posthereads.com Open in urlscan Pro
2606:4700:3036::ac43:c805 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://posthereads.com/588/posts/3/27/800143.html
Submission: On January 27 via manual (January 27th 2021, 4:59:38 pm UTC) from IN

Summary HTTP 72 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 17 IPs in 5 countries across 15 domains to perform 72 HTTP transactions. The main IP is 2606:4700:3036::ac43:c805, located in United States and belongs to CLOUDFLARENET, US. The main domain is posthereads.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 21st 2020. Valid for: a year.

This is the only time posthereads.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	2606:4700:303... 2606:4700:3036::ac43:c805	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:825::2008	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2.16.186.67 2.16.186.67	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	104.75.88.112 104.75.88.112	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:825::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
3	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
2	92.123.77.50 92.123.77.50	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
10	104.76.200.23 104.76.200.23	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.79.89.133 104.79.89.133	16625 (AKAMAI-AS) (AKAMAI-AS)
7	100.24.200.179 100.24.200.179	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:1f18:42d... 2600:1f18:42df:3a00:e8b1:a0ff:a34c:ada	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:825::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
72	17

8 2606:4700:3036::ac43:c805 (United States)

ASN13335 (CLOUDFLARENET, US)

posthereads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.186.67 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-67.deploy.static.akamaitechnologies.com

qsearch-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.75.88.112 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-112.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:825::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 92.123.77.50 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a92-123-77-50.deploy.static.akamaitechnologies.com

pxlclnmdecom-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.76.200.23 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-76-200-23.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lg3.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hblg.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.79.89.133 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-79-89-133.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 100.24.200.179 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-24-200-179.compute-1.amazonaws.com

dt.clnmde.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:42df:3a00:e8b1:a0ff:a34c:ada (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt6.clnmde.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:825::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

2d09f9deb07475766003ef677ea6e296.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	googlesyndication.com pagead2.googlesyndication.com 2d09f9deb07475766003ef677ea6e296.safeframe.googlesyndication.com tpc.googlesyndication.com	159 KB
10	media.net contextual.media.net lg3.media.net hblg.media.net navvy.media.net Failed	54 KB
9	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net securepubads.g.doubleclick.net	113 KB
8	clnmde.com dt.clnmde.com dt6.clnmde.com	3 KB
8	posthereads.com posthereads.com	47 KB
4	addthis.com s7.addthis.com m.addthis.com	115 KB
3	googletagservices.com www.googletagservices.com	75 KB
3	akamaihd.net qsearch-a.akamaihd.net pxlclnmdecom-a.akamaihd.net	172 KB
2	google.com adservice.google.com	2 KB
2	google.de adservice.google.de	2 KB
2	google-analytics.com www.google-analytics.com	19 KB
1	addthisedge.com v1.addthisedge.com	207 B
1	moatads.com z.moatads.com	1 KB
1	googleadservices.com partner.googleadservices.com	644 B
1	googletagmanager.com www.googletagmanager.com	39 KB
72	15

	Domain	Requested by
8	posthereads.com	posthereads.com
7	dt.clnmde.com	pxlclnmdecom-a.akamaihd.net posthereads.com
7	pagead2.googlesyndication.com	posthereads.com pagead2.googlesyndication.com securepubads.g.doubleclick.net
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com
5	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
4	lg3.media.net	posthereads.com contextual.media.net
4	contextual.media.net	qsearch-a.akamaihd.net
3	www.googletagservices.com	pagead2.googlesyndication.com posthereads.com securepubads.g.doubleclick.net
3	s7.addthis.com	posthereads.com s7.addthis.com
2	hblg.media.net
2	2d09f9deb07475766003ef677ea6e296.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
2	pxlclnmdecom-a.akamaihd.net	qsearch-a.akamaihd.net pxlclnmdecom-a.akamaihd.net
2	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
2	adservice.google.de	pagead2.googlesyndication.com securepubads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	dt6.clnmde.com	posthereads.com
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	z.moatads.com	s7.addthis.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	qsearch-a.akamaihd.net	posthereads.com
1	www.googletagmanager.com	posthereads.com
0	navvy.media.net Failed	contextual.media.net
72	25

This site contains links to these domains. Also see Links.

Domain
www.addthis.com
www.isopentoday.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-06-21` - `2021-06-21`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
a248.e.akamai.net DigiCert Secure Site ECC CA-1	`2020-07-15` - `2021-09-13`	a year	crt.sh
odc-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-01-10` - `2021-04-07`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2020-02-25` - `2021-05-26`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2021-03-17`	a year	crt.sh
*.clnmde.com Amazon	`2020-06-04` - `2021-07-04`	a year	crt.sh
dt6.clnmde.com Amazon	`2020-04-27` - `2021-05-27`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh

This page contains 16 frames:

Primary Page: https://posthereads.com/588/posts/3/27/800143.html
Frame ID: 00016CC5EEBC20DCD5775E37B06A7AC3
Requests: 44 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210121/r20190131/zrt_lookup.html
Frame ID: 54A2637860F8864D8BA29BE3B9C3D169
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5950405679604215&output=html&adk=1812271804&adf=3025194257&lmt=1611766760&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fposthereads.com%2F588%2Fposts%2F3%2F27%2F800143.html&ea=0&flash=0&pra=5&wgl=1&dt=1611766760529&bpp=16&bdt=118&idt=110&shv=r20210121&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6596166171784&frm=20&pv=2&ga_vid=1750200483.1611766761&ga_sid=1611766761&ga_hid=2054227575&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21069110&oid=3&pvsid=2553551173562170&pem=467&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=131
Frame ID: CABFD4DFF02935BD3A2F6C7F31D1566B
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?&vsSync=1&cs=1&hb=1&cv=37&ndec=1&cid=8HBDW8L12&prvid=77%2C184%2C188&itype=HB-CM&rtime=5&https=1&usp_status=0&usp_consent=1
Frame ID: D3682E1E2DAC2CFB94FEAF7E1E6CBF55
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: F33E6018F05F5FB58587F4E50232C734
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5950405679604215&output=html&h=90&slotname=4646811195&adk=64169237&adf=224413005&pi=t.ma~as.4646811195&w=728&lmt=1611766760&psa=0&format=728x90&url=https%3A%2F%2Fposthereads.com%2F588%2Fposts%2F3%2F27%2F800143.html&flash=0&wgl=1&dt=1611766760545&bpp=4&bdt=135&idt=221&shv=r20210121&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6596166171784&frm=20&pv=1&ga_vid=1750200483.1611766761&ga_sid=1611766761&ga_hid=2054227575&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=574&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21069110&oid=3&pvsid=2553551173562170&pem=467&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=uYzx9edzOm&p=https%3A//posthereads.com&dtd=228
Frame ID: 6AB00FA0128CB620473EB6C9AFC3CBFF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5950405679604215&output=html&h=250&slotname=7385311712&adk=2292990355&adf=4152151687&pi=t.ma~as.7385311712&w=300&lmt=1611766760&psa=0&format=300x250&url=https%3A%2F%2Fposthereads.com%2F588%2Fposts%2F3%2F27%2F800143.html&flash=0&wgl=1&dt=1611766760781&bpp=1&bdt=370&idt=1&shv=r20210121&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=6596166171784&frm=20&pv=1&ga_vid=1750200483.1611766761&ga_sid=1611766761&ga_hid=2054227575&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=490&ady=740&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21069110&oid=3&pvsid=2553551173562170&pem=467&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=AbTfMGpokt&p=https%3A//posthereads.com&dtd=5
Frame ID: EE83F8A8496ADAA533FD6FE38A9C7E03
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5950405679604215&output=html&h=600&slotname=9200956269&adk=2856261430&adf=3433535837&pi=t.ma~as.9200956269&w=160&lmt=1611766760&psa=0&format=160x600&url=https%3A%2F%2Fposthereads.com%2F588%2Fposts%2F3%2F27%2F800143.html&flash=0&wgl=1&dt=1611766760550&bpp=1&bdt=139&idt=296&shv=r20210121&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250&nras=1&correlator=6596166171784&frm=20&pv=1&ga_vid=1750200483.1611766761&ga_sid=1611766761&ga_hid=2054227575&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=299&ady=297&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21069110&oid=3&pvsid=2553551173562170&pem=467&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=GsvBb3mbRM&p=https%3A//posthereads.com&dtd=300
Frame ID: 50222E995EE19FBF8666EEA1350A9DEA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5950405679604215&output=html&h=280&slotname=8988879210&adk=4228275942&adf=700804871&pi=t.ma~as.8988879210&w=1003&fwrn=4&fwrnh=100&lmt=1611766760&rafmt=1&psa=0&format=1003x280&url=https%3A%2F%2Fposthereads.com%2F588%2Fposts%2F3%2F27%2F800143.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1611766760854&bpp=2&bdt=443&idt=2&shv=r20210121&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250%2C160x600&nras=1&correlator=6596166171784&frm=20&pv=1&ga_vid=1750200483.1611766761&ga_sid=1611766761&ga_hid=2054227575&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=306&ady=1403&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21069110&oid=3&pvsid=2553551173562170&pem=467&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=n9rXc166hW&p=https%3A//posthereads.com&dtd=7
Frame ID: FACA8D9CB1256A348EC0846EE8D28AFD
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 38A67E6A5CBA0CBB805AE095FAC7DE73
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: AC689381AAC970A5F403A4A4D6A213DE
Requests: 1 HTTP requests in this frame

Frame: https://pxlclnmdecom-a.akamaihd.net/javascripts/bfp_ssn.js?templateId=3
Frame ID: 9F1043B393FFB22C83DB61CD21B9932E
Requests: 1 HTTP requests in this frame

Frame: https://2d09f9deb07475766003ef677ea6e296.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Frame ID: 731083489173B81D92E3C106E014EB3B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 742F42A6D7F4EB7EF6D8FE22DCC6C9D4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 4A1D055D2E5F493B28F558F5C5DCA831
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/4a/nrrV63415.js
Frame ID: 686856EEF40F8A23AB9D3430BA154888
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

72
Requests

96 %
HTTPS

56 %
IPv6

15
Domains

25
Subdomains

17
IPs

5
Countries

801 kB
Transfer

2262 kB
Size

1
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.addthis.com/bookmark.php?v=20
Title: Share

Search URL Search Domain Scan URL

URL: https://www.isopentoday.com/listing/flighthub/
Title: FlightHub Airlines Reservations Phone Number

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

72 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 800143.html Show response
posthereads.com/588/posts/3/27/ 17 KB
6 KB 86ms
67ms Document
text/html 2606:4700:3036::ac43:c805
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://posthereads.com/588/posts/3/27/800143.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:c805 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.25
Resource Hash: 7fd7275dc464f2371a3aba2782e16d3e72e30c3e9497465f88546bbe8b01058e

Request headers

:method: GET
:authority: posthereads.com
:scheme: https
:path: /588/posts/3/27/800143.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 16:59:20 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=de7d949333d8548fdd962acd57c0e4cde1611766760; expires=Fri, 26-Feb-21 16:59:20 GMT; path=/; domain=.posthereads.com; HttpOnly; SameSite=Lax; Secure PHPSESSID=us42cgern1l1a8q3ulccvbp4jd; path=/ language=en; path=/ theme=xz-adapter; path=/ xzclf_cityid=588; expires=Sun, 28-Mar-2021 16:59:20 GMT; Max-Age=5184000; path=/ hits=%3BA800143; path=/
x-powered-by: PHP/7.3.25
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: max-age=3600
pragma: no-cache
cf-cache-status: DYNAMIC
cf-request-id: 07e6621b930000d711671de000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=r0fUycYiFjRqxVM31CBofXIvwefPWAPE8rLvPhUUAagp94ZSJE7%2BrGIUEqhNNNRZNJAcUMd2jn4ZYH%2BcYuflWuBA1K02wA5BQxKg62eWOjpjGzHn3MHdTZs0V3s%3D"}],"max_age":604800}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf-ray: 6184060c1e2fd711-FRA
content-encoding: br

GET
H2 200 style.css
posthereads.com/ 10 KB
2 KB 13ms
12ms Stylesheet
text/css 2606:4700:3036::ac43:c805
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://posthereads.com/style.css
Requested by: Host: posthereads.com
URL: https://posthereads.com/588/posts/3/27/800143.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:c805 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e334479da0bdea9155d8121e85324fdc48c1e35eea82bad983f1b4ba23d9805d

Request headers

Referer: https://posthereads.com/588/posts/3/27/800143.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 16:59:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 11 Oct 2019 23:03:18 GMT
server: cloudflare
age: 2
etag: W/"286b-594aa860e7980"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=iQ2AzOcxUQ5HCETNtEMnVk6eQL6uP5oA6qE2clgMunKd9I0Lirm%2Fey2cpB0esTU07%2F7IjmUAmTp8F%2FyveEMCY7gpYgH%2BdSTOsz0%2B%2BnnrgK0PZTa9%2FY3jMzsz1B8%3D"}],"max_age":604800}
content-type: text/css
cache-control: public, max-age=14400
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 6184060c9f28d711-FRA
cf-request-id: 07e6621bdc0000d71130090000000001

