k2track.com Open in urlscan Pro
104.236.218.249 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://k2track.com/usps/faq/postalexperience-com-pos-f175
Submission Tags: falconsandbox
Submission: On May 16 via api (May 16th 2021, 4:29:44 pm UTC) from US

Summary HTTP 98 Redirects Behaviour Indicators

Summary

This website contacted 21 IPs in 3 countries across 15 domains to perform 98 HTTP transactions. The main IP is 104.236.218.249, located in Clifton, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is k2track.com.
TLS certificate: Issued by R3 on May 11th 2021. Valid for: 3 months.

This is the only time k2track.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
15	104.236.218.249 104.236.218.249	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
9	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	184.30.24.121 184.30.24.121	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
1	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE)
3 5	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1 24	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
98	21

15 104.236.218.249 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: k2track.com

k2track.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 184.30.24.121 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-121.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	googlesyndication.com 1 redirects pagead2.googlesyndication.com tpc.googlesyndication.com	475 KB
18	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	95 KB
15	k2track.com k2track.com	211 KB
7	gstatic.com www.gstatic.com encrypted-tbn2.gstatic.com fonts.gstatic.com	135 KB
6	google.com 3 redirects adservice.google.com www.google.com	1 KB
5	googletagservices.com www.googletagservices.com	171 KB
5	google-analytics.com www.google-analytics.com	55 KB
3	google.de adservice.google.de www.google.de	1 KB
3	addthis.com s7.addthis.com	191 KB
2	googleapis.com fonts.googleapis.com	2 KB
1	googleadservices.com partner.googleadservices.com	640 B
1	addthisedge.com v1.addthisedge.com	893 B
1	moatads.com z.moatads.com	1 KB
1	googletagmanager.com www.googletagmanager.com	38 KB
1	cloudflare.com cdnjs.cloudflare.com	30 KB
98	15

	Domain	Requested by
24	tpc.googlesyndication.com	1 redirects googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
16	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
15	k2track.com	k2track.com
9	pagead2.googlesyndication.com	k2track.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
5	www.google.com	3 redirects k2track.com
5	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	fonts.gstatic.com	fonts.googleapis.com
3	s7.addthis.com	k2track.com s7.addthis.com
2	www.gstatic.com	googleads.g.doubleclick.net
2	fonts.googleapis.com	googleads.g.doubleclick.net
2	www.google.de	k2track.com
2	stats.g.doubleclick.net	www.google-analytics.com
1	encrypted-tbn2.gstatic.com	googleads.g.doubleclick.net
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	v1.addthisedge.com	s7.addthis.com
1	z.moatads.com	s7.addthis.com
1	www.googletagmanager.com	k2track.com
1	cdnjs.cloudflare.com	k2track.com
98	21

This site contains no links.

Subject Issuer	Validity	Valid
k2track.com R3	`2021-05-11` - `2021-08-09`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-27`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh

This page contains 14 frames:

Primary Page: https://k2track.com/usps/faq/postalexperience-com-pos-f175
Frame ID: 09F29A9AB2043E595F346D4B1D8A68B6
Requests: 42 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210511/r20190131/zrt_lookup.html
Frame ID: D68692DF9BBE7F1E233D0235A801D4DF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1948284670299562&output=html&h=280&slotname=5223630349&adk=1296487409&adf=1283140071&pi=t.ma~as.5223630349&w=1200&fwrn=4&fwrnh=100&lmt=1621182549&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fk2track.com%2Fusps%2Ffaq%2Fpostalexperience-com-pos-f175&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621182549763&bpp=5&bdt=168&idt=148&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=3291452578667&frm=20&pv=2&ga_vid=1323375382.1621182550&ga_sid=1621182550&ga_hid=1852380681&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=423&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060828&oid=3&pvsid=1348560532284022&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Scz5XajPfa&p=https%3A//k2track.com&dtd=168
Frame ID: 99105C73E40A1BD4D21B9F5AECC65413
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1948284670299562&output=html&h=280&slotname=8443899446&adk=1417498880&adf=2788005498&pi=t.ma~as.8443899446&w=1120&fwrn=4&fwrnh=100&lmt=1621182549&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Fk2track.com%2Fusps%2Ffaq%2Fpostalexperience-com-pos-f175&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621182549768&bpp=4&bdt=174&idt=177&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=3291452578667&frm=20&pv=1&ga_vid=1323375382.1621182550&ga_sid=1621182550&ga_hid=1852380681&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2217&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060828&oid=3&pvsid=1348560532284022&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=spnhNA3Qvc&p=https%3A//k2track.com&dtd=181
Frame ID: F6A72B23B4D2A8DCC82CB5681619CC53
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1948284670299562&output=html&h=280&slotname=5996910481&adk=3384264175&adf=2073727090&pi=t.ma~as.5996910481&w=1120&fwrn=4&fwrnh=100&lmt=1621182549&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Fk2track.com%2Fusps%2Ffaq%2Fpostalexperience-com-pos-f175&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621182549793&bpp=1&bdt=198&idt=162&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C1120x280&correlator=3291452578667&frm=20&pv=1&ga_vid=1323375382.1621182550&ga_sid=1621182550&ga_hid=1852380681&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2934&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060828&oid=3&pvsid=1348560532284022&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=EUQlOHTb3l&p=https%3A//k2track.com&dtd=165
Frame ID: C5067A39B9AE98F1FAB51021EBE88F7C
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1948284670299562&output=html&h=280&slotname=3950853803&adk=3925446440&adf=3806773954&pi=t.ma~as.3950853803&w=1120&fwrn=4&fwrnh=100&lmt=1621182549&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Fk2track.com%2Fusps%2Ffaq%2Fpostalexperience-com-pos-f175&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621182549811&bpp=1&bdt=216&idt=154&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C1120x280%2C1120x280&correlator=3291452578667&frm=20&pv=1&ga_vid=1323375382.1621182550&ga_sid=1621182550&ga_hid=1852380681&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=4122&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060828&oid=3&pvsid=1348560532284022&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=ghjE0KL5ci&p=https%3A//k2track.com&dtd=157
Frame ID: F87A2C020C00FB3BB2386FA48BA27010
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1948284670299562&output=html&adk=1812271804&adf=3025194257&lmt=1621182549&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fk2track.com%2Fusps%2Ffaq%2Fpostalexperience-com-pos-f175&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621182549894&bpp=2&bdt=300&idt=86&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C1120x280%2C1120x280%2C1120x280&nras=1&correlator=3291452578667&frm=20&pv=1&ga_vid=1323375382.1621182550&ga_sid=1621182550&ga_hid=1852380681&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060828&oid=3&pvsid=1348560532284022&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&dtd=92
Frame ID: AC02BA8D4D2F3696269FD688C869C1CE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 16832B7391130619F5A70EE9C5AC6918
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 6327C80454341D4A1B9CE14D8A9482FF
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/TMm5Vd8VytjbCcmIcJumdaM-J7Gy9TN2HX45D5FEMFw.js
Frame ID: 1E84AC100BCEBFD2453142E2812327AB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: C2FC250AF8C04797624A560BE6FDF03D
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/TMm5Vd8VytjbCcmIcJumdaM-J7Gy9TN2HX45D5FEMFw.js
Frame ID: 8B7D0D05EA743E6AF0D25B1E4867AE35
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/TMm5Vd8VytjbCcmIcJumdaM-J7Gy9TN2HX45D5FEMFw.js
Frame ID: 3A8679FDA0CE531E5FB6A5C9016C5FA7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: BE875027F6B5BE53646A0F7FCE8DC9A5
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Ubuntu (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Ubuntu/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html //i

Page Statistics

98
Requests

100 %
HTTPS

80 %
IPv6

15
Domains

21
Subdomains

21
IPs

3
Countries

1407 kB
Transfer

3196 kB
Size

10
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 67

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr052kyQEQ0gYY0gYyCCQvxtvDIeNE HTTP 301
https://tpc.googlesyndication.com/simgad/3018669618752072816

Request Chain 82

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 84

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

98 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request postalexperience-com-pos-f175 Show response
k2track.com/usps/faq/ 31 KB
7 KB 441ms
188ms Document
text/html 104.236.218.249
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://k2track.com/usps/faq/postalexperience-com-pos-f175
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.236.218.249 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: k2track.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 95c957f63ec5d6ec63830d11c297bfbad53ae08538d6e0f599f2ab8fac971f4d

Request headers

:method: GET
:authority: k2track.com
:scheme: https
:path: /usps/faq/postalexperience-com-pos-f175
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: nginx/1.10.3 (Ubuntu)
date: Sun, 16 May 2021 16:29:09 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
set-cookie: PHPSESSID=561dl7evv3mjoc3goib422r1p5; expires=Sun, 23-May-2021 16:29:09 GMT; Max-Age=604800; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
content-encoding: gzip

GET
H2 200 main.min.css
k2track.com/front/main/styles/ 66 KB
10 KB 127ms
126ms Stylesheet
text/css 104.236.218.249
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://k2track.com/front/main/styles/main.min.css?67719
Requested by: Host: k2track.com
URL: https://k2track.com/usps/faq/postalexperience-com-pos-f175
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.236.218.249 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: k2track.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: ab2c5f0e1e1f8fb3328e71db6b37af005b4f7531f2da230648360ee0c4faa4a3

Request headers

:path: /front/main/styles/main.min.css?67719
pragma: no-cache
cookie: PHPSESSID=561dl7evv3mjoc3goib422r1p5
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: k2track.com
referer: https://k2track.com/usps/faq/postalexperience-com-pos-f175
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://k2track.com/usps/faq/postalexperience-com-pos-f175
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 16:29:09 GMT
content-encoding: gzip
last-modified: Mon, 15 Mar 2021 08:40:56 GMT
server: nginx/1.10.3 (Ubuntu)
etag: W/"604f1d98-10887"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 logo.svg
k2track.com/front/main/images/ 2 KB
1 KB 128ms
128ms Image
image/svg+xml 104.236.218.249
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://k2track.com/front/main/images/logo.svg
Requested by: Host: k2track.com
URL: https://k2track.com/usps/faq/postalexperience-com-pos-f175
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.236.218.249 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: k2track.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 362d4c7f472f4d7703e57ff13afcd3508883caa6533a1c055806c753451f2b64

Request headers

:path: /front/main/images/logo.svg
pragma: no-cache
cookie: PHPSESSID=561dl7evv3mjoc3goib422r1p5
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: k2track.com
referer: https://k2track.com/usps/faq/postalexperience-com-pos-f175
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://k2track.com/usps/faq/postalexperience-com-pos-f175
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 16:29:09 GMT
content-encoding: gzip
last-modified: Mon, 15 Mar 2021 08:40:56 GMT
server: nginx/1.10.3 (Ubuntu)
etag: W/"604f1d98-71a"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 142 KB
49 KB 47ms
26ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: k2track.com
URL: https://k2track.com/usps/faq/postalexperience-com-pos-f175

