platopost.com Open in urlscan Pro
50.116.95.77 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.shik.platopost.com/
Effective URL:
https://platopost.com/
Submission: On September 24 via automatic, source certstream-suspicious (September 24th 2021, 6:08:51 am UTC) — Scanned from DE

Summary HTTP 95 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 18 IPs in 2 countries across 13 domains to perform 95 HTTP transactions. The main IP is 50.116.95.77, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is platopost.com.
TLS certificate: Issued by R3 on September 10th 2021. Valid for: 3 months.

This is the only time platopost.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 20	50.116.95.77 50.116.95.77	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
11	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
9	184.30.24.22 184.30.24.22	16625 (AKAMAI-AS) (AKAMAI-AS)
10 10	3.208.91.221 3.208.91.221	14618 (AMAZON-AES) (AMAZON-AES)
1	143.204.101.192 143.204.101.192	16509 (AMAZON-02) (AMAZON-02)
2	142.250.184.238 142.250.184.238	15169 (GOOGLE) (GOOGLE)
11	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1	172.253.120.157 172.253.120.157	15169 (GOOGLE) (GOOGLE)
1	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
2	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
4	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1 4	142.250.184.196 142.250.184.196	15169 (GOOGLE) (GOOGLE)
1	142.250.185.67 142.250.185.67	15169 (GOOGLE) (GOOGLE)
1	34.102.149.62 34.102.149.62	15169 (GOOGLE) (GOOGLE)
4	142.250.185.234 142.250.185.234	15169 (GOOGLE) (GOOGLE)
5	142.250.181.227 142.250.181.227	15169 (GOOGLE) (GOOGLE)
16	142.250.185.129 142.250.185.129	15169 (GOOGLE) (GOOGLE)
4	142.250.186.35 142.250.186.35	15169 (GOOGLE) (GOOGLE)
95	18

20 50.116.95.77 (United States) 1 redirects

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 50-116-95-77.unifiedlayer.com

www.shik.platopost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
platopost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.platopost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 184.30.24.22 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-22.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lg3.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 3.208.91.221 (Ashburn, United States) 10 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-208-91-221.compute-1.amazonaws.com

mlfk0me9cpl4.i.optimole.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.101.192 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-192.fra50.r.cloudfront.net

d5jmkjjpb7yfg.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.120.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wd-in-f157.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.196 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.149.62 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 62.149.102.34.bc.googleusercontent.com

navvy.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.181.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 142.250.185.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	338 KB
20	platopost.com 1 redirects www.shik.platopost.com platopost.com www.platopost.com	1 MB
10	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	104 KB
10	optimole.com 10 redirects mlfk0me9cpl4.i.optimole.com	1 KB
10	media.net contextual.media.net lg3.media.net navvy.media.net	111 KB
9	gstatic.com www.gstatic.com fonts.gstatic.com	119 KB
6	google.com 1 redirects adservice.google.com www.google.com	2 KB
4	googleapis.com fonts.googleapis.com	3 KB
4	googletagservices.com www.googletagservices.com	144 KB
3	google.de adservice.google.de www.google.de	1 KB
2	google-analytics.com www.google-analytics.com	20 KB
1	googleadservices.com partner.googleadservices.com	403 B
1	cloudfront.net d5jmkjjpb7yfg.cloudfront.net	4 KB
95	13

	Domain	Requested by
18	platopost.com	platopost.com
16	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
11	pagead2.googlesyndication.com	platopost.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
10	mlfk0me9cpl4.i.optimole.com	10 redirects
9	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
6	contextual.media.net	platopost.com contextual.media.net
5	www.gstatic.com	googleads.g.doubleclick.net
4	fonts.gstatic.com	fonts.googleapis.com
4	fonts.googleapis.com	googleads.g.doubleclick.net
4	www.google.com	1 redirects platopost.com googleads.g.doubleclick.net tpc.googlesyndication.com
4	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	lg3.media.net	platopost.com contextual.media.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.google-analytics.com	platopost.com www.google-analytics.com
1	navvy.media.net	contextual.media.net
1	www.platopost.com	platopost.com
1	www.google.de	platopost.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	d5jmkjjpb7yfg.cloudfront.net	platopost.com
1	www.shik.platopost.com	1 redirects
95	22

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
www.pinterest.com
twitter.com
www.youtube.com
instagram.com
pinterest.com

Subject Issuer	Validity	Valid
*.zeyncraft.com R3	`2021-09-10` - `2021-12-09`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2021-04-12` - `2022-04-20`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh

This page contains 15 frames:

Primary Page: https://platopost.com/
Frame ID: 382D5CCB0F4132F9B5C0549DA9D32AD2
Requests: 45 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210922/r20190131/zrt_lookup.html
Frame ID: 12CCD224C7A8BE41E47EE8765DAC8B94
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CU826FK3&https=1&itype=CM
Frame ID: CA5B576E9F3A742E35C9A958C25965D4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4668011150665668&output=html&adk=1812271804&adf=3025194257&lmt=1632463726&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fplatopost.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632463725908&bpp=2&bdt=617&idt=148&shv=r20210922&mjsv=m202109200201&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4498804957696&frm=20&pv=2&ga_vid=205861954.1632463726&ga_sid=1632463726&ga_hid=512110323&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060047%2C31060566%2C31062920&oid=3&pvsid=1461754569456142&pem=952&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=177
Frame ID: A0E72CC8642BED0469AA4E98244FF0EB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4668011150665668&output=html&h=90&slotname=8453539353&adk=3850326021&adf=335398692&pi=t.ma~as.8453539353&w=728&lmt=1632463726&psa=0&format=728x90&url=https%3A%2F%2Fplatopost.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632463725942&bpp=4&bdt=651&idt=169&shv=r20210922&mjsv=m202109200201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4498804957696&frm=20&pv=1&ga_vid=205861954.1632463726&ga_sid=1632463726&ga_hid=512110323&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=436&ady=130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060047%2C31060566%2C31062920&oid=3&pvsid=1461754569456142&pem=952&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=UuJS390GZJ&p=https%3A//platopost.com&dtd=174
Frame ID: A04D608AFBAD39939DF2DCD96E25B31C
Requests: 13 HTTP requests in this frame

Frame: https://contextual.media.net/4a/nrrV2172.js
Frame ID: 1AFB6155BF21B9E3CD1C66C95197F66B
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4668011150665668&output=html&h=280&adk=718168383&adf=4145038420&pi=t.aa~a.3864170580~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1632463726&rafmt=1&to=qs&pwprc=6332565929&psa=0&format=1200x280&url=https%3A%2F%2Fplatopost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632463726569&bpp=2&bdt=1278&idt=2&shv=r20210922&mjsv=m202109200201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D87563bad587e49f3-2228135248c9005c%3AT%3D1632463726%3ART%3D1632463726%3AS%3DALNI_Mb1K7jMMPQ3xUfYB94EpmWFgcS2uA&prev_fmts=0x0%2C728x90&nras=2&correlator=4498804957696&frm=20&pv=1&ga_vid=205861954.1632463726&ga_sid=1632463726&ga_hid=512110323&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=2432&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060047%2C31060566%2C31062920&oid=3&pvsid=1461754569456142&pem=952&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=tfiyi61o94&p=https%3A//platopost.com&dtd=19
Frame ID: 34F9C6ADBEE2BDCAC42F0D421209DE69
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210922/r20110914/zrt_lookup.html?fsb=1
Frame ID: A0F1E01192EA471E8C048189F8392C3F
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: D3ECEC02AED78A22BB72090EC3FDA657
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: C3D765C4AC58F66BBDD6DFE4D80F96C0
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WAz-nyaJu9uVRUq8NsxhsXGtXViWwv7lV4sP3qP2SqA.js
Frame ID: DDB186D586FB990BB8B96932CF7A1673
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WAz-nyaJu9uVRUq8NsxhsXGtXViWwv7lV4sP3qP2SqA.js
Frame ID: C5E6059CDD37DFD05EB3AFA7C529C46E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WAz-nyaJu9uVRUq8NsxhsXGtXViWwv7lV4sP3qP2SqA.js
Frame ID: F225BD533B73787ECB94D2B2AD424B6E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 8B787A0A6A22DFB392ABF4AD21CA7E7A
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5926A4BD4827350BB292AF6263558AB6
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

PlatoPost International Student Resources - Plato Post

Page URL History Show full URLs

https://www.shik.platopost.com/ HTTP 301
https://platopost.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

95
Requests

100 %
HTTPS

0 %
IPv6

13
Domains

22
Subdomains

18
IPs

2
Countries

1963 kB
Transfer

4878 kB
Size

8
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/platopost/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/platopst/

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/platopost/

Search URL Search Domain Scan URL

URL: https://twitter.com/platopost

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCdw_Sg_1JOpDq5o8JZg0OBQ

Search URL Search Domain Scan URL

URL: https://www.facebook.com/platopost
Title: Like

Search URL Search Domain Scan URL

URL: https://instagram.com/platopst
Title: Follow

Search URL Search Domain Scan URL

URL: https://pinterest.com/platopost
Title: Follow

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.shik.platopost.com/ HTTP 301
https://platopost.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://mlfk0me9cpl4.i.optimole.com/js-lib/v2/latest/optimole_lib_no_poly.min.js HTTP 301
https://d5jmkjjpb7yfg.cloudfront.net/js-lib/v2/latest/optimole_lib_no_poly.min.js

Request Chain 32

https://mlfk0me9cpl4.i.optimole.com/435cp5o.jtje~3f90d/w:auto/h:auto/q:auto/https://www.platopost.com/wp-content/uploads/2018/05/Plato_Post_final272.png HTTP 301
https://www.platopost.com/wp-content/uploads/2018/05/Plato_Post_final272.png

Request Chain 33

https://mlfk0me9cpl4.i.optimole.com/435cp5o.jtje~3f90d/w:auto/h:auto/q:auto/https://platopost.com/wp-content/uploads/2020/03/image_0-1.jpg HTTP 301
https://platopost.com/wp-content/uploads/2020/03/image_0-1.jpg

Request Chain 34

https://mlfk0me9cpl4.i.optimole.com/435cp5o.jtje~3f90d/w:auto/h:auto/q:auto/https://platopost.com/wp-content/uploads/2020/03/image_0.jpg HTTP 301
https://platopost.com/wp-content/uploads/2020/03/image_0.jpg

Request Chain 35

https://mlfk0me9cpl4.i.optimole.com/435cp5o.jtje~3f90d/w:auto/h:auto/q:auto/https://platopost.com/wp-content/uploads/2020/02/image_0.jpg HTTP 301
https://platopost.com/wp-content/uploads/2020/02/image_0.jpg

Request Chain 36

https://mlfk0me9cpl4.i.optimole.com/435cp5o.jtje~3f90d/w:auto/h:auto/q:auto/https://platopost.com/wp-content/uploads/2019/11/Studying.jpg HTTP 301
https://platopost.com/wp-content/uploads/2019/11/Studying.jpg

Request Chain 37

https://mlfk0me9cpl4.i.optimole.com/435cp5o.jtje~3f90d/w:696/h:348/q:auto/https://platopost.com/wp-content/uploads/2017/05/godaddy-domain-auctions.png HTTP 301
https://platopost.com/wp-content/uploads/2017/05/godaddy-domain-auctions.png

Request Chain 38

https://mlfk0me9cpl4.i.optimole.com/435cp5o.jtje~3f90d/w:696/h:435/q:auto/https://platopost.com/wp-content/uploads/2017/03/BT-Panorama-Shines-at-Technology-Awards-2017.jpg HTTP 301
https://platopost.com/wp-content/uploads/2017/03/BT-Panorama-Shines-at-Technology-Awards-2017.jpg

Request Chain 39

https://mlfk0me9cpl4.i.optimole.com/435cp5o.jtje~3f90d/w:696/h:392/q:auto/https://platopost.com/wp-content/uploads/2018/05/10-Tips-to-Increase-Your-Airbnb-Rating-2-min.jpg HTTP 301
https://platopost.com/wp-content/uploads/2018/05/10-Tips-to-Increase-Your-Airbnb-Rating-2-min.jpg

Request Chain 40

https://mlfk0me9cpl4.i.optimole.com/435cp5o.jtje~3f90d/w:696/h:254/q:auto/https://platopost.com/wp-content/uploads/2018/02/Critical-AMP-Issues-Spotted-on-Search-Console-min.png HTTP 301
https://platopost.com/wp-content/uploads/2018/02/Critical-AMP-Issues-Spotted-on-Search-Console-min.png