GET
H2 200 pager.css
posthereads.com/ 965 B
601 B 12ms
12ms Stylesheet
text/css 2606:4700:3036::ac43:c805
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://posthereads.com/pager.css
Requested by: Host: posthereads.com
URL: https://posthereads.com/588/posts/3/27/800143.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:c805 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18c6cf371902cb4f0ba1e085daba40066bf6f2711280201578e08d231142b8

Request headers

Referer: https://posthereads.com/588/posts/3/27/800143.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 16:59:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 11 Oct 2019 23:03:18 GMT
server: cloudflare
age: 2
etag: W/"3c5-594aa860e7980"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=iT0OwIJKKE6MQxMrff3O095MDESkD2QrTx6Chxln0p3ogjAZWIhbCpALDtKohaLBS8TxuAjSl7AL4%2FWe6AtYBniw2I7t%2Bm5UF1RQgBFaSO1qcx%2B%2B6MmfumtEEB0%3D"}],"max_age":604800}
content-type: text/css
cache-control: public, max-age=14400
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 6184060c9f29d711-FRA
cf-request-id: 07e6621bdc0000d71141356000000001

GET
H2 200 cal.css
posthereads.com/ 474 B
443 B 15ms
14ms Stylesheet
text/css 2606:4700:3036::ac43:c805
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://posthereads.com/cal.css
Requested by: Host: posthereads.com
URL: https://posthereads.com/588/posts/3/27/800143.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:c805 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fab744b4d3af481417084ece049be0ce196a646abd6204bdba5602e093635e2f

Request headers

Referer: https://posthereads.com/588/posts/3/27/800143.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 16:59:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 11 Oct 2019 23:03:18 GMT
server: cloudflare
age: 1
etag: W/"1da-594aa860e7980"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qnzNUvPKyiMUo0iQFh%2F1CZtbu5dpHw3Te%2FoC%2B2D0FVROh5tF9z0tabYIufxxMe3JFcicjPHyD5T7YVROLoQG8tBK6OPlNlczUDDpf3oXQJnsDThcvul%2Fzxc7MDA%3D"}],"max_age":604800}
content-type: text/css
cache-control: public, max-age=14400
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 6184060c9f2bd711-FRA
cf-request-id: 07e6621bdc0000d71198b92000000001

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
39 KB 34ms
32ms Script
application/javascript 2a00:1450:4001:825::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-164528275-2

Requested by

Host: posthereads.com
URL: https://posthereads.com/588/posts/3/27/800143.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ebff2b129de2b87c5172967eb384439de9a8ba412473b3c23ab1c9f3e4abcadd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://posthereads.com/588/posts/3/27/800143.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 16:59:20 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39651
x-xss-protection: 0
last-modified: Wed, 27 Jan 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 27 Jan 2021 16:59:20 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 132 KB
47 KB 56ms
35ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: posthereads.com
URL: https://posthereads.com/588/posts/3/27/800143.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e410a40fc31979257a3fd481cce8e163bda4c86759f02170e18450cc37bca021

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://posthereads.com/588/posts/3/27/800143.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 16:59:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 47275
x-xss-protection: 0
server: cafe
etag: 9768879824619220292
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 27 Jan 2021 16:59:20 GMT

GET
H2 200 logo.gif
posthereads.com/images/ 5 KB
5 KB 14ms
13ms Image
image/gif 2606:4700:3036::ac43:c805
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://posthereads.com/images/logo.gif
Requested by: Host: posthereads.com
URL: https://posthereads.com/588/posts/3/27/800143.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:c805 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91cbbd4894616f50d26f8cb6ecfd64afb7306c07724221ec6c576d17b60ff615

Request headers

Referer: https://posthereads.com/588/posts/3/27/800143.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 16:59:20 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1
content-length: 4621
cf-request-id: 07e6621bf00000d71148b55000000001
last-modified: Fri, 12 Jun 2020 16:13:24 GMT
server: cloudflare
etag: "120d-5a7e55b4f346b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FfCl2GPSW0QgbsFCwO9J7zMDOEJy4TrHzyeaYAynUmroNK8tVvZJNYWNTQgmty1F1oVOEvfSJQfKCaM77VrRHuvQXJGrLeni7yBSFo%2BWDryMzB4RafeKkjOvZkU%3D"}],"max_age":604800}
content-type: image/gif
cache-control: public, max-age=7257600
accept-ranges: bytes
cf-ray: 6184060cbf72d711-FRA

GET
H/1.1 200
OK nmedianet.js Show response
qsearch-a.akamaihd.net/ 431 KB
139 KB 164ms
82ms Script
text/javascript 2.16.186.67
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://qsearch-a.akamaihd.net/nmedianet.js?cid=8CUQEK9ET
Requested by: Host: posthereads.com
URL: https://posthereads.com/588/posts/3/27/800143.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.67 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-67.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 3c4f2d3ebb3c99a683a5e07cf859d01052736fb37518cc8ceb852a4993d2e12b

Request headers

Referer: https://posthereads.com/588/posts/3/27/800143.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-MNT-H: 8-13
Content-Encoding: gzip
Server: Apache
ETag: "f8b0a80cc85f15e524a1d0e2777d8ce0"
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=300
Date: Wed, 27 Jan 2021 16:59:20 GMT
Connection: keep-alive, Transfer-Encoding
X-MNT-W: 8-9
Transfer-Encoding: chunked
Expires: Wed, 27 Jan 2021 17:04:20 GMT

GET
H2 200 sm-plus.gif
s7.addthis.com/static/btn/ 79 B
294 B 123ms
77ms Image
image/gif 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s7.addthis.com/static/btn/sm-plus.gif

Requested by

Host: posthereads.com
URL: https://posthereads.com/588/posts/3/27/800143.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-112.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

8eb9e2b352509e84dd54890cec75f6429660d1d5a2dd88422297611adaa4ab57

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://posthereads.com/588/posts/3/27/800143.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 04 Jun 2020 15:49:19 GMT
server: nginx/1.15.8
etag: "5ed917ff-4f"
content-type: image/gif
cache-control: public, max-age=86313600
date: Wed, 27 Jan 2021 16:59:20 GMT
x-host: s7.addthis.com
accept-ranges: bytes
timing-allow-origin: *
content-length: 79

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/200/ 353 KB
114 KB 78ms
28ms Script
application/javascript 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/200/addthis_widget.js

Requested by

Host: posthereads.com
URL: https://posthereads.com/588/posts/3/27/800143.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-112.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://posthereads.com/588/posts/3/27/800143.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Wed, 27 Jan 2021 16:59:20 GMT
x-host: s7.addthis.com
content-length: 116325

GET
H2 200 captcha.image.php
posthereads.com/ 311 B
947 B 93ms
93ms Image
image/png 2606:4700:3036::ac43:c805
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://posthereads.com/captcha.image.php?570
Requested by: Host: posthereads.com
URL: https://posthereads.com/588/posts/3/27/800143.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:c805 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.25
Resource Hash: b15e4357af75b67d3a9f502093bb085a87224b185edd65da4275a86bc4601b6e

Request headers

Referer: https://posthereads.com/588/posts/3/27/800143.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Jan 2021 16:59:20 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
x-powered-by: PHP/7.3.25
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uVezGD%2FuxzRZrs%2BUoWa1J6lPyXIrX08qMbSWwvLqM6mDhZ0dioqV2zCsKE6v5BvKEFo6GCimKzhypXvyfJifSntBfzLFsTxlBJ4gQZHeIcTLTGtO%2Fwc5ZBwzqi0%3D"}],"max_age":604800}
content-type: image/png
cache-control: max-age=3600
cf-ray: 6184060cbf75d711-FRA
content-length: 311
cf-request-id: 07e6621bf10000d7113d1b5000000001
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 jquery.min.js Show response
posthereads.com/external/client/jquery/ 94 KB
32 KB 24ms
22ms Script
application/javascript 2606:4700:3036::ac43:c805
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://posthereads.com/external/client/jquery/jquery.min.js
Requested by: Host: posthereads.com
URL: https://posthereads.com/588/posts/3/27/800143.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:c805 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0

Request headers

Referer: https://posthereads.com/588/posts/3/27/800143.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 16:59:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 11 Oct 2019 23:03:16 GMT
server: cloudflare
age: 1
etag: W/"176bb-594aa85eff500"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=J5ZeC%2BExsQqEM2J1zKq%2BRNxqLYmBg73cUBcd6hoypnVuHb%2B5WGpx1s1Vq0kL5w2YhM%2FB85jOY5OflbFHSzj5MNDLU4w8InPiZPN2qeqjjICcPubkhaXtSovogIQ%3D"}],"max_age":604800}
content-type: application/javascript
cache-control: public, max-age=14400
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 6184060cbf6fd711-FRA
cf-request-id: 07e6621bf00000d7115718c000000001

GET
H2 200 adapter.js Show response
posthereads.com/themes/xz-adapter/scripts/ 2 KB
1 KB 15ms
13ms Script
application/javascript 2606:4700:3036::ac43:c805
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://posthereads.com/themes/xz-adapter/scripts/adapter.js
Requested by: Host: posthereads.com
URL: https://posthereads.com/588/posts/3/27/800143.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:c805 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c69dd4280a00a3000e33dc1e666a01ac230c6eee57900dd38601a7163de3ab37

Request headers

Referer: https://posthereads.com/588/posts/3/27/800143.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 16:59:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 11 Oct 2019 23:03:18 GMT
server: cloudflare
age: 1
etag: W/"9ef-594aa860e7980"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GwJQpv4K0ONS4e5Lp62gvly8V%2FZ2WhE2pabLH66Y8csLKvWokxYY8t1jWOIu9N3Otz47S3%2FkjQefOYZvhj%2BRHl20xd8MbgoZZtuGMk7%2FHWGJPJvnSaDO69eYCcY%3D"}],"max_age":604800}
content-type: application/javascript
cache-control: public, max-age=14400
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 6184060cbf71d711-FRA
cf-request-id: 07e6621bf00000d7112c3c2000000001

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-164528275-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posthereads.com/588/posts/3/27/800143.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 6316
date: Wed, 27 Jan 2021 15:14:04 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Wed, 27 Jan 2021 17:14:04 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
387 B 42ms
14ms XHR
text/plain 2a00:1450:4001:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=2054227575&t=pageview&_s=1&dl=https%3A%2F%2Fposthereads.com%2F588%2Fposts%2F3%2F27%2F800143.html&ul=en-us&de=UTF-8&dt=FlightHub%20Airlines%20Reservations%20-%20USA%2C%20Other%20Countries%20-%20Post%20Free%20Ads%20%7C%20Place%20Online%20Ads&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=1695943524&gjid=1227483052&cid=1750200483.1611766761&tid=UA-164528275-2&_gid=697982838.1611766761&_r=1&gtm=2ou1d0&z=243236276

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://posthereads.com/588/posts/3/27/800143.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 27 Jan 2021 16:59:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://posthereads.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210121/r20190131/ 224 KB
85 KB 70ms
56ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210121/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4128bfe983e73d0fbad16a05c02fcf439348ef96badf21b713266dc7eb8cf82a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://posthereads.com/588/posts/3/27/800143.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 16:59:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 85991
x-xss-protection: 0
server: cafe
etag: 3758934263289044183
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Jan 2021 16:59:20 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210121/r20190131/ Frame 54A2 0
0 25ms
14ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210121/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210121/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://posthereads.com/588/posts/3/27/800143.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://posthereads.com/588/posts/3/27/800143.html

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 27 Jan 2021 05:55:04 GMT
expires: Wed, 10 Feb 2021 05:55:04 GMT
content-type: text/html; charset=UTF-8
etag: 1252425945412704235
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4751
x-xss-protection: 0
age: 39856
cache-control: public, max-age=1209600
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
84 B 15ms
15ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-164528275-2&cid=1750200483.1611766761&jid=1695943524&gjid=1227483052&_gid=697982838.1611766761&_u=IEBAAUAAAAAAAC~&z=922988854

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posthereads.com/588/posts/3/27/800143.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 27 Jan 2021 16:59:20 GMT
content-type: text/plain
access-control-allow-origin: https://posthereads.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 205 B
644 B 113ms
57ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=posthereads.com&callback=_gfp_s_&client=ca-pub-5950405679604215

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210121/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

87bc0b20ac96b5f53c0572dbd913bdd5d484a69d5558b04e9c0dc254047e975b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://posthereads.com/588/posts/3/27/800143.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 16:59:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 195
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
803 B 54ms
29ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=posthereads.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210121/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://posthereads.com/588/posts/3/27/800143.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 27 Jan 2021 16:59:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
803 B 49ms
29ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=posthereads.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210121/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://posthereads.com/588/posts/3/27/800143.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 27 Jan 2021 16:59:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame CABF 0
0 98ms
97ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5950405679604215&output=html&adk=1812271804&adf=3025194257&lmt=1611766760&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fposthereads.com%2F588%2Fposts%2F3%2F27%2F800143.html&ea=0&flash=0&pra=5&wgl=1&dt=1611766760529&bpp=16&bdt=118&idt=110&shv=r20210121&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6596166171784&frm=20&pv=2&ga_vid=1750200483.1611766761&ga_sid=1611766761&ga_hid=2054227575&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21069110&oid=3&pvsid=2553551173562170&pem=467&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=131

