playsposter.com Open in urlscan Pro
192.64.115.169 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://playsposter.com/ocs-mod-apk-2-1-2/
Submission: On February 04 via api (February 4th 2022, 4:12:18 pm UTC) from CZ — Scanned from DE

Summary HTTP 71 Redirects Behaviour Indicators

Summary

This website contacted 14 IPs in 2 countries across 12 domains to perform 71 HTTP transactions. The main IP is 192.64.115.169, located in United States and belongs to NAMECHEAP-NET, US. The main domain is playsposter.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on December 20th 2021. Valid for: a year.

This is the only time playsposter.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
23	192.64.115.169 192.64.115.169	22612 (NAMECHEAP...) (NAMECHEAP-NET)
3	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
1	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
71	14

23 192.64.115.169 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: server1.ammon.nyc

playsposter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	playsposter.com playsposter.com	202 KB
22	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 100 tpc.googlesyndication.com — Cisco Umbrella Rank: 124	391 KB
10	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 46	62 KB
4	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 80 www.google.com — Cisco Umbrella Rank: 13	1 KB
3	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2427 maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 680	108 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 165	75 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 92	49 KB
2	gstatic.com fonts.gstatic.com	32 KB
2	wp.com stats.wp.com — Cisco Umbrella Rank: 2822 pixel.wp.com — Cisco Umbrella Rank: 2494	3 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 8028	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 777	647 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47	1 KB
71	12

	Domain	Requested by
23	playsposter.com	playsposter.com
13	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
10	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
9	pagead2.googlesyndication.com	playsposter.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
3	www.google.com	2 redirects tpc.googlesyndication.com
2	www.googletagservices.com	googleads.g.doubleclick.net
2	www.youtube.com	playsposter.com www.youtube.com
2	fonts.gstatic.com	fonts.googleapis.com
2	maxcdn.bootstrapcdn.com	playsposter.com maxcdn.bootstrapcdn.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	pixel.wp.com	playsposter.com
1	stats.wp.com	playsposter.com
1	fonts.googleapis.com	playsposter.com
1	stackpath.bootstrapcdn.com	playsposter.com
71	16

This site contains no links.

Subject Issuer	Validity	Valid
playsposter.com Sectigo RSA Domain Validation Secure Server CA	`2021-12-20` - `2022-12-20`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-29` - `2023-01-29`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
*.gstatic.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://playsposter.com/ocs-mod-apk-2-1-2/
Frame ID: 6159988A4E1777A20DCA1509095FBD1C
Requests: 42 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220201/r20190131/zrt_lookup.html
Frame ID: DBAE5143FAFF39512DA6BC4CB150C6CE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9642656946378048&output=html&h=250&slotname=7308585478&adk=4031192151&adf=2889573884&pi=t.ma~as.7308585478&w=300&lmt=1643991133&psa=0&format=300x250&url=https%3A%2F%2Fplaysposter.com%2Focs-mod-apk-2-1-2%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643991133654&bpp=2&bdt=565&idt=192&shv=r20220201&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&correlator=1036765281210&frm=20&pv=2&ga_vid=1216677050.1643991134&ga_sid=1643991134&ga_hid=978333163&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=486&ady=75&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C21065724&oid=2&pvsid=2111618283330465&pem=332&tmod=257431359&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=PKoltf5fFO&p=https%3A//playsposter.com&dtd=209
Frame ID: 2FEFFF0FA0D2AACCCC9C6A9D2C8E297B
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9642656946378048&output=html&h=250&slotname=7308585478&adk=4105326198&adf=1815592357&pi=t.ma~as.7308585478&w=300&lmt=1643991133&psa=0&format=300x250&url=https%3A%2F%2Fplaysposter.com%2Focs-mod-apk-2-1-2%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643991133657&bpp=1&bdt=568&idt=213&shv=r20220201&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=1036765281210&frm=20&pv=1&ga_vid=1216677050.1643991134&ga_sid=1643991134&ga_hid=978333163&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=486&ady=1164&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C21065724&oid=2&pvsid=2111618283330465&pem=332&tmod=257431359&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=bRU2pSJPn9&p=https%3A//playsposter.com&dtd=216
Frame ID: 180486B2FF3EE47506F0438610DCBA8D
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9642656946378048&output=html&adk=1812271804&adf=3025194257&lmt=1643991133&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fplaysposter.com%2Focs-mod-apk-2-1-2%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643991133754&bpp=1&bdt=664&idt=120&shv=r20220201&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250&nras=1&correlator=1036765281210&frm=20&pv=1&ga_vid=1216677050.1643991134&ga_sid=1643991134&ga_hid=978333163&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C21065724&oid=2&pvsid=2111618283330465&pem=332&tmod=257431359&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=126
Frame ID: C01EDB1F40C178969EFBC8F587D2BA17
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 6B2FAF0C7092765C0F0ACD900CD48CAE
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 9BF6505F43A0D41971D377B61EEFCA76
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/-RQXuketuW9jWIYsaM5S-Ql31PXoBsmd6vdkFHZtDQI.js
Frame ID: FF72C4BB758FC6F5B65EDE8DEE06EAC0
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/-RQXuketuW9jWIYsaM5S-Ql31PXoBsmd6vdkFHZtDQI.js
Frame ID: F86BF64098FD805F9CBF6F7ED78B4D62
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BF06F94DFE814A8CC653CA541377DA43
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 37F64250519AE61A2B44BB69593C323B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