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b87c086edf82604a1a5d4892ea8b121d480c6570d0ab7be8464322312e60c2a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://k2track.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 16:29:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49888
x-xss-protection: 0
server: cafe
etag: 503174456932000003
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 16 May 2021 16:29:09 GMT

GET
H2 200 postalexperience%20com%20pos.jpg
k2track.com/front/usps/images/faq/ 15 KB
15 KB 234ms
233ms Image
image/jpeg 104.236.218.249
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://k2track.com/front/usps/images/faq/postalexperience%20com%20pos.jpg
Requested by: Host: k2track.com
URL: https://k2track.com/usps/faq/postalexperience-com-pos-f175
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.236.218.249 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: k2track.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: ac85ef45e16cde93229fb2c4f42d383cfd7969f938fa7e6fc20bf8fd07561f48

Request headers

:path: /front/usps/images/faq/postalexperience%20com%20pos.jpg
pragma: no-cache
cookie: PHPSESSID=561dl7evv3mjoc3goib422r1p5
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: k2track.com
referer: https://k2track.com/usps/faq/postalexperience-com-pos-f175
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://k2track.com/usps/faq/postalexperience-com-pos-f175
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 16:29:09 GMT
last-modified: Mon, 15 Mar 2021 08:40:56 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "604f1d98-3c62"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 15458
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 postalexperience.png
k2track.com/front/usps/images/faq/ 25 KB
25 KB 318ms
317ms Image
image/png 104.236.218.249
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://k2track.com/front/usps/images/faq/postalexperience.png
Requested by: Host: k2track.com
URL: https://k2track.com/usps/faq/postalexperience-com-pos-f175
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.236.218.249 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: k2track.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 17f85badecb5fb53f429435f7e6095492b306b3dedc75a9a3f4f9fd9aaf39b43

Request headers

:path: /front/usps/images/faq/postalexperience.png
pragma: no-cache
cookie: PHPSESSID=561dl7evv3mjoc3goib422r1p5
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: k2track.com
referer: https://k2track.com/usps/faq/postalexperience-com-pos-f175
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://k2track.com/usps/faq/postalexperience-com-pos-f175
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 16:29:09 GMT
last-modified: Mon, 15 Mar 2021 08:40:56 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "604f1d98-629c"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 25244
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 usps.svg
k2track.com/src/logo/91/ 997 B
741 B 321ms
320ms Image
image/svg+xml 104.236.218.249
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://k2track.com/src/logo/91/usps.svg
Requested by: Host: k2track.com
URL: https://k2track.com/usps/faq/postalexperience-com-pos-f175
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.236.218.249 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: k2track.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: d2ccc54f1bec9b09d8417c121ce8e874ce16a67cff54d4153f8cb9c8c6cc3402

Request headers

:path: /src/logo/91/usps.svg
pragma: no-cache
cookie: PHPSESSID=561dl7evv3mjoc3goib422r1p5
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: k2track.com
referer: https://k2track.com/usps/faq/postalexperience-com-pos-f175
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://k2track.com/usps/faq/postalexperience-com-pos-f175
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 16:29:09 GMT
content-encoding: gzip
last-modified: Mon, 15 Mar 2021 08:40:56 GMT
server: nginx/1.10.3 (Ubuntu)
etag: W/"604f1d98-3e5"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 loader.svg
k2track.com/front/main/images/ 2 KB
579 B 322ms
321ms Image
image/svg+xml 104.236.218.249
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://k2track.com/front/main/images/loader.svg
Requested by: Host: k2track.com
URL: https://k2track.com/usps/faq/postalexperience-com-pos-f175
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.236.218.249 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: k2track.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 474e02e1ef4d28788ee4a7b144282f508257db6138b7d3f3a270daf52c3d35b2

Request headers

:path: /front/main/images/loader.svg
pragma: no-cache
cookie: PHPSESSID=561dl7evv3mjoc3goib422r1p5
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: k2track.com
referer: https://k2track.com/usps/faq/postalexperience-com-pos-f175
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://k2track.com/usps/faq/postalexperience-com-pos-f175
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 16:29:09 GMT
content-encoding: gzip
last-modified: Mon, 15 Mar 2021 08:40:56 GMT
server: nginx/1.10.3 (Ubuntu)
etag: W/"604f1d98-9ab"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 home.svg
k2track.com/front/main/images/ 1 KB
845 B 322ms
321ms Image
image/svg+xml 104.236.218.249
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://k2track.com/front/main/images/home.svg
Requested by: Host: k2track.com
URL: https://k2track.com/usps/faq/postalexperience-com-pos-f175
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.236.218.249 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: k2track.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 60b23b2c5fe90e674d00b10cad7f7ed1bdf1820479631cdfdd6d338ccce1b050

Request headers

:path: /front/main/images/home.svg
pragma: no-cache
cookie: PHPSESSID=561dl7evv3mjoc3goib422r1p5
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: k2track.com
referer: https://k2track.com/usps/faq/postalexperience-com-pos-f175
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://k2track.com/usps/faq/postalexperience-com-pos-f175
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 16:29:09 GMT
content-encoding: gzip
last-modified: Mon, 15 Mar 2021 08:40:56 GMT
server: nginx/1.10.3 (Ubuntu)
etag: W/"604f1d98-4e3"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 core.min.css
k2track.com/front/main/styles/ 46 KB
8 KB 219ms
217ms Stylesheet
text/css 104.236.218.249
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://k2track.com/front/main/styles/core.min.css?47251
Requested by: Host: k2track.com
URL: https://k2track.com/usps/faq/postalexperience-com-pos-f175
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.236.218.249 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: k2track.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 616c9b85bb6ba9f5ae25e9a6f07e90e069dee10dbe893a047cc09c415b4f4e4a

Request headers

:path: /front/main/styles/core.min.css?47251
pragma: no-cache
cookie: PHPSESSID=561dl7evv3mjoc3goib422r1p5
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: k2track.com
referer: https://k2track.com/usps/faq/postalexperience-com-pos-f175
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://k2track.com/usps/faq/postalexperience-com-pos-f175
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 16:29:09 GMT
content-encoding: gzip
last-modified: Mon, 15 Mar 2021 08:40:56 GMT
server: nginx/1.10.3 (Ubuntu)
etag: W/"604f1d98-b893"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/1.11.3/ 94 KB
30 KB 41ms
25ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/1.11.3/jquery.min.js

Requested by

Host: k2track.com
URL: https://k2track.com/usps/faq/postalexperience-com-pos-f175

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://k2track.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 16:29:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4734099
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29929
cf-request-id: 0a179ba67100002b12abb5f000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-176f8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9xcub%2BJwY6xABVBOnvRN1zz73%2BRUcfMfLnPQZYNL087Lt9jCGQbM6uEtYRtxMXCQ%2Fh08P4nN07mF3084VyArgBd9wvHPIweMJWXiVJSPswlJZD4VaWVtt9HWl9OVFRiCEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6505fbb71d9a2b12-FRA
expires: Fri, 06 May 2022 16:29:09 GMT

GET
H2 200 core.js Show response
k2track.com/front/main/js/ 40 KB
14 KB 225ms
223ms Script
application/javascript 104.236.218.249
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://k2track.com/front/main/js/core.js?41176
Requested by: Host: k2track.com
URL: https://k2track.com/usps/faq/postalexperience-com-pos-f175
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.236.218.249 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: k2track.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: cfc7352dd50e276bb4a20f2720ca6ab52c9aea1d9c3dc9ccf6dfae718d3cb550

Request headers

:path: /front/main/js/core.js?41176
pragma: no-cache
cookie: PHPSESSID=561dl7evv3mjoc3goib422r1p5
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: k2track.com
referer: https://k2track.com/usps/faq/postalexperience-com-pos-f175
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://k2track.com/usps/faq/postalexperience-com-pos-f175
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 16:29:09 GMT
content-encoding: gzip
last-modified: Mon, 15 Mar 2021 08:40:56 GMT
server: nginx/1.10.3 (Ubuntu)
etag: W/"604f1d98-a0d8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 136ms
50ms Script
application/javascript 184.30.24.121
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: k2track.com
URL: https://k2track.com/usps/faq/postalexperience-com-pos-f175

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-121.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://k2track.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Sun, 16 May 2021 16:29:09 GMT
x-host: s7.addthis.com
content-length: 116325

GET
H2 200 mbclicker.min.js Show response
k2track.com/front/main/js/ 1 KB
799 B 226ms
224ms Script
application/javascript 104.236.218.249
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://k2track.com/front/main/js/mbclicker.min.js
Requested by: Host: k2track.com
URL: https://k2track.com/usps/faq/postalexperience-com-pos-f175
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.236.218.249 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: k2track.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: c8a0c0fcf0feb5bd08ce75c7a80c801a2fe60f28832a118d5eee7f76b82f1bd3

Request headers

:path: /front/main/js/mbclicker.min.js
pragma: no-cache
cookie: PHPSESSID=561dl7evv3mjoc3goib422r1p5
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: k2track.com
referer: https://k2track.com/usps/faq/postalexperience-com-pos-f175
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://k2track.com/usps/faq/postalexperience-com-pos-f175
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 16:29:09 GMT
content-encoding: gzip
last-modified: Mon, 15 Mar 2021 08:40:56 GMT
server: nginx/1.10.3 (Ubuntu)
etag: W/"604f1d98-454"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 111 KB
38 KB 57ms
36ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5H5WRDX

Requested by

Host: k2track.com
URL: https://k2track.com/usps/faq/postalexperience-com-pos-f175

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dc625d31981962f86ab2b38dfd769976c2a90689740aa3d72ab8f0f5375363c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://k2track.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 16:29:09 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38124
x-xss-protection: 0
last-modified: Sun, 16 May 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 16 May 2021 16:29:09 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210511/r20190131/ Frame D686 10 KB
5 KB 25ms
5ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210511/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210511/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://k2track.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://k2track.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 15 May 2021 20:24:49 GMT
expires: Sat, 29 May 2021 20:24:49 GMT
content-type: text/html; charset=UTF-8
etag: 10446291943670460780
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4644
x-xss-protection: 0
age: 72260
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5H5WRDX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://k2track.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 137
date: Sun, 16 May 2021 16:26:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Sun, 16 May 2021 18:26:52 GMT

GET
H2 200 roboto-v18-cyrillic-ext_latin-ext_cyrillic_vietnamese_greek_latin_greek-ext-700.woff2
k2track.com/front/main/fonts/ 63 KB
63 KB 199ms
198ms Font
application/octet-stream 104.236.218.249
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://k2track.com/front/main/fonts/roboto-v18-cyrillic-ext_latin-ext_cyrillic_vietnamese_greek_latin_greek-ext-700.woff2
Requested by: Host: k2track.com
URL: https://k2track.com/front/main/styles/main.min.css?67719
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.236.218.249 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: k2track.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 8e44376b735dcc9027acbcc8a0df64c3f886a23529eff27b022f344d719e90f2