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210121/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5950405679604215&output=html&adk=1812271804&adf=3025194257&lmt=1611766760&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fposthereads.com%2F588%2Fposts%2F3%2F27%2F800143.html&ea=0&flash=0&pra=5&wgl=1&dt=1611766760529&bpp=16&bdt=118&idt=110&shv=r20210121&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6596166171784&frm=20&pv=2&ga_vid=1750200483.1611766761&ga_sid=1611766761&ga_hid=2054227575&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21069110&oid=3&pvsid=2553551173562170&pem=467&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=131
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://posthereads.com/588/posts/3/27/800143.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://posthereads.com/588/posts/3/27/800143.html

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 27 Jan 2021 16:59:20 GMT
server: cafe
content-length: 34
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 27-Jan-2021 17:14:20 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Wed, 27 Jan 2021 16:59:20 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210121/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1187995a6a31ed3a06d13bae8d36edcc63782f5764897a5a62703d2d6cb840c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://posthereads.com/588/posts/3/27/800143.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 16:59:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611319200633513"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28803
x-xss-protection: 0
expires: Wed, 27 Jan 2021 16:59:20 GMT

GET
H/1.1 200
OK browserfp.min.js Show response
pxlclnmdecom-a.akamaihd.net/javascripts/ 107 KB
33 KB 230ms
145ms Script
text/javascript 92.123.77.50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CUQEK9ET
Requested by: Host: qsearch-a.akamaihd.net
URL: https://qsearch-a.akamaihd.net/nmedianet.js?cid=8CUQEK9ET
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 92.123.77.50 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-77-50.deploy.static.akamaitechnologies.com
Software: / Express
Resource Hash: 2c218e9a73baab65ee8d9899d0f0b4fc5f45c980f1af5d5dbff0673b55d2135d

Request headers

Referer: https://posthereads.com/588/posts/3/27/800143.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 27 Jan 2021 16:59:20 GMT
Content-Encoding: gzip
X-Powered-By: Express
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1800
Cache-Control: max-age=1800
Connection: keep-alive
Content-Length: 33694
Expires: Wed, 27 Jan 2021 17:29:20 GMT

GET
H2 200 checksync.php
contextual.media.net/ Frame D368 0
0 321ms
263ms Document
text/html 104.76.200.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?&vsSync=1&cs=1&hb=1&cv=37&ndec=1&cid=8HBDW8L12&prvid=77%2C184%2C188&itype=HB-CM&rtime=5&https=1&usp_status=0&usp_consent=1

Requested by

Host: qsearch-a.akamaihd.net
URL: https://qsearch-a.akamaihd.net/nmedianet.js?cid=8CUQEK9ET

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.76.200.23 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-76-200-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

:method: GET
:authority: contextual.media.net
:scheme: https
:path: /checksync.php?&vsSync=1&cs=1&hb=1&cv=37&ndec=1&cid=8HBDW8L12&prvid=77%2C184%2C188&itype=HB-CM&rtime=5&https=1&usp_status=0&usp_consent=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://posthereads.com/588/posts/3/27/800143.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://posthereads.com/588/posts/3/27/800143.html

Response headers

server: Apache
content-type: text/html; charset=UTF-8
set-cookie: gdpr_status=1; Expires=Sat, 31 Jul 2021 16:59:20 GMT; domain=.media.net; Path=/; sameSite=none; secure=true
x-mnet-hl2: E
strict-transport-security: max-age=604800
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=172800
expires: Fri, 29 Jan 2021 16:59:21 GMT
date: Wed, 27 Jan 2021 16:59:21 GMT
content-length: 7586

GET
H2 200 rtbsmpubs.php Show response
contextual.media.net/ 3 KB
2 KB 211ms
164ms Script
text/javascript 104.76.200.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/rtbsmpubs.php?&gdpr=0&gdprconsent=0&usp_enf=1&usp_status=0&cid=8HBDW8L12&region=nv&ptrid=8PREB0781&requestString=781748424*4%7C300x250%7C8CUQEK9ET%7C356783917%7C&crid=781748424&sd=1&requrl=https%3A%2F%2Fposthereads.com%2F588%2Fposts%2F3%2F27%2F800143.html&bl=1&rt=5&dn=https://posthereads.com&https=1&act=headerBid&prvReqId=104106383917236231611766760744&erTr=0&hlt=1&ugd=4&adt=desktop&tr=0.3784030580464892&ndec=1&scrsize=1600x1200&taginfo=%7B%7D&pageinfo=%7B%22vw%22%3A1600%2C%22vh%22%3A1200%2C%22ph%22%3A1200%7D&itype=HB-CM&cc=CH&rc=ZH&ct=ZURICH&bt=1&isRefresh=0&callback=window.hbCMBidxc.rtbsheaderBid3S0

Requested by

Host: qsearch-a.akamaihd.net
URL: https://qsearch-a.akamaihd.net/nmedianet.js?cid=8CUQEK9ET

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.76.200.23 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-76-200-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

9ec0d7218fc24f21cfd4e087f3b09c0c16d69f1ae3efe35a279a99f094f9ca71

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://posthereads.com/588/posts/3/27/800143.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
date: Wed, 27 Jan 2021 16:59:20 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=0, no-cache, no-store
timing-allow-origin: *
content-length: 1575
x-mnet-hl2: E
expires: Wed, 27 Jan 2021 16:59:20 GMT

GET
H2 200 fcmain.js Show response
contextual.media.net/1017354394/ 66 KB
22 KB 809ms
763ms Script
text/javascript 104.76.200.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/1017354394/fcmain.js?&gdpr=0&cid=8CUQEK9ET&cpcd=obyAwC15MgbyJ12vZjRcwA%3D%3D&crid=356783917&size=300x250&cc=CH&https=1&vif=1&requrl=https%3A%2F%2Fposthereads.com%2F588%2Fposts%2F3%2F27%2F800143.html&nse=5&vi=1611766760640775630&lw=1&ugd=4&rtbs=1&hlt=1&dfp=1&nb=1&cb=window._mNDetails.initAd

Requested by

Host: qsearch-a.akamaihd.net
URL: https://qsearch-a.akamaihd.net/nmedianet.js?cid=8CUQEK9ET

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.76.200.23 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-76-200-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e5c95aa95f3b052fdd80a559bd401ac78c3693f5563b414edde979c1e5ec757f

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://posthereads.com/588/posts/3/27/800143.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
x-mnt-hl2: 8-31
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=300
date: Wed, 27 Jan 2021 16:59:21 GMT
x-mnt-w: 12-24, 12-18
content-length: 22624
expires: Wed, 27 Jan 2021 17:04:21 GMT

GET
H3-Q050 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame F33E 55 KB
19 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: posthereads.com
URL: https://posthereads.com/588/posts/3/27/800143.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dedd38c32d51c05e8633cc04f918d1a06743e7e8eca8737b7bd3f2047cbba642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://posthereads.com/588/posts/3/27/800143.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 16:59:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "766 / 817 of 1000 / last-modified: 1611749459"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 18924
x-xss-protection: 0
expires: Wed, 27 Jan 2021 16:59:20 GMT

GET
H/1.1 200
OK bping.php
lg3.media.net/ 35 B
322 B 74ms
24ms Image
image/gif 104.76.200.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bping.php?&gdpr=0&prid=8PRHGG6T9&cid=8CUQEK9ET&crid=356783917&vi=1611766760640775630&ugd=4&lf=6&cc=CH&sc=ZH&wsip=2886781035&r=1611766760711&requrl=https%3A%2F%2Fposthereads.com%2F588%2Fposts%2F3%2F27%2F800143.html&vgd_l2type=setting&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=9009&vgd_uspa=0&hvsid=00001611766760704031140534834940&gdpr=0&vgd_end=1

Requested by

Host: posthereads.com
URL: https://posthereads.com/588/posts/3/27/800143.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.76.200.23 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-76-200-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

Referer: https://posthereads.com/588/posts/3/27/800143.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=21600
Server: Apache
Date: Wed, 27 Jan 2021 16:59:20 GMT
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 35
Expires: Wed, 27 Jan 2021 16:59:20 GMT

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 6AB0 0
0 184ms
184ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5950405679604215&output=html&h=90&slotname=4646811195&adk=64169237&adf=224413005&pi=t.ma~as.4646811195&w=728&lmt=1611766760&psa=0&format=728x90&url=https%3A%2F%2Fposthereads.com%2F588%2Fposts%2F3%2F27%2F800143.html&flash=0&wgl=1&dt=1611766760545&bpp=4&bdt=135&idt=221&shv=r20210121&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6596166171784&frm=20&pv=1&ga_vid=1750200483.1611766761&ga_sid=1611766761&ga_hid=2054227575&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=574&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21069110&oid=3&pvsid=2553551173562170&pem=467&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=uYzx9edzOm&p=https%3A//posthereads.com&dtd=228

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210121/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5950405679604215&output=html&h=90&slotname=4646811195&adk=64169237&adf=224413005&pi=t.ma~as.4646811195&w=728&lmt=1611766760&psa=0&format=728x90&url=https%3A%2F%2Fposthereads.com%2F588%2Fposts%2F3%2F27%2F800143.html&flash=0&wgl=1&dt=1611766760545&bpp=4&bdt=135&idt=221&shv=r20210121&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6596166171784&frm=20&pv=1&ga_vid=1750200483.1611766761&ga_sid=1611766761&ga_hid=2054227575&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=574&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21069110&oid=3&pvsid=2553551173562170&pem=467&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=uYzx9edzOm&p=https%3A//posthereads.com&dtd=228
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://posthereads.com/588/posts/3/27/800143.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://posthereads.com/588/posts/3/27/800143.html

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 27 Jan 2021 16:59:20 GMT
server: cafe
content-length: 204
x-xss-protection: 0
set-cookie: IDE=AHWqTUknJEpA0htKA2QnKa9iPlZk4aLYZbJT-u7YNpUhcA_Jph4P99JjThU-vopc; expires=Mon, 21-Feb-2022 16:59:20 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Wed, 27 Jan 2021 16:59:20 GMT
cache-control: private

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame EE83 0
0 142ms
141ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5950405679604215&output=html&h=250&slotname=7385311712&adk=2292990355&adf=4152151687&pi=t.ma~as.7385311712&w=300&lmt=1611766760&psa=0&format=300x250&url=https%3A%2F%2Fposthereads.com%2F588%2Fposts%2F3%2F27%2F800143.html&flash=0&wgl=1&dt=1611766760781&bpp=1&bdt=370&idt=1&shv=r20210121&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=6596166171784&frm=20&pv=1&ga_vid=1750200483.1611766761&ga_sid=1611766761&ga_hid=2054227575&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=490&ady=740&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21069110&oid=3&pvsid=2553551173562170&pem=467&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=AbTfMGpokt&p=https%3A//posthereads.com&dtd=5

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210121/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5950405679604215&output=html&h=250&slotname=7385311712&adk=2292990355&adf=4152151687&pi=t.ma~as.7385311712&w=300&lmt=1611766760&psa=0&format=300x250&url=https%3A%2F%2Fposthereads.com%2F588%2Fposts%2F3%2F27%2F800143.html&flash=0&wgl=1&dt=1611766760781&bpp=1&bdt=370&idt=1&shv=r20210121&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=6596166171784&frm=20&pv=1&ga_vid=1750200483.1611766761&ga_sid=1611766761&ga_hid=2054227575&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=490&ady=740&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21069110&oid=3&pvsid=2553551173562170&pem=467&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=AbTfMGpokt&p=https%3A//posthereads.com&dtd=5
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://posthereads.com/588/posts/3/27/800143.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://posthereads.com/588/posts/3/27/800143.html

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 27 Jan 2021 16:59:20 GMT
server: cafe
content-length: 6101
x-xss-protection: 0
set-cookie: IDE=AHWqTUnCCsVtt2NxCU8MQX5GrHkuqwkp8yq0DdjxMaJZMtEcVkSPzLP_fIoVG7XU; expires=Mon, 21-Feb-2022 16:59:20 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Wed, 27 Jan 2021 16:59:20 GMT
cache-control: private

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 79ms
28ms Script
application/x-javascript 104.79.89.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/200/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.79.89.133 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-79-89-133.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: https://posthereads.com/588/posts/3/27/800143.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 16:59:20 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: 3DA20F33DFB043F4
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=60334
accept-ranges: bytes
content-length: 948
x-amz-id-2: g7+QTkfgFpKXdjIV1ns3PedgNVHG4mi9TLupYfjziOmGieTRD5DTu0V21U3C4oqBbTG5njMGxL0=

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 5022 0
0 165ms
164ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5950405679604215&output=html&h=600&slotname=9200956269&adk=2856261430&adf=3433535837&pi=t.ma~as.9200956269&w=160&lmt=1611766760&psa=0&format=160x600&url=https%3A%2F%2Fposthereads.com%2F588%2Fposts%2F3%2F27%2F800143.html&flash=0&wgl=1&dt=1611766760550&bpp=1&bdt=139&idt=296&shv=r20210121&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250&nras=1&correlator=6596166171784&frm=20&pv=1&ga_vid=1750200483.1611766761&ga_sid=1611766761&ga_hid=2054227575&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=299&ady=297&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21069110&oid=3&pvsid=2553551173562170&pem=467&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=GsvBb3mbRM&p=https%3A//posthereads.com&dtd=300

