirlHjDz1qyM6pBMFyAjVx_LPh9LfSCOv39yjabVYjBiG-Zv9K8KMsx6RRgqUyoCUx_BREr59HJqUsY01wDXKBkJlqntQ8aEh3D4-lf61ugFrwV0O8vFhNjAZ_o76QK6BmwlNq9B8NzMdrfDJhTBIkiQHV4iK3GdK6F81robL1ZWUiJcqSedQrw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://object-lesson.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H3 200 Enabler_01_250.js Show response
s0.2mdn.net/879366/ Frame CFCD 120 KB
41 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11373257365214757226/index.html?e=69&leftOffset=0&topOffset=0&c=E9CvFvWNks&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11373257365214757226/index.html?e=69&leftOffset=0&topOffset=0&c=E9CvFvWNks&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:23:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50436
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42247
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 13 Dec 2023 12:23:29 GMT

GET
H3 200 template-489be870.js Show response
s0.2mdn.net/sadbundle/11373257365214757226/ Frame CFCD 40 KB
14 KB 58ms
58ms Script
application/x-javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11373257365214757226/template-489be870.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11373257365214757226/index.html?e=69&leftOffset=0&topOffset=0&c=E9CvFvWNks&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfcce6fbc676bcdc4c9f2e2cbdd40cee40a4b9066f829f4e9e400cbe142183f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/11373257365214757226/index.html?e=69&leftOffset=0&topOffset=0&c=E9CvFvWNks&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 05:42:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74516
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14187
x-xss-protection: 0
last-modified: Fri, 01 Sep 2023 16:26:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 11 Dec 2024 05:42:09 GMT

GET
H3 200 index-be1f7599.css
s0.2mdn.net/sadbundle/11373257365214757226/ Frame CFCD 4 KB
1 KB 41ms
41ms Stylesheet
text/css 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11373257365214757226/index-be1f7599.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11373257365214757226/index.html?e=69&leftOffset=0&topOffset=0&c=E9CvFvWNks&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be1f75994e53be710e621d9552d7cc796a347e85622acc435325d94e076b6996