Request Chain 77

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

95 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
platopost.com/
Redirect Chain

https://www.shik.platopost.com/
https://platopost.com/

380 KB
104 KB

2592ms
2069ms

Document
text/html

50.116.95.77
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://platopost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.116.95.77 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 50-116-95-77.unifiedlayer.com
Software: Apache /
Resource Hash: 5b224ed5b43501d0f3d7dce3e76f70d10514a9e28b673e4396c667ae0977e16a

Request headers

:method: GET
:authority: platopost.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Fri, 24 Sep 2021 06:08:43 GMT
server: Apache
link: <https://platopost.com/wp-json/>; rel="https://api.w.org/", <https://platopost.com/wp-json/wp/v2/pages/4874>; rel="alternate"; type="application/json", <https://platopost.com/>; rel=shortlink, </wp-content/cache/minify/818c0.js>; rel=preload; as=script, </wp-content/cache/minify/96c94.js>; rel=preload; as=script, </wp-content/cache/minify/1615d.js>; rel=preload; as=script, </wp-content/cache/minify/35bdf.css>; rel=preload; as=style, </wp-content/cache/minify/14f92.css>; rel=preload; as=style, </wp-content/cache/minify/ac4e2.css>; rel=preload; as=style
vary: Accept-Encoding
cache-control: max-age=3600
expires: Fri, 24 Sep 2021 07:08:43 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
content-type: text/html; charset=UTF-8
push-policy: default

Redirect headers

date: Fri, 24 Sep 2021 06:08:41 GMT
server: Apache
x-redirect-by: WordPress
vary: Accept-Encoding
location: https://platopost.com/
cache-control: max-age=3600
expires: Fri, 24 Sep 2021 07:08:41 GMT
referrer-policy: no-referrer-when-downgrade
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2 200 818c0.js Show response
platopost.com/wp-content/cache/minify/ 98 KB
34 KB 237ms
0ms Script
application/x-javascript 50.116.95.77
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://platopost.com/wp-content/cache/minify/818c0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.116.95.77 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 50-116-95-77.unifiedlayer.com
Software: Apache /
Resource Hash: a2759e9632fdef7ecd7daa00e87ec1c8345a57be7425b87b649603382cdf007b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platopost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 06:08:45 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 24 Sep 2021 00:55:50 GMT
server: Apache
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 34204
expires: Sat, 24 Sep 2022 06:08:45 GMT

GET
H2 200 96c94.js Show response
platopost.com/wp-content/cache/minify/ 263 KB
64 KB 238ms
0ms Script
application/x-javascript 50.116.95.77
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://platopost.com/wp-content/cache/minify/96c94.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.116.95.77 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 50-116-95-77.unifiedlayer.com
Software: Apache /
Resource Hash: a09669d16e5ce5f8d232e16733891c4a3918d7c78d6c88e8a392d18dd0917212

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platopost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 06:08:45 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Sep 2021 00:48:14 GMT
server: Apache
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 65426
expires: Sat, 24 Sep 2022 06:08:45 GMT

GET
H2 200 1615d.js Show response
platopost.com/wp-content/cache/minify/ 6 KB
2 KB 236ms
0ms Script
application/x-javascript 50.116.95.77
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://platopost.com/wp-content/cache/minify/1615d.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.116.95.77 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 50-116-95-77.unifiedlayer.com
Software: Apache /
Resource Hash: 1a54a1907a6443e3c81608130bfed4546eb0ce5d0c8897e1d7a3b43d89ecc367

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platopost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 06:08:45 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 24 Sep 2021 00:55:49 GMT
server: Apache
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 2356
expires: Sat, 24 Sep 2022 06:08:45 GMT

GET
H2 200 35bdf.css
platopost.com/wp-content/cache/minify/ 62 KB
11 KB 237ms
0ms Stylesheet
text/css 50.116.95.77
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://platopost.com/wp-content/cache/minify/35bdf.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.116.95.77 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 50-116-95-77.unifiedlayer.com
Software: Apache /
Resource Hash: 848d1e7ae47aa43edac6c3478c07892338a6557da80e9d2841274226c16c09e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platopost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 06:08:45 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 24 Sep 2021 00:55:49 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 10785
expires: Sat, 24 Sep 2022 06:08:45 GMT

GET
H2 200 14f92.css
platopost.com/wp-content/cache/minify/ 111 KB
20 KB 237ms
0ms Stylesheet
text/css 50.116.95.77
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://platopost.com/wp-content/cache/minify/14f92.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.116.95.77 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 50-116-95-77.unifiedlayer.com
Software: Apache /
Resource Hash: a2b52662dbb263094b4c1605aa4dae262141d13c36a061909f15ed4b3db73d78

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platopost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 06:08:45 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 24 Sep 2021 00:55:50 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 20187
expires: Sat, 24 Sep 2022 06:08:45 GMT

GET
H2 200 ac4e2.css
platopost.com/wp-content/cache/minify/ 877 KB
90 KB 237ms
0ms Stylesheet
text/css 50.116.95.77
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://platopost.com/wp-content/cache/minify/ac4e2.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.116.95.77 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 50-116-95-77.unifiedlayer.com
Software: Apache /
Resource Hash: cff8489093931cd63f94f31addecc0582b26d8628c3adb797e148a81cf8b27ec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platopost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 06:08:45 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 24 Sep 2021 00:55:50 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 91740
expires: Sat, 24 Sep 2022 06:08:45 GMT

GET
H2 200 lazyload.min.js Show response
platopost.com/wp-content/plugins/w3-total-cache/pub/js/ 6 KB
3 KB 458ms
458ms Script
application/x-javascript 50.116.95.77
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://platopost.com/wp-content/plugins/w3-total-cache/pub/js/lazyload.min.js
Requested by: Host: platopost.com
URL: https://platopost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.116.95.77 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 50-116-95-77.unifiedlayer.com
Software: Apache /
Resource Hash: 1a54a1907a6443e3c81608130bfed4546eb0ce5d0c8897e1d7a3b43d89ecc367

Request headers

:path: /wp-content/plugins/w3-total-cache/pub/js/lazyload.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: platopost.com
referer: https://platopost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://platopost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 06:08:45 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 24 Sep 2021 05:44:32 GMT
server: Apache
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 2563
expires: Sat, 24 Sep 2022 06:08:45 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
49 KB 53ms
31ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: platopost.com
URL: https://platopost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

373026f153c82fe11205cdeb77a88b9902954b8d7b25687707aed67fa881239d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platopost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 06:08:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49937
x-xss-protection: 0
server: cafe
etag: 5331106662363078800
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 24 Sep 2021 06:08:45 GMT

GET
H2 200 dmedianet.js Show response
contextual.media.net/ 142 KB
48 KB 60ms
31ms Script
text/javascript 184.30.24.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/dmedianet.js?cid=8CU826FK3

Requested by

Host: platopost.com
URL: https://platopost.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

eed064ee0a63bc3d81e4d2a6c1fc80a155d135d2dce25f0cf3196b55e9adedb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platopost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-mnt-h: 10-6
content-encoding: gzip
server: Apache
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
etag: "31e8813b0137825a755b9bcb7fa66fb6"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=300
date: Fri, 24 Sep 2021 06:08:45 GMT
strict-transport-security: max-age=604800
x-mnt-w: 8-13
expires: Fri, 24 Sep 2021 06:13:45 GMT

GET
H2

200

optimole_lib_no_poly.min.js Show response
d5jmkjjpb7yfg.cloudfront.net/js-lib/v2/latest/
Redirect Chain

https://mlfk0me9cpl4.i.optimole.com/js-lib/v2/latest/optimole_lib_no_poly.min.js
https://d5jmkjjpb7yfg.cloudfront.net/js-lib/v2/latest/optimole_lib_no_poly.min.js

11 KB
4 KB

50ms
7ms

Script
application/javascript

143.204.101.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d5jmkjjpb7yfg.cloudfront.net/js-lib/v2/latest/optimole_lib_no_poly.min.js
Requested by: Host: platopost.com
URL: https://platopost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.192 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-192.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 147678c10a2683dfe3e4bc2cc613a0f083e3a61e70e8cb08cc04f57a6c26cd9d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platopost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 12 May 2021 14:25:23 GMT
content-encoding: gzip
last-modified: Wed, 12 May 2021 14:24:21 GMT
server: AmazonS3
age: 11634204
etag: W/"8650f7075f59715a5131d5f34cd31f60"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 bab8148a65b29113f79cf2725076287d.cloudfront.net (CloudFront)
cache-control: max-age=31536000,public
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: pgO4Jj5RffxvxvAMKj269cyQ1TaFTTtFnBGCYOUnQbJBm_dFL87nZA==

Redirect headers

location: https://d5jmkjjpb7yfg.cloudfront.net/js-lib/v2/latest/optimole_lib_no_poly.min.js
date: Fri, 24 Sep 2021 06:08:46 GMT
server: fasthttp
content-length: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 28ms
6ms Script
text/javascript 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: platopost.com
URL: https://platopost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platopost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 4605
date: Fri, 24 Sep 2021 04:52:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Fri, 24 Sep 2021 06:52:00 GMT

GET
DATA 200
OK truncated
/ 64 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01caf20e667c8e300960582162f912d9405e9895c32cff1a9ee95511fd509a2c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 121 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 newspaper.woff
platopost.com/wp-content/themes/Newspaper/images/icons/ 121 KB
68 KB 141ms
141ms Font
application/font-woff 50.116.95.77
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://platopost.com/wp-content/themes/Newspaper/images/icons/newspaper.woff?17
Requested by: Host: platopost.com
URL: https://platopost.com/wp-content/cache/minify/14f92.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.116.95.77 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 50-116-95-77.unifiedlayer.com
Software: Apache /
Resource Hash: 905ce0d8fef384dc4f22450bfb19b6811c0704e467f9970d116ac3d8c3e9b700

Request headers

:path: /wp-content/themes/Newspaper/images/icons/newspaper.woff?17
pragma: no-cache
origin: https://platopost.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: platopost.com
referer: https://platopost.com/wp-content/cache/minify/14f92.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://platopost.com/wp-content/cache/minify/14f92.css
Origin: https://platopost.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 06:08:45 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
server: Apache
vary: Accept-Encoding
content-type: application/font-woff
cache-control: max-age=31536000
accept-ranges: bytes
expires: Sat, 24 Sep 2022 06:08:45 GMT

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5c3cb71138ba89f1cf2419b37b83b35f896ec41631b116926520ae31541fd9bb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200201/ 254 KB
94 KB 34ms
33ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4668011150665668&plah=platopost.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

eb586ed69c33c5d94c1a8cc20eabc1c40ab0f64f113ff0b2bfdc86c5649a28a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platopost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 06:08:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 96516
x-xss-protection: 0
server: cafe
etag: 10029732518467611810
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 24 Sep 2021 06:08:45 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210922/r20190131/ Frame 12CC 10 KB
5 KB 28ms
6ms Document
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210922/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

751dcf9dcab28e7704b6c2b25d6288581f8a45af878fd628135cec03d8112eed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210922/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://platopost.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://platopost.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 24 Sep 2021 05:23:04 GMT
expires: Fri, 08 Oct 2021 05:23:04 GMT
content-type: text/html; charset=UTF-8
etag: 14847953055219580247
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4613
x-xss-protection: 0
age: 2741
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 28ms
14ms XHR
text/plain 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&aip=1&a=512110323&t=pageview&_s=1&dl=https%3A%2F%2Fplatopost.com%2F&ul=en-us&de=UTF-8&dt=PlatoPost%20International%20Student%20Resources%20-%20Plato%20Post&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1540765760&gjid=508019382&cid=205861954.1632463726&tid=UA-93017583-1&_gid=1801873788.1632463726&_r=1&_slc=1&z=751783786

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://platopost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 24 Sep 2021 06:08:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://platopost.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 elements.png
platopost.com/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/sprite/ 4 KB
4 KB 132ms
131ms Image
image/png 50.116.95.77
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platopost.com/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/sprite/elements.png
Requested by: Host: platopost.com
URL: https://platopost.com/wp-content/cache/minify/ac4e2.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.116.95.77 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 50-116-95-77.unifiedlayer.com
Software: Apache /
Resource Hash: f6287abfc98a913c318b4348a67f84a2d5432ee57f2ece29904a76fb4eff1167