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210121/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5950405679604215&output=html&h=600&slotname=9200956269&adk=2856261430&adf=3433535837&pi=t.ma~as.9200956269&w=160&lmt=1611766760&psa=0&format=160x600&url=https%3A%2F%2Fposthereads.com%2F588%2Fposts%2F3%2F27%2F800143.html&flash=0&wgl=1&dt=1611766760550&bpp=1&bdt=139&idt=296&shv=r20210121&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250&nras=1&correlator=6596166171784&frm=20&pv=1&ga_vid=1750200483.1611766761&ga_sid=1611766761&ga_hid=2054227575&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=299&ady=297&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21069110&oid=3&pvsid=2553551173562170&pem=467&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=GsvBb3mbRM&p=https%3A//posthereads.com&dtd=300
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://posthereads.com/588/posts/3/27/800143.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://posthereads.com/588/posts/3/27/800143.html

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 27 Jan 2021 16:59:21 GMT
server: cafe
content-length: 204
x-xss-protection: 0
set-cookie: IDE=AHWqTUnHMWbblXKIW6e0HugRPs_Bjlu5vEajRkd0NaOeWyZix2o_XcozPtt-dRXa; expires=Mon, 21-Feb-2022 16:59:20 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Wed, 27 Jan 2021 16:59:21 GMT
cache-control: private

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame FACA 0
0 197ms
196ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5950405679604215&output=html&h=280&slotname=8988879210&adk=4228275942&adf=700804871&pi=t.ma~as.8988879210&w=1003&fwrn=4&fwrnh=100&lmt=1611766760&rafmt=1&psa=0&format=1003x280&url=https%3A%2F%2Fposthereads.com%2F588%2Fposts%2F3%2F27%2F800143.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1611766760854&bpp=2&bdt=443&idt=2&shv=r20210121&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250%2C160x600&nras=1&correlator=6596166171784&frm=20&pv=1&ga_vid=1750200483.1611766761&ga_sid=1611766761&ga_hid=2054227575&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=306&ady=1403&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21069110&oid=3&pvsid=2553551173562170&pem=467&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=n9rXc166hW&p=https%3A//posthereads.com&dtd=7

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210121/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5950405679604215&output=html&h=280&slotname=8988879210&adk=4228275942&adf=700804871&pi=t.ma~as.8988879210&w=1003&fwrn=4&fwrnh=100&lmt=1611766760&rafmt=1&psa=0&format=1003x280&url=https%3A%2F%2Fposthereads.com%2F588%2Fposts%2F3%2F27%2F800143.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1611766760854&bpp=2&bdt=443&idt=2&shv=r20210121&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250%2C160x600&nras=1&correlator=6596166171784&frm=20&pv=1&ga_vid=1750200483.1611766761&ga_sid=1611766761&ga_hid=2054227575&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=306&ady=1403&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21069110&oid=3&pvsid=2553551173562170&pem=467&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=n9rXc166hW&p=https%3A//posthereads.com&dtd=7
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://posthereads.com/588/posts/3/27/800143.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://posthereads.com/588/posts/3/27/800143.html

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 27 Jan 2021 16:59:21 GMT
server: cafe
content-length: 206
x-xss-protection: 0
set-cookie: IDE=AHWqTUnav2QGJZSjpQOvv-8z6_liihlRK3FbWdeqB5tCZua3YwmAjSuSNFcQ_0Fi; expires=Mon, 21-Feb-2022 16:59:20 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Wed, 27 Jan 2021 16:59:21 GMT
cache-control: private

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/4a1806ae49a62752/ 27 B
207 B 58ms
57ms Script
application/javascript 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/4a1806ae49a62752/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/200/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-112.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 19a26d6046c4fcfe9e3efbc1fb7532f424c6b0b7590b9e193788e30bce8b9836

Request headers

Referer: https://posthereads.com/588/posts/3/27/800143.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 16:59:20 GMT
content-encoding: gzip
content-disposition: attachment; filename=1.txt
cache-control: public, max-age=59, s-maxage=86400
content-length: 47
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 90 B
250 B 135ms
133ms Script
application/javascript 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=60119be8c1d62a05&bkl=0&bl=1&pdt=92&sid=60119be8c1d62a05&pub=4a1806ae49a62752&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=posthereads.com&fp=588%2Fposts%2F3-Services%2F27-Other%2F800143-FlightHub-Airlines-Reservations.html&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=Post%20Free%20Ads%20Here%2COnline%2Cclassifieds%2Cposts%2Cads%2Cevents%2Cimages%2Cbuy%2Csell%2Ctrade%2Creal%20estate%2Capartments%2Cpersonals%2Ccommunity%20classifieds%2Cxzero%20classifieds%2Ccommunity%20classifieds%2Ccommunity%2Csociety&colc=1611766760884&jsl=1&uvs=60119be81e2e6505000&skipb=1&callback=addthis.cbs.jsonp__263761228392112470
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/200/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-112.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7b686f6dd6ea99ca7e8467ff3324a46625e941988fce878dd0c0cd54eec2fc71

Request headers

Referer: https://posthereads.com/588/posts/3/27/800143.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Jan 2021 16:59:21 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 90
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 38A6 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame AC68 0
0 42ms
42ms Document
text/html 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/200/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-112.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:method: GET
:authority: s7.addthis.com
:scheme: https
:path: /static/sh.f48a1a04fe8dbf021b4cda1d.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://posthereads.com/588/posts/3/27/800143.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://posthereads.com/588/posts/3/27/800143.html

Response headers

server: nginx/1.15.8
content-type: text/html
last-modified: Thu, 04 Jun 2020 15:49:19 GMT
etag: W/"5ed917ff-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Wed, 27 Jan 2021 16:59:20 GMT
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H2 200 pubads_impl_2021012101.js Show response
securepubads.g.doubleclick.net/gpt/ Frame F33E 274 KB
97 KB 90ms
33ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021012101.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

2291c531324186bbb926f825ec5b79b466e9a74a89ecf67b0ddb15f07c59427c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://posthereads.com/588/posts/3/27/800143.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 16:59:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 21 Jan 2021 09:40:13 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99003
x-xss-protection: 0
expires: Wed, 27 Jan 2021 16:59:21 GMT

GET
H/1.1 200
OK bfp_ssn.js
pxlclnmdecom-a.akamaihd.net/javascripts/ Frame 9F10 0
0 36ms
35ms Document
text/html 92.123.77.50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/bfp_ssn.js?templateId=3
Requested by: Host: pxlclnmdecom-a.akamaihd.net
URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CUQEK9ET
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 92.123.77.50 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-77-50.deploy.static.akamaitechnologies.com
Software: / Express
Resource Hash

Request headers

Host: pxlclnmdecom-a.akamaihd.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://posthereads.com/588/posts/3/27/800143.html
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://posthereads.com/588/posts/3/27/800143.html

Response headers

Content-Type: text/html; charset=utf-8
X-Powered-By: Express
Vary: Accept-Encoding
Access-Control-Max-Age: 1800
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Cache-Control: max-age=1800
Expires: Wed, 27 Jan 2021 17:29:21 GMT
Date: Wed, 27 Jan 2021 16:59:21 GMT
Content-Length: 3752
Connection: keep-alive

POST
H2 200 ptmdP
dt.clnmde.com/ 7 B
329 B 379ms
124ms Other
text/html 100.24.200.179
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://dt.clnmde.com/ptmdP
Requested by: Host: pxlclnmdecom-a.akamaihd.net
URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CUQEK9ET
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.24.200.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-24-200-179.compute-1.amazonaws.com
Software: / Express
Resource Hash: aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Request headers

Referer: https://posthereads.com/588/posts/3/27/800143.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 27 Jan 2021 16:59:21 GMT
vary: Accept-Encoding
x-powered-by: Express
etag: W/"7-Jgyp3YpFd/wAt71YECmAdg"
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
content-length: 7

GET
H2 200 cenw.js Show response
dt.clnmde.com/ 36 B
361 B 376ms
123ms XHR
text/html 100.24.200.179
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://dt.clnmde.com/cenw.js?identifier=bafp
Requested by: Host: pxlclnmdecom-a.akamaihd.net
URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CUQEK9ET
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.24.200.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-24-200-179.compute-1.amazonaws.com
Software: / Express
Resource Hash: fe08db00c972c9a22e93a7546fcfdc36197dfbf8b0eda59ddacb5838dc022ca4

Request headers

Referer: https://posthereads.com/588/posts/3/27/800143.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 16:59:21 GMT
vary: Accept-Encoding
x-powered-by: Express
etag: W/"24-ClkVJcC+2zjs0ZMPp1KRtg"
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
content-length: 36

GET
H2 200 ptmdDual
dt6.clnmde.com/ 70 B
331 B 283ms
87ms Image
image/gif 2600:1f18:42df:3a00:e8b1:a0ff:a34c:ada
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt6.clnmde.com/ptmdDual?t=%7B%22gh%22%3A%2216117667609833751321821%22%2C%22za%22%3A1%2C%22gcd%22%3A1611766760999%2C%22al%22%3A3%2C%22bcnd%22%3A1%7D
Requested by: Host: posthereads.com
URL: https://posthereads.com/588/posts/3/27/800143.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:42df:3a00:e8b1:a0ff:a34c:ada Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: / Express
Resource Hash: c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

Referer: https://posthereads.com/588/posts/3/27/800143.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 27 Jan 2021 16:59:21 GMT
x-powered-by: Express
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: image/gif

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame F33E 109 B
781 B 56ms
42ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=posthereads.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021012101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://posthereads.com/588/posts/3/27/800143.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 27 Jan 2021 16:59:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame F33E 109 B
781 B 56ms
41ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=posthereads.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021012101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://posthereads.com/588/posts/3/27/800143.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 27 Jan 2021 16:59:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame F33E 46 KB
16 KB 423ms
390ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2510192581303184&correlator=1925417698516675&output=ldjh&impl=fif&eid=21068773&vrg=2021012101&ptt=17&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20210127&iu_parts=45361917%2C8CUQEK9ET-356783917-globalclassified_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=crid%3D356783917%26mnet_segment%3D0.03%26mnet_variant%3D426%26pub_domain%3Dposthereads.com%26mnet_cc%3DCH%26mnet_bucketid%3Db2%26mnet_ref_ybn%3D1%26mnet_pid%3D8PRHGG6T9%26fp%3Dqcqr&eri=4&cookie=ID%3Da18d0ffc7428f8de-22db79b7c8b900f2%3AT%3D1611766760%3ART%3D1611766760%3AS%3DALNI_MYmNLGQaD4iZN7bwP_pmjkxjR3yQw&bc=31&abxe=1&dt=1611766761290&dlt=1611766760751&idt=514&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=250&oid=3&adxs=486&adys=182&adks=3400138230&ucis=3pi1a2w0kcpr&ifi=1&ifk=1511625051&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fposthereads.com%2F588%2Fposts%2F3%2F27%2F800143.html&top=posthereads.com&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x250&ga_vid=1750200483.1611766761&ga_sid=1611766761&ga_hid=264311263&ga_fc=true&fws=256&ohw=0&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021012101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