OCS MOD APK 2.1.2 (Unlimited Money) Download

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Flickity (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/flickity(?:\.pkgd)?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Lightbox (JavaScript Libraries) Expand

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

71
Requests

100 %
HTTPS

77 %
IPv6

12
Domains

16
Subdomains

14
IPs

2
Countries

926 kB
Transfer

2219 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 50

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

71 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
playsposter.com/ocs-mod-apk-2-1-2/ 58 KB
13 KB 1438ms
896ms Document
text/html 192.64.115.169
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://playsposter.com/ocs-mod-apk-2-1-2/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.64.115.169 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server1.ammon.nyc
Software: Apache /
Resource Hash: cf6b341854d8aefcc002311e2b67380966b7548b533889e8dcb1a2f9a8a3bb7a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Fri, 04 Feb 2022 16:12:12 GMT
Server: Apache
X-Pingback: https://playsposter.com/xmlrpc.php
Link: <https://playsposter.com/?p=7866>; rel=shortlink
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 12753
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK style.min.css
playsposter.com/wp-includes/css/dist/block-library/ 29 KB
5 KB 156ms
156ms Stylesheet
text/css 192.64.115.169
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://playsposter.com/wp-includes/css/dist/block-library/style.min.css?ver=5.2.4
Requested by: Host: playsposter.com
URL: https://playsposter.com/ocs-mod-apk-2-1-2/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.64.115.169 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server1.ammon.nyc
Software: Apache /
Resource Hash: 4b8fe5c3d0e5ef7a6582185cbf5c535b5d369c8df1da98c03ed69833e55f474d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://playsposter.com/ocs-mod-apk-2-1-2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 04 Feb 2022 16:12:13 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 Jan 2020 21:09:53 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 4767

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/ 157 KB
25 KB 59ms
39ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css?ver=4.5.2

Requested by

Host: playsposter.com
URL: https://playsposter.com/ocs-mod-apk-2-1-2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://playsposter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 16:12:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601
age: 893770
cdn-cachedat: 08/03/2021 15:44:07
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver: 1.0
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:11 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 165ee2b5576565159994566c69952f82
cf-ray: 6d852de61b485c0e-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H/1.1 200
OK jetpack.css
playsposter.com/wp-content/plugins/jetpack/css/ 70 KB
13 KB 290ms
158ms Stylesheet
text/css 192.64.115.169
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://playsposter.com/wp-content/plugins/jetpack/css/jetpack.css?ver=8.2.3
Requested by: Host: playsposter.com
URL: https://playsposter.com/ocs-mod-apk-2-1-2/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.64.115.169 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server1.ammon.nyc
Software: Apache /
Resource Hash: 072cfdc3b5c6541f3d3c06ebd4c138ab38b6e7983704b73dcb46710ac3ccb05b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://playsposter.com/ocs-mod-apk-2-1-2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 04 Feb 2022 16:12:13 GMT
Content-Encoding: gzip
Last-Modified: Mon, 02 Mar 2020 11:39:09 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 12562

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 48ms
22ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: playsposter.com
URL: https://playsposter.com/ocs-mod-apk-2-1-2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://playsposter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 16:12:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 723
age: 1216806
cdn-cachedat: 11/15/2021 21:49:00
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver: 1.0
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 8b677d48aa464c28c0815c97adbbe174
cf-ray: 6d852de61ee65b6e-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 127ms
46ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A100%2C300%2C400%2C500&ver=4.8.3

Requested by

Host: playsposter.com
URL: https://playsposter.com/ocs-mod-apk-2-1-2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f7c61b1aaa0bcf11e5424186b2d412e79b9cf4c04337500693e1dae0fcd9fb5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://playsposter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 04 Feb 2022 15:26:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 04 Feb 2022 16:12:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 04 Feb 2022 16:12:13 GMT

GET
H/1.1 200
OK flickity.min.css
playsposter.com/wp-content/themes/playposter-theme/assets/css/ 2 KB
900 B 311ms
154ms Stylesheet
text/css 192.64.115.169
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://playsposter.com/wp-content/themes/playposter-theme/assets/css/flickity.min.css
Requested by: Host: playsposter.com
URL: https://playsposter.com/ocs-mod-apk-2-1-2/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.64.115.169 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server1.ammon.nyc
Software: Apache /
Resource Hash: f3eb4a50d5410a4f00a231eb0c437809c304a430986147306e2ee6bd8c05cf88

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://playsposter.com/ocs-mod-apk-2-1-2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 04 Feb 2022 16:12:13 GMT
Content-Encoding: gzip
Last-Modified: Fri, 12 Nov 2021 08:14:58 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 602