Request headers

sec-fetch-mode: cors
origin: https://k2track.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: PHPSESSID=561dl7evv3mjoc3goib422r1p5
:path: /front/main/fonts/roboto-v18-cyrillic-ext_latin-ext_cyrillic_vietnamese_greek_latin_greek-ext-700.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: k2track.com
referer: https://k2track.com/front/main/styles/main.min.css?67719
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://k2track.com
Referer: https://k2track.com/front/main/styles/main.min.css?67719
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 16:29:09 GMT
last-modified: Mon, 15 Mar 2021 08:40:56 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "604f1d98-fce4"
content-type: application/octet-stream
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 64740
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 left-arrow.svg
k2track.com/front/main/images/ 440 B
489 B 286ms
285ms Image
image/svg+xml 104.236.218.249
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://k2track.com/front/main/images/left-arrow.svg
Requested by: Host: k2track.com
URL: https://k2track.com/front/main/styles/main.min.css?67719
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.236.218.249 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: k2track.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 1fd63e1b13bc40057bbfc65ef7c24aee4002c4fe4201673b4bc5f6e218318005

Request headers

:path: /front/main/images/left-arrow.svg
pragma: no-cache
cookie: PHPSESSID=561dl7evv3mjoc3goib422r1p5
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: k2track.com
referer: https://k2track.com/front/main/styles/main.min.css?67719
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://k2track.com/front/main/styles/main.min.css?67719
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 16:29:09 GMT
content-encoding: gzip
last-modified: Mon, 15 Mar 2021 08:40:56 GMT
server: nginx/1.10.3 (Ubuntu)
etag: W/"604f1d98-1b8"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 roboto-v18-cyrillic-ext_latin-ext_cyrillic_vietnamese_greek_latin_greek-ext-regular.woff2
k2track.com/front/main/fonts/ 63 KB
63 KB 285ms
285ms Font
application/octet-stream 104.236.218.249
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://k2track.com/front/main/fonts/roboto-v18-cyrillic-ext_latin-ext_cyrillic_vietnamese_greek_latin_greek-ext-regular.woff2
Requested by: Host: k2track.com
URL: https://k2track.com/front/main/styles/main.min.css?67719
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.236.218.249 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: k2track.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 47107401d0adb375ab9aa167f9d62489a849d510e740a307b5a4db60e5db3562

Request headers

sec-fetch-mode: cors
origin: https://k2track.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: PHPSESSID=561dl7evv3mjoc3goib422r1p5
:path: /front/main/fonts/roboto-v18-cyrillic-ext_latin-ext_cyrillic_vietnamese_greek_latin_greek-ext-regular.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: k2track.com
referer: https://k2track.com/front/main/styles/main.min.css?67719
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://k2track.com
Referer: https://k2track.com/front/main/styles/main.min.css?67719
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 16:29:09 GMT
last-modified: Mon, 15 Mar 2021 08:40:56 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "604f1d98-fc78"
content-type: application/octet-stream
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 64632
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210511/r20190131/ 223 KB
82 KB 48ms
34ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210511/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1948284670299562&plah=k2track.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66f661926ae6c1e13c6b2169733476eb03b9be46e333e5f81eab69a5b0d27ace

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://k2track.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 16:29:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84097
x-xss-protection: 0
server: cafe
etag: 12558658968377452156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 16 May 2021 16:29:09 GMT

GET
H2 200 search.svg
k2track.com/front/main/images/ 795 B
668 B 236ms
236ms Image
image/svg+xml 104.236.218.249
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://k2track.com/front/main/images/search.svg
Requested by: Host: k2track.com
URL: https://k2track.com/front/main/styles/main.min.css?67719
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.236.218.249 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: k2track.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 3524f19d8226ab5b5e0848258832fb47bfd37e9a08bfbaa828fcdf23d2198741

Request headers

:path: /front/main/images/search.svg
pragma: no-cache
cookie: PHPSESSID=561dl7evv3mjoc3goib422r1p5
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: k2track.com
referer: https://k2track.com/front/main/styles/main.min.css?67719
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://k2track.com/front/main/styles/main.min.css?67719
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 16:29:09 GMT
content-encoding: gzip
last-modified: Mon, 15 Mar 2021 08:40:56 GMT
server: nginx/1.10.3 (Ubuntu)
etag: W/"604f1d98-31b"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 js Show response
www.google-analytics.com/gtm/ 90 KB
35 KB 47ms
31ms Script
application/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-KP34LHX&t=gtm2&cid=1323375382.1621182550

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

87f15b060ae48b97fb9c8f18ba669799f0d10c7657d3b396ec4d46c5cb2b8398

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://k2track.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 16:29:09 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36190
x-xss-protection: 0
last-modified: Sun, 16 May 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 16 May 2021 16:29:09 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 138ms
45ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: https://k2track.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 16:29:10 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: 55B3FEF853787171
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=39144
accept-ranges: bytes
content-length: 948
x-amz-id-2: Q642xTOmaMfnUx2ik9Ebqcgrzdt4CToIbGwQRcj5CmFnPJgGu8/7rMnrJ24M1JCzksF1mp5w/wU=

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-5cbf7f001a13c62b/ 4 KB
893 B 235ms
234ms Script
application/javascript 184.30.24.121
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-5cbf7f001a13c62b/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.24.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-121.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 927c5c042543f6f6de374e0382c75db98381285a6bcf6a1b014389040fb9934c

Request headers

Referer: https://k2track.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 16:29:10 GMT
content-encoding: gzip
etag: -1681352167--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=60, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 716

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 201 B
640 B 185ms
80ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=k2track.com&callback=_gfp_s_&client=ca-pub-1948284670299562

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210511/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1948284670299562&plah=k2track.com&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

c4260a45c7d291006be05872872a62d56bb6e87ca910b686ccad63a825f7b37a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://k2track.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 16:29:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 192
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
799 B 36ms
14ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=k2track.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://k2track.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 16 May 2021 16:29:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 36ms
15ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=k2track.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://k2track.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 16 May 2021 16:29:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9910 66 KB
23 KB 814ms
801ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1948284670299562&output=html&h=280&slotname=5223630349&adk=1296487409&adf=1283140071&pi=t.ma~as.5223630349&w=1200&fwrn=4&fwrnh=100&lmt=1621182549&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fk2track.com%2Fusps%2Ffaq%2Fpostalexperience-com-pos-f175&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621182549763&bpp=5&bdt=168&idt=148&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=3291452578667&frm=20&pv=2&ga_vid=1323375382.1621182550&ga_sid=1621182550&ga_hid=1852380681&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=423&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060828&oid=3&pvsid=1348560532284022&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Scz5XajPfa&p=https%3A//k2track.com&dtd=168

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

30982a8ee650ea4646a2186b093cc2f87c8c03764ea36ea512bc87cd9dcd7f3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1948284670299562&output=html&h=280&slotname=5223630349&adk=1296487409&adf=1283140071&pi=t.ma~as.5223630349&w=1200&fwrn=4&fwrnh=100&lmt=1621182549&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fk2track.com%2Fusps%2Ffaq%2Fpostalexperience-com-pos-f175&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621182549763&bpp=5&bdt=168&idt=148&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=3291452578667&frm=20&pv=2&ga_vid=1323375382.1621182550&ga_sid=1621182550&ga_hid=1852380681&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=423&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060828&oid=3&pvsid=1348560532284022&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Scz5XajPfa&p=https%3A//k2track.com&dtd=168
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://k2track.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://k2track.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 16 May 2021 16:29:10 GMT
server: cafe
content-length: 23594
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 16-May-2021 16:44:09 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 16 May 2021 16:29:10 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 34ms
13ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5195b5533eaad9e23ee9c1ad9dd017b4f0fca8d54921a3f045858eaf4145689d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://k2track.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 16:29:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620991985148764"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27994
x-xss-protection: 0
expires: Sun, 16 May 2021 16:29:09 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F6A7 78 KB
25 KB 505ms
505ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1948284670299562&output=html&h=280&slotname=8443899446&adk=1417498880&adf=2788005498&pi=t.ma~as.8443899446&w=1120&fwrn=4&fwrnh=100&lmt=1621182549&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Fk2track.com%2Fusps%2Ffaq%2Fpostalexperience-com-pos-f175&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621182549768&bpp=4&bdt=174&idt=177&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=3291452578667&frm=20&pv=1&ga_vid=1323375382.1621182550&ga_sid=1621182550&ga_hid=1852380681&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2217&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060828&oid=3&pvsid=1348560532284022&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=spnhNA3Qvc&p=https%3A//k2track.com&dtd=181

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cd3324339f847262752cb6cbabe721d52cbc3f70099d6e47639807719ed55358

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1948284670299562&output=html&h=280&slotname=8443899446&adk=1417498880&adf=2788005498&pi=t.ma~as.8443899446&w=1120&fwrn=4&fwrnh=100&lmt=1621182549&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Fk2track.com%2Fusps%2Ffaq%2Fpostalexperience-com-pos-f175&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621182549768&bpp=4&bdt=174&idt=177&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=3291452578667&frm=20&pv=1&ga_vid=1323375382.1621182550&ga_sid=1621182550&ga_hid=1852380681&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2217&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060828&oid=3&pvsid=1348560532284022&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=spnhNA3Qvc&p=https%3A//k2track.com&dtd=181
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://k2track.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://k2track.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 16 May 2021 16:29:10 GMT
server: cafe
content-length: 25597
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 16-May-2021 16:44:09 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 16 May 2021 16:29:10 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C506 61 KB
16 KB 700ms
699ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1948284670299562&output=html&h=280&slotname=5996910481&adk=3384264175&adf=2073727090&pi=t.ma~as.5996910481&w=1120&fwrn=4&fwrnh=100&lmt=1621182549&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Fk2track.com%2Fusps%2Ffaq%2Fpostalexperience-com-pos-f175&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621182549793&bpp=1&bdt=198&idt=162&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C1120x280&correlator=3291452578667&frm=20&pv=1&ga_vid=1323375382.1621182550&ga_sid=1621182550&ga_hid=1852380681&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2934&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060828&oid=3&pvsid=1348560532284022&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=EUQlOHTb3l&p=https%3A//k2track.com&dtd=165