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11373257365214757226/index.html?e=69&leftOffset=0&topOffset=0&c=E9CvFvWNks&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 18:22:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 115313
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1385
x-xss-protection: 0
last-modified: Fri, 01 Sep 2023 16:26:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 10 Dec 2024 18:22:12 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame B929 0
594 B 40ms
40ms Script
text/html 37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 02:24:05 GMT
an-x-request-uuid: c6983d60-8508-4590-b5ae-2ff33d5c9988
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.104; 80.255.7.104; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9A74 0
0 78ms
78ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuSR3eydAbQSpXiPqRle-kMN9Oy3HI5G_tBZJHpuwtcMFA0ELEq95j-vApMyJzAgZ5ziMftrdAq93KVh2DSaJK3X_xuUprQxHJpMNH1upXYXDl3p_j0tVMXAy2EiOmcArfmmU6Vl4-0-Oi3oC8LCB7EFdTrkEbThEfHVJFITt6RkrOrZbWLhi-z1NAmNvnCHgUUBJh12BgR-cjFC2T67TKp3QanGBKkw35kVCKDHRqofU498FQj75HoLJwA8W2VBNQfr6gxwVCRVYF9Fgfl2U7X3BFsp9G1ANDUKC9ieChrJ9AdsHGusBPVChk-pN5ofWZQaFojhEcol0ufzVFA9Plhi9asXZgIp3UE-ZrNEZf3vw__SArPq0_i_0ZuXCYrqbGEYU1Pz8pEWmh8JltJ_2zlx8vLPJ6S8ySiIeTrMzRqgah0a_klzLC383iX-czSGhMZdTBAvaMCKC1vc2AaHvviLMnNevicR-LnhlBzSyz2cmQVXCfkKpAwUxd53nVTL2e77lFyf6mGNDHsK8wYuFd-oblJXcG8rnlPbQT0CnvUS6nDRRB5EogdhFPXK3UEu8auGlzvH9yt0cLbvhRXXOojdOoo3Z3tUPYVLGm4n6VntmLgEKyWu0z6rPIMMLXbNPJUDqThE1twBil3kew2rBqRuYCHZc2tIDF5ao60ujfLkk7W6Dt4o7i2VPW2eZOv5_LYHhIuzsdHmsGUAUaFX8r8FYj5fBMfcuNBSbbUMW_HwxQvR8r7zm1EsIdQkF23QQbabNn6vVRrttVgxp6VsMf4zh9_KBUilmPOTSWvBPcy4R5qAGaDUvQx7UVPISjTbzphwO_bUqou8Aq3HUKP3AWt_QN-lOzypIfFclwFfNAYC5rYBhwkcEwLGp6I6MKhcgKP_uE6K8SzN-BvO_Q1M3cd1de1ChkTt6STr6MMLkEv3iekZvbBaNRFrg0tJ5GAn91x-PpmsP2Ut6xSuWpFBRMuqpNCpdZsLwpPh7VmsdIk--N_rAFJLuizqrCOJOH6v2_674vtiotzjqwUknpDttxvcUyTJEv3BsfgSVYLELN_VE9pDyQzNG4r4NY5CyQ-AwDmDpJZip0Mlf3NrG0EhW-fC6BA3nOoMfr5pecMViUws4puoooOfHqUm4uVEdqW2ZbQEBUVxaCv8bQ7wQ58afoSTc-87wyf0ALlTh7FheYoTvgM3Kb3v1q-LuFdg4l8fZPdXPUuFu9nvsjGe6CKDeA4DGjvmpzenLUnCG-trY1SixcFlhLHk8Y-rqM55G05o_MuKAoSYtXXfOhUACNvJTTSCKCOTJsNFVYLMwQ8KS7deIHHr5ggMLoXL1tYO4BAZpFW5B3k96gT3_qd64E7oKvE5_iE-cdfOhPsgWhj2Nn5Id_zg-DdYqxr8dpcO9_pZA6Eytnmq7woxcF82KloIMdyLhIMopGIlZxEjVPc_-MUPgJLYMbOM1rdpeayLAmCKhZDPA&sai=AMfl-YTrgHi0CHQqz_s-e7ER_wc3ZBib2R4QkFcOo7iNHLoituLkvsg0-sAcc2zqIaVjT-uPUVvhALsoO-QdKpTs6PloGki8eZRH8SRaIBFTFHjAdM1YwgfCPovf6i6n-yTJITC9bwnSnDC_pQ-RpikwAFA6ASBFiaZvqRsjWqRtW53RsZlDWJPKsPjhsPqjVEHF29CSOMOnBtXqOpT0yi-TuPg9H1oQC4DQesUmRb9kF9QM4BAP8Ro8eYMzBvN4jxK6CyA5XHx2_rmhnWn43WLndS59GQursggU9iAfwQ&sig=Cg0ArKJSzN984Neuvt1LEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=454&vt=11&dtpt=218&dett=3&cstd=224&cisv=r20231207.41054&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: object-lesson.org
URL: https://object-lesson.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4bcd123ef94f2a8982f448db20d3b96e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 02:24:05 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame CFCD 8 KB
6 KB 80ms
80ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1f1ff126ce153b42449a938bbfbb683ba353f1b6cdfd9343afcaccad602f79f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 02:24:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5816
x-xss-protection: 0

GET
H3 200 06232023-053002206-background_quadratisch.png
s0.2mdn.net/4528404/ Frame CFCD 28 KB
28 KB 41ms
41ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/06232023-053002206-background_quadratisch.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4338b399e437bda69b997b7de46a7869b9244a1f7cebc91ddaf57329c41e7ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/11373257365214757226/index.html?e=69&leftOffset=0&topOffset=0&c=E9CvFvWNks&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 23:48:43 GMT
x-content-type-options: nosniff
age: 9322
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28774
x-xss-protection: 0
last-modified: Fri, 23 Jun 2023 12:30:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 13 Dec 2023 23:48:43 GMT

GET
H3 200 annick_sitzend.png
s0.2mdn.net/4528404/ Frame CFCD 2 MB
2 MB 47ms
46ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/annick_sitzend.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7327225cdf3eb28cd7f8ed4ab98de9d079fe2f007c3d73fd58dc4c757cf6b4cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/11373257365214757226/index.html?e=69&leftOffset=0&topOffset=0&c=E9CvFvWNks&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 11:12:03 GMT
x-content-type-options: nosniff
age: 54722
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2539328
x-xss-protection: 0
last-modified: Fri, 23 Jun 2023 12:30:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 13 Dec 2023 11:12:03 GMT