9b47f99922d68715b19631adec35396937c283d53a6c845dd2a1286012ae1be1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://posthereads.com/588/posts/3/27/800143.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 16:59:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15540
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://posthereads.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
2d09f9deb07475766003ef677ea6e296.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame F33E 0
0 73ms
14ms Other
text/html 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://2d09f9deb07475766003ef677ea6e296.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021012101.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://posthereads.com/588/posts/3/27/800143.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame F33E 0
0 35ms
20ms Other
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021012101.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://posthereads.com/588/posts/3/27/800143.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 ptmd
dt.clnmde.com/ 70 B
330 B 122ms
122ms Image
image/gif 100.24.200.179
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.clnmde.com/ptmd?t=16117667609833751321821_N4IgtgniBcDasEYA0AWAHANiQdk0haATKgMyEC65SIA7gI4yxXgQBOjzAxq2AA6MgSAVgy4SATgTYA+gHNeAF2kIQzAIYAbBYwAMzAM4B7GMhCdOACwDWA4aLQSpq6rwCWAE21wQO5yFYApgBmAKqsWgJ++qycYRHeFgoKvPoApCQAgqmEAGLZObyG+goWAYFq7voAdJyGYPlCaGj5hcVpuST5hNj5aDo6CCgkVYlgGn4AbvrSHl6wAHYArhoazBZTM54C-f0IGAhSGKIYOtg6KDokBxdCJOh34hd+nIvFm3MgaADCIQCKAKIAaXE-wAKs9WBMBMAADqCERiSTYOHQWEgBQQXgBFFw7ibOFIOETVz4mBwvYHbBHKk6DAXbDYEQkHQEuHraYeHE+HYUw7HU7nS7XHS3e4oR4skAAXylfnmakYKEIj3EokIdPwdx0aDOEiQt36aHuemo8v0MGV1FcajAumY1vN0DQ1AAHkEYD4MEEEJxle4AEaEX2MogBf0kf19FDewhM7q+V1BLyfEgBDABcTif1BC7+7AoDCEEhBTjCBDF9w6ThCcQ6QjuEDUAIuj0JkD6Woe3lU-nSIQEI3YVUIbooRvt2ru6CmDuGZPd6knPsDlBD-aj6RoQPa7D+hB1zjiAKpoRBIIBdw+wa4C9b3Dj2cKKcz2oKBvQEAL3v9pqr4cbzgq04f1JHLbAgkIIJsAQEtOHAot3BIQ8IPEUUH1fdxnybKwFQ-foSAkM8dAAWhOTgEGIg4w2ItRsHcDBiICct3HzQgdDUIIhCEccAisf0TGoTgpg9NENEMThNGkYpDFYNRZGxMluQI8QiNIqsKKo-0aLohimJIFilXYzihFZdsAn0fRXEMeYpIUGS5IU6A4XwwighIsiNIQajaPoxjmNYoyuNM2pDCsVwAmkdw1AUNQuRclS3LU8jKK8rSfN0-zDI4oLpXHVwoWgHQqiEahimi15GBIVAkAImqUBqkqSCwEhsBq509UtZkkCLfBxGYAAvXDTF4WQPShJt5gKkB+GoWQLC7fY+RpcQHBa-syAIQgVGoBRHU-JUVtOAtY0acdhI-DAqiKlrtpATQYCqkASxgSimwUVwTEWnsaVKhRRsK0qbA-L8aWXX81xHfMeNcfhgbQIQqgQEREcZRHTh4xYhuoRYPoBkAAgmcY4AMDRigWylFx0cR72oDQsJAYlNnJpaTjpU5GQwZlxxeN4PA9b4-iBEFwVmzhPop449nzag6ACASntxwgpSAA
Requested by: Host: posthereads.com
URL: https://posthereads.com/588/posts/3/27/800143.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.24.200.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-24-200-179.compute-1.amazonaws.com
Software: / Express
Resource Hash: c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

Referer: https://posthereads.com/588/posts/3/27/800143.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 27 Jan 2021 16:59:21 GMT
x-powered-by: Express
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: image/gif

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F33E 0
0 39ms
39ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gfp_cw_status&domain=posthereads.com&host=posthereads.com&success=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021012101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://posthereads.com/588/posts/3/27/800143.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Jan 2021 16:59:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 container.html
2d09f9deb07475766003ef677ea6e296.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 7310 0
0 34ms
20ms Document
text/html 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2d09f9deb07475766003ef677ea6e296.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021012101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 2d09f9deb07475766003ef677ea6e296.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://posthereads.com/588/posts/3/27/800143.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://posthereads.com/588/posts/3/27/800143.html

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2973
date: Wed, 27 Jan 2021 16:59:21 GMT
expires: Thu, 27 Jan 2022 16:59:21 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame F33E 74 KB
29 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021012101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1187995a6a31ed3a06d13bae8d36edcc63782f5764897a5a62703d2d6cb840c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://posthereads.com/588/posts/3/27/800143.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 16:59:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611319200633513"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28803
x-xss-protection: 0
expires: Wed, 27 Jan 2021 16:59:21 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame F33E 9 KB
7 KB 61ms
47ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021012101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021012101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93106021a77d1d49fe8913c3a768ff06d4b37002a7c167c8979ebd7289443adc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://posthereads.com/588/posts/3/27/800143.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 27 Jan 2021 16:59:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6795
x-xss-protection: 0

GET
H/1.1 200
OK rtblog.php
lg3.media.net/ 35 B
322 B 32ms
29ms Image
image/gif 104.76.200.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/rtblog.php?&gdpr=0&vgd_l1rakh=1611766760155960967&vgd_sc=ZH&vgd_hbReqId=T1611761414C8S18U910&vgd_uspa=0&vgd_isiolc=1&l3ch=4&cc=CH&vgd_implt=0&movlimp=0&vgd_dfp_tgt={%22crid%22:%22356783917%22,%22mnet_segment%22:%220.03%22,%22mnet_variant%22:%22426%22,%22pub_domain%22:%22posthereads.com%22,%22mnet_cc%22:%22CH%22,%22mnet_bucketid%22:%22b2%22,%22mnet_ref_ybn%22:1,%22mnet_pid%22:%228PRHGG6T9%22}&vgd_asn=9009&vgd_scr_h=1200&vgd_scr_w=1600&vgd_optout=0&vgd_l2type=setting&vgd_bdata=sd2%3Dnull%7C%7Cbb%3D196%7C%7Cvv%3D0%7C%7Cerpm%3D0.03%7C%7Cogerpm%3D0.03%7C%7Cbm%3D2.04%7C%7Csid%3D6316fd5e40f2228701de655344117835%7C%7Csd%3D1%7C%7Cuid%3D3o7iBwKaaO8D02UP4r%7C%7Cdc2%3D1%7C%7Cbtd%3D168749648060760772603677015425032192%7C%7Cscd%3Dzh%7C%7Cuim%3D0%7C%7Curl_tkc%3D0%7C%7Css%3D1600x1200%7C%7Cuiw%3D-1%7C%7Clast%3D0%7C%7CCI%3D2263%7C%7Cip%3D3oKfz5%7C%7Cfbb%3D0%7C%7Ctb%3D-1%7C%7Cct%3Dzurich%7C%7Crc%3D1%7C%7Cbasis2%3D196%7C%7Curl_b%3D0.02%7C%7Cbasis1%3D196%7C%7CisRef%3D0%7C%7Clc%3D0%7C%7Curl_tvi%3D0%7C%7Curl_l%3D10%7C%7Cbid%3D0.03%7C%7Cdc%3D7%7C%7Cgcat%3D-1%7C%7Cogbid%3D0.03%7C%7Ccbdp%3D0.03%7C%7Cbflag%3D1%7C%7Csobp%3D0%7C%7Cddiv%3D%25%25DFP_DIV%25%25%7C%7Cdmm%3D%7C%7Cibc%3D1%7C%7Cddt%3D-1%7C%7Cnsz%3D1%7C%7Ctgs%3D300x250%7C%7Cbsb%3D0%7C%7Cbsp%3D0&vgd_is_amp=0&vgd_rensize=300_250&vgd_l2wsip=2886939390&wsip=2886939390&vgd_l1rpth=/nmedianet.js&prid=8PRHGG6T9&cid=8CUQEK9ET&crid=356783917&pid=8PO7E5EE1&size=300x250&vi=1611766760640775630&ugd=4&bdrid=8&subBdr=426&bdrct=0.03&adx=1&kbbq=%26sde%3D1%26adepth%3D1%26ddepth%3D1&tdAdd[]=%7C%40%7Csde%3D1%7C%40%7Cadepth%3D1%7C%40%7Cddepth%3D1%7C%40%7Cfsap%3D1%7C%40%7Clsat%3D3&vgd_crefurl=undefined&vgd_dfpnc=0&vgd_refadx=1&vgd_demp=false&vgd_refcnf={%22a2y%22:{%22afterLoadSecs%22:30,%22afterViewSecs%22:10,%22percentTraffic%22:95,%22ignoreSessionDisable%22:true,%22both%22:false}}&rtbsd=10&bto=0&vgd_opp_id=168101209732983731611766760740&vgd_rt=237&https=1&requrl=https%3A%2F%2Fposthereads.com%2F588%2Fposts%2F3%2F27%2F800143.html&vgd_mseg=0.03&hvsid=00001611766760704031140534834940&gdpr=0&vgd_end=1

Requested by

Host: posthereads.com
URL: https://posthereads.com/588/posts/3/27/800143.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.76.200.23 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-76-200-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

Referer: https://posthereads.com/588/posts/3/27/800143.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=21600
Server: Apache
Date: Wed, 27 Jan 2021 16:59:21 GMT
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 35
Expires: Wed, 27 Jan 2021 16:59:21 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame F33E 17 KB
6 KB 21ms
18ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021012101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://posthereads.com/588/posts/3/27/800143.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 16:59:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Wed, 27 Jan 2021 16:59:21 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 9 KB
7 KB 56ms
33ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210121&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210121/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5b8db7bfd3e6438c965c25ae2bd244313b6729b2017070e9545ac90840790d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://posthereads.com/588/posts/3/27/800143.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 27 Jan 2021 16:59:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6787
x-xss-protection: 0