Request headers

:path: /wp-content/plugins/td-composer/legacy/Newspaper/assets/images/sprite/elements.png
pragma: no-cache
cookie: _ga=GA1.2.205861954.1632463726; _gid=GA1.2.1801873788.1632463726; _gat=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: platopost.com
referer: https://platopost.com/wp-content/cache/minify/ac4e2.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://platopost.com/wp-content/cache/minify/ac4e2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 06:08:46 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 22 Apr 2020 04:37:45 GMT
server: Apache
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 4324
expires: Sat, 24 Sep 2022 06:08:46 GMT

GET
H2 200 fcmain.js Show response
contextual.media.net/1017354394/ 78 KB
25 KB 419ms
418ms Script
text/javascript 184.30.24.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/1017354394/fcmain.js?cb=window._mNDetails.initAd&&gdpr=1&cid=8CU826FK3&cpcd=A-FY9Apkn6jUo3eeV5Jd0A%3D%3D&crid=684651032&size=300x250&cc=DE&https=1&vif=1&requrl=https%3A%2F%2Fplatopost.com%2F&nse=5&vi=1632463725995180175&ugd=4&nb=1

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CU826FK3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

50440adad8084370bd4c9c2d41989284be961bbab1c2ec13a3be1875d62302e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platopost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
x-mnt-hl2: 10-3
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=0, no-cache, no-store
date: Fri, 24 Sep 2021 06:08:46 GMT
x-mnt-w: 21-7xdz, 21-mzb7
content-length: 25605
expires: Fri, 24 Sep 2021 06:08:46 GMT

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame CA5B 15 KB
6 KB 46ms
46ms Document
text/html 184.30.24.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CU826FK3&https=1&itype=CM

Requested by

Host: platopost.com
URL: https://platopost.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

f47bb05e7d966c232b0ddd69a6b6374d25177676c3e2f0ad5253f9e29b1b3618

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

:method: GET
:authority: contextual.media.net
:scheme: https
:path: /checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CU826FK3&https=1&itype=CM
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://platopost.com/
accept-encoding: gzip, deflate, br
cookie: gdpr_status=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://platopost.com/

Response headers

server: Apache
content-type: text/html; charset=UTF-8
set-cookie: gdpr_status=1; Expires=Mon, 28 Mar 2022 06:08:46 GMT; domain=.media.net; Path=/; sameSite=none; secure=true
x-mnet-hl2: E
strict-transport-security: max-age=604800
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=172800
expires: Sun, 26 Sep 2021 06:08:46 GMT
date: Fri, 24 Sep 2021 06:08:46 GMT
content-length: 5706

GET
H2 200 bping.php
lg3.media.net/ 35 B
189 B 28ms
11ms Image
image/gif 184.30.24.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bping.php?&gdpr=1&prid=8PRHGG6T9&cid=8CU826FK3&crid=684651032&vi=1632463725995180175&ugd=4&lf=6&cc=DE&sc=HE&lper=100&wsip=2886781044&r=1632463726030&requrl=https%3A%2F%2Fplatopost.com%2F&vgd_l2type=setting&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=33438&vgd_rakh=1632463725107340265&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fdmedianet.js&vgd_pgid=p01922177812t202109240608&vgd_pgids=1&vgd_uspa=0&hvsid=00001632463726024036324930567569&gdpr=1&vgd_end=1

Requested by

Host: platopost.com
URL: https://platopost.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platopost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
server: Apache
date: Fri, 24 Sep 2021 06:08:46 GMT
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Fri, 24 Sep 2021 06:08:46 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
461 B 44ms
14ms XHR
text/plain 172.253.120.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-93017583-1&cid=205861954.1632463726&jid=1540765760&gjid=508019382&_gid=1801873788.1632463726&_u=YEBAAEAAAAAAAC~&z=1258891805

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.120.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wd-in-f157.1e100.net

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://platopost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 24 Sep 2021 06:08:46 GMT
content-type: text/plain
access-control-allow-origin: https://platopost.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 203 B
403 B 17ms
15ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=platopost.com&callback=_gfp_s_&client=ca-pub-4668011150665668

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4668011150665668&plah=platopost.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

e0cec9b2940d313bcba9f626751d67949db71537a004a44454880783d496d8c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platopost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 06:08:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 194
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 37ms
16ms Script
application/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=platopost.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platopost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 24 Sep 2021 06:08:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 39ms
16ms Script
application/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=platopost.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platopost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 24 Sep 2021 06:08:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A0E7 170 KB
41 KB 421ms
406ms Document
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4668011150665668&output=html&adk=1812271804&adf=3025194257&lmt=1632463726&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fplatopost.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632463725908&bpp=2&bdt=617&idt=148&shv=r20210922&mjsv=m202109200201&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4498804957696&frm=20&pv=2&ga_vid=205861954.1632463726&ga_sid=1632463726&ga_hid=512110323&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060047%2C31060566%2C31062920&oid=3&pvsid=1461754569456142&pem=952&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=177

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

d5cf1c11b3db6768cffbf37eea20b58f111f576d68015bf81e035d2a42e6f49f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4668011150665668&output=html&adk=1812271804&adf=3025194257&lmt=1632463726&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fplatopost.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632463725908&bpp=2&bdt=617&idt=148&shv=r20210922&mjsv=m202109200201&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4498804957696&frm=20&pv=2&ga_vid=205861954.1632463726&ga_sid=1632463726&ga_hid=512110323&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060047%2C31060566%2C31062920&oid=3&pvsid=1461754569456142&pem=952&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=177
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://platopost.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://platopost.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 24 Sep 2021 06:08:46 GMT
server: cafe
content-length: 41805
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 24-Sep-2021 06:23:46 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 24 Sep 2021 06:08:46 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
28 KB 43ms
21ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

sffe /

Resource Hash

3a7ad5974f3d165d1a83149795afe792e241b0e6a41078c6e14bcecc5449934e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platopost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 06:08:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27652
x-xss-protection: 0
server: sffe
etag: "1632310961004595"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Fri, 24 Sep 2021 06:08:46 GMT

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a0ea2fa35271c78084c0244430b865af459ba144154779a691b70fedb0a3f0e8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
522 B 42ms
19ms Image
image/gif 142.250.184.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-93017583-1&cid=205861954.1632463726&jid=1540765760&_u=YEBAAEAAAAAAAC~&z=1671324781

Requested by

Host: platopost.com
URL: https://platopost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platopost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Sep 2021 06:08:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
522 B 40ms
18ms Image
image/gif 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-93017583-1&cid=205861954.1632463726&jid=1540765760&_u=YEBAAEAAAAAAAC~&z=1671324781

Requested by

Host: platopost.com
URL: https://platopost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platopost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Sep 2021 06:08:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A04D 75 KB
26 KB 654ms
653ms Document
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4668011150665668&output=html&h=90&slotname=8453539353&adk=3850326021&adf=335398692&pi=t.ma~as.8453539353&w=728&lmt=1632463726&psa=0&format=728x90&url=https%3A%2F%2Fplatopost.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632463725942&bpp=4&bdt=651&idt=169&shv=r20210922&mjsv=m202109200201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4498804957696&frm=20&pv=1&ga_vid=205861954.1632463726&ga_sid=1632463726&ga_hid=512110323&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=436&ady=130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060047%2C31060566%2C31062920&oid=3&pvsid=1461754569456142&pem=952&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=UuJS390GZJ&p=https%3A//platopost.com&dtd=174

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

8d12b955fc736e66f7261e5dbc0a7abbe8b633c96fc4851fd6b1b53fef051b82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4668011150665668&output=html&h=90&slotname=8453539353&adk=3850326021&adf=335398692&pi=t.ma~as.8453539353&w=728&lmt=1632463726&psa=0&format=728x90&url=https%3A%2F%2Fplatopost.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632463725942&bpp=4&bdt=651&idt=169&shv=r20210922&mjsv=m202109200201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4498804957696&frm=20&pv=1&ga_vid=205861954.1632463726&ga_sid=1632463726&ga_hid=512110323&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=436&ady=130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060047%2C31060566%2C31062920&oid=3&pvsid=1461754569456142&pem=952&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=UuJS390GZJ&p=https%3A//platopost.com&dtd=174
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://platopost.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://platopost.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 24 Sep 2021 06:08:46 GMT
server: cafe
content-length: 26876
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 24-Sep-2021 06:23:46 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 24 Sep 2021 06:08:46 GMT
cache-control: private

GET
H2

200

Plato_Post_final272.png
www.platopost.com/wp-content/uploads/2018/05/
Redirect Chain

https://mlfk0me9cpl4.i.optimole.com/435cp5o.jtje~3f90d/w:auto/h:auto/q:auto/https://www.platopost.com/wp-content/uploads/2018/05/Plato_Post_final272.png
https://www.platopost.com/wp-content/uploads/2018/05/Plato_Post_final272.png

2 KB
3 KB

292ms
167ms

Image
image/png

50.116.95.77
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.platopost.com/wp-content/uploads/2018/05/Plato_Post_final272.png
Requested by: Host: platopost.com
URL: https://platopost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.116.95.77 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 50-116-95-77.unifiedlayer.com
Software: Apache /
Resource Hash: db52439157b2bd75d5c0cf2a6954843cfae078309b613258e3d1fced4763f211

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platopost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 06:08:46 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 25 Jan 2019 05:48:03 GMT
server: Apache
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 2528
expires: Sat, 24 Sep 2022 06:08:46 GMT

Redirect headers

location: https://www.platopost.com/wp-content/uploads/2018/05/Plato_Post_final272.png
date: Fri, 24 Sep 2021 06:08:46 GMT
server: fasthttp
content-length: 0
x-redirect-o: 7

GET
H2

200

image_0-1.jpg
platopost.com/wp-content/uploads/2020/03/
Redirect Chain

https://mlfk0me9cpl4.i.optimole.com/435cp5o.jtje~3f90d/w:auto/h:auto/q:auto/https://platopost.com/wp-content/uploads/2020/03/image_0-1.jpg
https://platopost.com/wp-content/uploads/2020/03/image_0-1.jpg

38 KB
38 KB

169ms
168ms

Image
image/jpeg

50.116.95.77
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platopost.com/wp-content/uploads/2020/03/image_0-1.jpg
Requested by: Host: platopost.com
URL: https://platopost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.116.95.77 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 50-116-95-77.unifiedlayer.com
Software: Apache /
Resource Hash: 7c208f3451e4fa207036cce55be5c4cd3563386f3a864bbed1c07da1e5846ef8

Request headers

:path: /wp-content/uploads/2020/03/image_0-1.jpg
pragma: no-cache
cookie: _ga=GA1.2.205861954.1632463726; _gid=GA1.2.1801873788.1632463726; _gat=1; session_depth=platopost.com%3D1%7C684651032%3D1; __gads=ID=87563bad587e49f3-2228135248c9005c:T=1632463726:RT=1632463726:S=ALNI_Mb1K7jMMPQ3xUfYB94EpmWFgcS2uA
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: platopost.com
referer: https://platopost.com/
:scheme: https
sec-fetch-site: cross-site
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://platopost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 06:08:46 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 27 Mar 2020 16:52:38 GMT
server: Apache
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 38979
expires: Sat, 24 Sep 2022 06:08:46 GMT

Redirect headers

location: https://platopost.com/wp-content/uploads/2020/03/image_0-1.jpg
date: Fri, 24 Sep 2021 06:08:46 GMT
server: fasthttp
content-length: 0
x-redirect-o: 7

GET
H2

200

image_0.jpg
platopost.com/wp-content/uploads/2020/03/
Redirect Chain

https://mlfk0me9cpl4.i.optimole.com/435cp5o.jtje~3f90d/w:auto/h:auto/q:auto/https://platopost.com/wp-content/uploads/2020/03/image_0.jpg
https://platopost.com/wp-content/uploads/2020/03/image_0.jpg

95 KB
96 KB

129ms
128ms

Image
image/jpeg

50.116.95.77
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platopost.com/wp-content/uploads/2020/03/image_0.jpg
Requested by: Host: platopost.com
URL: https://platopost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.116.95.77 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 50-116-95-77.unifiedlayer.com
Software: Apache /
Resource Hash: 4a90d0866dec880a28084299c4e244736e91bba8eec3aecbeeb566e28a7d9c28

Request headers

:path: /wp-content/uploads/2020/03/image_0.jpg
pragma: no-cache
cookie: _ga=GA1.2.205861954.1632463726; _gid=GA1.2.1801873788.1632463726; _gat=1; session_depth=platopost.com%3D1%7C684651032%3D1; __gads=ID=87563bad587e49f3-2228135248c9005c:T=1632463726:RT=1632463726:S=ALNI_Mb1K7jMMPQ3xUfYB94EpmWFgcS2uA
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: platopost.com
referer: https://platopost.com/
:scheme: https
sec-fetch-site: cross-site
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://platopost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 06:08:46 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 13 Mar 2020 18:58:31 GMT
server: Apache
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 97483
expires: Sat, 24 Sep 2022 06:08:46 GMT