GET
H3 200 congstar-stoerer_gb-plus_full.svg
s0.2mdn.net/4528404/1687525202405/ Frame CFCD 4 KB
2 KB 53ms
52ms Image
image/svg+xml 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/1687525202405/congstar-stoerer_gb-plus_full.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd5e51e4be28957472ed34851536685ff162bb43dec37c9a7be46de1c1b72ee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/11373257365214757226/index.html?e=69&leftOffset=0&topOffset=0&c=E9CvFvWNks&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 21:16:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18438
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1929
x-xss-protection: 0
last-modified: Fri, 23 Jun 2023 13:00:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 13 Dec 2023 21:16:47 GMT

GET
H3 200 logo.svg
s0.2mdn.net/4528404/1687521602712/ Frame CFCD 5 KB
2 KB 54ms
53ms Image
image/svg+xml 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/1687521602712/logo.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0d80991c6e4b62d5c77985c1e293aad44cc120e03aee7ae6936c79d25a0e467

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/11373257365214757226/index.html?e=69&leftOffset=0&topOffset=0&c=E9CvFvWNks&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 20:42:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20502
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1913
x-xss-protection: 0
last-modified: Fri, 23 Jun 2023 12:00:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 13 Dec 2023 20:42:23 GMT

GET
H3 200 cta_mit-pfeil_01.svg
s0.2mdn.net/4528404/1687937402098/ Frame CFCD 2 KB
1 KB 56ms
56ms Image
image/svg+xml 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/1687937402098/cta_mit-pfeil_01.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a9cba16c5a30dc7cc3bdcbba2a45e9e2e28ec4437894302c6676369ed0ec732

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/11373257365214757226/index.html?e=69&leftOffset=0&topOffset=0&c=E9CvFvWNks&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:23:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50416
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1134
x-xss-protection: 0
last-modified: Wed, 28 Jun 2023 07:30:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 13 Dec 2023 12:23:49 GMT

GET
H3 200 congstar-stoerer_gb-plus_small.svg
s0.2mdn.net/4528404/1687525202075/ Frame CFCD 2 KB
1000 B 55ms
55ms Image
image/svg+xml 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/1687525202075/congstar-stoerer_gb-plus_small.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

644aace6e359180bf6b29b4a7b172f7b6cb8c937fa531eed22a6447fab6a2c8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/11373257365214757226/index.html?e=69&leftOffset=0&topOffset=0&c=E9CvFvWNks&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 12:20:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50595
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 974
x-xss-protection: 0
last-modified: Fri, 23 Jun 2023 13:00:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 13 Dec 2023 12:20:50 GMT

GET
H3 200 logo-d0d80991.svg
s0.2mdn.net/sadbundle/11373257365214757226/ Frame CFCD 5 KB
2 KB 54ms
54ms Image
image/svg+xml 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11373257365214757226/logo-d0d80991.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0d80991c6e4b62d5c77985c1e293aad44cc120e03aee7ae6936c79d25a0e467

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11373257365214757226/index.html?e=69&leftOffset=0&topOffset=0&c=E9CvFvWNks&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:55:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62926
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1913
x-xss-protection: 0
last-modified: Fri, 01 Sep 2023 16:26:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 11 Dec 2024 08:55:19 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame CFCD 17 KB
6 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 02:24:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 13 Dec 2023 02:24:05 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame E409 39 KB
15 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 19:12:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25871
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Dec 2024 19:12:54 GMT

GET
H3 200 InterstateCondensedBlack.woff2
s0.2mdn.net/creatives/assets/4925812/ Frame CFCD 14 KB
14 KB 39ms
39ms Font
font/woff2 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4925812/InterstateCondensedBlack.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11373257365214757226/index-be1f7599.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3b7bf416424abed17314649bb71a1de7a3afc6af66840d04b730e69652e27ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/11373257365214757226/index-be1f7599.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 02:16:35 GMT
x-content-type-options: nosniff
age: 450
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14644
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 09:13:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 13 Dec 2023 02:31:35 GMT

GET
H3 200 06232023-053002206-background_quadratisch.png
s0.2mdn.net/4528404/ Frame CFCD 28 KB
28 KB 39ms
39ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/06232023-053002206-background_quadratisch.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4338b399e437bda69b997b7de46a7869b9244a1f7cebc91ddaf57329c41e7ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11373257365214757226/index.html?e=69&leftOffset=0&topOffset=0&c=E9CvFvWNks&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 23:48:43 GMT
x-content-type-options: nosniff
age: 9322
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28774
x-xss-protection: 0
last-modified: Fri, 23 Jun 2023 12:30:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 13 Dec 2023 23:48:43 GMT