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aaf86e603cd290042b66fc9294bd864e5a9d038d4d91ce3d501b7035ab5c5e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1948284670299562&output=html&h=280&slotname=5996910481&adk=3384264175&adf=2073727090&pi=t.ma~as.5996910481&w=1120&fwrn=4&fwrnh=100&lmt=1621182549&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Fk2track.com%2Fusps%2Ffaq%2Fpostalexperience-com-pos-f175&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621182549793&bpp=1&bdt=198&idt=162&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C1120x280&correlator=3291452578667&frm=20&pv=1&ga_vid=1323375382.1621182550&ga_sid=1621182550&ga_hid=1852380681&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2934&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060828&oid=3&pvsid=1348560532284022&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=EUQlOHTb3l&p=https%3A//k2track.com&dtd=165
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://k2track.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://k2track.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 16 May 2021 16:29:10 GMT
server: cafe
content-length: 15969
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 16-May-2021 16:44:09 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 16 May 2021 16:29:10 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F87A 79 KB
26 KB 671ms
671ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1948284670299562&output=html&h=280&slotname=3950853803&adk=3925446440&adf=3806773954&pi=t.ma~as.3950853803&w=1120&fwrn=4&fwrnh=100&lmt=1621182549&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Fk2track.com%2Fusps%2Ffaq%2Fpostalexperience-com-pos-f175&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621182549811&bpp=1&bdt=216&idt=154&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C1120x280%2C1120x280&correlator=3291452578667&frm=20&pv=1&ga_vid=1323375382.1621182550&ga_sid=1621182550&ga_hid=1852380681&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=4122&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060828&oid=3&pvsid=1348560532284022&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=ghjE0KL5ci&p=https%3A//k2track.com&dtd=157

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ef0fb66e6bec8d7e70fdbd790d8419984a718fa9ab3856e7f20f1028994d2ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1948284670299562&output=html&h=280&slotname=3950853803&adk=3925446440&adf=3806773954&pi=t.ma~as.3950853803&w=1120&fwrn=4&fwrnh=100&lmt=1621182549&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Fk2track.com%2Fusps%2Ffaq%2Fpostalexperience-com-pos-f175&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621182549811&bpp=1&bdt=216&idt=154&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C1120x280%2C1120x280&correlator=3291452578667&frm=20&pv=1&ga_vid=1323375382.1621182550&ga_sid=1621182550&ga_hid=1852380681&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=4122&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060828&oid=3&pvsid=1348560532284022&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=ghjE0KL5ci&p=https%3A//k2track.com&dtd=157
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://k2track.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://k2track.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 16 May 2021 16:29:10 GMT
server: cafe
content-length: 26214
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 16-May-2021 16:44:09 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 16 May 2021 16:29:10 GMT
cache-control: private

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1852380681&t=pageview&_s=1&dl=https%3A%2F%2Fk2track.com%2Fusps%2Ffaq%2Fpostalexperience-com-pos-f175&ul=en-us&de=UTF-8&dt=PostalExperience%20Com%20Pos%20%7C%20k2track&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAAADQAAAAC~&jid=890542402&gjid=1056657461&cid=1323375382.1621182550&tid=UA-39828003-10&_gid=631902472.1621182550&_r=1&gtm=2wg5c15H5WRDX&cd1=usps&cd2=faq&cd3=&cd4=&z=1656214392

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://k2track.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 16 May 2021 16:29:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://k2track.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AC02 0
19 B 84ms
84ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1948284670299562&output=html&adk=1812271804&adf=3025194257&lmt=1621182549&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fk2track.com%2Fusps%2Ffaq%2Fpostalexperience-com-pos-f175&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621182549894&bpp=2&bdt=300&idt=86&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C1120x280%2C1120x280%2C1120x280&nras=1&correlator=3291452578667&frm=20&pv=1&ga_vid=1323375382.1621182550&ga_sid=1621182550&ga_hid=1852380681&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060828&oid=3&pvsid=1348560532284022&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&dtd=92

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1948284670299562&output=html&adk=1812271804&adf=3025194257&lmt=1621182549&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fk2track.com%2Fusps%2Ffaq%2Fpostalexperience-com-pos-f175&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621182549894&bpp=2&bdt=300&idt=86&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C1120x280%2C1120x280%2C1120x280&nras=1&correlator=3291452578667&frm=20&pv=1&ga_vid=1323375382.1621182550&ga_sid=1621182550&ga_hid=1852380681&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060828&oid=3&pvsid=1348560532284022&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&dtd=92
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://k2track.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://k2track.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 16 May 2021 16:29:10 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 16-May-2021 16:44:09 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 16 May 2021 16:29:10 GMT
cache-control: private

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
443 B 41ms
15ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-39828003-10&cid=1323375382.1621182550&jid=890542402&gjid=1056657461&_gid=631902472.1621182550&_u=aGDAAAACQAAAAC~&z=495606829

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://k2track.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 16 May 2021 16:29:10 GMT
content-type: text/plain
access-control-allow-origin: https://k2track.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
505 B 47ms
29ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-39828003-10&cid=1323375382.1621182550&jid=890542402&_u=aGDAAAACQAAAAC~&z=1382080112

Requested by

Host: k2track.com
URL: https://k2track.com/usps/faq/postalexperience-com-pos-f175

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://k2track.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 16:29:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
505 B 51ms
31ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-39828003-10&cid=1323375382.1621182550&jid=890542402&_u=aGDAAAACQAAAAC~&z=1382080112

Requested by

Host: k2track.com
URL: https://k2track.com/usps/faq/postalexperience-com-pos-f175

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://k2track.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 16:29:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 53ms
53ms Script
application/javascript 184.30.24.121
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-121.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://k2track.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Sun, 16 May 2021 16:29:10 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H2 200 15748219915616381996
tpc.googlesyndication.com/simgad/ Frame F6A7 109 KB
109 KB 32ms
10ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15748219915616381996?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qneBXzbmT4bm8RCQMeEh7R2eSw5qg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1948284670299562&output=html&h=280&slotname=8443899446&adk=1417498880&adf=2788005498&pi=t.ma~as.8443899446&w=1120&fwrn=4&fwrnh=100&lmt=1621182549&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Fk2track.com%2Fusps%2Ffaq%2Fpostalexperience-com-pos-f175&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621182549768&bpp=4&bdt=174&idt=177&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=3291452578667&frm=20&pv=1&ga_vid=1323375382.1621182550&ga_sid=1621182550&ga_hid=1852380681&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2217&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060828&oid=3&pvsid=1348560532284022&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=spnhNA3Qvc&p=https%3A//k2track.com&dtd=181

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a2384235174e8a31dbf3a5d7df68cac4ff6c7cf18a8c8d9280acc6223d00bfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 04:18:03 GMT
x-content-type-options: nosniff
last-modified: Wed, 07 Apr 2021 13:24:29 GMT
server: sffe
age: 216667
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 111733
x-xss-protection: 0
expires: Sat, 14 May 2022 04:18:03 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/ Frame F6A7 17 KB
7 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85e3697fdb65077432d19ff2953a9384b12c6971b9187fd719ac2cf0f1f472d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 16:23:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 335
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7042
x-xss-protection: 0
server: cafe
etag: 2725110100707361309
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 May 2021 16:23:35 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame F6A7 2 KB
1 KB 26ms
10ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 16:29:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 May 2021 16:29:00 GMT

GET
H2 200 transparent.png
tpc.googlesyndication.com/pagead/images/ Frame F6A7 67 B
188 B 37ms
22ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/transparent.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 16 May 2021 10:13:28 GMT
x-content-type-options: nosniff
server: cafe
age: 22542
etag: 2462972746714251406
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
expires: Mon, 17 May 2021 10:13:28 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F6A7 117 KB
36 KB 29ms
14ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14a6bc9fca94f536d24da272cf684e3e900adaf170804cceda99f44c97c710c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 16:29:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620991973329016"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36585
x-xss-protection: 0
expires: Sun, 16 May 2021 16:29:10 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame F6A7 13 KB
6 KB 23ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 16:26:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 182
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5621
x-xss-protection: 0
server: cafe
etag: 8169261014141303515
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 May 2021 16:26:08 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame F6A7 0
0 42ms
42ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CDvi2VUihYIvwOoXqzAbzrJPAC_r9vt5i7Z-joL0N4qbrz4sOEAEgsIPQGmCVAqAB8vvT3wPIAQKpAs6P_jB0YLQ-qAMByAPJBKoEzQFP0OsXNn2l8FoRNSNgIZ8VoghkiUr0OQctxaI2ePxN-1UCUSQ4A8rKrGeSDwJorvdqfa7NsPKTeFT3b_SZ9idVPbx3MbcO5bdLwoiwoUVdaIQRu9gLdWyhbHypef-5M9XQx2RZv1PBAvqjSzeS51lM8MPp7WHTpWM46YsGHkuzNbgwRCRhJtgRLXen5nd0rGL82JMvsh_g__I1g1GD7HDW_KSqPj5nWBXEDaGCPhaL2RqRoY6I6otkvwi9PFtJYIvQCqasJ172YFtujaUawASbp_Xn9gKSBQQIBBgBkgUECAUYBKAGAoAH2eWyJqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBCikVrSCAkIgOGAcBABGB-ACgHICwHYEw3QFQGYFgGAFwGyFxoKGAgAEhRwdWItMTk0ODI4NDY3MDI5OTU2Mg&sigh=4CNfRVf95VY

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1948284670299562&output=html&h=280&slotname=8443899446&adk=1417498880&adf=2788005498&pi=t.ma~as.8443899446&w=1120&fwrn=4&fwrnh=100&lmt=1621182549&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Fk2track.com%2Fusps%2Ffaq%2Fpostalexperience-com-pos-f175&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621182549768&bpp=4&bdt=174&idt=177&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=3291452578667&frm=20&pv=1&ga_vid=1323375382.1621182550&ga_sid=1621182550&ga_hid=1852380681&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2217&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060828&oid=3&pvsid=1348560532284022&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=spnhNA3Qvc&p=https%3A//k2track.com&dtd=181
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 16 May 2021 16:29:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 16 May 2021 16:29:10 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame F6A7 25 KB
10 KB 34ms
22ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05e695a8f4bd26c3a3092afbd08d40b873b39599d47ce15c281b1b526e934258

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 16:02:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1617
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10380
x-xss-protection: 0
server: cafe
etag: 16922886349488815302
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 May 2021 16:02:13 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1683 143 B
163 B 6ms
5ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1948284670299562&output=html&h=280&slotname=8443899446&adk=1417498880&adf=2788005498&pi=t.ma~as.8443899446&w=1120&fwrn=4&fwrnh=100&lmt=1621182549&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Fk2track.com%2Fusps%2Ffaq%2Fpostalexperience-com-pos-f175&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621182549768&bpp=4&bdt=174&idt=177&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=3291452578667&frm=20&pv=1&ga_vid=1323375382.1621182550&ga_sid=1621182550&ga_hid=1852380681&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2217&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060828&oid=3&pvsid=1348560532284022&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=spnhNA3Qvc&p=https%3A//k2track.com&dtd=181
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1948284670299562&output=html&h=280&slotname=8443899446&adk=1417498880&adf=2788005498&pi=t.ma~as.8443899446&w=1120&fwrn=4&fwrnh=100&lmt=1621182549&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Fk2track.com%2Fusps%2Ffaq%2Fpostalexperience-com-pos-f175&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621182549768&bpp=4&bdt=174&idt=177&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=3291452578667&frm=20&pv=1&ga_vid=1323375382.1621182550&ga_sid=1621182550&ga_hid=1852380681&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2217&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060828&oid=3&pvsid=1348560532284022&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=spnhNA3Qvc&p=https%3A//k2track.com&dtd=181