Redirect headers

location: https://platopost.com/wp-content/uploads/2020/03/image_0.jpg
date: Fri, 24 Sep 2021 06:08:46 GMT
server: fasthttp
content-length: 0
x-redirect-o: 7

GET
H2

200

image_0.jpg
platopost.com/wp-content/uploads/2020/02/
Redirect Chain

https://mlfk0me9cpl4.i.optimole.com/435cp5o.jtje~3f90d/w:auto/h:auto/q:auto/https://platopost.com/wp-content/uploads/2020/02/image_0.jpg
https://platopost.com/wp-content/uploads/2020/02/image_0.jpg

21 KB
21 KB

128ms
127ms

Image
image/jpeg

50.116.95.77
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platopost.com/wp-content/uploads/2020/02/image_0.jpg
Requested by: Host: platopost.com
URL: https://platopost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.116.95.77 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 50-116-95-77.unifiedlayer.com
Software: Apache /
Resource Hash: d281b09745f8f16e0d457b034405c2badc853d0e66a8a2968d107a8067b65732

Request headers

:path: /wp-content/uploads/2020/02/image_0.jpg
pragma: no-cache
cookie: _ga=GA1.2.205861954.1632463726; _gid=GA1.2.1801873788.1632463726; _gat=1; session_depth=platopost.com%3D1%7C684651032%3D1; __gads=ID=87563bad587e49f3-2228135248c9005c:T=1632463726:RT=1632463726:S=ALNI_Mb1K7jMMPQ3xUfYB94EpmWFgcS2uA
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: platopost.com
referer: https://platopost.com/
:scheme: https
sec-fetch-site: cross-site
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://platopost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 06:08:46 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 28 Feb 2020 23:06:14 GMT
server: Apache
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 21698
expires: Sat, 24 Sep 2022 06:08:46 GMT

Redirect headers

location: https://platopost.com/wp-content/uploads/2020/02/image_0.jpg
date: Fri, 24 Sep 2021 06:08:46 GMT
server: fasthttp
content-length: 0
x-redirect-o: 7

GET
H2

200

Studying.jpg
platopost.com/wp-content/uploads/2019/11/
Redirect Chain

https://mlfk0me9cpl4.i.optimole.com/435cp5o.jtje~3f90d/w:auto/h:auto/q:auto/https://platopost.com/wp-content/uploads/2019/11/Studying.jpg
https://platopost.com/wp-content/uploads/2019/11/Studying.jpg

369 KB
372 KB

169ms
169ms

Image
image/jpeg

50.116.95.77
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platopost.com/wp-content/uploads/2019/11/Studying.jpg
Requested by: Host: platopost.com
URL: https://platopost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.116.95.77 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 50-116-95-77.unifiedlayer.com
Software: Apache /
Resource Hash: 6df13880e4c9f5bbbc14cd449cca8b447a13a9ac76498da81dd4c27b07ee69a7

Request headers

:path: /wp-content/uploads/2019/11/Studying.jpg
pragma: no-cache
cookie: _ga=GA1.2.205861954.1632463726; _gid=GA1.2.1801873788.1632463726; _gat=1; session_depth=platopost.com%3D1%7C684651032%3D1; __gads=ID=87563bad587e49f3-2228135248c9005c:T=1632463726:RT=1632463726:S=ALNI_Mb1K7jMMPQ3xUfYB94EpmWFgcS2uA
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: platopost.com
referer: https://platopost.com/
:scheme: https
sec-fetch-site: cross-site
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://platopost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 06:08:46 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 27 Nov 2019 17:24:10 GMT
server: Apache
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 377735
expires: Sat, 24 Sep 2022 06:08:46 GMT

Redirect headers

location: https://platopost.com/wp-content/uploads/2019/11/Studying.jpg
date: Fri, 24 Sep 2021 06:08:46 GMT
server: fasthttp
content-length: 0
x-redirect-o: 7

GET
H2

200

godaddy-domain-auctions.png
platopost.com/wp-content/uploads/2017/05/
Redirect Chain

https://mlfk0me9cpl4.i.optimole.com/435cp5o.jtje~3f90d/w:696/h:348/q:auto/https://platopost.com/wp-content/uploads/2017/05/godaddy-domain-auctions.png
https://platopost.com/wp-content/uploads/2017/05/godaddy-domain-auctions.png

22 KB
22 KB

129ms
128ms

Image
image/png

50.116.95.77
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platopost.com/wp-content/uploads/2017/05/godaddy-domain-auctions.png
Requested by: Host: platopost.com
URL: https://platopost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.116.95.77 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 50-116-95-77.unifiedlayer.com
Software: Apache /
Resource Hash: 5745757593203cb3a222d3e3c37ed39c1b66d800222c4f9111fa2c9db2d54fdd

Request headers

:path: /wp-content/uploads/2017/05/godaddy-domain-auctions.png
pragma: no-cache
cookie: _ga=GA1.2.205861954.1632463726; _gid=GA1.2.1801873788.1632463726; _gat=1; session_depth=platopost.com%3D1%7C684651032%3D1; __gads=ID=87563bad587e49f3-2228135248c9005c:T=1632463726:RT=1632463726:S=ALNI_Mb1K7jMMPQ3xUfYB94EpmWFgcS2uA
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: platopost.com
referer: https://platopost.com/
:scheme: https
sec-fetch-site: cross-site
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://platopost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 06:08:46 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 25 Jan 2019 06:06:02 GMT
server: Apache
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 22675
expires: Sat, 24 Sep 2022 06:08:46 GMT

Redirect headers

location: https://platopost.com/wp-content/uploads/2017/05/godaddy-domain-auctions.png
date: Fri, 24 Sep 2021 06:08:46 GMT
server: fasthttp
content-length: 0
x-redirect-o: 7

GET
H2

200

BT-Panorama-Shines-at-Technology-Awards-2017.jpg
platopost.com/wp-content/uploads/2017/03/
Redirect Chain

https://mlfk0me9cpl4.i.optimole.com/435cp5o.jtje~3f90d/w:696/h:435/q:auto/https://platopost.com/wp-content/uploads/2017/03/BT-Panorama-Shines-at-Technology-Awards-2017.jpg
https://platopost.com/wp-content/uploads/2017/03/BT-Panorama-Shines-at-Technology-Awards-2017.jpg

75 KB
75 KB

168ms
168ms

Image
image/jpeg

50.116.95.77
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platopost.com/wp-content/uploads/2017/03/BT-Panorama-Shines-at-Technology-Awards-2017.jpg
Requested by: Host: platopost.com
URL: https://platopost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.116.95.77 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 50-116-95-77.unifiedlayer.com
Software: Apache /
Resource Hash: 7a237010c84fcd29a161c3706a968376777e647af07145576befa4107e46717c

Request headers

:path: /wp-content/uploads/2017/03/BT-Panorama-Shines-at-Technology-Awards-2017.jpg
pragma: no-cache
cookie: _ga=GA1.2.205861954.1632463726; _gid=GA1.2.1801873788.1632463726; _gat=1; session_depth=platopost.com%3D1%7C684651032%3D1; __gads=ID=87563bad587e49f3-2228135248c9005c:T=1632463726:RT=1632463726:S=ALNI_Mb1K7jMMPQ3xUfYB94EpmWFgcS2uA
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: platopost.com
referer: https://platopost.com/
:scheme: https
sec-fetch-site: cross-site
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://platopost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 06:08:46 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 25 Jan 2019 06:07:54 GMT
server: Apache
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 76582
expires: Sat, 24 Sep 2022 06:08:46 GMT

Redirect headers

location: https://platopost.com/wp-content/uploads/2017/03/BT-Panorama-Shines-at-Technology-Awards-2017.jpg
date: Fri, 24 Sep 2021 06:08:46 GMT
server: fasthttp
content-length: 0
x-redirect-o: 7

GET
H2

200

10-Tips-to-Increase-Your-Airbnb-Rating-2-min.jpg
platopost.com/wp-content/uploads/2018/05/
Redirect Chain

https://mlfk0me9cpl4.i.optimole.com/435cp5o.jtje~3f90d/w:696/h:392/q:auto/https://platopost.com/wp-content/uploads/2018/05/10-Tips-to-Increase-Your-Airbnb-Rating-2-min.jpg
https://platopost.com/wp-content/uploads/2018/05/10-Tips-to-Increase-Your-Airbnb-Rating-2-min.jpg

44 KB
44 KB

168ms
168ms

Image
image/jpeg

50.116.95.77
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platopost.com/wp-content/uploads/2018/05/10-Tips-to-Increase-Your-Airbnb-Rating-2-min.jpg
Requested by: Host: platopost.com
URL: https://platopost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.116.95.77 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 50-116-95-77.unifiedlayer.com
Software: Apache /
Resource Hash: debec66396d52822e60c10199fb4912671baefa9c883d1384bad6249f306abad

Request headers

:path: /wp-content/uploads/2018/05/10-Tips-to-Increase-Your-Airbnb-Rating-2-min.jpg
pragma: no-cache
cookie: _ga=GA1.2.205861954.1632463726; _gid=GA1.2.1801873788.1632463726; _gat=1; session_depth=platopost.com%3D1%7C684651032%3D1; __gads=ID=87563bad587e49f3-2228135248c9005c:T=1632463726:RT=1632463726:S=ALNI_Mb1K7jMMPQ3xUfYB94EpmWFgcS2uA
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: platopost.com
referer: https://platopost.com/
:scheme: https
sec-fetch-site: cross-site
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://platopost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 06:08:46 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 25 Jan 2019 05:48:19 GMT
server: Apache
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 45116
expires: Sat, 24 Sep 2022 06:08:46 GMT

Redirect headers

location: https://platopost.com/wp-content/uploads/2018/05/10-Tips-to-Increase-Your-Airbnb-Rating-2-min.jpg
date: Fri, 24 Sep 2021 06:08:46 GMT
server: fasthttp
content-length: 0
x-redirect-o: 7

GET
H2

200

Critical-AMP-Issues-Spotted-on-Search-Console-min.png
platopost.com/wp-content/uploads/2018/02/
Redirect Chain

https://mlfk0me9cpl4.i.optimole.com/435cp5o.jtje~3f90d/w:696/h:254/q:auto/https://platopost.com/wp-content/uploads/2018/02/Critical-AMP-Issues-Spotted-on-Search-Console-min.png
https://platopost.com/wp-content/uploads/2018/02/Critical-AMP-Issues-Spotted-on-Search-Console-min.png

46 KB
47 KB

201ms
201ms

Image
image/png

50.116.95.77
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platopost.com/wp-content/uploads/2018/02/Critical-AMP-Issues-Spotted-on-Search-Console-min.png
Requested by: Host: platopost.com
URL: https://platopost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.116.95.77 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 50-116-95-77.unifiedlayer.com
Software: Apache /
Resource Hash: cbbedc4b6dd1d7413a821121014e09de6b1b4d9e30b0a5e4e447826f0ddafedb

Request headers

:path: /wp-content/uploads/2018/02/Critical-AMP-Issues-Spotted-on-Search-Console-min.png
pragma: no-cache
cookie: _ga=GA1.2.205861954.1632463726; _gid=GA1.2.1801873788.1632463726; _gat=1; session_depth=platopost.com%3D1%7C684651032%3D1; __gads=ID=87563bad587e49f3-2228135248c9005c:T=1632463726:RT=1632463726:S=ALNI_Mb1K7jMMPQ3xUfYB94EpmWFgcS2uA
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: platopost.com
referer: https://platopost.com/
:scheme: https
sec-fetch-site: cross-site
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://platopost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 06:08:46 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 25 Jan 2019 05:54:34 GMT
server: Apache
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 47562
expires: Sat, 24 Sep 2022 06:08:46 GMT

Redirect headers

location: https://platopost.com/wp-content/uploads/2018/02/Critical-AMP-Issues-Spotted-on-Search-Console-min.png
date: Fri, 24 Sep 2021 06:08:46 GMT
server: fasthttp
content-length: 0
x-redirect-o: 7

GET
H2 200 nrrV2172.js Show response
contextual.media.net/4a/ Frame 1AFB 91 KB
30 KB 19ms
18ms Script
text/javascript 184.30.24.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/4a/nrrV2172.js