GET
H/1.1 200
OK resset.css
playsposter.com/wp-content/themes/playposter-theme/assets/css/ 57 KB
8 KB 448ms
158ms Stylesheet
text/css 192.64.115.169
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://playsposter.com/wp-content/themes/playposter-theme/assets/css/resset.css
Requested by: Host: playsposter.com
URL: https://playsposter.com/ocs-mod-apk-2-1-2/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.64.115.169 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server1.ammon.nyc
Software: Apache /
Resource Hash: 3c14ccf6a00377f45702108989a95492e238026b1623cc3af58f8e5fc8ae4dcc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://playsposter.com/ocs-mod-apk-2-1-2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 04 Feb 2022 16:12:13 GMT
Content-Encoding: gzip
Last-Modified: Fri, 12 Nov 2021 08:14:58 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 8164

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 149 KB
52 KB 172ms
85ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: playsposter.com
URL: https://playsposter.com/ocs-mod-apk-2-1-2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

863bbad0c7c730171adebba7240dfd978d41771f8d2cf885a510dda2779f7535

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://playsposter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 16:12:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52624
x-xss-protection: 0
server: cafe
etag: 13725370962978999506
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 04 Feb 2022 16:12:13 GMT

GET
H/1.1 200
OK smush-lazy-load.min.js Show response
playsposter.com/wp-content/plugins/wp-smushit/app/assets/js/ 8 KB
4 KB 333ms
156ms Script
application/javascript 192.64.115.169
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://playsposter.com/wp-content/plugins/wp-smushit/app/assets/js/smush-lazy-load.min.js?ver=3.4.2
Requested by: Host: playsposter.com
URL: https://playsposter.com/ocs-mod-apk-2-1-2/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.64.115.169 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server1.ammon.nyc
Software: Apache /
Resource Hash: acba7700c65a303259a6db3a27287db345e0f2ec3931e04e908e8351a2c28ad1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://playsposter.com/ocs-mod-apk-2-1-2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 04 Feb 2022 16:12:13 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Jan 2020 21:24:34 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 3769

GET
H/1.1 200
OK jquery-3.2.0.min.js Show response
playsposter.com/wp-content/themes/playposter-theme/assets/js/ 85 KB
30 KB 345ms
166ms Script
application/javascript 192.64.115.169
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://playsposter.com/wp-content/themes/playposter-theme/assets/js/jquery-3.2.0.min.js
Requested by: Host: playsposter.com
URL: https://playsposter.com/ocs-mod-apk-2-1-2/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.64.115.169 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server1.ammon.nyc
Software: Apache /
Resource Hash: c607ffd463124f60d8569dc49738df743dc304fac7ffa19477b4794ce0fd5486

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://playsposter.com/ocs-mod-apk-2-1-2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 04 Feb 2022 16:12:13 GMT
Content-Encoding: gzip
Last-Modified: Fri, 12 Nov 2021 08:14:58 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 30122

GET
H/1.1 200
OK html5lightbox.js Show response
playsposter.com/wp-content/themes/playposter-theme/assets/js/ 70 KB
17 KB 186ms
164ms Script
application/javascript 192.64.115.169
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://playsposter.com/wp-content/themes/playposter-theme/assets/js/html5lightbox.js
Requested by: Host: playsposter.com
URL: https://playsposter.com/ocs-mod-apk-2-1-2/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.64.115.169 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server1.ammon.nyc
Software: Apache /
Resource Hash: 5767c778dad811edc1a2db57df1339adce5a16d6b98f29edf81e8e7069e20635

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://playsposter.com/ocs-mod-apk-2-1-2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 04 Feb 2022 16:12:13 GMT
Content-Encoding: gzip
Last-Modified: Fri, 12 Nov 2021 08:14:58 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 16679

GET
H/1.1 200
OK flickity.pkgd.min.js Show response
playsposter.com/wp-content/themes/playposter-theme/assets/js/ 53 KB
14 KB 295ms
157ms Script
application/javascript 192.64.115.169
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://playsposter.com/wp-content/themes/playposter-theme/assets/js/flickity.pkgd.min.js
Requested by: Host: playsposter.com
URL: https://playsposter.com/ocs-mod-apk-2-1-2/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.64.115.169 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server1.ammon.nyc
Software: Apache /
Resource Hash: b55a1ed4fd116490d2e818d9389fe286f8e5ddc5d6f2a3940efa1abcffcbc422

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://playsposter.com/ocs-mod-apk-2-1-2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 04 Feb 2022 16:12:13 GMT
Content-Encoding: gzip
Last-Modified: Fri, 12 Nov 2021 08:14:58 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 13633

GET
H/1.1 200
OK functions.js Show response
playsposter.com/wp-content/themes/playposter-theme/assets/js/ 2 KB
889 B 162ms
159ms Script
application/javascript 192.64.115.169
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://playsposter.com/wp-content/themes/playposter-theme/assets/js/functions.js
Requested by: Host: playsposter.com
URL: https://playsposter.com/ocs-mod-apk-2-1-2/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.64.115.169 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server1.ammon.nyc
Software: Apache /
Resource Hash: ab5d27ab77fee0db5088de21a3f632cbb2c2ffa2af2ac65b0fcb5eab3948b5ff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://playsposter.com/ocs-mod-apk-2-1-2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 04 Feb 2022 16:12:13 GMT
Content-Encoding: gzip
Last-Modified: Fri, 12 Nov 2021 08:14:58 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 576