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 16 May 2021 15:57:10 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1920
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame F6A7 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f732f1fbc21285892de5c6225952f44ab5198f87e551a548aa955307d75bb6f3

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1683
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

42ms
41ms

Document
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUm_5VEyodBklckIz8NFx7fIIG9Ublq52X3NFEeAI9qWas7eFqiA1SMYp33n7Gk
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 16 May 2021 16:29:10 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sun, 16-May-2021 17:29:10 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 16 May 2021 16:29:10 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 16 May 2021 16:29:10 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 13325237664024608443
tpc.googlesyndication.com/simgad/ Frame F87A 35 KB
35 KB 28ms
12ms Image
image/webp 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13325237664024608443?sqp=4sqPyQRZQlcqVRABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT74AQGCAhIVAAAsQhhVIF8oBDABPQAANEKNAgAAIEI&rs=AOga4qliZzhQBoqeSyIFgKhW3gHzIAqTKw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1948284670299562&output=html&h=280&slotname=3950853803&adk=3925446440&adf=3806773954&pi=t.ma~as.3950853803&w=1120&fwrn=4&fwrnh=100&lmt=1621182549&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Fk2track.com%2Fusps%2Ffaq%2Fpostalexperience-com-pos-f175&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621182549811&bpp=1&bdt=216&idt=154&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C1120x280%2C1120x280&correlator=3291452578667&frm=20&pv=1&ga_vid=1323375382.1621182550&ga_sid=1621182550&ga_hid=1852380681&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=4122&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060828&oid=3&pvsid=1348560532284022&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=ghjE0KL5ci&p=https%3A//k2track.com&dtd=157

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f3a785c3fb099a0dbe2058cf304862e12dfba2193317b85ab71bbc46e961d26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 18:18:58 GMT
x-content-type-options: nosniff
last-modified: Fri, 22 Jan 2021 10:55:14 GMT
server: sffe
age: 252612
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35578
x-xss-protection: 0
expires: Fri, 13 May 2022 18:18:58 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/ Frame F87A 17 KB
7 KB 24ms
8ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85e3697fdb65077432d19ff2953a9384b12c6971b9187fd719ac2cf0f1f472d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 16:23:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 335
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7042
x-xss-protection: 0
server: cafe
etag: 2725110100707361309
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 May 2021 16:23:35 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame F87A 2 KB
1 KB 20ms
9ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 16:25:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 196
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 May 2021 16:25:54 GMT

GET
H3-29 200 transparent.png
tpc.googlesyndication.com/pagead/images/ Frame F87A 67 B
91 B 20ms
10ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/transparent.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 16 May 2021 10:13:28 GMT
x-content-type-options: nosniff
server: cafe
age: 22542
etag: 2462972746714251406
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
expires: Mon, 17 May 2021 10:13:28 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F87A 117 KB
36 KB 18ms
16ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14a6bc9fca94f536d24da272cf684e3e900adaf170804cceda99f44c97c710c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 16:29:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620991973329016"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36585
x-xss-protection: 0
expires: Sun, 16 May 2021 16:29:10 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame F87A 13 KB
6 KB 19ms
8ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 16:26:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 182
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5621
x-xss-protection: 0
server: cafe
etag: 8169261014141303515
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 May 2021 16:26:08 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame F87A 0
0 43ms
42ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CyrzxVUihYPKEPMyX-wb0qangDNXN48ZiopKu25cNwpz17PAbEAEgsIPQGmCVAqABh6Kp3ALIAQKoAwHIA8kEqgTMAU_Q_Rdk4TIJ4tMYQ91eXevvrje8GFUkmQ_KjTsh2I0a8lu4_bK81hTDvOJnrgxHgRPGez7N_EBV8FDgA3f0tZ7mSQEXNsj-Uu8xC4BhQoX-07L1_raIMGI00a58OwkT56a9c9A93n0cVxKeIihQyJ_MPMqjYASP4IPYWdz3GjkmZvqOon8Esdd2acummjna-k4ZlCpsvTbTr8rTHK-ppq62gjWy7NpuuIttFjoWAzuLl2kAf89H7zlJlDMh0zie4JUlfOkRD0sN7ZxurcAE9Jn407EDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB9j9-N0BqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEPW-CNIICQiA4YBwEAEYH4AKAcgLAdgTDNAVAYAXAbIXGgoYCAASFHB1Yi0xOTQ4Mjg0NjcwMjk5NTYy&sigh=NvRJk2b1GoU

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1948284670299562&output=html&h=280&slotname=3950853803&adk=3925446440&adf=3806773954&pi=t.ma~as.3950853803&w=1120&fwrn=4&fwrnh=100&lmt=1621182549&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Fk2track.com%2Fusps%2Ffaq%2Fpostalexperience-com-pos-f175&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621182549811&bpp=1&bdt=216&idt=154&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C1120x280%2C1120x280&correlator=3291452578667&frm=20&pv=1&ga_vid=1323375382.1621182550&ga_sid=1621182550&ga_hid=1852380681&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=4122&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060828&oid=3&pvsid=1348560532284022&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=ghjE0KL5ci&p=https%3A//k2track.com&dtd=157
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 16 May 2021 16:29:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame F87A 25 KB
10 KB 15ms
11ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05e695a8f4bd26c3a3092afbd08d40b873b39599d47ce15c281b1b526e934258

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 16:02:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1617
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10380
x-xss-protection: 0
server: cafe
etag: 16922886349488815302
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 May 2021 16:02:13 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame C506 3 KB
1 KB 34ms
14ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1948284670299562&output=html&h=280&slotname=5996910481&adk=3384264175&adf=2073727090&pi=t.ma~as.5996910481&w=1120&fwrn=4&fwrnh=100&lmt=1621182549&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Fk2track.com%2Fusps%2Ffaq%2Fpostalexperience-com-pos-f175&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621182549793&bpp=1&bdt=198&idt=162&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C1120x280&correlator=3291452578667&frm=20&pv=1&ga_vid=1323375382.1621182550&ga_sid=1621182550&ga_hid=1852380681&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2934&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060828&oid=3&pvsid=1348560532284022&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=EUQlOHTb3l&p=https%3A//k2track.com&dtd=165

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5ae91fe13f17bd08dbfa835ba6128d165dba3c87ed1d3d1619e22e458657d681

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 16 May 2021 16:19:42 GMT
server: ESF
date: Sun, 16 May 2021 16:29:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 16 May 2021 16:29:10 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6327 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1948284670299562&output=html&h=280&slotname=3950853803&adk=3925446440&adf=3806773954&pi=t.ma~as.3950853803&w=1120&fwrn=4&fwrnh=100&lmt=1621182549&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Fk2track.com%2Fusps%2Ffaq%2Fpostalexperience-com-pos-f175&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621182549811&bpp=1&bdt=216&idt=154&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C1120x280%2C1120x280&correlator=3291452578667&frm=20&pv=1&ga_vid=1323375382.1621182550&ga_sid=1621182550&ga_hid=1852380681&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=4122&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060828&oid=3&pvsid=1348560532284022&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=ghjE0KL5ci&p=https%3A//k2track.com&dtd=157
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUm_5VEyodBklckIz8NFx7fIIG9Ublq52X3NFEeAI9qWas7eFqiA1SMYp33n7Gk; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1948284670299562&output=html&h=280&slotname=3950853803&adk=3925446440&adf=3806773954&pi=t.ma~as.3950853803&w=1120&fwrn=4&fwrnh=100&lmt=1621182549&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Fk2track.com%2Fusps%2Ffaq%2Fpostalexperience-com-pos-f175&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621182549811&bpp=1&bdt=216&idt=154&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C1120x280%2C1120x280&correlator=3291452578667&frm=20&pv=1&ga_vid=1323375382.1621182550&ga_sid=1621182550&ga_hid=1852380681&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=4122&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060828&oid=3&pvsid=1348560532284022&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=ghjE0KL5ci&p=https%3A//k2track.com&dtd=157

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 16 May 2021 15:57:10 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1920
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame C506 1 KB
909 B 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 16:21:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 488
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 May 2021 16:21:02 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/ Frame C506 17 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85e3697fdb65077432d19ff2953a9384b12c6971b9187fd719ac2cf0f1f472d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 16:23:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 335
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7042
x-xss-protection: 0
server: cafe
etag: 2725110100707361309
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 May 2021 16:23:35 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame C506 2 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 16:25:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 196
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 May 2021 16:25:54 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C506 117 KB
36 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14a6bc9fca94f536d24da272cf684e3e900adaf170804cceda99f44c97c710c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 16:29:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620991973329016"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36585
x-xss-protection: 0
expires: Sun, 16 May 2021 16:29:10 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame C506 13 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 16:26:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 182
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5621
x-xss-protection: 0
server: cafe
etag: 8169261014141303515
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 May 2021 16:26:08 GMT

GET
H2 200 a9a8364a2596c42846402f3b38495283.js Show response
www.gstatic.com/mysidia/ Frame C506 25 KB
11 KB 25ms
6ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a9a8364a2596c42846402f3b38495283.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4bfbe90df75b370438ad25150e701108c1d6bb27003add53d2f0be9e42b194ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 05:15:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 11 May 2021 00:23:29 GMT
server: sffe
age: 126837
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10414
x-xss-protection: 0
expires: Fri, 13 Aug 2021 05:15:13 GMT

GET
DATA 200
OK truncated
/ Frame F87A 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c86b3f2d4993dbe41195001ba3ae91fce1ab9fc220f2d83a63f8984d86c6f9c9

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame C506 30 KB
30 KB 26ms
6ms Image
image/jpeg 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcT_1W7KAffUqZZp-i78suIBYcQ3DlmiGJMM1rVjO_wB1XTQZ6w59L7ca_chA4o&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3fd7ba796a9dc1012cb6302589c1703f588617dabd741c1ad352582f105c48b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 22:09:00 GMT
x-content-type-options: nosniff
last-modified: Sat, 04 Jul 2020 03:02:29 GMT
server: sffe
age: 411610
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30496
x-xss-protection: 0
expires: Wed, 11 May 2022 22:09:00 GMT

GET
H3-29

200

3018669618752072816
tpc.googlesyndication.com/simgad/ Frame C506
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr052kyQEQ0gYY0gYyCCQvxtvDIeNE
https://tpc.googlesyndication.com/simgad/3018669618752072816

80 KB
80 KB

7ms
7ms

Image
image/png

2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3018669618752072816

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03fde87b0823431c08268d31bf486851e42ba440334059929d9c761ea59ec7a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 10:03:54 GMT
x-content-type-options: nosniff
age: 23116
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 81780
x-xss-protection: 0
last-modified: Tue, 24 Sep 2019 11:09:49 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 16 May 2022 10:03:54 GMT

Redirect headers

timing-allow-origin: *
date: Sun, 16 May 2021 07:13:32 GMT
x-content-type-options: nosniff
server: cafe
age: 33338
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/3018669618752072816
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 15 Jun 2021 07:13:32 GMT