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CU826FK3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

fa023c475d34f145800df65815557833824b8d8394804b1f3bfbd9906feef758

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platopost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: max-age=2592000
strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
etag: "9978b7063e297d84bb2ac8e46c1c845f"
vary: Accept-Encoding
x-mnet-h: 8-8
content-type: text/javascript; charset=utf-8
cache-control: max-age=1209600
date: Fri, 24 Sep 2021 06:08:46 GMT
content-length: 30044
expires: Fri, 08 Oct 2021 06:08:46 GMT

GET
H2 200 1x1.gif
contextual.media.net/__media__/pics/800028474/ Frame 1AFB 42 B
204 B 8ms
8ms Image
image/gif 184.30.24.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/__media__/pics/800028474/1x1.gif

Requested by

Host: platopost.com
URL: https://platopost.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platopost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 06:08:46 GMT
last-modified: Mon, 04 Jun 2018 10:04:19 GMT
server: Apache
strict-transport-security: max-age=604800
content-type: image/gif
cache-control: max-age=281544
accept-ranges: bytes
content-length: 42
expires: Mon, 27 Sep 2021 12:21:10 GMT

GET
DATA 200
OK truncated
/ Frame 1AFB 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 1AFB 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 bullet13.woff
contextual.media.net/__media__/fonts/bullet13/ Frame 1AFB 2 KB
2 KB 24ms
9ms Font
application/font-woff 184.30.24.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/__media__/fonts/bullet13/bullet13.woff

Requested by

Host: platopost.com
URL: https://platopost.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

6139b4d0af528ec1d0e26ae865c1ca04ac061d844ffa6ccc9e4adaa3af93a2f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://platopost.com/
Origin: https://platopost.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 06:08:46 GMT
last-modified: Mon, 16 May 2016 10:39:41 GMT
server: Apache
strict-transport-security: max-age=604800
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 1692
expires: Sat, 25 Sep 2021 06:08:46 GMT

GET
H2 200 bql.php Show response
lg3.media.net/ Frame 1AFB 15 B
216 B 9ms
7ms Script
text/javascript 184.30.24.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lg3.media.net/bql.php?&vgd_l2type=setting&v=1&gdpr=1&hvsid=00001632463726024036324930567569&geo=50.12|8.68&dlper=25&lper=100&fp=_NgUho9b7X7EF2aVZUAIspSBGG2E6BMfGavdTBhuJUBtQ2lSC1zVv55vP9Vw40b5W4nrkaweYJXrWhSad-zuqivaDwj3vQc_Oj4NrO6cKGKimJRfnN9eGAZyJPNFpaOn&lpid=&tsid=1&q=&prv=&type=&ps=&cme=XVK9LqZbwBgefhVrgJ-fO6u8IQRdw9DJFXzQMWBlh6vd_8rRf3ftpUyI41Lc-RsifuyIJ3mMuwB5yk4In1PruJClToUCswmBewCwAnwlmWhqAsQjnCGYi32OWGpwWc3PjZXPM6ToRU9gk8IllY0MeJaEkAlRFV57nVEL3Sq8EodN3b-bU6QKXHQ5nnYcL5VUV36EA3j6VPL0d87w-_8dIVmy7XCWoqeaAwVpGCslI8E%3D%7C%7CNDHRnZ9Gz3KXlI-i9OnZqQ%3D%3D%7C5gDUJdTGiJzedmq9hanWYg%3D%3D%7CsRBSg3CPSiQ%3D%7CYdjFvixrVaF_amUgqDlHywaZOL2mbfkCiZe8vfOHt3M%3D%7CN7fu2vKt8_s%3D%7Cqu_fwwVQwrgzQhMI3UIfj03P9BWA9OuxSq7xPzR8cOx2_XAxm6sH3TAKU9YHkDOkqBCqk9giKNSiQcgq8Le_nJ7eAM-RqqxeFS_u64jqgAc4mCMpmNuCFp0PeY2vqXqm2vxetXJHYyQvG3DwPEZG82x6RXdC_JYu2jVhKVffd3AIiAZUaDeuBEnUn5lRk_pc7ig4pNoX28RgVvukNqkr04F6F2pa49GR%7C&hint=&td=&cc=DE&wsip=170721612&bca=0&ugd=4&vgd_chost=contextual.media.net&vgd_fcic=1&vgde_kbbh=fuoyxQBuG&vgde_setid=Nfu&&rc=0&ksu=207&fdkt=267&kwd[]=My%20Grade%20Book&kwt[]=267&kbc[]=87778&kwp[]=1&kid[]=19995250&kbc2[]=87778%7C%7C%7C%7Cps%3D0.622%7C%7Crpc%3D0.64%7C%7Clvl%3D1.00&ktd[]=824650563840&kwd[]=New%20Medical%20Schools&kwt[]=267&kbc[]=87778&kwp[]=2&kid[]=20413917&kbc2[]=87778%7C%7C%7C%7Cps%3D0.622%7C%7Crpc%3D1.00%7C%7Clvl%3D1.00&ktd[]=274911527168&kwd[]=Back%20to%20School%20Supply%20List&kwt[]=267&kbc[]=87778&kwp[]=3&kid[]=46013026&kbc2[]=87778%7C%7C%7C%7Cps%3D0.622%7C%7Crpc%3D0.05%7C%7Clvl%3D1.00&ktd[]=274911527168&kwd[]=Lunch%20Ideas%20for%20Kids&kwt[]=267&kbc[]=87778&kwp[]=4&kid[]=18044775&kbc2[]=87778%7C%7C%7C%7Cps%3D0.622%7C%7Crpc%3D0.60%7C%7Clvl%3D1.00&ktd[]=274911527168&kwd[]=Top%20Medical%20Schools&kwt[]=267&kbc[]=87778&kwp[]=5&kid[]=28651001&kbc2[]=87778%7C%7C%7C%7Cps%3D0.622%7C%7Crpc%3D0.07%7C%7Clvl%3D1.00&ktd[]=274911527168&rand=1632463726494&cid=8CU826FK3&vwid=1632463725995180175&vi=1632463725995180175&l3ch=0&slnkp=no&tdAdd[]=ib=0&vgd_uspa=0&vgd_sc=HE&vgd_l1rakh=1632463725107340265&vgd_l1rhst=contextual.media.net&vgd_lhl=877&tdAdd[]=%7C%40%7Csde%3D1%7C%40%7Cadepth%3D1%7C%40%7Cddepth%3D1%7C%40%7Cfsap%3D0&vgd_ifrmode=00&sttm=1632463726024&upk=1632463726.11129&hvsid=00001632463726024036324930567569&verid=3121199&kbbq=%26sde%3D1%26adepth%3D1%26ddepth%3D1%26asn%3D33438&vgd_isiolc=1&pid=8PO7H45SR&katen=1&pc=10&vgd_pgid=p01922177812t202109240608&matm=1632463726500&vgd_ltime=487&vgd_ltimesrc=2&abpl=2&tdAdd[]=nw%3DNone&tdAdd[]=nwType%3DNone&tdAdd[]=asnum%3D33438&tdAdd[]=proxy%3DNone&tdAdd[]=comp%3DNone&vgd_l3_sc=HE&vgd_l1ch=1&vgd_katid=807056982&vgd_katbid=-21&vgd_kals=ttype%3D10007%7C%7Cpc%3D10&vgd_kasts=tstype%3D-10408%7C%7Cgbid%3D-1&vgd_altbql=sb&vgd_pdtid=1&vgd_implt=3&vgd_sbSup=1&vgd_l2wsip=170721638&vgd_nrrsf=nrr&vgd_nrrv=2172&vgd_nrrs=2172&vgd_nrrmf=4a&vgd_cntrdt=AS%7CDIV-684651032%7CDIV&vgd_x_pos=1040&vgd_y_pos=578&vgd_ren_page_h=5655&vgd_cty=FRANKFURT&vgd_l1hcsd=N6%7C6328&vgd_sethcsd=N3%7C6273&vgd_cfud=200219&vgd_is_amp=0&vgd_icat=52&vgd_spcat=500283&vgd_optout=0&vgd_l2ch=1&vgd_ect=4g&vgd_rensize=336_250&vgd_scr_h=1200&vgd_scr_w=1600&vgd_mbr=1&vgd_l1rpth=%2Fdmedianet.js&vgd_pgids=1&requrl=https%3A%2F%2Fplatopost.com&oRurl=http%3A%2F%2Fcdn3gor%2Fmediamain.html%3F%26nb%3D1%26settings%3D1%26%26cc%3DDE%26isOffice%3D0%26fvips%3D0%26vi%3D1632463725995180175%26esi%3D1%26size%3D300x250%26crid%3D684651032%26vpf%3D000%26cid%3D8CU826FK3%26ugd%3D4%26chost%3Dcontextual.media.net%26vif%3D1%26blacpfl%3D1%26https%3D1%26blapd%3D0%26nse%3D5%26baeFlag%3D0%26cpcd%3DA-FY9Apkn6jUo3eeV5Jd0A%253d%253d%26nb%3D1%26cb%3Dwindow._mNDetails.initAd%26gdpr%3D1%26pid%3D8PO7H45SR%26requrl%3Dhttps%253a%252f%252fplatopost.com%26%26katid%3D807056982%26katen%3D1%26katbid%3D-21&tdAdd[]=uiparams%3D%3Brend_w%3A336%3Brend_h%3A250%3Bwin_w%3A1600%3Bwin_h%3A1200%3Bkwd_scnt%3A5&vgd_end=1

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/4a/nrrV2172.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platopost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
server: Apache
date: Fri, 24 Sep 2021 06:08:46 GMT
ntcoent-length: 15
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 15
expires: Fri, 24 Sep 2021 06:08:46 GMT

POST
H2 200 log
navvy.media.net/ Frame 1AFB 35 B
207 B 208ms
161ms Ping
image/gif 34.102.149.62
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://navvy.media.net/log
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/4a/nrrV2172.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.149.62 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 62.149.102.34.bc.googleusercontent.com
Software: Jetty(9.4.7.v20170914) /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Referer: https://platopost.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 24 Sep 2021 06:08:46 GMT
via: 1.1 google
server: Jetty(9.4.7.v20170914)
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache,no-store
alt-svc: clear
content-length: 35
expires: Fri, 24 Sep 2021 06:08:46 GMT

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200201/ 145 KB
52 KB 40ms
40ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200201/reactive_library_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

a1bb8c132ee1e4dc6b4d970f36be01513ceef56c746b191d43d04a4294d5150c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platopost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 06:08:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53026
x-xss-protection: 0
server: cafe
etag: 3081738290259803788
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 24 Sep 2021 06:08:46 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 30ms
16ms Script
application/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=platopost.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platopost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 24 Sep 2021 06:08:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 30ms
15ms Script
application/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=platopost.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platopost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 24 Sep 2021 06:08:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 34F9 82 KB
27 KB 860ms
859ms Document
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4668011150665668&output=html&h=280&adk=718168383&adf=4145038420&pi=t.aa~a.3864170580~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1632463726&rafmt=1&to=qs&pwprc=6332565929&psa=0&format=1200x280&url=https%3A%2F%2Fplatopost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632463726569&bpp=2&bdt=1278&idt=2&shv=r20210922&mjsv=m202109200201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D87563bad587e49f3-2228135248c9005c%3AT%3D1632463726%3ART%3D1632463726%3AS%3DALNI_Mb1K7jMMPQ3xUfYB94EpmWFgcS2uA&prev_fmts=0x0%2C728x90&nras=2&correlator=4498804957696&frm=20&pv=1&ga_vid=205861954.1632463726&ga_sid=1632463726&ga_hid=512110323&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=2432&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060047%2C31060566%2C31062920&oid=3&pvsid=1461754569456142&pem=952&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=tfiyi61o94&p=https%3A//platopost.com&dtd=19

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

55a668216a280b19df0bef989175d024f42e33cb1ed711d8ae0a14f4b90cfc28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4668011150665668&output=html&h=280&adk=718168383&adf=4145038420&pi=t.aa~a.3864170580~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1632463726&rafmt=1&to=qs&pwprc=6332565929&psa=0&format=1200x280&url=https%3A%2F%2Fplatopost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632463726569&bpp=2&bdt=1278&idt=2&shv=r20210922&mjsv=m202109200201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D87563bad587e49f3-2228135248c9005c%3AT%3D1632463726%3ART%3D1632463726%3AS%3DALNI_Mb1K7jMMPQ3xUfYB94EpmWFgcS2uA&prev_fmts=0x0%2C728x90&nras=2&correlator=4498804957696&frm=20&pv=1&ga_vid=205861954.1632463726&ga_sid=1632463726&ga_hid=512110323&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=2432&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060047%2C31060566%2C31062920&oid=3&pvsid=1461754569456142&pem=952&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=tfiyi61o94&p=https%3A//platopost.com&dtd=19
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://platopost.com/
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://platopost.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 24 Sep 2021 06:08:47 GMT
server: cafe
content-length: 27345
x-xss-protection: 0
set-cookie: IDE=AHWqTUlVqxWxX-IUg5p3Fw3C5EZUfxh38JMoevg59AkAM77l00EUy_yM-coL8mRZDAk; expires=Wed, 19-Oct-2022 06:08:46 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 24 Sep 2021 06:08:47 GMT
cache-control: private