GET
H3 200 annick_sitzend.png
s0.2mdn.net/4528404/ Frame CFCD 2 MB
2 MB 40ms
40ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/annick_sitzend.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7327225cdf3eb28cd7f8ed4ab98de9d079fe2f007c3d73fd58dc4c757cf6b4cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11373257365214757226/index.html?e=69&leftOffset=0&topOffset=0&c=E9CvFvWNks&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 11:12:03 GMT
x-content-type-options: nosniff
age: 54722
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2539328
x-xss-protection: 0
last-modified: Fri, 23 Jun 2023 12:30:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 13 Dec 2023 11:12:03 GMT

GET
H3 200 congstar-stoerer_gb-plus_full.svg
s0.2mdn.net/4528404/1687525202405/ Frame CFCD 4 KB
2 KB 41ms
41ms Image
image/svg+xml 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/1687525202405/congstar-stoerer_gb-plus_full.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd5e51e4be28957472ed34851536685ff162bb43dec37c9a7be46de1c1b72ee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11373257365214757226/index.html?e=69&leftOffset=0&topOffset=0&c=E9CvFvWNks&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 21:16:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18438
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1929
x-xss-protection: 0
last-modified: Fri, 23 Jun 2023 13:00:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 13 Dec 2023 21:16:47 GMT

GET
H2 200 dc_oe=ChMI2ee1462LgwMVDZL9Bx3vNwKWEAAYACCPzO5cQhMIwZ6H462LgwMViomDBx1mPw6f;dc_eps=AHas8cDD2Lnm6xiEj0YqTRtEZwyNS5wPN5h81cFb1pqzF7QUM4hgPCm3BmeLtkRRdw--0-IfNr3Lwe4;stragg=1;&timestamp=1702434245983;s...
ade.googlesyndication.com/ddm/activity/ Frame 9A74 42 B
401 B 180ms
78ms Image
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI2ee1462LgwMVDZL9Bx3vNwKWEAAYACCPzO5cQhMIwZ6H462LgwMViomDBx1mPw6f;dc_eps=AHas8cDD2Lnm6xiEj0YqTRtEZwyNS5wPN5h81cFb1pqzF7QUM4hgPCm3BmeLtkRRdw--0-IfNr3Lwe4;stragg=1;&timestamp=1702434245983;str=nextSlide;strtype=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4bcd123ef94f2a8982f448db20d3b96e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 02:24:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9A74 42 B
64 B 78ms
77ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsudhCTZwrdMDu-Nmlz8jC4U1JL1Mn3mywlOkOJtC8y6Il_lUTJAGoo5MC-bpBkmCOQ_DHwPwtpdibamDHx-zxWtaPGlaR4BycchpykMuzOzRWg7_uFkhQWlXBArtAKl1c79s1vSCvrwRgTAv9-g7-UqcdHm&sai=AMfl-YS2UPvre9rl-cLOm0o2oNmnK0b9xPfa77Fq1xB9Yftpd1cch5O7yA1KQM6Ws1q5u30E7bBjA1_xQQ9aM-05bhAPT0Ek_rnBL8_fv5jKTj4hPNlqfGjiBkFvcfwu0jG9aUR6GtGGuaXN6zaknaaz&sig=Cg0ArKJSzL3z2HCW9oWvEAE&cid=CAQSTgDICaaNVdXeEDXPA4jSBWghhcoRhlXnMHYjTRfoB7dP7bzIF3BQTlx8yZLRJ3i1fgtZwX_iEcEh3tT2WG2KnSsdDPVFd99cQG511k_vERgB&id=lidar2&mcvt=1009&p=65,315,315,1285&mtos=1009,1009,1009,1009,1009&tos=1009,0,0,0,0&v=20231211&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2515300683&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702434244691&rpt=460&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: object-lesson.org
URL: https://object-lesson.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4bcd123ef94f2a8982f448db20d3b96e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 02:24:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9A74 0
20 B 73ms
73ms Ping
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8277734553144&version=m202309260101&ct=76&x=1&cor=7775790040503099000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4bcd123ef94f2a8982f448db20d3b96e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 02:24:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: country.adinplay-venatus.workers.dev
URL: https://country.adinplay-venatus.workers.dev/