GET
H3-29 200 TMm5Vd8VytjbCcmIcJumdaM-J7Gy9TN2HX45D5FEMFw.js Show response
pagead2.googlesyndication.com/bg/ Frame 1E84 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TMm5Vd8VytjbCcmIcJumdaM-J7Gy9TN2HX45D5FEMFw.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4cc9b955df15cad8db09c988709ba675a33e27b1b2f533761d7e390f9144305c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 13:18:00 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 09:28:00 GMT
server: sffe
age: 11470
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5679
x-xss-protection: 0
expires: Mon, 16 May 2022 13:18:00 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame C506 0
0 43ms
42ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C-DNWVUihYK28O8qD2fcPmJm9qA-Q4t2HYvSj0pj3DL_hHhABILCD0BpglQKgAcu6jd4DyAEGqQLOj_4wdGC0PqgDAcgDAqoEywFP0Ac92aiID099SURwRB8HRwafBBM4SPKwQXAd1wDy1sXP1CJTn3mmo9_JD3o2zYImqs525dVJUNWGT9wxo-ixeU4OFs1sUNPxYTlsPa-cWECMbkvu3MRe5Et0tgQGgQRjiUfn0Wf6z6uZQVsoO3jtj9d3tLvjqexU1C4mks1BqDXMJw6O7rNI3r3lvdU1J2MmRorqHl6iLwiJAv915adDtJm0xTEyiBYOXej1ALEalHin9BgD_NT79mnjOb1Dn7WRCgpwRCvPL_puD8AEw_6i-cEDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBjeAB53F8iGoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEJu9A9IICQiA4YBwEAEYH4AKAcgLAdgTDdAVAZgWAYAXAbIXGgoYCAASFHB1Yi0xOTQ4Mjg0NjcwMjk5NTYy&sigh=3eE9_GeZ5Ok&template_id=493

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1948284670299562&output=html&h=280&slotname=5996910481&adk=3384264175&adf=2073727090&pi=t.ma~as.5996910481&w=1120&fwrn=4&fwrnh=100&lmt=1621182549&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Fk2track.com%2Fusps%2Ffaq%2Fpostalexperience-com-pos-f175&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621182549793&bpp=1&bdt=198&idt=162&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C1120x280&correlator=3291452578667&frm=20&pv=1&ga_vid=1323375382.1621182550&ga_sid=1621182550&ga_hid=1852380681&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2934&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060828&oid=3&pvsid=1348560532284022&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=EUQlOHTb3l&p=https%3A//k2track.com&dtd=165
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 16 May 2021 16:29:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C506 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 825dec4050738ae3c8e32332d253bd96e8f2707c8756236b6211ffab131d4e25

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 css
fonts.googleapis.com/ Frame 9910 3 KB
578 B 29ms
15ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1948284670299562&output=html&h=280&slotname=5223630349&adk=1296487409&adf=1283140071&pi=t.ma~as.5223630349&w=1200&fwrn=4&fwrnh=100&lmt=1621182549&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fk2track.com%2Fusps%2Ffaq%2Fpostalexperience-com-pos-f175&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621182549763&bpp=5&bdt=168&idt=148&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=3291452578667&frm=20&pv=2&ga_vid=1323375382.1621182550&ga_sid=1621182550&ga_hid=1852380681&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=423&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060828&oid=3&pvsid=1348560532284022&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Scz5XajPfa&p=https%3A//k2track.com&dtd=168

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 16 May 2021 16:27:25 GMT
server: ESF
date: Sun, 16 May 2021 16:29:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 16 May 2021 16:29:10 GMT

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v15/ Frame C506 20 KB
21 KB 27ms
8ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v15/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 23:13:36 GMT
x-content-type-options: nosniff
last-modified: Mon, 19 Apr 2021 22:53:16 GMT
server: sffe
age: 494134
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20900
x-xss-protection: 0
expires: Tue, 10 May 2022 23:13:36 GMT

GET
H2 200 ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v15/ Frame C506 21 KB
21 KB 29ms
13ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v15/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

880615098e4a8fa71bedc4b510d6b74145e0528eef749bf4127ee6db7989a1fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 02:08:02 GMT
x-content-type-options: nosniff
last-modified: Mon, 19 Apr 2021 22:53:23 GMT
server: sffe
age: 310868
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21464
x-xss-protection: 0
expires: Fri, 13 May 2022 02:08:02 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame 9910 1 KB
909 B 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1948284670299562&output=html&h=280&slotname=5223630349&adk=1296487409&adf=1283140071&pi=t.ma~as.5223630349&w=1200&fwrn=4&fwrnh=100&lmt=1621182549&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fk2track.com%2Fusps%2Ffaq%2Fpostalexperience-com-pos-f175&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621182549763&bpp=5&bdt=168&idt=148&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=3291452578667&frm=20&pv=2&ga_vid=1323375382.1621182550&ga_sid=1621182550&ga_hid=1852380681&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=423&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060828&oid=3&pvsid=1348560532284022&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Scz5XajPfa&p=https%3A//k2track.com&dtd=168

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 16:21:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 488
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 May 2021 16:21:02 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/ Frame 9910 17 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1948284670299562&output=html&h=280&slotname=5223630349&adk=1296487409&adf=1283140071&pi=t.ma~as.5223630349&w=1200&fwrn=4&fwrnh=100&lmt=1621182549&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fk2track.com%2Fusps%2Ffaq%2Fpostalexperience-com-pos-f175&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621182549763&bpp=5&bdt=168&idt=148&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=3291452578667&frm=20&pv=2&ga_vid=1323375382.1621182550&ga_sid=1621182550&ga_hid=1852380681&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=423&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060828&oid=3&pvsid=1348560532284022&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Scz5XajPfa&p=https%3A//k2track.com&dtd=168

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85e3697fdb65077432d19ff2953a9384b12c6971b9187fd719ac2cf0f1f472d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 16:23:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 335
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7042
x-xss-protection: 0
server: cafe
etag: 2725110100707361309
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 May 2021 16:23:35 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame 9910 2 KB
1 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1948284670299562&output=html&h=280&slotname=5223630349&adk=1296487409&adf=1283140071&pi=t.ma~as.5223630349&w=1200&fwrn=4&fwrnh=100&lmt=1621182549&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fk2track.com%2Fusps%2Ffaq%2Fpostalexperience-com-pos-f175&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621182549763&bpp=5&bdt=168&idt=148&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=3291452578667&frm=20&pv=2&ga_vid=1323375382.1621182550&ga_sid=1621182550&ga_hid=1852380681&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=423&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060828&oid=3&pvsid=1348560532284022&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Scz5XajPfa&p=https%3A//k2track.com&dtd=168

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 16:25:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 196
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 May 2021 16:25:54 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9910 117 KB
36 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1948284670299562&output=html&h=280&slotname=5223630349&adk=1296487409&adf=1283140071&pi=t.ma~as.5223630349&w=1200&fwrn=4&fwrnh=100&lmt=1621182549&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fk2track.com%2Fusps%2Ffaq%2Fpostalexperience-com-pos-f175&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621182549763&bpp=5&bdt=168&idt=148&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=3291452578667&frm=20&pv=2&ga_vid=1323375382.1621182550&ga_sid=1621182550&ga_hid=1852380681&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=423&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060828&oid=3&pvsid=1348560532284022&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Scz5XajPfa&p=https%3A//k2track.com&dtd=168

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14a6bc9fca94f536d24da272cf684e3e900adaf170804cceda99f44c97c710c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 16:29:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620991973329016"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36585
x-xss-protection: 0
expires: Sun, 16 May 2021 16:29:10 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame 9910 13 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1948284670299562&output=html&h=280&slotname=5223630349&adk=1296487409&adf=1283140071&pi=t.ma~as.5223630349&w=1200&fwrn=4&fwrnh=100&lmt=1621182549&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fk2track.com%2Fusps%2Ffaq%2Fpostalexperience-com-pos-f175&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621182549763&bpp=5&bdt=168&idt=148&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=3291452578667&frm=20&pv=2&ga_vid=1323375382.1621182550&ga_sid=1621182550&ga_hid=1852380681&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=423&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060828&oid=3&pvsid=1348560532284022&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Scz5XajPfa&p=https%3A//k2track.com&dtd=168

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 16:26:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 182
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5621
x-xss-protection: 0
server: cafe
etag: 8169261014141303515
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 May 2021 16:26:08 GMT

GET
H3-29 200 a9a8364a2596c42846402f3b38495283.js Show response
www.gstatic.com/mysidia/ Frame 9910 25 KB
10 KB 19ms
6ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a9a8364a2596c42846402f3b38495283.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1948284670299562&output=html&h=280&slotname=5223630349&adk=1296487409&adf=1283140071&pi=t.ma~as.5223630349&w=1200&fwrn=4&fwrnh=100&lmt=1621182549&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fk2track.com%2Fusps%2Ffaq%2Fpostalexperience-com-pos-f175&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621182549763&bpp=5&bdt=168&idt=148&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=3291452578667&frm=20&pv=2&ga_vid=1323375382.1621182550&ga_sid=1621182550&ga_hid=1852380681&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=423&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060828&oid=3&pvsid=1348560532284022&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Scz5XajPfa&p=https%3A//k2track.com&dtd=168

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4bfbe90df75b370438ad25150e701108c1d6bb27003add53d2f0be9e42b194ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 05:15:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 11 May 2021 00:23:29 GMT
server: sffe
age: 126837
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10414
x-xss-protection: 0
expires: Fri, 13 Aug 2021 05:15:13 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9910 0
0 42ms
42ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CP0OeVUihYIG-OqKvzAaE567wA8ndm9xig5DCgvINicHDqOAjEAEgsIPQGmCVAqABrtCX1AHIAQGpAs6P_jB0YLQ-qAMByAPLBKoEyQFP0FXTLMOi1LYjRWwA2eo6f-W8gCbbbd6St7ZfxLPTg7orre968vVLA8Dg3CrQwfT08VxoNtwd08J6YS_XwkaBGnbqkmznAr7IVrpREYHw6xHrM4hHACwgGs4M9iLg8qiJ-9HiETGaccSOAh3cZvMpI3NxQTQacAUUEgpEyviJVxFTvQX4tvliRkLJTNUbdAVdM3fajwSBtjAY0ZlGPc8n9oS84yPQ05MhF_sjdLQqJhKPlMYC8Ori8aIWBCE1NJtDH3UkNZef8lfABNPJhefJA5IFBAgEGAGSBQQIBRgEgAe6r-irAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBRDI_8cD0ggJCIDhgHAQARgfgAoByAsB2BMN0BUBgBcBshcaChgIABIUcHViLTE5NDgyODQ2NzAyOTk1NjI&sigh=VEfDtws2irU