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210922/r20110914/ Frame A0F1 10 KB
5 KB 7ms
6ms Document
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210922/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

751dcf9dcab28e7704b6c2b25d6288581f8a45af878fd628135cec03d8112eed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210922/r20110914/zrt_lookup.html?fsb=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://platopost.com/
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://platopost.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 23 Sep 2021 06:24:23 GMT
expires: Thu, 07 Oct 2021 06:24:23 GMT
content-type: text/html; charset=UTF-8
etag: 14847953055219580247
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4613
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 85463
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 css2
fonts.googleapis.com/ Frame A0F1 4 KB
1 KB 371ms
22ms Stylesheet
text/css 142.250.185.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210922/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f10.1e100.net

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 24 Sep 2021 05:53:20 GMT
server: ESF
date: Fri, 24 Sep 2021 06:08:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 24 Sep 2021 06:08:47 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame A0F1 205 B
765 B 356ms
6ms Image
image/png 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210922/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 21:04:08 GMT
x-content-type-options: nosniff
age: 119079
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 22 Sep 2022 21:04:08 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame A0F1 604 B
695 B 356ms
7ms Image
image/png 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210922/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 20:55:15 GMT
x-content-type-options: nosniff
age: 119612
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 22 Sep 2022 20:55:15 GMT

GET
H2 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/elements/html/ Frame A0F1 17 KB
8 KB 357ms
7ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210922/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

e02fb5c325499a5c9c1bf74dc6fc6af5117263af30e0f58e28d9d6a6a2b8803f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 06:05:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7680
x-xss-protection: 0
server: cafe
etag: 7151105853351230339
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Oct 2021 06:05:27 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame A04D 3 KB
651 B 17ms
16ms Stylesheet
text/css 142.250.185.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4668011150665668&output=html&h=90&slotname=8453539353&adk=3850326021&adf=335398692&pi=t.ma~as.8453539353&w=728&lmt=1632463726&psa=0&format=728x90&url=https%3A%2F%2Fplatopost.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632463725942&bpp=4&bdt=651&idt=169&shv=r20210922&mjsv=m202109200201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4498804957696&frm=20&pv=1&ga_vid=205861954.1632463726&ga_sid=1632463726&ga_hid=512110323&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=436&ady=130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060047%2C31060566%2C31062920&oid=3&pvsid=1461754569456142&pem=952&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=UuJS390GZJ&p=https%3A//platopost.com&dtd=174

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f10.1e100.net

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 24 Sep 2021 05:51:45 GMT
server: ESF
date: Fri, 24 Sep 2021 06:08:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 24 Sep 2021 06:08:47 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame A04D 1 KB
879 B 27ms
9ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

2911b334d84ae35bdef7cb396241b38425398b6ae5f91f13a72943e805309ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 05:39:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1728
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 852
x-xss-protection: 0
server: cafe
etag: 14170629819630813772
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Oct 2021 05:39:59 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/ Frame A04D 18 KB
7 KB 23ms
8ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

830527b04ff3e5ae7d8f62ecb5f1aa2ece85a7a741b332051561787b52ddffcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 05:27:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2481
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7635
x-xss-protection: 0
server: cafe
etag: 15605042170853735879
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Oct 2021 05:27:26 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame A04D 3 KB
1 KB 22ms
7ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 05:06:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3733
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1358
x-xss-protection: 0
server: cafe
etag: 15351394696698642166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Oct 2021 05:06:34 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A04D 128 KB
39 KB 37ms
22ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

sffe /

Resource Hash

c2918d0edea50f453e2143087cb6f5b232a6fef8b687e228496629f0739fc809

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 06:08:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39662
x-xss-protection: 0
server: sffe
etag: "1632310973010379"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Fri, 24 Sep 2021 06:08:47 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame A04D 14 KB
6 KB 21ms
6ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

d8144ce2cd5918de3beabc8fd113ab560103033fae3956e093b688cda5732a50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 05:41:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1657
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6232
x-xss-protection: 0
server: cafe
etag: 15606800361334891596
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Oct 2021 05:41:10 GMT

GET
H3 200 730400e8020df307e81d4efe9cf79fce.js Show response
www.gstatic.com/mysidia/ Frame A04D 27 KB
11 KB 23ms
8ms Script
text/javascript 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/730400e8020df307e81d4efe9cf79fce.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

e359ae3a06ae02c38ba2d09707dee364ab18c64164e7a739eae142294d8dd499

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 09:24:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74675
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11108
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 09:11:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Wed, 22 Dec 2021 09:24:12 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A04D 0
0 30ms
30ms Fetch
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C-r--bmtNYdutCIbk7_UPirCImAT3s8DUY-2Jjc_1Da_98_0IEAEg2ub5TWCVgoCAwAegAbbG-bcDyAEBqAMByAPLBKoEtgFP0NjztQP_jAhcXQYWQDC_pCUA9eE3A1oZnXShXQADPF3pw3i3vGqH1qxde9GDozuYmlfWHv01hed5N2dEtrYQepvIiJoYCtX-mqbTU2W39vxRgA96NEID4Pd2PaWb4kTOrV8NjxIvctwE7vdgXXlsjCGMnIFQZBBIjvFTkWOwR0Y6Ob8PnocHAUbREWG4lIU3j6ZEBBvL3vVcl0Xm5yCF_sqLtHnRgzBbTS-Z1pib9iqTKjTzz8AE3YPXjs0DkgUECAQYAZIFBAgFGASAB7K5hkioB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB9XJG6gHpr4b2AcB8gcEEMCVGNIICQiA4YBwEAEYH4AKAcgLAdgTAtAVAZgWAYAXAbIXHAoaCAASFHB1Yi00NjY4MDExMTUwNjY1NjY4GAA&sigh=W0qa2HE-8Tc

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4668011150665668&output=html&h=90&slotname=8453539353&adk=3850326021&adf=335398692&pi=t.ma~as.8453539353&w=728&lmt=1632463726&psa=0&format=728x90&url=https%3A%2F%2Fplatopost.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632463725942&bpp=4&bdt=651&idt=169&shv=r20210922&mjsv=m202109200201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4498804957696&frm=20&pv=1&ga_vid=205861954.1632463726&ga_sid=1632463726&ga_hid=512110323&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=436&ady=130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060047%2C31060566%2C31062920&oid=3&pvsid=1461754569456142&pem=952&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=UuJS390GZJ&p=https%3A//platopost.com&dtd=174
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 24 Sep 2021 06:08:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 24 Sep 2021 06:08:47 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame D3EC 3 KB
578 B 51ms
27ms Stylesheet
text/css 142.250.185.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210922/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f10.1e100.net

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 24 Sep 2021 05:52:45 GMT
server: ESF
date: Fri, 24 Sep 2021 06:08:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 24 Sep 2021 06:08:47 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame D3EC 1 KB
879 B 7ms
7ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210922/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

2911b334d84ae35bdef7cb396241b38425398b6ae5f91f13a72943e805309ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 05:39:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1728
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 852
x-xss-protection: 0
server: cafe
etag: 14170629819630813772
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Oct 2021 05:39:59 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/ Frame D3EC 18 KB
7 KB 7ms
7ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210922/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

830527b04ff3e5ae7d8f62ecb5f1aa2ece85a7a741b332051561787b52ddffcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 05:27:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2481
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7635
x-xss-protection: 0
server: cafe
etag: 15605042170853735879
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Oct 2021 05:27:26 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame D3EC 3 KB
1 KB 8ms
7ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210922/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 05:06:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3733
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1358
x-xss-protection: 0
server: cafe
etag: 15351394696698642166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Oct 2021 05:06:34 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D3EC 128 KB
39 KB 18ms
18ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210922/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

sffe /

Resource Hash

c2918d0edea50f453e2143087cb6f5b232a6fef8b687e228496629f0739fc809

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 06:08:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39662
x-xss-protection: 0
server: sffe
etag: "1632310973010379"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Fri, 24 Sep 2021 06:08:47 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame D3EC 14 KB
6 KB 7ms
7ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210922/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

d8144ce2cd5918de3beabc8fd113ab560103033fae3956e093b688cda5732a50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 05:41:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1657
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6232
x-xss-protection: 0
server: cafe
etag: 15606800361334891596
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Oct 2021 05:41:10 GMT

GET
H3 200 730400e8020df307e81d4efe9cf79fce.js Show response
www.gstatic.com/mysidia/ Frame D3EC 27 KB
11 KB 7ms
7ms Script
text/javascript 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/730400e8020df307e81d4efe9cf79fce.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210922/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

e359ae3a06ae02c38ba2d09707dee364ab18c64164e7a739eae142294d8dd499

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 09:24:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74675
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11108
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 09:11:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Wed, 22 Dec 2021 09:24:12 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C3D7 143 B
163 B 7ms
6ms Document
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4668011150665668&output=html&h=90&slotname=8453539353&adk=3850326021&adf=335398692&pi=t.ma~as.8453539353&w=728&lmt=1632463726&psa=0&format=728x90&url=https%3A%2F%2Fplatopost.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632463725942&bpp=4&bdt=651&idt=169&shv=r20210922&mjsv=m202109200201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4498804957696&frm=20&pv=1&ga_vid=205861954.1632463726&ga_sid=1632463726&ga_hid=512110323&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=436&ady=130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060047%2C31060566%2C31062920&oid=3&pvsid=1461754569456142&pem=952&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=UuJS390GZJ&p=https%3A//platopost.com&dtd=174
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUmYdzWQv32A6ZbZZ4bADZQ0rUtH-i-C-OuKYG_Dngvn7SpiDkBfRHhuWwbw69Y
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4668011150665668&output=html&h=90&slotname=8453539353&adk=3850326021&adf=335398692&pi=t.ma~as.8453539353&w=728&lmt=1632463726&psa=0&format=728x90&url=https%3A%2F%2Fplatopost.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632463725942&bpp=4&bdt=651&idt=169&shv=r20210922&mjsv=m202109200201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4498804957696&frm=20&pv=1&ga_vid=205861954.1632463726&ga_sid=1632463726&ga_hid=512110323&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=436&ady=130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060047%2C31060566%2C31062920&oid=3&pvsid=1461754569456142&pem=952&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=UuJS390GZJ&p=https%3A//platopost.com&dtd=174

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 24 Sep 2021 06:00:06 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 521
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame A04D 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 24b7b020e923c6fbe78cc9856385a7ba026f3501b0a9cc54166f6acce89b313c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame A04D 21 KB
22 KB 29ms
7ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 19:16:07 GMT
x-content-type-options: nosniff
age: 211960
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21424
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:08:24 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 21 Sep 2022 19:16:07 GMT

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame A04D 21 KB
21 KB 33ms
12ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 19:46:29 GMT
x-content-type-options: nosniff
age: 296538
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21660
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:07:18 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 Sep 2022 19:46:29 GMT

GET
H3 200 WAz-nyaJu9uVRUq8NsxhsXGtXViWwv7lV4sP3qP2SqA.js Show response
pagead2.googlesyndication.com/bg/ Frame DDB1 35 KB
13 KB 8ms
7ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WAz-nyaJu9uVRUq8NsxhsXGtXViWwv7lV4sP3qP2SqA.js

Requested by

Host: platopost.com
URL: https://platopost.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

sffe /

Resource Hash

580cfe9f2689bbdb95454abc36cc61b171ad5d5896c2fee5578b0fdea3f64aa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 19:48:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37233
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13388
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 23:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Fri, 23 Sep 2022 19:48:14 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C3D7
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