GET
H/1.1 200
OK comment-reply.js Show response
playsposter.com/wp-includes/js/ 10 KB
3 KB 335ms
156ms Script
application/javascript 192.64.115.169
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://playsposter.com/wp-includes/js/comment-reply.js
Requested by: Host: playsposter.com
URL: https://playsposter.com/ocs-mod-apk-2-1-2/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.64.115.169 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server1.ammon.nyc
Software: Apache /
Resource Hash: 16c307255900c6a9f126562128ced32f5794e545303a8d6f08e48b14e9f2267a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://playsposter.com/ocs-mod-apk-2-1-2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 04 Feb 2022 16:12:13 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 Jan 2020 21:09:53 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 3183

GET
H2 200 e-202205.js Show response
stats.wp.com/ 9 KB
3 KB 21ms
6ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202205.js
Requested by: Host: playsposter.com
URL: https://playsposter.com/ocs-mod-apk-2-1-2/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://playsposter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT hhn
date: Fri, 04 Feb 2022 16:12:13 GMT
content-encoding: br
server: nginx
etag: W/"6197c5cf-3508"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Sun, 22 Jan 2023 23:29:03 GMT

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK star2.jpg
playsposter.com/wp-content/themes/playposter-theme/assets/ 1 KB
1 KB 155ms
154ms Image
image/jpeg 192.64.115.169
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://playsposter.com/wp-content/themes/playposter-theme/assets/star2.jpg
Requested by: Host: playsposter.com
URL: https://playsposter.com/ocs-mod-apk-2-1-2/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.64.115.169 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server1.ammon.nyc
Software: Apache /
Resource Hash: e0f2e934d64b74cd073cc8c02dab080c73a2e1bc4ce9aea9e4db79378a523101

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://playsposter.com/ocs-mod-apk-2-1-2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 04 Feb 2022 16:12:13 GMT
Last-Modified: Fri, 12 Nov 2021 08:14:58 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1077

GET
H/1.1 200
OK star1.jpg
playsposter.com/wp-content/themes/playposter-theme/assets/ 1 KB
1 KB 154ms
154ms Image
image/jpeg 192.64.115.169
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://playsposter.com/wp-content/themes/playposter-theme/assets/star1.jpg
Requested by: Host: playsposter.com
URL: https://playsposter.com/ocs-mod-apk-2-1-2/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.64.115.169 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server1.ammon.nyc
Software: Apache /
Resource Hash: efca83e79e13aa16514d1701ce07ee7329f4b012681a8ce892adf67abd5fdd31

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://playsposter.com/ocs-mod-apk-2-1-2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 04 Feb 2022 16:12:13 GMT
Last-Modified: Fri, 12 Nov 2021 08:14:58 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1241

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 16 KB
16 KB 123ms
36ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C300%2C400%2C500&ver=4.8.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://playsposter.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 14:02:00 GMT
x-content-type-options: nosniff
age: 267013
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 01 Feb 2023 14:02:00 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 134ms
48ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C300%2C400%2C500&ver=4.8.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://playsposter.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 09:48:03 GMT
x-content-type-options: nosniff
age: 23050
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 04 Feb 2023 09:48:03 GMT

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 52ms
39ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://playsposter.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 16:12:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 617, 718
age: 589482
cdn-cachedat: 2021-08-02 20:43:32
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: fe9ec4bef90686e2d38d3d03c83a2c77
accept-ranges: bytes
cf-ray: 6d852de8fc556997-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H/1.1 200
OK OCS-MOD-APK-2.1.2.png
playsposter.com/wp-content/uploads/2019/11/ 3 KB
3 KB 157ms
156ms Image
image/png 192.64.115.169
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://playsposter.com/wp-content/uploads/2019/11/OCS-MOD-APK-2.1.2.png
Requested by: Host: playsposter.com
URL: https://playsposter.com/ocs-mod-apk-2-1-2/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.64.115.169 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server1.ammon.nyc
Software: Apache /
Resource Hash: 5f1067d30610175ebdfc9f963dc2a1268708408fba8fd9f0cd05c663cc39cd06

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://playsposter.com/ocs-mod-apk-2-1-2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 04 Feb 2022 16:12:13 GMT
Last-Modified: Sat, 18 Jan 2020 00:51:42 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 3278