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1948284670299562&output=html&h=280&slotname=5223630349&adk=1296487409&adf=1283140071&pi=t.ma~as.5223630349&w=1200&fwrn=4&fwrnh=100&lmt=1621182549&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fk2track.com%2Fusps%2Ffaq%2Fpostalexperience-com-pos-f175&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621182549763&bpp=5&bdt=168&idt=148&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=3291452578667&frm=20&pv=2&ga_vid=1323375382.1621182550&ga_sid=1621182550&ga_hid=1852380681&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=423&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060828&oid=3&pvsid=1348560532284022&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Scz5XajPfa&p=https%3A//k2track.com&dtd=168

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1948284670299562&output=html&h=280&slotname=5223630349&adk=1296487409&adf=1283140071&pi=t.ma~as.5223630349&w=1200&fwrn=4&fwrnh=100&lmt=1621182549&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fk2track.com%2Fusps%2Ffaq%2Fpostalexperience-com-pos-f175&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621182549763&bpp=5&bdt=168&idt=148&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=3291452578667&frm=20&pv=2&ga_vid=1323375382.1621182550&ga_sid=1621182550&ga_hid=1852380681&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=423&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060828&oid=3&pvsid=1348560532284022&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Scz5XajPfa&p=https%3A//k2track.com&dtd=168
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 16 May 2021 16:29:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C2FC 143 B
163 B 6ms
5ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1948284670299562&output=html&h=280&slotname=5223630349&adk=1296487409&adf=1283140071&pi=t.ma~as.5223630349&w=1200&fwrn=4&fwrnh=100&lmt=1621182549&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fk2track.com%2Fusps%2Ffaq%2Fpostalexperience-com-pos-f175&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621182549763&bpp=5&bdt=168&idt=148&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=3291452578667&frm=20&pv=2&ga_vid=1323375382.1621182550&ga_sid=1621182550&ga_hid=1852380681&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=423&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060828&oid=3&pvsid=1348560532284022&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Scz5XajPfa&p=https%3A//k2track.com&dtd=168

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1948284670299562&output=html&h=280&slotname=5223630349&adk=1296487409&adf=1283140071&pi=t.ma~as.5223630349&w=1200&fwrn=4&fwrnh=100&lmt=1621182549&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fk2track.com%2Fusps%2Ffaq%2Fpostalexperience-com-pos-f175&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621182549763&bpp=5&bdt=168&idt=148&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=3291452578667&frm=20&pv=2&ga_vid=1323375382.1621182550&ga_sid=1621182550&ga_hid=1852380681&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=423&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060828&oid=3&pvsid=1348560532284022&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Scz5XajPfa&p=https%3A//k2track.com&dtd=168
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUm_5VEyodBklckIz8NFx7fIIG9Ublq52X3NFEeAI9qWas7eFqiA1SMYp33n7Gk; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1948284670299562&output=html&h=280&slotname=5223630349&adk=1296487409&adf=1283140071&pi=t.ma~as.5223630349&w=1200&fwrn=4&fwrnh=100&lmt=1621182549&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fk2track.com%2Fusps%2Ffaq%2Fpostalexperience-com-pos-f175&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621182549763&bpp=5&bdt=168&idt=148&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=3291452578667&frm=20&pv=2&ga_vid=1323375382.1621182550&ga_sid=1621182550&ga_hid=1852380681&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=423&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060828&oid=3&pvsid=1348560532284022&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Scz5XajPfa&p=https%3A//k2track.com&dtd=168

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 16 May 2021 15:57:10 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1920
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6327
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

39ms
38ms

Document
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUm_5VEyodBklckIz8NFx7fIIG9Ublq52X3NFEeAI9qWas7eFqiA1SMYp33n7Gk; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 16 May 2021 16:29:10 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sun, 16-May-2021 17:29:10 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 16 May 2021 16:29:10 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 16 May 2021 16:29:10 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 TMm5Vd8VytjbCcmIcJumdaM-J7Gy9TN2HX45D5FEMFw.js Show response
pagead2.googlesyndication.com/bg/ Frame 8B7D 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TMm5Vd8VytjbCcmIcJumdaM-J7Gy9TN2HX45D5FEMFw.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4cc9b955df15cad8db09c988709ba675a33e27b1b2f533761d7e390f9144305c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 13:18:00 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 09:28:00 GMT
server: sffe
age: 11470
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5679
x-xss-protection: 0
expires: Mon, 16 May 2022 13:18:00 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C2FC
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

39ms
39ms

Document
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1948284670299562&output=html&h=280&slotname=5223630349&adk=1296487409&adf=1283140071&pi=t.ma~as.5223630349&w=1200&fwrn=4&fwrnh=100&lmt=1621182549&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fk2track.com%2Fusps%2Ffaq%2Fpostalexperience-com-pos-f175&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621182549763&bpp=5&bdt=168&idt=148&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=3291452578667&frm=20&pv=2&ga_vid=1323375382.1621182550&ga_sid=1621182550&ga_hid=1852380681&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=423&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060828&oid=3&pvsid=1348560532284022&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Scz5XajPfa&p=https%3A//k2track.com&dtd=168

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUm_5VEyodBklckIz8NFx7fIIG9Ublq52X3NFEeAI9qWas7eFqiA1SMYp33n7Gk; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 16 May 2021 16:29:10 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sun, 16-May-2021 17:29:10 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 16 May 2021 16:29:10 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 16 May 2021 16:29:10 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 9910 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ec0e24e2e7ccdfd2a0aa6fedbce0a1f48fa791a3d103b1b89959dca6297ecc24

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 9910 21 KB
21 KB 20ms
6ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 01:32:02 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
age: 313028
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
expires: Fri, 13 May 2022 01:32:02 GMT

GET
H3-29 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 9910 21 KB
21 KB 21ms
9ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 01:31:31 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
age: 313059
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
expires: Fri, 13 May 2022 01:31:31 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 32ms
19ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210511&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

863371c22bb0d8fc8a52849810028d2d4e8501d8d43cd2b6aaf40b004dffb5a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://k2track.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 16 May 2021 16:29:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7715
x-xss-protection: 0

GET
H2 200 14.2dfb61b890959f78272d.js Show response
s7.addthis.com/static/ 397 B
544 B 78ms
78ms Script
application/javascript 184.30.24.121
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/14.2dfb61b890959f78272d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-121.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6070049215ef9b98d1b389d67963816172ff29513d34335c5061cd9619a3ea17

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://k2track.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-18d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Sun, 16 May 2021 16:29:11 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 304

GET
H3-29 200 TMm5Vd8VytjbCcmIcJumdaM-J7Gy9TN2HX45D5FEMFw.js Show response
pagead2.googlesyndication.com/bg/ Frame 3A86 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TMm5Vd8VytjbCcmIcJumdaM-J7Gy9TN2HX45D5FEMFw.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1948284670299562&output=html&h=280&slotname=5223630349&adk=1296487409&adf=1283140071&pi=t.ma~as.5223630349&w=1200&fwrn=4&fwrnh=100&lmt=1621182549&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fk2track.com%2Fusps%2Ffaq%2Fpostalexperience-com-pos-f175&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621182549763&bpp=5&bdt=168&idt=148&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=3291452578667&frm=20&pv=2&ga_vid=1323375382.1621182550&ga_sid=1621182550&ga_hid=1852380681&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=423&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060828&oid=3&pvsid=1348560532284022&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Scz5XajPfa&p=https%3A//k2track.com&dtd=168

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4cc9b955df15cad8db09c988709ba675a33e27b1b2f533761d7e390f9144305c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 13:18:00 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 09:28:00 GMT
server: sffe
age: 11471
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5679
x-xss-protection: 0
expires: Mon, 16 May 2022 13:18:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1852380681&t=event&ni=1&_s=1&dl=https%3A%2F%2Fk2track.com%2Fusps%2Ffaq%2Fpostalexperience-com-pos-f175&ul=en-us&de=UTF-8&dt=PostalExperience%20Com%20Pos%20%7C%20k2track&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=10%20percent&ea=%D0%A1%D0%BA%D1%80%D0%BE%D0%BB%D0%BB%D0%B8%D0%BD%D0%B3&el=%2Fusps%2Ffaq%2Fpostalexperience-com-pos-f175&_u=aGDAAAADQAAAAC~&jid=1543620763&gjid=322578959&cid=1323375382.1621182550&tid=UA-39828003-10&_gid=631902472.1621182550&_r=1&gtm=2wg5c15H5WRDX&z=1916421803

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://k2track.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 16 May 2021 16:29:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://k2track.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1852380681&t=event&ni=1&_s=1&dl=https%3A%2F%2Fk2track.com%2Fusps%2Ffaq%2Fpostalexperience-com-pos-f175&ul=en-us&de=UTF-8&dt=PostalExperience%20Com%20Pos%20%7C%20k2track&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=25%20percent&ea=%D0%A1%D0%BA%D1%80%D0%BE%D0%BB%D0%BB%D0%B8%D0%BD%D0%B3&el=%2Fusps%2Ffaq%2Fpostalexperience-com-pos-f175&_u=aGDAAAADQAAAAC~&jid=&gjid=&cid=1323375382.1621182550&tid=UA-39828003-10&_gid=631902472.1621182550&gtm=2wg5c15H5WRDX&z=1427901234

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://k2track.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 00:48:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 56471
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://k2track.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 16:29:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Sun, 16 May 2021 16:29:11 GMT

POST
H3-29 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 29ms
16ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-39828003-10&cid=1323375382.1621182550&jid=1543620763&gjid=322578959&_gid=631902472.1621182550&_u=aGDAAAADQAAAAC~&z=1212181774

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://k2track.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 16 May 2021 16:29:11 GMT
content-type: text/plain
access-control-allow-origin: https://k2track.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame BE87 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://k2track.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://k2track.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Sun, 16 May 2021 15:09:39 GMT
expires: Mon, 16 May 2022 15:09:39 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 4772
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 TMm5Vd8VytjbCcmIcJumdaM-J7Gy9TN2HX45D5FEMFw.js Show response
pagead2.googlesyndication.com/bg/ Frame BE87 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TMm5Vd8VytjbCcmIcJumdaM-J7Gy9TN2HX45D5FEMFw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4cc9b955df15cad8db09c988709ba675a33e27b1b2f533761d7e390f9144305c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 13:18:00 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 09:28:00 GMT
server: sffe
age: 11471
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5679
x-xss-protection: 0
expires: Mon, 16 May 2022 13:18:00 GMT

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 31ms
30ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-39828003-10&cid=1323375382.1621182550&jid=1543620763&_u=aGDAAAADQAAAAC~&z=1935819599

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://k2track.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 16:29:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.de/ads/ 42 B
63 B 45ms
30ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-39828003-10&cid=1323375382.1621182550&jid=1543620763&_u=aGDAAAADQAAAAC~&z=1935819599