39ms
39ms

Document
text/html

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUmYdzWQv32A6ZbZZ4bADZQ0rUtH-i-C-OuKYG_Dngvn7SpiDkBfRHhuWwbw69Y
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 24 Sep 2021 06:08:47 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Fri, 24-Sep-2021 07:08:47 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 24 Sep 2021 06:08:47 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 24 Sep 2021 06:08:47 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 WAz-nyaJu9uVRUq8NsxhsXGtXViWwv7lV4sP3qP2SqA.js Show response
pagead2.googlesyndication.com/bg/ Frame C5E6 35 KB
13 KB 7ms
7ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WAz-nyaJu9uVRUq8NsxhsXGtXViWwv7lV4sP3qP2SqA.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

sffe /

Resource Hash

580cfe9f2689bbdb95454abc36cc61b171ad5d5896c2fee5578b0fdea3f64aa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 19:48:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37233
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13388
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 23:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Fri, 23 Sep 2022 19:48:14 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 34F9 3 KB
578 B 25ms
25ms Stylesheet
text/css 142.250.185.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4668011150665668&output=html&h=280&adk=718168383&adf=4145038420&pi=t.aa~a.3864170580~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1632463726&rafmt=1&to=qs&pwprc=6332565929&psa=0&format=1200x280&url=https%3A%2F%2Fplatopost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632463726569&bpp=2&bdt=1278&idt=2&shv=r20210922&mjsv=m202109200201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D87563bad587e49f3-2228135248c9005c%3AT%3D1632463726%3ART%3D1632463726%3AS%3DALNI_Mb1K7jMMPQ3xUfYB94EpmWFgcS2uA&prev_fmts=0x0%2C728x90&nras=2&correlator=4498804957696&frm=20&pv=1&ga_vid=205861954.1632463726&ga_sid=1632463726&ga_hid=512110323&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=2432&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060047%2C31060566%2C31062920&oid=3&pvsid=1461754569456142&pem=952&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=tfiyi61o94&p=https%3A//platopost.com&dtd=19

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f10.1e100.net

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 24 Sep 2021 05:53:57 GMT
server: ESF
date: Fri, 24 Sep 2021 06:08:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 24 Sep 2021 06:08:47 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame 34F9 1 KB
879 B 6ms
6ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

2911b334d84ae35bdef7cb396241b38425398b6ae5f91f13a72943e805309ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 05:39:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1728
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 852
x-xss-protection: 0
server: cafe
etag: 14170629819630813772
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Oct 2021 05:39:59 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/ Frame 34F9 18 KB
7 KB 6ms
6ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

830527b04ff3e5ae7d8f62ecb5f1aa2ece85a7a741b332051561787b52ddffcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 05:27:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2481
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7635
x-xss-protection: 0
server: cafe
etag: 15605042170853735879
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Oct 2021 05:27:26 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame 34F9 3 KB
1 KB 7ms
6ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 05:06:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3733
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1358
x-xss-protection: 0
server: cafe
etag: 15351394696698642166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Oct 2021 05:06:34 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 34F9 128 KB
39 KB 21ms
21ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

sffe /

Resource Hash

c2918d0edea50f453e2143087cb6f5b232a6fef8b687e228496629f0739fc809

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 06:08:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39662
x-xss-protection: 0
server: sffe
etag: "1632310973010379"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Fri, 24 Sep 2021 06:08:47 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame 34F9 14 KB
6 KB 8ms
8ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

d8144ce2cd5918de3beabc8fd113ab560103033fae3956e093b688cda5732a50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 05:41:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1657
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6232
x-xss-protection: 0
server: cafe
etag: 15606800361334891596
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Oct 2021 05:41:10 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 34F9 0
0 14ms
14ms Image
text/html 142.250.184.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTraKP7AR69IoqgX8fUx5VEKSvjSV9Xg2tAtrKf5pYPanhJygfill_Dp2lOJywb5GbcnfNY
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4668011150665668&output=html&h=280&adk=718168383&adf=4145038420&pi=t.aa~a.3864170580~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1632463726&rafmt=1&to=qs&pwprc=6332565929&psa=0&format=1200x280&url=https%3A%2F%2Fplatopost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632463726569&bpp=2&bdt=1278&idt=2&shv=r20210922&mjsv=m202109200201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D87563bad587e49f3-2228135248c9005c%3AT%3D1632463726%3ART%3D1632463726%3AS%3DALNI_Mb1K7jMMPQ3xUfYB94EpmWFgcS2uA&prev_fmts=0x0%2C728x90&nras=2&correlator=4498804957696&frm=20&pv=1&ga_vid=205861954.1632463726&ga_sid=1632463726&ga_hid=512110323&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=2432&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060047%2C31060566%2C31062920&oid=3&pvsid=1461754569456142&pem=952&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=tfiyi61o94&p=https%3A//platopost.com&dtd=19
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s11-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 200 730400e8020df307e81d4efe9cf79fce.js Show response
www.gstatic.com/mysidia/ Frame 34F9 27 KB
11 KB 6ms
6ms Script
text/javascript 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/730400e8020df307e81d4efe9cf79fce.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

e359ae3a06ae02c38ba2d09707dee364ab18c64164e7a739eae142294d8dd499

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 09:24:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74675
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11108
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 09:11:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Wed, 22 Dec 2021 09:24:12 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/15096166334386794064/ Frame 34F9 14 KB
14 KB 7ms
7ms Image
image/jpeg 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15096166334386794064/downsize_200k_v1?w=600&h=314

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

b2d4aa1461ca502afc069a97d87913f02e980241d7fd08e3bb1a44c664df6b3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 10:49:18 GMT
x-content-type-options: nosniff
age: 328769
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14778
x-xss-protection: 0
last-modified: Mon, 18 Feb 2019 14:54:57 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 Sep 2022 10:49:18 GMT

GET
DATA 200
OK truncated
/ Frame 34F9 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 34F9 0
0 30ms
30ms Fetch
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CO_l4bmtNYeyQJZ_H7_UPqPec4Amo-6y6Yf7xqpXiCsbrrb6NDhABINrm-U1glYKAgMAHoAGHu5qyA8gBCakCCS3BnDmysz6oAwHIA8sEqgS_AU_QGrdCbU3jlL7OYDd3QSwwaUw-BtJkFsFJ-80hvqWmT_YYjxEL4IS9H4Pe5qFwuYNt032ejIVdQ9xSWAIxsZu64GhxxXB6n8eW0CENWYA4TsWgQLgNH3fdN46eTS-UzlJiKXZHp4vovaqgnTphNC6JNZ2JSX-O3VU9aEUhXyU5ed0fdFRXpryjHGyp13i-RqokWSufkyz7BuUyIIJ045kV4M89FVWuOr_PUrKf1x44CVaA2KxxDPenAHKXFJbjwASc07zKwAKSBQQIBBgBkgUECAUYBKAGLoAH4cTlTagH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhvYBwDyBwQQ6tUG0ggJCIDhgHAQARgfgAoByAsBuBOIJ9gTDIgUAdAVAZgWAYAXAbIXHAoaCAASFHB1Yi00NjY4MDExMTUwNjY1NjY4GAA&sigh=TOJF63Ab9bk&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4668011150665668&output=html&h=280&adk=718168383&adf=4145038420&pi=t.aa~a.3864170580~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1632463726&rafmt=1&to=qs&pwprc=6332565929&psa=0&format=1200x280&url=https%3A%2F%2Fplatopost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632463726569&bpp=2&bdt=1278&idt=2&shv=r20210922&mjsv=m202109200201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D87563bad587e49f3-2228135248c9005c%3AT%3D1632463726%3ART%3D1632463726%3AS%3DALNI_Mb1K7jMMPQ3xUfYB94EpmWFgcS2uA&prev_fmts=0x0%2C728x90&nras=2&correlator=4498804957696&frm=20&pv=1&ga_vid=205861954.1632463726&ga_sid=1632463726&ga_hid=512110323&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=2432&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060047%2C31060566%2C31062920&oid=3&pvsid=1461754569456142&pem=952&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=tfiyi61o94&p=https%3A//platopost.com&dtd=19
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 24 Sep 2021 06:08:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 bqi.php
lg3.media.net/ 15 B
15 B 7ms
7ms Image
text/javascript 184.30.24.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bqi.php?lf=3&&vgd_l2type=setting&pid=8PO7H45SR&katid=807056982&kals=ttype%3D10007%7C%7Cpc%3D10&katen=1&pc=10&kata=aton&katbid=-21&kasts=tstype%3D-10408%7C%7Cgbid%3D-1&cme=XVK9LqZbwBgefhVrgJ-fO6u8IQRdw9DJFXzQMWBlh6vd_8rRf3ftpUyI41Lc-RsifuyIJ3mMuwB5yk4In1PruJClToUCswmBewCwAnwlmWhqAsQjnCGYi32OWGpwWc3PjZXPM6ToRU9gk8IllY0MeJaEkAlRFV57nVEL3Sq8EodN3b-bU6QKXHQ5nnYcL5VUV36EA3j6VPL0d87w-_8dIVmy7XCWoqeaAwVpGCslI8E=||NDHRnZ9Gz3KXlI-i9OnZqQ==|5gDUJdTGiJzedmq9hanWYg==|sRBSg3CPSiQ=|YdjFvixrVaF_amUgqDlHywaZOL2mbfkCiZe8vfOHt3M=|N7fu2vKt8_s=|qu_fwwVQwrgzQhMI3UIfj03P9BWA9OuxSq7xPzR8cOx2_XAxm6sH3TAKU9YHkDOkqBCqk9giKNSiQcgq8Le_nJ7eAM-RqqxeFS_u64jqgAc4mCMpmNuCFp0PeY2vqXqm2vxetXJHYyQvG3DwPEZG82x6RXdC_JYu2jVhKVffd3AIiAZUaDeuBEnUn5lRk_pc7ig4pNoX28RgVvukNqkr04F6F2pa49GR|&gdpr=1&prid=8PRHGG6T9&cid=8CU826FK3&crid=684651032&requrl=https%3A%2F%2Fplatopost.com%2F&vi=1632463725995180175&ugd=4&cc=DE&sc=HE&startTime=1632463726019&l2type=setting&vgd_l1rakh=1632463725107340265&l1ch=1&sttm=1632463726024&upk=1632463726.11129&hvsid=00001632463726024036324930567569&verid=3121199&vgd_sc=HE&tdAdd[]=%7C%40%7Csde%3D1%7C%40%7Cadepth%3D1%7C%40%7Cddepth%3D1%7C%40%7Cfsap%3D0&kbbq=%26sde%3D1%26adepth%3D1%26ddepth%3D1&l1hcsd=l1!N6|6328&vgd_l1rhst=contextual.media.net&vgd_uspa=0&vgd_isiolc=1&clp=%7B%7D&cl=%7B%7D&l2ch=1&l2wsip=170721638&sethcsd=set!N3%7C6273&vgd_pgid=p01922177812t202109240608&vgd_pgids=1

Requested by

Host: platopost.com
URL: https://platopost.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platopost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
server: Apache
date: Fri, 24 Sep 2021 06:08:47 GMT
ntcoent-length: 15
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
cache-control: max-age=0, no-cache, no-store
content-length: 15
expires: Fri, 24 Sep 2021 06:08:47 GMT

GET
DATA 200
OK truncated
/ Frame 34F9 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4d827e7f6486b62652f86df35c29b13bb2d05eddbbd80e2a5ba3c8c011b0802b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 34F9 21 KB
21 KB 22ms
8ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 19:46:29 GMT
x-content-type-options: nosniff
age: 296538
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21660
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:07:18 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 Sep 2022 19:46:29 GMT

GET
H3 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 34F9 21 KB
21 KB 20ms
7ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 19:16:07 GMT
x-content-type-options: nosniff
age: 211960
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21424
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:08:24 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 21 Sep 2022 19:16:07 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 43ms
28ms XHR
application/json 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210922&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

729c0a46c996c71be8b262a10f2425dde9a5d454754eee706bb83214089c79d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platopost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 24 Sep 2021 06:08:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8610
x-xss-protection: 0

GET
H3 200 WAz-nyaJu9uVRUq8NsxhsXGtXViWwv7lV4sP3qP2SqA.js Show response
pagead2.googlesyndication.com/bg/ Frame F225 35 KB
13 KB 7ms
6ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WAz-nyaJu9uVRUq8NsxhsXGtXViWwv7lV4sP3qP2SqA.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

sffe /

Resource Hash

580cfe9f2689bbdb95454abc36cc61b171ad5d5896c2fee5578b0fdea3f64aa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 19:48:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37233
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13388
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 23:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Fri, 23 Sep 2022 19:48:14 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 28ms
27ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platopost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 06:08:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Fri, 24 Sep 2021 06:08:47 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 8B78 12 KB
5 KB 7ms
7ms Document
text/html 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://platopost.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://platopost.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Fri, 24 Sep 2021 05:23:27 GMT
expires: Sat, 24 Sep 2022 05:23:27 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2720
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5926 783 B
534 B 17ms
17ms Document
text/html 142.250.184.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f4.1e100.net