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200501/ 284 KB
102 KB 107ms
63ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200501/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9642656946378048&plah=playsposter.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ffa9f23ee02365415c701c526e6f1a64038c6d6c463781545b67872e3b2df28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://playsposter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 16:12:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104642
x-xss-protection: 0
server: cafe
etag: 2733841373834629820
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 04 Feb 2022 16:12:13 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220201/r20190131/ Frame DBAE 10 KB
5 KB 37ms
36ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220201/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://playsposter.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4612
x-xss-protection: 0
date: Thu, 03 Feb 2022 16:33:14 GMT
expires: Thu, 17 Feb 2022 16:33:14 GMT
cache-control: public, max-age=1209600
age: 85139
etag: 18247940800414524076
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 g.gif
pixel.wp.com/ 50 B
93 B 7ms
6ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A8.2.3&blog=172747868&post=7866&tz=0&srv=playsposter.com&host=playsposter.com&ref=&fcp=1956&rand=0.3171541027696849
Requested by: Host: playsposter.com
URL: https://playsposter.com/ocs-mod-apk-2-1-2/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://playsposter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 04 Feb 2022 16:12:13 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 iframe_api Show response
www.youtube.com/ 980 B
2 KB 142ms
58ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: playsposter.com
URL: https://playsposter.com/wp-content/themes/playposter-theme/assets/js/html5lightbox.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8467a8357349298073591bd163beabc28e27331b03e6dc9bf7f9d2a66757bf7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://playsposter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 16:12:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"}]}
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"
expires: Fri, 04 Feb 2022 16:12:13 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 219 B
647 B 475ms
47ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=playsposter.com&callback=_gfp_s_&client=ca-pub-9642656946378048

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200501/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9642656946378048&plah=playsposter.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

e448d76a59f5f01a90ef8af324ef9ed39bbb535bf97e87819fe4eca0c3e1671a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://playsposter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 16:12:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 203
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 134ms
51ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=playsposter.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://playsposter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Feb 2022 16:12:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 137ms
48ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=playsposter.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://playsposter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Feb 2022 16:12:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2FEF 72 KB
28 KB 783ms
783ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9642656946378048&output=html&h=250&slotname=7308585478&adk=4031192151&adf=2889573884&pi=t.ma~as.7308585478&w=300&lmt=1643991133&psa=0&format=300x250&url=https%3A%2F%2Fplaysposter.com%2Focs-mod-apk-2-1-2%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643991133654&bpp=2&bdt=565&idt=192&shv=r20220201&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&correlator=1036765281210&frm=20&pv=2&ga_vid=1216677050.1643991134&ga_sid=1643991134&ga_hid=978333163&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=486&ady=75&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C21065724&oid=2&pvsid=2111618283330465&pem=332&tmod=257431359&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=PKoltf5fFO&p=https%3A//playsposter.com&dtd=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ab3e084e6285c81c29f81c07780c74c18583caa4c9f4f5bdd26acaf5e29911b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://playsposter.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 04 Feb 2022 16:12:14 GMT
server: cafe
content-length: 29021
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 04 Feb 2022 16:12:14 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1804 72 KB
29 KB 721ms
721ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9642656946378048&output=html&h=250&slotname=7308585478&adk=4105326198&adf=1815592357&pi=t.ma~as.7308585478&w=300&lmt=1643991133&psa=0&format=300x250&url=https%3A%2F%2Fplaysposter.com%2Focs-mod-apk-2-1-2%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643991133657&bpp=1&bdt=568&idt=213&shv=r20220201&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=1036765281210&frm=20&pv=1&ga_vid=1216677050.1643991134&ga_sid=1643991134&ga_hid=978333163&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=486&ady=1164&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C21065724&oid=2&pvsid=2111618283330465&pem=332&tmod=257431359&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=bRU2pSJPn9&p=https%3A//playsposter.com&dtd=216

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c1e059602bb5ea93ab17c7324d864cb01c7eed419737435de565586c1ab28b67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://playsposter.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 04 Feb 2022 16:12:14 GMT
server: cafe
content-length: 29207
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 04 Feb 2022 16:12:14 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C01E 0
19 B 108ms
108ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9642656946378048&output=html&adk=1812271804&adf=3025194257&lmt=1643991133&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fplaysposter.com%2Focs-mod-apk-2-1-2%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643991133754&bpp=1&bdt=664&idt=120&shv=r20220201&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250&nras=1&correlator=1036765281210&frm=20&pv=1&ga_vid=1216677050.1643991134&ga_sid=1643991134&ga_hid=978333163&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C21065724&oid=2&pvsid=2111618283330465&pem=332&tmod=257431359&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=126

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://playsposter.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 04 Feb 2022 16:12:13 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 04 Feb 2022 16:12:13 GMT
cache-control: private

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/0cd11746/www-widgetapi.vflset/ 146 KB
47 KB 80ms
36ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0cd11746/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

101df151aa008e88d6f4e497cc3558f63d2524f788e46e3e3a109a4620aff141

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://playsposter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 13:04:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11279
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48379
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 01:18:07 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 04 Feb 2023 13:04:14 GMT

GET
H2 200 8388344238439240672
tpc.googlesyndication.com/daca_images/simgad/ Frame 1804 61 KB
61 KB 173ms
85ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/8388344238439240672

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9642656946378048&output=html&h=250&slotname=7308585478&adk=4105326198&adf=1815592357&pi=t.ma~as.7308585478&w=300&lmt=1643991133&psa=0&format=300x250&url=https%3A%2F%2Fplaysposter.com%2Focs-mod-apk-2-1-2%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643991133657&bpp=1&bdt=568&idt=213&shv=r20220201&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=1036765281210&frm=20&pv=1&ga_vid=1216677050.1643991134&ga_sid=1643991134&ga_hid=978333163&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=486&ady=1164&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C21065724&oid=2&pvsid=2111618283330465&pem=332&tmod=257431359&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=bRU2pSJPn9&p=https%3A//playsposter.com&dtd=216