Verdicts & Comments Add Verdict or Comment

206 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.object-lesson.org/	1970-01-21 02:29:54	Name: _ga_HB5S6CHE9W Value: GS1.1.1702434242.1.0.1702434242.0.0.0
.object-lesson.org/	1970-01-21 02:29:54	Name: _ga Value: GA1.1.176019623.1702434243
.script.ac/	1970-01-20 16:53:56	Name: __cf_bm Value: gZdB9SOjAR.wWdGzu9NvVV7cn2qdlLepMikmHHhkZjo-1702434243-1-AdZUzyTE07FccaJP652wdLS3ulpjptBbSH+JTWV+kI4OqeyJcfTexuX6T4eQmC1/JIGNpGvvCGKto0ri/17/L6A=
.rubiconproject.com/	1970-01-21 01:39:30	Name: khaos Value: LQ35E5P2-1U-J1PP
.rubiconproject.com/	1970-01-21 01:39:30	Name: audit Value: 1\|naVuGyos1qqXmzwVD2OCswNb0fGVcfL/XWaA1sYWTLHiXIXbtn90w4twqGqrzp/DLk6qo6RvqtVNZQ3alO89wQcjmzNExpCElWZXdQATnN8hkTnGhAX54b7FQD2yB//h3OlDu/ORdD8=
.the-ozone-project.com/	1970-01-20 16:53:56	Name: __cf_bm Value: m_HnPsBCBZpcLO1ehoJ3K7Njm29RECF_m7rI3PZ1mSk-1702434243-1-AUzj0z9KHZcKgp5Ojsy3jeFafycQQrQbjFwFlkiXt28MptiAl/Vhnd/+KmkM9HlimcI6DSyMflJKJhSXBKmahdA=
.criteo.com/	1970-01-21 02:15:30	Name: receive-cookie-deprecation Value: 1
.criteo.com/	1970-01-21 02:15:30	Name: uid Value: 9545aa30-3a1a-4760-aad1-4d3fdd431cfa
.adnxs.com/	1970-01-20 19:03:30	Name: icu Value: ChgIzYVEEAoYASABKAEwxKvkqwY4AUABSAEQxKvkqwYYAA..
.adnxs.com/	1970-01-20 19:03:30	Name: uuid2 Value: 2293988888222204327
.openx.net/	1970-01-21 01:39:30	Name: i Value: 5a5ca557-e740-4f51-8e60-3a10f8dbd90a\|1702434244
.object-lesson.org/	1970-01-21 02:15:30	Name: cto_bundle Value: G9SYK19HdktvNDElMkJVcXpaZG1ZS3ZGN0dWN2ZGeUxONXBMYmFNQ0ViJTJCY2MlMkZ4WWM2ME1rYlBtOE40TlZ4NjglMkZ4ODduSTF1NFdtdms4Z1BIVlFjNk1mZHVxb1lORldodlk5QW1DaDNUVGZDakh0ckElMkJHR3AzRlFPWFpRMHF2VEFTcGlldk1MdW9odVF5N1RGbHclMkZ1RzlTbm8zUHdmaXl2Z0syTSUyQjY2N1glMkJ2WVZxZHdFJTNE
.the-ozone-project.com/	1970-01-20 19:03:30	Name: ozone_uid Value: 2ZT7WBKDDhH74JBeKJqxcQDmCiq
.object-lesson.org/	1970-01-21 02:15:30	Name: __gads Value: ID=3eb15ab568a36063:T=1702434244:RT=1702434244:S=ALNI_Mb4-3nd8pzu3HITdCNhc8KQdz8FUg
.object-lesson.org/	1970-01-21 02:15:30	Name: __gpi Value: UID=00000d191765d32d:T=1702434244:RT=1702434244:S=ALNI_MZBxBt5GPyV0TSdCoRgRntPysjeQw
.doubleclick.net/	1970-01-21 02:15:30	Name: IDE Value: AHWqTUmDgM1WVz_rcqy_MC9vrXNlqo8Y0rBXTVpK_B6utKz7SeESAkMsgdcu26lV
.casalemedia.com/	1970-01-21 01:39:30	Name: CMID Value: ZXkVxZypt1S0nqZE0--IbwAA
.casalemedia.com/	1970-01-20 19:03:30	Name: CMPS Value: 3264
.casalemedia.com/	1970-01-20 19:03:30	Name: CMPRO Value: 3264
.doubleclick.net/	1970-01-20 21:13:06	Name: APC Value: AfxxVi7thpdAmtEEHbBTH_3-9zKBbEC6ZQ32MwFXF8o-3-u4WMudxw
.adnxs.com/	1970-01-20 19:03:30	Name: anj Value: dTM7k!M41.D>6NRF']wIg2HaQwT[m#!@wnfH8K6pQK`!5=E<L5?%KBbC9q)m9@tq4vmaR1.C(Wcuw'E9O'r0egtKbpRzqF1`b`@X9W]y