Software

GSE /

Resource Hash

bac5cc9afa75eaaf5f1f9216e01be52b385c04cc178b9e690666b04bea4dbb92

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-X9XCzjuBW3a/etrX+w/vgA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://platopost.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://platopost.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Fri, 24 Sep 2021 06:08:47 GMT
date: Fri, 24 Sep 2021 06:08:47 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-X9XCzjuBW3a/etrX+w/vgA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 WAz-nyaJu9uVRUq8NsxhsXGtXViWwv7lV4sP3qP2SqA.js Show response
pagead2.googlesyndication.com/bg/ Frame 8B78 35 KB
13 KB 7ms
7ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WAz-nyaJu9uVRUq8NsxhsXGtXViWwv7lV4sP3qP2SqA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

sffe /

Resource Hash

580cfe9f2689bbdb95454abc36cc61b171ad5d5896c2fee5578b0fdea3f64aa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 19:48:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37233
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13388
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 23:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Fri, 23 Sep 2022 19:48:14 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5926 0
0 60ms
59ms Image
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20210922&jk=1461754569456142&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: zrh04s06-in-f130.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 61ms
60ms Image
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gda_r20210922&jk=1461754569456142&bg=!PT6lPnrNAAZNQyuQTUM7ACkAdvg8WoexQBiVGBKdO5CTBZXedNg5pB7l9PvonNQ0zs_7le2w32yzWgIAAABWUgAAAAtoAQcKAF5p74zQKZ740grp9Jt23IV56KhEcXgTy9Wd2CFBPVQy_WOxPDilPPhvIMidfrv8cFkAS4FV485oj6ZwjwN3B8ZVENfWoCxTI_BjvXgXC3EVJtt0b7K0s8dIVFtGVGBxmQK-NZBImMlAjubmqBLCkMczUoaVFDSr7IM9y24CxDwsuB3QH2qAgW7s2U6sPAWde8iJupYIaT1TmPiuHyZmSzXpxnV6D7mEKMWLRNu7qGsBdT5WOG577e7DGzeIt3hISpCv_CVo219qrWOhT-0XyS5gtksY2V4IReso4RrXm7Baa0lxQCMa0tkiK3O9t_6t3aVCCX8DLgDkPQr_8lniDBqW_w-53kQME9OO7opeGbGE2r1tZhhaBEZKDNO9M6JmJ54akPu-B-PA3BCZszy73gPHEvoneamT7tHGqUlfGaEmsMO5bmZ4BK65G9WeKKYymgCKjdvgFpCx9otJ5mItKEU8ZzYnCZpvPkXdp9opZHLgofHGREhXVjKj9iAXYhIGB0WPIyUq3H-fncwhKDb7Uq7eh8OwkOrvZ6qgBPZvYj_NkvmCiL0uneiIrhviAtTgnWC6k_4TURiSFfK4RE4F40VGHl9LlcHKGLc3gaR-0qPzex4MIB-He9Fd4XQZ8V_pWbWO2jbLMwGDt8DYI2I2w3ITwHXc7lRZGJFy6HHxjR1zmunCeyWMGT-W5SU10wnYqnTV0JNfYMixP9rBW_XQTdkJ66AIllx-QuYZBQSCsc8dFtvu7_gHW8lAARgvzObs9y6B166MrCf3F-kxpkAyukXDEtPVCZrEqQ36oI19E1mouJPiUdmlbUdBCDQIU3PKut65k5weNgJjOUDAkDvSgOKDxMLfw8r37CqVuuowp7sSZV-2H2gXEq7-EY1jbwNKZP2PXj6ef7ykno9oV5ADZKtSt4Q8DFGVfg768kZE-ERqLKr69THfiJTUOGCDAZO6bm9WQ4ywRnhCFVYsyIwLrLyInelwMowFR83Wz9z-1gMIeJRB73wnDT7BznZyWv1CuxIVZ9rRlAC-4BufGYoGuzDXfhmIwvFsPOeuFavQ-HAl
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: zrh04s06-in-f130.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platopost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A04D 42 B
64 B 29ms
29ms Fetch
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuFputZZdeEkPEX-SuHf59mywpPPX_dAFiUOcaTKns2rCJa1Y4aaLOBdNAkn-TvlXAqSWwb4uAJ9Drv3R0pdwpFl4sy4oWmw_PvNnmNAMrPsgvaaIMwaA&sai=AMfl-YQBoNZx1QoZAH9ThS0KxqjMY53RXzOuQVJHtDmRtuPXVXeT9vRET5rm4pQ6c_epq-UalRsQNObjfszk&sig=Cg0ArKJSzGeca0-ukzzXEAE&id=lidar2&mcvt=1000&p=130,436,220,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210922&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=3850326021&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&eosm=0&rst=1632463726117&rpt=1087&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Sep 2021 06:08:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

200 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.media.net/	1970-01-20 01:54:07	Name: gdpr_status Value: 1
.platopost.com/	1970-01-20 14:58:55	Name: _ga Value: GA1.2.205861954.1632463726
.platopost.com/	1970-01-19 21:29:10	Name: _gid Value: GA1.2.1801873788.1632463726
.platopost.com/	1970-01-19 21:27:43	Name: _gat Value: 1
platopost.com/	1970-01-19 21:27:45	Name: session_depth Value: platopost.com%3D1%7C684651032%3D1
.platopost.com/	1970-01-20 06:49:19	Name: __gads Value: ID=87563bad587e49f3-2228135248c9005c:T=1632463726:RT=1632463726:S=ALNI_Mb1K7jMMPQ3xUfYB94EpmWFgcS2uA
.doubleclick.net/	1970-01-19 21:27:47	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 06:49:19	Name: IDE Value: AHWqTUlVqxWxX-IUg5p3Fw3C5EZUfxh38JMoevg59AkAM77l00EUy_yM-coL8mRZDAk

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://platopost.com/ Message: The resource https://platopost.com/wp-content/plugins/w3-total-cache/pub/js/lazyload.min.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
contextual.media.net
d5jmkjjpb7yfg.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
lg3.media.net
mlfk0me9cpl4.i.optimole.com
navvy.media.net
pagead2.googlesyndication.com
partner.googleadservices.com
platopost.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.gstatic.com
www.platopost.com
www.shik.platopost.com
142.250.181.227
142.250.184.194
142.250.184.196
142.250.184.238
142.250.185.129
142.250.185.234
142.250.185.67
142.250.186.34
142.250.186.35
142.250.186.98
143.204.101.192
172.217.16.130
172.217.23.98
172.253.120.157
184.30.24.22
3.208.91.221
34.102.149.62
50.116.95.77
01caf20e667c8e300960582162f912d9405e9895c32cff1a9ee95511fd509a2c
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
147678c10a2683dfe3e4bc2cc613a0f083e3a61e70e8cb08cc04f57a6c26cd9d
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a54a1907a6443e3c81608130bfed4546eb0ce5d0c8897e1d7a3b43d89ecc367
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
24b7b020e923c6fbe78cc9856385a7ba026f3501b0a9cc54166f6acce89b313c
2911b334d84ae35bdef7cb396241b38425398b6ae5f91f13a72943e805309ab6
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
373026f153c82fe11205cdeb77a88b9902954b8d7b25687707aed67fa881239d
3a7ad5974f3d165d1a83149795afe792e241b0e6a41078c6e14bcecc5449934e
4a90d0866dec880a28084299c4e244736e91bba8eec3aecbeeb566e28a7d9c28
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d827e7f6486b62652f86df35c29b13bb2d05eddbbd80e2a5ba3c8c011b0802b
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
50440adad8084370bd4c9c2d41989284be961bbab1c2ec13a3be1875d62302e3
55a668216a280b19df0bef989175d024f42e33cb1ed711d8ae0a14f4b90cfc28
5745757593203cb3a222d3e3c37ed39c1b66d800222c4f9111fa2c9db2d54fdd
580cfe9f2689bbdb95454abc36cc61b171ad5d5896c2fee5578b0fdea3f64aa0
5b224ed5b43501d0f3d7dce3e76f70d10514a9e28b673e4396c667ae0977e16a
5c3cb71138ba89f1cf2419b37b83b35f896ec41631b116926520ae31541fd9bb
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
6139b4d0af528ec1d0e26ae865c1ca04ac061d844ffa6ccc9e4adaa3af93a2f7
6df13880e4c9f5bbbc14cd449cca8b447a13a9ac76498da81dd4c27b07ee69a7
729c0a46c996c71be8b262a10f2425dde9a5d454754eee706bb83214089c79d6
751dcf9dcab28e7704b6c2b25d6288581f8a45af878fd628135cec03d8112eed
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7a237010c84fcd29a161c3706a968376777e647af07145576befa4107e46717c
7c208f3451e4fa207036cce55be5c4cd3563386f3a864bbed1c07da1e5846ef8
830527b04ff3e5ae7d8f62ecb5f1aa2ece85a7a741b332051561787b52ddffcf
848d1e7ae47aa43edac6c3478c07892338a6557da80e9d2841274226c16c09e5
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8d12b955fc736e66f7261e5dbc0a7abbe8b633c96fc4851fd6b1b53fef051b82
905ce0d8fef384dc4f22450bfb19b6811c0704e467f9970d116ac3d8c3e9b700
a09669d16e5ce5f8d232e16733891c4a3918d7c78d6c88e8a392d18dd0917212
a0ea2fa35271c78084c0244430b865af459ba144154779a691b70fedb0a3f0e8
a1bb8c132ee1e4dc6b4d970f36be01513ceef56c746b191d43d04a4294d5150c
a2759e9632fdef7ecd7daa00e87ec1c8345a57be7425b87b649603382cdf007b
a2b52662dbb263094b4c1605aa4dae262141d13c36a061909f15ed4b3db73d78
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
b2d4aa1461ca502afc069a97d87913f02e980241d7fd08e3bb1a44c664df6b3b
bac5cc9afa75eaaf5f1f9216e01be52b385c04cc178b9e690666b04bea4dbb92
c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442
c2918d0edea50f453e2143087cb6f5b232a6fef8b687e228496629f0739fc809
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
cbbedc4b6dd1d7413a821121014e09de6b1b4d9e30b0a5e4e447826f0ddafedb
cff8489093931cd63f94f31addecc0582b26d8628c3adb797e148a81cf8b27ec
d281b09745f8f16e0d457b034405c2badc853d0e66a8a2968d107a8067b65732
d5cf1c11b3db6768cffbf37eea20b58f111f576d68015bf81e035d2a42e6f49f
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d8144ce2cd5918de3beabc8fd113ab560103033fae3956e093b688cda5732a50
db52439157b2bd75d5c0cf2a6954843cfae078309b613258e3d1fced4763f211
debec66396d52822e60c10199fb4912671baefa9c883d1384bad6249f306abad
e02fb5c325499a5c9c1bf74dc6fc6af5117263af30e0f58e28d9d6a6a2b8803f
e0cec9b2940d313bcba9f626751d67949db71537a004a44454880783d496d8c9
e359ae3a06ae02c38ba2d09707dee364ab18c64164e7a739eae142294d8dd499
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb586ed69c33c5d94c1a8cc20eabc1c40ab0f64f113ff0b2bfdc86c5649a28a3
eed064ee0a63bc3d81e4d2a6c1fc80a155d135d2dce25f0cf3196b55e9adedb0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f47bb05e7d966c232b0ddd69a6b6374d25177676c3e2f0ad5253f9e29b1b3618
f6287abfc98a913c318b4348a67f84a2d5432ee57f2ece29904a76fb4eff1167
fa023c475d34f145800df65815557833824b8d8394804b1f3bfbd9906feef758
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

platopost.com Open in urlscan Pro 50.116.95.77 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

95 Requests

100 %HTTPS

0 %IPv6

13 Domains

22 Subdomains

18 IPs

2 Countries

1963 kBTransfer

4878 kBSize

8 Cookies

8 Outgoing links

Page URL History

Redirected requests

95 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

platopost.com Open in urlscan Pro
50.116.95.77 Public Scan

Screenshot
Live screenshot

Full Image

95
Requests

100 %
HTTPS

0 %
IPv6

13
Domains

22
Subdomains

18
IPs

2
Countries

1963 kB
Transfer

4878 kB
Size

8
Cookies

95 HTTP transactions
9 data transactions