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6800338e5713694412dcf157f443c5e2feb78aa5f421ffc508b092b24b505f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 08:43:58 GMT
x-content-type-options: nosniff
age: 113296
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62385
x-xss-protection: 0
last-modified: Sat, 07 Aug 2021 12:25:38 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 03 Feb 2023 08:43:58 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220201/r20110914/ Frame 1804 19 KB
8 KB 124ms
37ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220201/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

76d507787e9cb8cc91e5cf3f2aae4a816e9466a7164df455e377f47cff68bef3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 16:10:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 87
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7737
x-xss-protection: 0
server: cafe
etag: 11249816806015362922
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Feb 2022 16:10:47 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/ Frame 1804 2 KB
1 KB 159ms
75ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 16:11:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Feb 2022 16:11:45 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1804 123 KB
38 KB 151ms
54ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3a6fb9e39c82eed501889521b19cc4fc13d1104f83128928775b520c86f8abc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 16:12:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643806174374025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 04 Feb 2022 16:12:14 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/ Frame 1804 14 KB
6 KB 132ms
48ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

80182a21e69d7232583dcf7b19a5cfb9a597e7adbcc22f1a14e4096d8602612d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 16:09:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 184
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 12229469669374805284
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Feb 2022 16:09:10 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/ Frame 1804 27 KB
11 KB 161ms
76ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9bbd6260e02ee6f23658a48fe4c7dc340cb946930e7800ef48805b72eebfff55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 16:04:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 440
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11460
x-xss-protection: 0
server: cafe
etag: 15029943231652217915
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Feb 2022 16:04:54 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1804 0
0 81ms
81ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CxbvdXVD9YYDuNsiMjuwPqJqMiAHp2Y2dYo7YiJvgDPrMreqTDhABIPijyylgleKQgqAHoAHgodKZA8gBAqkCS4gboYdAsz6oAwHIA8kEqgTqAU_QO8pCp2Q_BtQfqzIvicYZNOPG7cqZuDU1gI9u27eDN5nROomKj0F0r72NoAQsKi9bdETRPbCNdAXee5YOEUH7s0pYIRrKfKz8-RZs12tmtjWkCFqKNvElzaEzs04KR5RQwFPvYZgQV_h6Tahp1bNINpG1g0GuGo1MwxC_FM0N6lsDSIJmwsOVJ077hbXjVOba6bgEaV-GWmlWdlJTGhGK-E16yugDk2jxx8SJ1uWx_ArSXliB1ZtK3VWB7UE_eJ5gdihZkX_jD7J0hsPurgQs3QcTtcltt8IK8XvVxvDk6Rhp5suj_j8v-MAEo8GS3bIDkgUECAQYAZIFBAgFGASgBgKAB4jerWaoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBC1gAXSCAkIgOGAEBABGB-ACgHICwHYEwzQFQGAFwGyFxwKGggAEhRwdWItOTY0MjY1Njk0NjM3ODA0OBgA&sigh=0Rwp3uNGhrg&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9642656946378048&output=html&h=250&slotname=7308585478&adk=4105326198&adf=1815592357&pi=t.ma~as.7308585478&w=300&lmt=1643991133&psa=0&format=300x250&url=https%3A%2F%2Fplaysposter.com%2Focs-mod-apk-2-1-2%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643991133657&bpp=1&bdt=568&idt=213&shv=r20220201&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=1036765281210&frm=20&pv=1&ga_vid=1216677050.1643991134&ga_sid=1643991134&ga_hid=978333163&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=486&ady=1164&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C21065724&oid=2&pvsid=2111618283330465&pem=332&tmod=257431359&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=bRU2pSJPn9&p=https%3A//playsposter.com&dtd=216
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 04 Feb 2022 16:12:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 04 Feb 2022 16:12:14 GMT

GET
H2 200 8388344238439240672
tpc.googlesyndication.com/daca_images/simgad/ Frame 2FEF 61 KB
61 KB 142ms
108ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/8388344238439240672

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9642656946378048&output=html&h=250&slotname=7308585478&adk=4031192151&adf=2889573884&pi=t.ma~as.7308585478&w=300&lmt=1643991133&psa=0&format=300x250&url=https%3A%2F%2Fplaysposter.com%2Focs-mod-apk-2-1-2%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643991133654&bpp=2&bdt=565&idt=192&shv=r20220201&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&correlator=1036765281210&frm=20&pv=2&ga_vid=1216677050.1643991134&ga_sid=1643991134&ga_hid=978333163&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=486&ady=75&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C21065724&oid=2&pvsid=2111618283330465&pem=332&tmod=257431359&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=PKoltf5fFO&p=https%3A//playsposter.com&dtd=209