GET
H2 200 log
hblg.media.net/ 35 B
194 B 34ms
31ms Image
image/gif 104.76.200.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hblg.media.net/log?logid=aplog&pid=8PREB0781&itype=HB-CM&dn=posthereads.com&cid=8HBDW8L12&svr=2021012510_85&servname=hbcm_na&gdpr=0&csex=2&suc=0&csstr=&tcf_cmp=&tcf_status=&tcf_prp=&usp_status=0&usp_enf=1&usp_string=&ufca=&usp_ldf=&ugd=4&adt=desktop&vid=00001611766760971031140534836023&vsid=&sd=1&gtd=400&inid=0&gfd=&cc=CH&sc=ZH&ct=ZURICH&abte=CONTROL&adbd=0&amp=0&version=1&sB=true&cors=true&disB=false&ice=&vw=1600&vh=1200&pht=1490&cl=&__rk=0&app=0&rtype=&vendor=Google%20Inc.&isSafari=0&pvid=0&prvAccId=&prvApiId=&exid=&pcId=&pseat=&adj1=0&adj0=0&adj2=0&adj3=0&mowxReqId=&crid=781748424&g=0&size=300x250&sec=&chnl=&prspt=headerBid&rfc=0&tref=0&fpuReq=0&bdp=0&cbdp=0&dcbdp=0&ckfl=&cs=&mnet_ckfl=&cat=&attr=&pvAgNm=&pvAgId=&advId=&advNm=&advUrl=&dfpBd=0&nms=1&di=&dt=&epc=&ogbdp=0&s=1&snm=success&dbf=1&bdata=&cmpid=&bId=&pcrid=&ruct=0&brs=&brr=&iurl=&htps=0&ptype=27&pbidflr=0&exp=&bfs=0&seat=&nbr=&ba=1&ybnca_gbid=&ybnca_erpm=&ybnca_vbid=&yogbdp=&yErpmFlag=&smsrc=1&strg=&ybnca_bbid=&prvReqId=&dStat=&ogbid=0&acid=168101209732983731611766760740&act=headerBid&dtfdl=&dspltime=&ttfd=&rtime=&dtc=&rtbsv2=&mp_seg%3C%3E=&apid=&wsip=&ltime=&abs=&ssregion=&ssreqid=&sssvnm=&top=0&btm=0&lft=0&rght=0&ttm=0&vtm=0&sttm=0&svtm=0&mnrfc=0&mnrf=0&invw=-1&patkey=&patint=&pc=&spSource=0&spIvt=0&spId=&spFst=0&spIsReq=0&spTo=0&pgcatiab=&pgcatiab2=&pgcatsprig=&gFunDl=false&ngFunDl=false&rDl=false&refVisId=&osnbr=&brf=0&iwb=1&toconsider=0&dcs=&auMxTm=&actltime=227&acsn=1&dfpDiv=&dfpAdPath=&dfpPos=&sbdrid=426&bbdrid=&td=%7C&pvNbr=&pvNbrDtls=&lper=1&patint%3C%3E=&mx_SD=&mx_PC=&mx_SPRIG=&mx_UCC=&mx_GCID=&mx_IAB2=&mx_vsGap=&mx_dgf=&mx_BCN_BF=&mx_bsBucket=&mx_ssProfile=&mx_BCE=&mx_lr=&mx_BCI=&mx_uid_sent=&mx_yhs_enabled=&mx_SC=&mx_BCT=&mx_yhs_target_bidders=&mx_BCN_YHS=&mx_BCW=&mx_bsProfile=&mx_ssBucket=&mx_TAF=&mx_supply_path=&mx_sbp=&mx_yhs_deal_sent=&mx_aqcpl_crid=&mx_yhs_selected_deal=&mx_tgs=&mx_nsz=&mx_TAS=&mx_aurt=&pvid=4&prvAccId=356783917&prvApiId=8CUQEK9ET&exid=31&pcId=&pseat=&adj1=0&adj0=0&adj2=0&adj3=0&mowxReqId=104106383917236231611766760744&crid=781748424&g=0&size=300x250&sec=&chnl=&prspt=headerBid&rfc=0&tref=0&fpuReq=1&bdp=0.03&cbdp=0.03&dcbdp=0&ckfl=0&cs=&mnet_ckfl=0&cat=&attr=&pvAgNm=&pvAgId=&advId=&advNm=&advUrl=unknown&dfpBd=0.03&nms=1&di=&dt=O&epc=356783917&ogbdp=0.03&s=1&snm=success&dbf=1&bdata=sd2%3Dnull%7C%7Cbb%3D196%7C%7Cvv%3D0%7C%7Cerpm%3D0.03%7C%7Cogerpm%3D0.03%7C%7Cbm%3D2.04%7C%7Csid%3D6316fd5e40f2228701de655344117835%7C%7Csd%3D1%7C%7Cuid%3D3o7iBwKaaO8D02UP4r%7C%7Cdc2%3D1%7C%7Cbtd%3D168749648060760772603677015425032192%7C%7Cscd%3Dzh%7C%7Cuim%3D0%7C%7Curl_tkc%3D0%7C%7Css%3D1600x1200%7C%7Cuiw%3D-1%7C%7Clast%3D0%7C%7CCI%3D2263%7C%7Cip%3D3oKfz5%7C%7Cfbb%3D0%7C%7Ctb%3D-1%7C%7Cct%3Dzurich%7C%7Crc%3D1%7C%7Cbasis2%3D196%7C%7Curl_b%3D0.02%7C%7Cbasis1%3D196%7C%7CisRef%3D0%7C%7Clc%3D0%7C%7Curl_tvi%3D0%7C%7Curl_l%3D10%7C%7Cbid%3D0.03%7C%7Cdc%3D7%7C%7Cgcat%3D-1%7C%7Cogbid%3D0.03%7C%7Ccbdp%3D0.03%7C%7Cbflag%3D1%7C%7Csobp%3D0%7C%7Cddiv%3D%25%25DFP_DIV%25%25%7C%7Cdmm%3D%7C%7Cibc%3D1%7C%7Cddt%3D-1%7C%7Cnsz%3D1%7C%7Ctgs%3D300x250%7C%7Cbsb%3D0%7C%7Cbsp%3D0&cmpid=&bId=&pcrid=8CUQEK9ET-356783917-4-6&ruct=0&brs=&brr=&iurl=https%3A%2F%2Fiurl-a.akamaihd.net%2Fybntag%3F%26cid%3D8CUQEK9ET%26crid%3D356783917%26size%3D300x250%26requrl%3Dhttps%253A%252F%252Fposthereads.com%252F588%252Fposts%252F3%252F27%252F800143.html&htps=0&ptype=27&pbidflr=0.00&exp=sfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Cclt%3D0%7Cfl_rl%3D1%7CssProfile%3D0%7Cdbr%3D1%7Ctkd%3Dnull&bfs=0&seat=&nbr=0&ba=7&ybnca_gbid=&ybnca_erpm=0.03&ybnca_vbid=0.03&yogbdp=0.05&yErpmFlag=1&smsrc=1&strg=&ybnca_bbid=-1.0&prvReqId=87527880810331063_1374854763_781748424141&dStat=0&ogbid=0.05&acid=168101209732983731611766760740&act=headerBid&dtfdl=&dspltime=&ttfd=&rtime=25&dtc=nydc&rtbsv2=&mp_seg%3C%3E=&apid=1&wsip=c10-mowx-web-5&ltime=217&abs=0&ssregion=&ssreqid=&sssvnm=&top=0&btm=0&lft=0&rght=0&ttm=0&vtm=0&sttm=0&svtm=0&mnrfc=0&mnrf=0&invw=-1&patkey=&patint%3C%3E=&pc=&spSource=0&spIvt=3&spId=&spFst=0&spIsReq=3&spTo=3&mx_SD=&mx_PC=1&mx_SPRIG=0&mx_UCC=1&mx_GCID=0&mx_IAB2=0&mx_vsGap=&mx_dgf=0&mx_BCN_BF=&mx_bsBucket=0&mx_ssProfile=0&mx_BCE=&mx_lr=0&mx_BCI=&mx_uid_sent=0&mx_yhs_enabled=&mx_SC=0&mx_BCT=&mx_yhs_target_bidders=&mx_BCN_YHS=&mx_BCW=&mx_bsProfile=0&mx_ssBucket=0&mx_TAF=0&mx_supply_path=&mx_sbp=-10&mx_yhs_deal_sent=&mx_aqcpl_crid=0&mx_yhs_selected_deal=&mx_tgs=300x250&mx_nsz=1&mx_TAS=&mx_aurt=0&pgcatiab=&pgcatiab2=&pgcatsprig=&gFunDl=false&ngFunDl=false&rDl=false&refVisId=&osnbr=&brf=0&iwb=1&toconsider=1&dcs=&auMxTm=&actltime=227&acsn=1&dfpDiv=&dfpAdPath=&dfpPos=&sbdrid=426&bbdrid=&td=r%3Dstr%7Cab%3D0%7C&pvNbr=&pvNbrDtls=&lper=1&patint=&requrl=https%3A%2F%2Fposthereads.com%2F588%2Fposts%2F3%2F27%2F800143.html&kwrf=&epurl=https%3A%2F%2Fposthereads.com%2F588%2Fposts%2F3%2F27%2F800143.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.76.200.23 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-76-200-23.deploy.static.akamaitechnologies.com
Software: Jetty(9.4.35.v20201120) /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Referer: https://posthereads.com/588/posts/3/27/800143.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Jan 2021 16:59:22 GMT
server: Jetty(9.4.35.v20201120)
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Wed, 27 Jan 2021 16:59:22 GMT

GET
H2 200 log
hblg.media.net/ 35 B
194 B 30ms
27ms Image
image/gif 104.76.200.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hblg.media.net/log?logid=kfk&evtid=relog&pid=8PREB0781&itype=HB-CM&dn=posthereads.com&cid=8HBDW8L12&svr=2021012510_85&servname=hbcm_na&gdpr=0&csex=2&suc=0&csstr=&tcf_cmp=&tcf_status=&tcf_prp=&usp_status=0&usp_enf=1&usp_string=&ufca=&usp_ldf=&ugd=4&adt=desktop&vid=00001611766760971031140534836023&vsid=&sd=1&gtd=400&inid=0&gfd=&cc=CH&sc=ZH&ct=ZURICH&abte=CONTROL&adbd=0&amp=0&version=1&sB=true&cors=true&disB=false&ice=&vw=1600&vh=1200&pht=1490&cl=&__rk=0&app=0&rtype=&vendor=Google%20Inc.&isSafari=0&ffp=0.03&efp=qcqr&mdf=0.03&mdk=mnet_segment&rp=&rf=&rfs=nfetched&dfpAdPath=%2F45361917%2F8CUQEK9ET-356783917-globalclassified_300x250&src=Dynamic&lper=1&requrl=https%3A%2F%2Fposthereads.com%2F588%2Fposts%2F3%2F27%2F800143.html&kwrf=&epurl=https%3A%2F%2Fposthereads.com%2F588%2Fposts%2F3%2F27%2F800143.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.76.200.23 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-76-200-23.deploy.static.akamaitechnologies.com
Software: Jetty(9.4.35.v20201120) /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Referer: https://posthereads.com/588/posts/3/27/800143.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Jan 2021 16:59:22 GMT
server: Jetty(9.4.35.v20201120)
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Wed, 27 Jan 2021 16:59:22 GMT

GET
H/1.1 200
OK log
lg3.media.net/ 35 B
371 B 30ms
24ms Image
image/gif 104.76.200.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/log?&logid=kfk&evtid=adPrvLog&otherprov=1&tagsonpage=GO&cid=8CUQEK9ET&crid=356783917&cc=CH&ugd=4&timeTaken=5&vi=1611766760640775630&r=1611766762080

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.76.200.23 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-76-200-23.deploy.static.akamaitechnologies.com

Software

Jetty(9.4.35.v20201120) /

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

Referer: https://posthereads.com/588/posts/3/27/800143.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Jan 2021 16:59:22 GMT
Server: Jetty(9.4.35.v20201120)
Strict-Transport-Security: max-age=21600
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 35
Expires: Wed, 27 Jan 2021 16:59:22 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 742F 0
0 6ms
6ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://posthereads.com/588/posts/3/27/800143.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://posthereads.com/588/posts/3/27/800143.html

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Wed, 27 Jan 2021 16:15:19 GMT
expires: Thu, 27 Jan 2022 16:15:19 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2643
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210121/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://posthereads.com/588/posts/3/27/800143.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 16:59:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Wed, 27 Jan 2021 16:59:22 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 4A1D 0
0 7ms
6ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://posthereads.com/588/posts/3/27/800143.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://posthereads.com/588/posts/3/27/800143.html

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Wed, 27 Jan 2021 16:15:19 GMT
expires: Thu, 27 Jan 2022 16:15:19 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2643
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F33E 0
25 B 41ms
40ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021012101&jk=2510192581303184&bg=!cHOlczDNAAVwd1e1cDsAKQB2-DxaCsPAQdK96Xn_vRf7jmw7kajP6Xl7_f8kTued46E0DIEGIWwSAgAAAJ5SAAAAEWgBBwoAyENS216c4VulGnfR5pJ30BiZSC-6iUpsgpmEIoe7o8F4NkEMUlyHBO1REIEpDgBJ-Z73jKGRYdzxX5evs5yiCbHLDO9OkGRXsphJxRXAZ6cL0pKrxbEFjm-VWsmd2NFYpU2XjKlpYGPZveAFtE5CwFOLD4EBj4IcoOVCaZ1KhQcT_Wpck8OBq8H3TLOHpPOYh2aCGIcsSDq5IVlEw_1pY4LoIdPK-kSCO4x46qh7MWPhr2zRBBkTGiCLuIAYDJ-fESX2FiO6Aoc0mQHvWl5yUWTPvMzQSKZMOpqaItdhh4PzHa0xxu5dV3qSMDP_Ag-tecpJHbd2Ny4meIrJNOY8zuInbNuhucMZQtQpvYmFl87lg3z1I7j-VaXdQYIrrC17chUYyK69m_VNGhwl83DgHloAJJJuM3nWXbyBRLinu68tEeoN0E5NYsyN-Gsnkce41eN5hAjNXlkdJ4mbEOa5p_g-oEF_o0O9kvYkhWSh3zPgZvoybkKuao60_9pnecsx-EaKDtvQst3U-APK8EfaiwyKjmpsXmL_joLtosdH7x01BCTCVUzLcYI86Lg2_oqdHCG_AF9AHdCfqkr9Yo2bO9ROZmBW-f3BDdQt-C_gvb4ZCLWRyjRd8COqu8YilkM5lTZWLSEPygh4CL54gb0vB9d8c4GA0n62W5dFs-SoHlYcBCcP-i-A-LdogoxNOjz8UmPMr8UntnGv-8qBb9Xux7bsq7Ba2r9jmi6GBwqULAKYyKj-93pYU8CijNXuEC9mB5vWcyPyCKsjarMbB0KV2UVCaZqQ5f6GlGDEIwOBY1J5fsmlugly2mmuMYjr8-HNLrfwH8zyrQaXkqfk06QyBqVvFEQNHrLU1e7hSEpRIjOJ2F70_BUI4wV8ruec46iMyTsOipr2LChqhM2yx-_FahTAAavTaBzn3YzB

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://posthereads.com/588/posts/3/27/800143.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Jan 2021 16:59:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
46 B 41ms
41ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210121&jk=2553551173562170&bg=!gIOlg8DNAAXyQKAs8jsAKQB2-DxabGapniunYNFZqPhMB8sqvK9A3sSwQQest9GeSDKXzBCKxjxjAgAAAP1SAAAAH2gBBwoBMOhM4QEn-w3uxv1N7FDLOnfdjEVF11Z6dzIhPYUylkbkygjc76Eb_jDJOdOqweUraIExS4gWdd0t8q4iHoXfZ_Vi3DEEEVkw4KH2zAnal50rBw2n6Z2IydQCtVOGRgl4cXGHaJoH_n028nwsSVKNuY3EN9qXJhALcPcGKzjo_Edftm9pmtxMm5IKPP1VxroNFa4oxrF4kU_hm9UyVmd8ca1xYZJt2qgD9-T22eTiWY1y-4n1emE9ypbCn0E8HakejR-_AVdZv8w330JljcqPlBUeuheG8XlY10uaTHQbCAo8s-9VbEOFtHGlhO1COiQQWZc-w-VJrM2qVdet7wURcv5XrpB0lJyhr_khH6V5AvAxSbGOPW4KJHkAVoMPv2tNJYC0ZKmycCcbkxmWWVp12gOZAcuxNN0bRaZGN7CsxcgRqoaBjxc1FFL8afGWu5Nnl0ySR2L_Q6rYaGwDQDoWBGUZ6w_NIWKcekfapvj31i-O7QufrUmflzcslHHMbQ95pD2zgxWNxkiOUGbUWivi3V6fN6gJq8qoScDv0M161YXDP3ja84U65qHdOZn5kkGfhwmEXbjJsNDpMjOPyjChpl1cJKfAdptl9QNTLU-ei6pguoHEiiE8Pd9FP_TSU0rhY3PfK_5j7JrBW6kKPky_BMeSMyTIalzUJr398kGVsFrabrGZ7sHe7w0MbLPIyzzVmqwLShWacVXTCjXHdS3fi0z65A08skQSZIcodNBZE3Zr3BQrQBsh7nOSyPLoDuzSXBqpKU1KZiKUQPLXuOEnbz5p35kmYwzefgx-aIWediXP01jonSEFZoEDLbhx0GZ-oxmXhtFtmOJCMWYTe8iwTWPHmmw10PJYBBHz5HOr79XDqPTTFcT2dI9QGm7vQFGupj2AyEwz-M35UiS0WEuZKbnsdLEttVpMXCNm6BS3FQfkXLzFwZwWE0WESCMsR_u4asl_vad8PCT3wPjkp783PBzfmfe-gfXt7ZMSbV-seNfFxoek4F6qnQahNz3i-W8