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4bcd123ef94f2a8982f448db20d3b96e.safeframe.googlesyndication.com
acdn.adnxs.com
ad-delivery.net
ad.doubleclick.net
ade.googlesyndication.com
api.adinplay.com
api.btloader.com
bcp.crwdcntrl.net
btloader.com
cadmus.script.ac
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
country.adinplay-venatus.workers.dev
dsum-sec.casalemedia.com
elb.the-ozone-project.com
esp.rtbhouse.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
i.clean.gg
ib.adnxs.com
id5-sync.com
imasdk.googleapis.com
invstatic101.creativecdn.com
maxst.icons8.com
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
object-lesson.org
onetag-sys.com
pagead2.googlesyndication.com
region1.google-analytics.com
s0.2mdn.net
script.4dex.io
securepubads.g.doubleclick.net
ssc-cms.33across.com
static.cloudflareinsights.com
static.criteo.net
tags.crwdcntrl.net
token.rubiconproject.com
tpc.googlesyndication.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
country.adinplay-venatus.workers.dev
104.18.36.155
130.211.23.194
142.250.181.226
162.19.138.117
172.217.23.98
172.64.144.78
2.19.104.211
2.19.217.60
2001:4860:4802:34::36
216.58.206.34
216.58.206.38
2600:9000:2250:8c00:a:e047:753:a221
2602:803:c003:200::31
2606:4700:10::6816:4bd8
2606:4700:10::ac43:266a
2606:4700:20::681a:2e8
2606:4700:20::681a:346
2606:4700:20::ac43:4bf1
2606:4700:3035::ac43:8cc6
2606:4700:3037::6815:26ea
2606:4700::6810:3865
2606:4700::6810:5914
2606:4700::6811:190e
2606:4700::6812:1691
2a00:1450:4001:800::2001
2a00:1450:4001:803::2002
2a00:1450:4001:808::2006
2a00:1450:4001:808::200a
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:813::2002
2a00:1450:4001:813::2003
2a00:1450:4001:813::2004
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:831::200a
2a02:2638:3::3
2a02:2638:3::c
2a02:6ea0:c700::19
34.102.146.192
34.120.135.53
34.95.69.49
34.96.70.87
35.190.39.111
35.244.159.8
37.252.171.52
51.89.9.254
54.216.91.216
65.9.66.104
67.202.105.21
69.173.144.139
06c08db2560ef122f6fd4a753de0c0f81976bb4c107c543ee0a40299f729cdb1
0713adb0392ce6dcf82357b62027b0e9caae4b4f6f657aeaf7b70536943d2044
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
10a68e01209d939afa9318ee71601b0a6e10f025d4cd6d98a492d340b73941fb
1a19ec914b57f811881dc2b78fc0b6516f00b5deb10e937ad75ef14a29b4a157
1a9cba16c5a30dc7cc3bdcbba2a45e9e2e28ec4437894302c6676369ed0ec732
1f1ff126ce153b42449a938bbfbb683ba353f1b6cdfd9343afcaccad602f79f5
1fe7de3cc7aa24cf945fc92fd0342dd2e86677a765768f55ef544c9b97da478d
26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d
2854f1442839ab6fb3c09e8f9372d4512ddfb1d56aeac6c3658c8e281c4089ad
2f1ad4ec7176f493b16e0d186f222e3484248cbb48f82289c736a0877f2d5894
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
351b4bae56595d6878b3ffd7940ac231a0a85427f4cb1e5adb1952b71998f35a
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41100eef750fe9c683094fc8402c1e1cac61055b13390a3c1f1947f328095028
43256acda621aed6c70e89cbe07bb8fb0507a26322ba749c9e0a8b2a1ece45c6
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
505436b9e9ace9e5c085a83a21c86e254d85beb9fe86cab82fa92a55b8dcbe41
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
54e2780ee4f74cfad2ad06a6fabf5d8a53583cf4cfbff5847bec7b16243120ba