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6800338e5713694412dcf157f443c5e2feb78aa5f421ffc508b092b24b505f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 08:43:58 GMT
x-content-type-options: nosniff
age: 113296
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62385
x-xss-protection: 0
last-modified: Sat, 07 Aug 2021 12:25:38 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 03 Feb 2023 08:43:58 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220201/r20110914/ Frame 2FEF 19 KB
8 KB 75ms
42ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220201/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9642656946378048&output=html&h=250&slotname=7308585478&adk=4031192151&adf=2889573884&pi=t.ma~as.7308585478&w=300&lmt=1643991133&psa=0&format=300x250&url=https%3A%2F%2Fplaysposter.com%2Focs-mod-apk-2-1-2%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643991133654&bpp=2&bdt=565&idt=192&shv=r20220201&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&correlator=1036765281210&frm=20&pv=2&ga_vid=1216677050.1643991134&ga_sid=1643991134&ga_hid=978333163&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=486&ady=75&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C21065724&oid=2&pvsid=2111618283330465&pem=332&tmod=257431359&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=PKoltf5fFO&p=https%3A//playsposter.com&dtd=209

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

76d507787e9cb8cc91e5cf3f2aae4a816e9466a7164df455e377f47cff68bef3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 16:10:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 87
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7737
x-xss-protection: 0
server: cafe
etag: 11249816806015362922
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Feb 2022 16:10:47 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/ Frame 2FEF 2 KB
1 KB 176ms
147ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9642656946378048&output=html&h=250&slotname=7308585478&adk=4031192151&adf=2889573884&pi=t.ma~as.7308585478&w=300&lmt=1643991133&psa=0&format=300x250&url=https%3A%2F%2Fplaysposter.com%2Focs-mod-apk-2-1-2%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643991133654&bpp=2&bdt=565&idt=192&shv=r20220201&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&correlator=1036765281210&frm=20&pv=2&ga_vid=1216677050.1643991134&ga_sid=1643991134&ga_hid=978333163&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=486&ady=75&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C21065724&oid=2&pvsid=2111618283330465&pem=332&tmod=257431359&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=PKoltf5fFO&p=https%3A//playsposter.com&dtd=209

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 16:11:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Feb 2022 16:11:45 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2FEF 123 KB
37 KB 148ms
105ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9642656946378048&output=html&h=250&slotname=7308585478&adk=4031192151&adf=2889573884&pi=t.ma~as.7308585478&w=300&lmt=1643991133&psa=0&format=300x250&url=https%3A%2F%2Fplaysposter.com%2Focs-mod-apk-2-1-2%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643991133654&bpp=2&bdt=565&idt=192&shv=r20220201&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&correlator=1036765281210&frm=20&pv=2&ga_vid=1216677050.1643991134&ga_sid=1643991134&ga_hid=978333163&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=486&ady=75&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C21065724&oid=2&pvsid=2111618283330465&pem=332&tmod=257431359&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=PKoltf5fFO&p=https%3A//playsposter.com&dtd=209

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3a6fb9e39c82eed501889521b19cc4fc13d1104f83128928775b520c86f8abc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 16:12:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643806174374025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 04 Feb 2022 16:12:14 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/ Frame 2FEF 14 KB
6 KB 101ms
71ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9642656946378048&output=html&h=250&slotname=7308585478&adk=4031192151&adf=2889573884&pi=t.ma~as.7308585478&w=300&lmt=1643991133&psa=0&format=300x250&url=https%3A%2F%2Fplaysposter.com%2Focs-mod-apk-2-1-2%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643991133654&bpp=2&bdt=565&idt=192&shv=r20220201&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&correlator=1036765281210&frm=20&pv=2&ga_vid=1216677050.1643991134&ga_sid=1643991134&ga_hid=978333163&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=486&ady=75&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C21065724&oid=2&pvsid=2111618283330465&pem=332&tmod=257431359&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=PKoltf5fFO&p=https%3A//playsposter.com&dtd=209

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

80182a21e69d7232583dcf7b19a5cfb9a597e7adbcc22f1a14e4096d8602612d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 16:09:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 184
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 12229469669374805284
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Feb 2022 16:09:10 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/ Frame 2FEF 27 KB
11 KB 177ms
147ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9642656946378048&output=html&h=250&slotname=7308585478&adk=4031192151&adf=2889573884&pi=t.ma~as.7308585478&w=300&lmt=1643991133&psa=0&format=300x250&url=https%3A%2F%2Fplaysposter.com%2Focs-mod-apk-2-1-2%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643991133654&bpp=2&bdt=565&idt=192&shv=r20220201&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&correlator=1036765281210&frm=20&pv=2&ga_vid=1216677050.1643991134&ga_sid=1643991134&ga_hid=978333163&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=486&ady=75&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C21065724&oid=2&pvsid=2111618283330465&pem=332&tmod=257431359&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=PKoltf5fFO&p=https%3A//playsposter.com&dtd=209