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://k2track.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 16:29:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210511&jk=1348560532284022&bg=!y8ilyIzNAAY59bwoOfU7ACkAdvg8Wk0iyXYZMV9DzVJPrhejMCQ69-y4OLTv-Kk2MgfuqBXmkx-bGQIAAABmUgAAAAtoAQcKARKytEGNP7LVh597rpA9r5K-PrVIbMzp2LeqDOjYvcKoMPo1RrBUfahCyCIWy7OhYQ3CipAFxYU453dkqnMgu-rQRhdLI01YFRRgr8OKDxyeKgMOKHob8Jzbpsvj_ENHPHW-mP35MQWaxdxF8hf2C4f6jVE5JiSRHhWypfa1ksRluLj6GL6ZEMVQvTYaQQLqNq97MgfwdkqcCSYTt7NK6RdFLjCGIbnRFqm0y8w1ZKGD-mTHtDgynjxRrN6JegjnIlNALCrJQjXUViSbTft7RpgAmkfPe4BvFeGPC-Gbj2V_fsGfPqvMPpw5ISgeHCIX9yHsaJVeutecGapny8LbZnTdu8Bi-hhbv8QD8o7A19UWC1-NmQJQVvJryJLV1SOJ8D-8CBLEBBzWNuUtW_QinE4aQBrmhrX3m89xa5V5RNXvXbu_OrU_OpKg5oEpVbfIViR8jVahQX3msMMNM5XqmShTDZc5ya0ovmXgZp3NmBk1wcIszJEG4y1IKs0Z49D-nnxUHnjxuh5ktDoR_-BUrZOhO1fNgBYZtYlFb4gqd9OwruVinbYnHjjz8ZiBSq31-U05aHVn8lSjAZ_13KcwmZGO-nLcgt5VSM9fyQQA9YV1e2ZrWsTfZgLHfmPqFqDzRmkEzxT3E39EdtUYeewSi5Ndg4ayjKuEe6N9li4rPG9luCAlqQ6RxYLYr2idFAj8SM8DpTLthd5iCPnc30AbyZWJixqvXVQ9xeddIz3L3lgjyNYPtWh8icxx2vEt6hFNlfZ9BTktMsWromgR74JiIZHnTNQTOIhEf8RTfVPKE7auzj__co8MNpqV3ICOxTRO-MRYPGz_fWsMMj-0vJRoVqyzqJr0VNC575ZOk2Y4eEZxbB466idin0Ud10vKMnXVdVfhXvltaefoeYmmSQGKb00Z_qFVSR5gt1xPsncZVk1rkf3Uid3-Rj27fU8diHLnM5IT3NkJxtnDDDrE4aKOzF03tyEycbi-HHv1KFAXfSIumlTy0UPm7TsuQKxtrNq9BOURGpWF0GIJcllHw5QgN-wJQ__DRNAj7y2XNjLLR2d4SvysnaR1ezcDw7E9ynutjrXOj6NvTxvCYETFitFilYnbB8P1Mr9_cBrvGj35u4eB0D9CHOdnOqsPtfhZsYJycvz01_F6lQ

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://k2track.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 16:29:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9910 42 B
64 B 42ms
41ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstt1yNFifPvhG7Ydu1l3oT7guOQg2WgdJMT2OouW1JbBGiVQGnRuwYC-9yQW3PQqxHgeClWl3_5oEu-buJRI4dynmdwN8bvVjhgDh0R3ullsk30NA5cKMCBg1ozSg&sai=AMfl-YREqv5l7vQvL3b0ALinFiQriXEv5ZOzv6JEuheFCnE1opWKiUDEmeD36aiaU54J-GqgEN6mmrHdlsdp&sig=Cg0ArKJSzMe6cZ04ay-5EAE&id=lidar2&mcvt=1000&p=423,200,703,1400&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210514&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1296487409&rs=2&met=mue&la=1&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&rst=1621182549935&dlt=847&rpt=97&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 16:29:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

98 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 18:19:46	Name: DSID Value: NO_DATA
.k2track.com/	1970-01-20 03:41:18	Name: __gads Value: ID=d535ad86081a3c31-22e6cd5715c80002:T=1621182550:RT=1621182550:S=ALNI_MZuWBvcNKTpoZ5qCKBdh-VQFz75hQ
.k2track.com/	1970-01-19 18:19:42	Name: _gat_at0 Value: 1
k2track.com/	1970-01-19 18:19:44	Name: __atuvs Value: 60a1485527f64459000
k2track.com/	1970-01-19 18:29:47	Name: PHPSESSID Value: 561dl7evv3mjoc3goib422r1p5
k2track.com/	1970-01-20 03:49:56	Name: __atuvc Value: 1%7C20
.doubleclick.net/	1970-01-19 18:19:43	Name: test_cookie Value: CheckForPermission
.k2track.com/	1970-01-19 18:21:08	Name: _gid Value: GA1.2.631902472.1621182550
.doubleclick.net/	1970-01-20 03:41:18	Name: IDE Value: AHWqTUm_5VEyodBklckIz8NFx7fIIG9Ublq52X3NFEeAI9qWas7eFqiA1SMYp33n7Gk
.k2track.com/	1970-01-20 11:50:54	Name: _ga Value: GA1.2.1323375382.1621182550

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdnjs.cloudflare.com
encrypted-tbn2.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
k2track.com
pagead2.googlesyndication.com
partner.googleadservices.com
s7.addthis.com
stats.g.doubleclick.net
tpc.googlesyndication.com
v1.addthisedge.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
z.moatads.com
104.236.218.249
172.217.23.98
184.30.24.121
2.18.235.40
2606:4700::6810:125e
2a00:1450:4001:802::2003
2a00:1450:4001:808::2008
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2002
2a00:1450:4001:813::2001
2a00:1450:4001:828::2002
2a00:1450:4001:828::200e
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2003
2a00:1450:4001:831::2004
2a00:1450:400c:c0c::9b
03fde87b0823431c08268d31bf486851e42ba440334059929d9c761ea59ec7a8
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
05e695a8f4bd26c3a3092afbd08d40b873b39599d47ce15c281b1b526e934258
14a6bc9fca94f536d24da272cf684e3e900adaf170804cceda99f44c97c710c4
17f85badecb5fb53f429435f7e6095492b306b3dedc75a9a3f4f9fd9aaf39b43
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
1f3a785c3fb099a0dbe2058cf304862e12dfba2193317b85ab71bbc46e961d26
1fd63e1b13bc40057bbfc65ef7c24aee4002c4fe4201673b4bc5f6e218318005
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
30982a8ee650ea4646a2186b093cc2f87c8c03764ea36ea512bc87cd9dcd7f3b
3524f19d8226ab5b5e0848258832fb47bfd37e9a08bfbaa828fcdf23d2198741
362d4c7f472f4d7703e57ff13afcd3508883caa6533a1c055806c753451f2b64
47107401d0adb375ab9aa167f9d62489a849d510e740a307b5a4db60e5db3562
474e02e1ef4d28788ee4a7b144282f508257db6138b7d3f3a270daf52c3d35b2
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
4bfbe90df75b370438ad25150e701108c1d6bb27003add53d2f0be9e42b194ab
4cc9b955df15cad8db09c988709ba675a33e27b1b2f533761d7e390f9144305c
5195b5533eaad9e23ee9c1ad9dd017b4f0fca8d54921a3f045858eaf4145689d
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
5ae91fe13f17bd08dbfa835ba6128d165dba3c87ed1d3d1619e22e458657d681
6070049215ef9b98d1b389d67963816172ff29513d34335c5061cd9619a3ea17
60b23b2c5fe90e674d00b10cad7f7ed1bdf1820479631cdfdd6d338ccce1b050
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
616c9b85bb6ba9f5ae25e9a6f07e90e069dee10dbe893a047cc09c415b4f4e4a
66f661926ae6c1e13c6b2169733476eb03b9be46e333e5f81eab69a5b0d27ace
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6a2384235174e8a31dbf3a5d7df68cac4ff6c7cf18a8c8d9280acc6223d00bfa
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
825dec4050738ae3c8e32332d253bd96e8f2707c8756236b6211ffab131d4e25
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85e3697fdb65077432d19ff2953a9384b12c6971b9187fd719ac2cf0f1f472d5
863371c22bb0d8fc8a52849810028d2d4e8501d8d43cd2b6aaf40b004dffb5a9
87f15b060ae48b97fb9c8f18ba669799f0d10c7657d3b396ec4d46c5cb2b8398
880615098e4a8fa71bedc4b510d6b74145e0528eef749bf4127ee6db7989a1fd
8aaf86e603cd290042b66fc9294bd864e5a9d038d4d91ce3d501b7035ab5c5e6
8e44376b735dcc9027acbcc8a0df64c3f886a23529eff27b022f344d719e90f2
927c5c042543f6f6de374e0382c75db98381285a6bcf6a1b014389040fb9934c
95c957f63ec5d6ec63830d11c297bfbad53ae08538d6e0f599f2ab8fac971f4d
9ef0fb66e6bec8d7e70fdbd790d8419984a718fa9ab3856e7f20f1028994d2ab
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
ab2c5f0e1e1f8fb3328e71db6b37af005b4f7531f2da230648360ee0c4faa4a3
ac85ef45e16cde93229fb2c4f42d383cfd7969f938fa7e6fc20bf8fd07561f48
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
b3fd7ba796a9dc1012cb6302589c1703f588617dabd741c1ad352582f105c48b
b87c086edf82604a1a5d4892ea8b121d480c6570d0ab7be8464322312e60c2a7
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
c4260a45c7d291006be05872872a62d56bb6e87ca910b686ccad63a825f7b37a
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c86b3f2d4993dbe41195001ba3ae91fce1ab9fc220f2d83a63f8984d86c6f9c9
c8a0c0fcf0feb5bd08ce75c7a80c801a2fe60f28832a118d5eee7f76b82f1bd3
cd3324339f847262752cb6cbabe721d52cbc3f70099d6e47639807719ed55358
cfc7352dd50e276bb4a20f2720ca6ab52c9aea1d9c3dc9ccf6dfae718d3cb550
d2ccc54f1bec9b09d8417c121ce8e874ce16a67cff54d4153f8cb9c8c6cc3402
dc625d31981962f86ab2b38dfd769976c2a90689740aa3d72ab8f0f5375363c8
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec0e24e2e7ccdfd2a0aa6fedbce0a1f48fa791a3d103b1b89959dca6297ecc24
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
f732f1fbc21285892de5c6225952f44ab5198f87e551a548aa955307d75bb6f3

k2track.com Open in urlscan Pro 104.236.218.249 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

98 Requests

100 %HTTPS

80 %IPv6

15 Domains

21 Subdomains

21 IPs

3 Countries

1407 kBTransfer

3196 kBSize

10 Cookies

0 Outgoing links

Redirected requests

98 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

k2track.com Open in urlscan Pro
104.236.218.249 Public Scan

Screenshot
Live screenshot

Full Image

98
Requests

100 %
HTTPS

80 %
IPv6

15
Domains

21
Subdomains

21
IPs

3
Countries

1407 kB
Transfer

3196 kB
Size

10
Cookies

98 HTTP transactions
4 data transactions