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a93a88493aa32aab228bf4571c01207d3b42b0002409a454d404b4d8395bd55
5ee57c32e47799b9b63159b203c44f7384e6c67bfa77623f72af90fdd0d57b4f
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
644aace6e359180bf6b29b4a7b172f7b6cb8c937fa531eed22a6447fab6a2c8c
65d03eb82a79a732d7c0180593c4f5dc98a8fac5c20c3a5446c4f14bf93d280a
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6ce3042356b2a5a3608316a32c376d5d10c95b6c2c67be3cc7f87c416a380a96
6eab9c5940faf4875ba74f76ea909581bc577fad943041e12196621445175fd3
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
7327225cdf3eb28cd7f8ed4ab98de9d079fe2f007c3d73fd58dc4c757cf6b4cf
76070df611804934210bcda9d3437432186cf0729e5eb8e7e4a41b91e67af0a3
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
81ee54ee7f027955a1eea20e7c6e6cc8e6993bda807a284c4482d5d1cf2e9896
87dca0be0e5fdf9c3203a21396c9a1403c97d2a3c7097f70cebbe2d673743d82
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3
9199b41208eac8f4ef94510e8f0fce8b0fad4c9e7cb62b8f75205b9fce5892aa
92ac93ce412cb8b3ae0e0c249c23659700b1095048333afd8f8ad62325f3af53
9aba06edc588dd8f21418377916a4461ed698e7e6114dac354d3586028be54d9
9ec0e3d252ae073496068fdd8f0210ce555babd0effc705294a7be37d23cfc3e
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
9ff82fcb219c32ff6356e13836b80e241788ee546d5b4422039a976f86b46bcc
a4338b399e437bda69b997b7de46a7869b9244a1f7cebc91ddaf57329c41e7ae
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
af484671b8226d18a72d6851a9657da04f40994e0ce23dbad38087b72749d74f
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4ef2d6f2ff37b033705dc9279aab372d596ccb7e5ccadc245d14cd0ed9db434
b8f9acdc29aa23379bd700df2d4acb2fa10bd2f022685f1a9295bd6394b6b673
be1f75994e53be710e621d9552d7cc796a347e85622acc435325d94e076b6996
beb19a8039b49d8e37578e086e7c821c49e1a760b5af66ffedcbe2214323e874
c3b7bf416424abed17314649bb71a1de7a3afc6af66840d04b730e69652e27ac
c49ceb3787f491722be69f866a471f3600271403706e4354c3b46f27a884f312
cd5e51e4be28957472ed34851536685ff162bb43dec37c9a7be46de1c1b72ee9
ce61a18cf084f15003798340044643f329ac5f90045acb2d9e778368bd799854
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfcce6fbc676bcdc4c9f2e2cbdd40cee40a4b9066f829f4e9e400cbe142183f2
d051d1f813bc205095514d9054dfe108093e6679fee2ba36bc312111f1c97cd0
d0d80991c6e4b62d5c77985c1e293aad44cc120e03aee7ae6936c79d25a0e467
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ecf14e41331fdcc22ceb5c5bb59599db799c8b7d282207f7a092d101e18f68b7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4
fd8c1cf4274cae5e1e5a37133cc23b80392ef88c43b798d3748f43948dbb53f0

object-lesson.org Open in urlscan Pro 2606:4700:3037::6815:26ea Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

112 Requests

94 %HTTPS

57 %IPv6

36 Domains

52 Subdomains

51 IPs

8 Countries

6737 kBTransfer

9077 kBSize

21 Cookies

0 Outgoing links

Page URL History

Redirected requests

112 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

object-lesson.org Open in urlscan Pro
2606:4700:3037::6815:26ea Public Scan

Screenshot
Live screenshot

Full Image

112
Requests

94 %
HTTPS

57 %
IPv6

36
Domains

52
Subdomains

51
IPs

8
Countries

6737 kB
Transfer

9077 kB
Size

21
Cookies

112 HTTP transactions
1 data transactions