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://posthereads.com/588/posts/3/27/800143.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Jan 2021 16:59:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ptmd
dt.clnmde.com/ 70 B
330 B 122ms
121ms Image
image/gif 100.24.200.179
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.clnmde.com/ptmd?t=16117667609833751321821_N4Ig1ghiBcIAxwMyIMYHYEFoBscUEZN98BTAI0wnzMUwBMAzAVgjP3RQYE4AWEAGnBkY+QSgBuMEMAA6IADYB7FBHkB9AM4AXRQCcIAcxJzochMnRZcBIqQpUa9Zq3ZpOvOfzkaSGjQEtFADtNHX0jEzMkVAw4HDxCYnJKalpGFjYObh5PORRFRTB-EjU6CC0ISPhoyzjrRLsUx3SXLI8QAF8BEAMtBhgAbTh+YdH+UTgAXUFejUGxhZHpkG056CGRzYXlkhQtAFspNER8bv9JaAAmQW1ygFc1ga5xrmWALyhoURAABwMpSSCEhBC6-boGAAWUnw2GIaGw2HhcC4AA5kGgmPhEJd8Cicd0tGsQPgeJdUXA0DxsJcmEwUd1xETsAA6ODMxBoU6CVQwRCCBgoGBEIFafwiWH4eGI3A3LT-aDDFZgaESqVItSYlEonhoLiwy6U7okfw-aEopjM-BMFmSi34ClGu6fb53MUKoHieSDUBBCD7EhSMj+Oh0Ei6NTB7plCowUBBkNhiN0KR8QTifxJlVwhFI7A8CkY7CIOCdDrLDTybRZyU53BcND0wTyfpfNMZyOwGHZ6VwPMF63F7ooB5aTOwFEAYQAqgBFACiAGkuHOACrgwVfVW1k5wb4ARwDrZADDdiA6QA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.24.200.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-24-200-179.compute-1.amazonaws.com
Software: / Express
Resource Hash: c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

Referer: https://posthereads.com/588/posts/3/27/800143.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 27 Jan 2021 16:59:23 GMT
x-powered-by: Express
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: image/gif

GET
H/1.1 200
OK bqi.php
lg3.media.net/ 15 B
15 B 26ms
26ms Image
text/javascript 104.76.200.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bqi.php?lf=3&&vgd_l2type=setting&vgd_viab=1&kals=base||pc=100&katen=1&pc=100&kata=at2&katbid=-2&kasts=tstype=-10401||gbid=-2&cme=fzDlVK8o1VO05Ungz5kiPaVqZUIejU8d5uJ4llbR9Hx58A_3zcUoc3VLxdh2DS52vFmF-yNQsFMM3Eu6MQ6xSGOwX2QnR6x62tfR8WhCMi4b3rrhfD_p09uziR9i-RqsIhlb7lZa22mDXMwC8h1jqKlK2HPxscPFeAwd9rdU3jTa-S_mHFfqF398xzgxHEWbZWKRq7Gww48=||NDHRnZ9Gz3KXlI-i9OnZqQ==|5gDUJdTGiJzedmq9hanWYg==|sRBSg3CPSiQ=|YdjFvixrVaHpPWxUO8e-b1QKRSzMYlnzJTjiVOAPWbDbNTYVIzgMe7qiCueNRdRbIoswMjTESDI=|N7fu2vKt8_s=|iMoiYkoeEi9d3kPGHHk7bY3aaewzAJz1qZxEQH5i1zxrZLzvZ0pdoGW9Z1IzWngHXzkummXEhQcAtGvK4XTAdBz7hHZj7NGGBqbTnmABCZ7VSL3WeU4aaUWuJFoJu4-2qQRT9hRonGtrb-Z791Og82-SDee8J2TKamybrgFghCg9VvHrN7OBiVeYnjytVo4y4K_r2PnbWP5v0Ay9yjJWiQ==|&gdpr=0&prid=8PRHGG6T9&cid=8CUQEK9ET&crid=356783917&pid=8PO7E5EE1&size=300x250&vi=1611766760640775630&l1ch=1&l2ch=0&l2wsip=2886939390&ugd=4&requrl=https%3A%2F%2Fposthereads.com%2F588%2Fposts%2F3%2F27%2F800143.html&bdrid=8&subBdr=426&cc=CH&sc=ZH&vgd_isiolc=1&hvsid=00001611766760704031140534834940

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.76.200.23 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-76-200-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

Referer: https://posthereads.com/588/posts/3/27/800143.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=21600
Server: Apache
Date: Wed, 27 Jan 2021 16:59:23 GMT
ntCoent-Length: 15
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 15
Expires: Wed, 27 Jan 2021 16:59:23 GMT

GET
H2 200 ptmd
dt.clnmde.com/ 70 B
330 B 122ms
122ms Image
image/gif 100.24.200.179
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.clnmde.com/ptmd?t=16117667609833751321821_N4IgZghiBcDaDMB2AbADgAzIJzwEyoBoBGdQ9A8yi6q5AFhsfQF0DwIBnGZNgC15ixc5XEVbgwMXGwCuMmEUR1EbMADcYIEGwCWG6AxAcALhGMyucXAFZiWcQC8o0ImwAOAc00a2AUwB2+iBu2iAeAtAgRMhEisjIKOhYqPBI1kR4RKiiocaWUXS4yehKyDbWqKFq+cgAdOi1SEShEAA2MPCqAMYwALSuIL7GOgoxcQnI5EbGXtBTHADWmtGxKBPoAPrpqKjKWDG4SqG+OiGRWda1RNZ1ipckiMcyzgMyI3N+au1woP4QALa+TQAIx0ABMwb4AE4bcGhMFmZygUEQ6GwsGaOhVHTo5ZjNaJeglRA3eDoEAAXwp4g4rRMeNW8USWEQlTYrUkLjYahxcPO+KZkyJiBJyDJoS6FmMuMiqAAwgBVACKAFEANJYFUAFVCHh6LgFE2s6FibAAjkCueB3nQKUA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.24.200.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-24-200-179.compute-1.amazonaws.com
Software: / Express
Resource Hash: c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

Referer: https://posthereads.com/588/posts/3/27/800143.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 27 Jan 2021 16:59:25 GMT
x-powered-by: Express
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: image/gif

GET
H2 200 ptmd
dt.clnmde.com/ 70 B
330 B 122ms
121ms Image
image/gif 100.24.200.179
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.clnmde.com/ptmd?t=16117667609833751321821_N4IgLgDghiBcDaiCMAaADCkB2ATADgCoBONAfSREyQDY0DayLMBmNOnAVkcpCTeYL5uAXVGYAlgDc4eTAGcwUMAFc5ceABYcKJEWGYAXjFioQEAOZwQ0zAFMAdtNhme5gBZWaSJFmrVfaER4zMxYHEjMOEh4UTxgas5IWkFoWBrUnBx4PJIJINQAdGgFoUwgUAA2cMyYAGYAxnAAtKa2YOJwXj5+AfJglrAYIHIA1p7U3r7+tKTheHgaWEQTOGk8tuIQnngcBUgchT67fFjrysamyh2DdpJVCKD2UAC2tlYARuIAJl+2AE6kb48L5KYygT4-f6Ar5WDQ5cTQ8aTHq0agaVJhaisEAAXxx+mGFQUSO600CWGymAqtU6mEkCKBiQmpICaIxB2xmHqqjAiOceAAwgBVACKAFEANJEMUAFVcjRMzKmvhI3kwAEc3iY6tc0DigA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.24.200.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-24-200-179.compute-1.amazonaws.com
Software: / Express
Resource Hash: c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

Referer: https://posthereads.com/588/posts/3/27/800143.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 27 Jan 2021 16:59:29 GMT
x-powered-by: Express
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: image/gif

POST
H2 200 ptmdP
dt.clnmde.com/ 7 B
328 B 121ms
121ms Other
text/html 100.24.200.179
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://dt.clnmde.com/ptmdP
Requested by: Host: pxlclnmdecom-a.akamaihd.net
URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CUQEK9ET
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.24.200.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-24-200-179.compute-1.amazonaws.com
Software: / Express
Resource Hash: aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Request headers

Referer: https://posthereads.com/588/posts/3/27/800143.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 27 Jan 2021 16:59:31 GMT
vary: Accept-Encoding
x-powered-by: Express
etag: W/"7-Jgyp3YpFd/wAt71YECmAdg"
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
content-length: 7

GET
H2 200 nrrV63415.js Show response
contextual.media.net/4a/ Frame 6868 88 KB
29 KB 40ms
40ms Script
text/javascript 104.76.200.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/4a/nrrV63415.js

Requested by

Host: qsearch-a.akamaihd.net
URL: https://qsearch-a.akamaihd.net/nmedianet.js?cid=8CUQEK9ET

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.76.200.23 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-76-200-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

9b64a264f1832feadc7fca863d4407934713b16447794f567c383f7a34612e0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://posthereads.com/588/posts/3/27/800143.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: max-age=2592000
strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
etag: "b88764f1c889943b3800a04d001e29c0"
vary: Accept-Encoding
x-mnet-h: 8-19
content-type: text/javascript; charset=utf-8
cache-control: max-age=1209600
date: Wed, 27 Jan 2021 16:59:33 GMT
content-length: 29185
expires: Wed, 10 Feb 2021 16:59:33 GMT

GET
DATA 200
OK truncated
/ Frame 6868 107 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 6868 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 6868 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET bql.php
lg3.media.net/ Frame 6868 0
0

POST log
navvy.media.net/ Frame 6868 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Domain: lg3.media.net
URL: https://lg3.media.net/bql.php?&vgd_l2type=setting&v=1&gdpr=0&hvsid=00001611766760704031140534834940&geo=47.37|8.55&dlper=25&lper=100&fp=juFkw2jc9blfwGSqWkjqgUlkxVZYDT_eM838JGaRc1bkhrCybVtaePrYuH408vD1SCBv6xopZjfznCXB4rxbzIpDwnRCZ3AMVGzAsEmYWykAqh0wAoVvAYlT5h00BgO2&lpid=&tsid=1&q=&prv=&type=&ps=&cme=fzDlVK8o1VO05Ungz5kiPaVqZUIejU8d5uJ4llbR9Hx58A_3zcUoc3VLxdh2DS52vFmF-yNQsFMM3Eu6MQ6xSGOwX2QnR6x62tfR8WhCMi4b3rrhfD_p09uziR9i-RqsIhlb7lZa22mDXMwC8h1jqKlK2HPxscPFeAwd9rdU3jTa-S_mHFfqF398xzgxHEWbZWKRq7Gww48%3D%7C%7CNDHRnZ9Gz3KXlI-i9OnZqQ%3D%3D%7C5gDUJdTGiJzedmq9hanWYg%3D%3D%7CsRBSg3CPSiQ%3D%7CYdjFvixrVaHpPWxUO8e-b1QKRSzMYlnzJTjiVOAPWbDbNTYVIzgMe7qiCueNRdRbIoswMjTESDI%3D%7CN7fu2vKt8_s%3D%7CiMoiYkoeEi9d3kPGHHk7bY3aaewzAJz1qZxEQH5i1zxrZLzvZ0pdoGW9Z1IzWngHXzkummXEhQcAtGvK4XTAdBz7hHZj7NGGBqbTnmABCZ7VSL3WeU4aaUWuJFoJu4-2qQRT9hRonGtrb-Z791Og82-SDee8J2TKamybrgFghCg9VvHrN7OBiVeYnjytVo4y4K_r2PnbWP5v0Ay9yjJWiQ%3D%3D%7C&hint=&td=&cc=CH&wsip=2886931132&bca=0&ugd=4&vgd_chost=contextual.media.net&vgd_fcic=1&vgde_setid=NufozNuN&&rc=0&ksu=207&vgd_opp_id=168101209732983731611766760740&fdkt=240&kwd[]=Post%20Your%20Resume&kwt[]=240&kbc[]=78b1d694da7daf80c65f3f532d33b155.d2s&kwp[]=1&kid[]=22918948&kbc2[]=101%7C%7Cps%3D0.045%7C%7Crpc%3D0.09%7C%7Clvl%3D1.00&ktd[]=274911854848&kwd[]=Online%20Marketing%20Tools&kwt[]=240&kbc[]=78b1d694da7daf80c65f3f532d33b155.d2s&kwp[]=2&kid[]=21247476&kbc2[]=101%7C%7Cps%3D0.045%7C%7Crpc%3D0.22%7C%7Clvl%3D1.00&ktd[]=274911854848&kwd[]=Office%20Manager%20Jobs&kwt[]=240&kbc[]=78b1d694da7daf80c65f3f532d33b155.d2s&kwp[]=3&kid[]=21034143&kbc2[]=101%7C%7Cps%3D0.045%7C%7Crpc%3D0.28%7C%7Clvl%3D1.00&ktd[]=274911854848&kwd[]=How%20to%20Post%20an%20Ad&kwt[]=240&kbc[]=78b1d694da7daf80c65f3f532d33b155.d2s&kwp[]=4&kid[]=283738070&kbc2[]=101%7C%7Cps%3D0.045%7C%7Crpc%3D0.15%7C%7Clvl%3D1.00&ktd[]=274911854848&kwd[]=Car%20Classified%20Ads&kwt[]=240&kbc[]=78b1d694da7daf80c65f3f532d33b155.d2s&kwp[]=5&kid[]=5068332&kbc2[]=101%7C%7Cps%3D0.045%7C%7Crpc%3D0.14%7C%7Clvl%3D1.00&ktd[]=274911854848&rand=1611766773171&cid=8CUQEK9ET&vwid=1611766760640775630&vi=1611766760640775630&l3ch=0&slnkp=no&bdrct=0.03&vgd_mseg=0.03&vgd_rt=237&bto=0&tdAdd[]=rtbsd%3D10&tdAdd[]=ib=0&vgd_uspa=0&vgd_sc=ZH&vgd_l1rakh=1611766760155960967&tdAdd[]=%7C%40%7Csde%3D1%7C%40%7Cadepth%3D1%7C%40%7Cddepth%3D1%7C%40%7Cfsap%3D1%7C%40%7Clsat%3D3&vgd_ifrmode=00&axbx=bl4&vgd_refimp=2&vgd_matchstr=hr%3D0&sttm=1611766760704&upk=1611766761.6118&hvsid=00001611766760704031140534834940&verid=9111299&kbbq=%26sde%3D1%26adepth%3D1%26ddepth%3D1%26asn%3D9009&vgd_hbReqId=T1611761414C8S18U910&vgd_isiolc=1&rtbsd=10&bidData=sd2%3Dnull%7C%7Cbb%3D196%7C%7Cvv%3D0%7C%7Cerpm%3D0.03%7C%7Cogerpm%3D0.03%7C%7Cbm%3D2.04%7C%7Csid%3D6316fd5e40f2228701de655344117835%7C%7Csd%3D1%7C%7Cuid%3D3o7iBwKaaO8D02UP4r%7C%7Cdc2%3D1%7C%7Cbtd%3D168749648060760772603677015425032192%7C%7Cscd%3Dzh%7C%7Cuim%3D0%7C%7Curl_tkc%3D0%7C%7Css%3D1600x1200%7C%7Cuiw%3D-1%7C%7Clast%3D0%7C%7CCI%3D2263%7C%7Cip%3D3oKfz5%7C%7Cfbb%3D0%7C%7Ctb%3D-1%7C%7Cct%3Dzurich%7C%7Crc%3D1%7C%7Cbasis2%3D196%7C%7Curl_b%3D0.02%7C%7Cbasis1%3D196%7C%7CisRef%3D0%7C%7Clc%3D0%7C%7Curl_tvi%3D0%7C%7Curl_l%3D10%7C%7Cbid%3D0.03%7C%7Cdc%3D7%7C%7Cgcat%3D-1%7C%7Cogbid%3D0.03%7C%7Ccbdp%3D0.03%7C%7Cbflag%3D1%7C%7Csobp%3D0%7C%7Cddiv%3D%25%25DFP_DIV%25%25%7C%7Cdmm%3D%7C%7Cibc%3D1%7C%7Cddt%3D-1%7C%7Cnsz%3D1%7C%7Ctgs%3D300x250%7C%7Cbsb%3D0%7C%7Cbsp%3D0&matchString=hr%3D0&matm=1611766773190&vgd_ltime=12500&vgd_ltimesrc=2&abpl=2&tdAdd[]=nw%3DNone&tdAdd[]=nwType%3DNone&tdAdd[]=asnum%3D9009&tdAdd[]=proxy%3DNone&tdAdd[]=comp%3DNone&iscont=0&vgd_l3_sc=ZH&vgd_l2ch=0&vgd_l1ch=1&vgd_katbid=-2&vgd_altbql=sb&vgd_pdtid=1&vgd_implt=3&vgd_refcnf=%7B%22a2y%22%3A%7B%22afterLoadSecs%22%3A30%2C%22afterViewSecs%22%3A10%2C%22percentTraffic%22%3A95%2C%22ignoreSessionDisable%22%3Atrue%2C%22both%22%3Afalse%7D%7D&vgd_dfp_tgt=%7B%22crid%22%3A%22356783917%22%2C%22mnet_segment%22%3A%220.03%22%2C%22mnet_variant%22%3A%22426%22%2C%22pub_domain%22%3A%22posthereads.com%22%2C%22mnet_cc%22%3A%22CH%22%2C%22mnet_bucketid%22%3A%22b2%22%2C%22mnet_ref_ybn%22%3A1%2C%22mnet_pid%22%3A%228PRHGG6T9%22%7D&vgd_sbSup=1&vgd_l2wsip=2886939390&vgd_nrrsf=nrr&vgd_nrrv=63415&vgd_nrrs=63415&vgd_nrrmf=4a&vgd_cntrdt=S%7CTD&vgd_x_pos=486&vgd_y_pos=182&vgd_ren_page_h=1490&vgd_cty=ZURICH&vgd_l1hcsd=A13%7C640&vgd_sethcsd=A31%7C592&vgde_bdata=QOfvzxjj%7C%7CGGvuiF%7C%7Ceev9%7C%7CJLEYv9.9A%7C%7CmyJLEYv9.9A%7C%7CGYvf.9H%7C%7CQ8OvFAuFkOXJH9kfffWh9uOJFXXAHHuuhWAX%7C%7CQOvu%7C%7Cx8OvAmh8RBC11aWr9fP0HL%7C%7CONfvu%7C%7CG7OvuFWhHiFHW9F9hF9hhfF9AFhh9uXHfX9Afuif%7C%7CQNOvlw%7C%7Cx8Yv9%7C%7CxLjM7UNv9%7C%7CQQvuF99-uf99%7C%7Cx8Bvou%7C%7Cj1Q7v9%7C%7C%3DVvffFA%7C%7C8EvAmCklX%7C%7CkGGv9%7C%7C7Gvou%7C%7CN7vlxL8Nw%7C%7CLNvu%7C%7CG1Q8QfvuiF%7C%7CxLjMGv9.9f%7C%7CG1Q8QuvuiF%7C%7C8QDJkv9%7C%7CjNv9%7C%7CxLjM7e8v9%7C%7CxLjMjvu9%7C%7CG8Ov9.9A%7C%7CONvh%7C%7CyN17vou%7C%7CmyG8Ov9.9A%7C%7CNGOEv9.9A%7C%7CGkj1yvu%7C%7CQmGEv9%7C%7COO8ev%25%25rs0MrV%2F%25%25%7C%7COYYv%7C%7C8GNvu%7C%7COO7vou%7C%7CzQlvu%7C%7C7yQvA99-fX9%7C%7CGQGv9%7C%7CGQEv9&vgd_cfud=200721&vgd_is_amp=0&vgd_icat=-1&vgd_spcat=-1&vgd_optout=0&vgd_ect=4g&vgd_rensize=300_250&vgd_scr_h=1200&vgd_scr_w=1600&vgd_l1rpth=%2Fnmedianet.js&oRurl=http%3A%2F%2Fcdn3ncc%2Fmediamain.html%3F%26nb%3D1%26settings%3D1%26%26cc%3DCH%26isOffice%3D0%26fvips%3D0%26vi%3D1611766760640775630%26lw%3D1%26rtbs%3D1%26esi%3D1%26size%3D300x250%26crid%3D356783917%26vpf%3D000%26cid%3D8CUQEK9ET%26ugd%3D4%26chost%3Dcontextual.media.net%26vif%3D1%26blacpfl%3D1%26https%3D1%26blapd%3D0%26nse%3D5%26baeFlag%3D0%26dfp%3D1%26cpcd%3DobyAwC15MgbyJ12vZjRcwA%253d%253d%26nb%3D1%26gdpr%3D0%26hlt%3D1%26cb%3Dwindow._mNDetails.initAd%26pid%3D8PO47HC59%26requrl%3Dhttps%253a%252f%252fposthereads.com%252f588%252fposts%252f3%252f27%252f800143.html%26%26katen%3D1%26katbid%3D-2&tdAdd[]=uiparams%3D%3Brend_w%3A300%3Brend_h%3A250%3Bwin_w%3A1600%3Bwin_h%3A1200%3Bkwd_scnt%3A5&vgd_end=1

Domain: navvy.media.net
URL: https://navvy.media.net/log

Verdicts & Comments Add Verdict or Comment

125 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-19 15:42:47	Name: test_cookie Value: CheckForPermission

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2d09f9deb07475766003ef677ea6e296.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
contextual.media.net
dt.clnmde.com
dt6.clnmde.com
googleads.g.doubleclick.net
hblg.media.net
lg3.media.net
m.addthis.com
navvy.media.net
pagead2.googlesyndication.com
partner.googleadservices.com
posthereads.com
pxlclnmdecom-a.akamaihd.net
qsearch-a.akamaihd.net
s7.addthis.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
v1.addthisedge.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
z.moatads.com
lg3.media.net
navvy.media.net
s7.addthis.com
100.24.200.179
104.75.88.112
104.76.200.23
104.79.89.133
142.250.185.226
2.16.186.67
2600:1f18:42df:3a00:e8b1:a0ff:a34c:ada
2606:4700:3036::ac43:c805
2a00:1450:4001:812::2001
2a00:1450:4001:813::2002
2a00:1450:4001:825::2001
2a00:1450:4001:825::2008
2a00:1450:4001:825::200e
2a00:1450:4001:829::2002
2a00:1450:400c:c00::9d
92.123.77.50
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
19a26d6046c4fcfe9e3efbc1fb7532f424c6b0b7590b9e193788e30bce8b9836
2291c531324186bbb926f825ec5b79b466e9a74a89ecf67b0ddb15f07c59427c
2c218e9a73baab65ee8d9899d0f0b4fc5f45c980f1af5d5dbff0673b55d2135d
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347
3c4f2d3ebb3c99a683a5e07cf859d01052736fb37518cc8ceb852a4993d2e12b
4128bfe983e73d0fbad16a05c02fcf439348ef96badf21b713266dc7eb8cf82a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7b686f6dd6ea99ca7e8467ff3324a46625e941988fce878dd0c0cd54eec2fc71
7fd7275dc464f2371a3aba2782e16d3e72e30c3e9497465f88546bbe8b01058e
87bc0b20ac96b5f53c0572dbd913bdd5d484a69d5558b04e9c0dc254047e975b
8a18c6cf371902cb4f0ba1e085daba40066bf6f2711280201578e08d231142b8
8eb9e2b352509e84dd54890cec75f6429660d1d5a2dd88422297611adaa4ab57
91cbbd4894616f50d26f8cb6ecfd64afb7306c07724221ec6c576d17b60ff615
93106021a77d1d49fe8913c3a768ff06d4b37002a7c167c8979ebd7289443adc
9b47f99922d68715b19631adec35396937c283d53a6c845dd2a1286012ae1be1
9b64a264f1832feadc7fca863d4407934713b16447794f567c383f7a34612e0d
9ec0d7218fc24f21cfd4e087f3b09c0c16d69f1ae3efe35a279a99f094f9ca71
a5b8db7bfd3e6438c965c25ae2bd244313b6729b2017070e9545ac90840790d4
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
b1187995a6a31ed3a06d13bae8d36edcc63782f5764897a5a62703d2d6cb840c
b15e4357af75b67d3a9f502093bb085a87224b185edd65da4275a86bc4601b6e
c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77
c69dd4280a00a3000e33dc1e666a01ac230c6eee57900dd38601a7163de3ab37
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dedd38c32d51c05e8633cc04f918d1a06743e7e8eca8737b7bd3f2047cbba642
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26
e334479da0bdea9155d8121e85324fdc48c1e35eea82bad983f1b4ba23d9805d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e410a40fc31979257a3fd481cce8e163bda4c86759f02170e18450cc37bca021
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e5c95aa95f3b052fdd80a559bd401ac78c3693f5563b414edde979c1e5ec757f
ebff2b129de2b87c5172967eb384439de9a8ba412473b3c23ab1c9f3e4abcadd
fab744b4d3af481417084ece049be0ce196a646abd6204bdba5602e093635e2f
fe08db00c972c9a22e93a7546fcfdc36197dfbf8b0eda59ddacb5838dc022ca4

posthereads.com Open in urlscan Pro 2606:4700:3036::ac43:c805 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

72 Requests

96 %HTTPS

56 %IPv6

15 Domains

25 Subdomains

17 IPs

5 Countries

801 kBTransfer

2262 kBSize

1 Cookies

2 Outgoing links

Redirected requests

72 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

posthereads.com Open in urlscan Pro
2606:4700:3036::ac43:c805 Public Scan

Screenshot
Live screenshot

Full Image

72
Requests

96 %
HTTPS

56 %
IPv6

15
Domains

25
Subdomains

17
IPs

5
Countries

801 kB
Transfer

2262 kB
Size

1
Cookies

72 HTTP transactions
3 data transactions