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9bbd6260e02ee6f23658a48fe4c7dc340cb946930e7800ef48805b72eebfff55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 16:04:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 440
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11460
x-xss-protection: 0
server: cafe
etag: 15029943231652217915
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Feb 2022 16:04:54 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2FEF 0
0 81ms
80ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CfaJxXVD9YamnNpOhrATI3oMQ6dmNnWKO2Iib4Az6zK3qkw4QASD4o8spYJXikIKgB6AB4KHSmQPIAQKpAkuIG6GHQLM-qAMByAPJBKoE5wFP0O5mBGIzIbAe7lWSI4DDiP7ki0SdUhJy1zeFa2OnaDFYK6AmrcodYm4_UEmkgs1NVFv8a_CHj_3iaPV-TAWkcrC6Hrgf34XLm_no01e98q_HIjEJuuu-hGShIAp64mw5nv5fMVOOiamMtCjl9rOvfdx2dMCZd7-jPWPoq9mksP6PjvfsOKSa3qJiQX41zKTMikSdWahQHNm8dInwxAHQHril7MfZT_H_YiOLNYM2GiBQyE7sQyX791GEOWwFS1qWHUajjVSs2u8bnmWUv9cvI9rSBKM2RHxGjmSt4KlESLq_xDou-SfABKPBkt2yA5IFBAgEGAGSBQQIBRgEoAYCgAeI3q1mqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQw9kG0ggJCIDhgBAQARgfgAoByAsB2BMM0BUBgBcBshccChoIABIUcHViLTk2NDI2NTY5NDYzNzgwNDgYAA&sigh=HcHBv2HiHqg&uach_m=[UACH]

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9642656946378048&output=html&h=250&slotname=7308585478&adk=4031192151&adf=2889573884&pi=t.ma~as.7308585478&w=300&lmt=1643991133&psa=0&format=300x250&url=https%3A%2F%2Fplaysposter.com%2Focs-mod-apk-2-1-2%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643991133654&bpp=2&bdt=565&idt=192&shv=r20220201&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&correlator=1036765281210&frm=20&pv=2&ga_vid=1216677050.1643991134&ga_sid=1643991134&ga_hid=978333163&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=486&ady=75&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C21065724&oid=2&pvsid=2111618283330465&pem=332&tmod=257431359&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=PKoltf5fFO&p=https%3A//playsposter.com&dtd=209

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9642656946378048&output=html&h=250&slotname=7308585478&adk=4031192151&adf=2889573884&pi=t.ma~as.7308585478&w=300&lmt=1643991133&psa=0&format=300x250&url=https%3A%2F%2Fplaysposter.com%2Focs-mod-apk-2-1-2%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643991133654&bpp=2&bdt=565&idt=192&shv=r20220201&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&correlator=1036765281210&frm=20&pv=2&ga_vid=1216677050.1643991134&ga_sid=1643991134&ga_hid=978333163&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=486&ady=75&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C21065724&oid=2&pvsid=2111618283330465&pem=332&tmod=257431359&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=PKoltf5fFO&p=https%3A//playsposter.com&dtd=209
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 04 Feb 2022 16:12:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 04 Feb 2022 16:12:14 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6B2F 143 B
163 B 37ms
37ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9642656946378048&output=html&h=250&slotname=7308585478&adk=4105326198&adf=1815592357&pi=t.ma~as.7308585478&w=300&lmt=1643991133&psa=0&format=300x250&url=https%3A%2F%2Fplaysposter.com%2Focs-mod-apk-2-1-2%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643991133657&bpp=1&bdt=568&idt=213&shv=r20220201&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=1036765281210&frm=20&pv=1&ga_vid=1216677050.1643991134&ga_sid=1643991134&ga_hid=978333163&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=486&ady=1164&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C21065724&oid=2&pvsid=2111618283330465&pem=332&tmod=257431359&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=bRU2pSJPn9&p=https%3A//playsposter.com&dtd=216

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Fri, 04 Feb 2022 16:03:51 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=UTF-8
age: 503
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9BF6 143 B
163 B 36ms
36ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9642656946378048&output=html&h=250&slotname=7308585478&adk=4031192151&adf=2889573884&pi=t.ma~as.7308585478&w=300&lmt=1643991133&psa=0&format=300x250&url=https%3A%2F%2Fplaysposter.com%2Focs-mod-apk-2-1-2%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643991133654&bpp=2&bdt=565&idt=192&shv=r20220201&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&correlator=1036765281210&frm=20&pv=2&ga_vid=1216677050.1643991134&ga_sid=1643991134&ga_hid=978333163&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=486&ady=75&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C21065724&oid=2&pvsid=2111618283330465&pem=332&tmod=257431359&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=PKoltf5fFO&p=https%3A//playsposter.com&dtd=209

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9642656946378048&output=html&h=250&slotname=7308585478&adk=4031192151&adf=2889573884&pi=t.ma~as.7308585478&w=300&lmt=1643991133&psa=0&format=300x250&url=https%3A%2F%2Fplaysposter.com%2Focs-mod-apk-2-1-2%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643991133654&bpp=2&bdt=565&idt=192&shv=r20220201&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&correlator=1036765281210&frm=20&pv=2&ga_vid=1216677050.1643991134&ga_sid=1643991134&ga_hid=978333163&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=486&ady=75&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C21065724&oid=2&pvsid=2111618283330465&pem=332&tmod=257431359&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=PKoltf5fFO&p=https%3A//playsposter.com&dtd=209

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Fri, 04 Feb 2022 16:03:51 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=UTF-8
age: 503
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6B2F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

142ms
141ms

Document
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 04 Feb 2022 16:12:15 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 04 Feb 2022 16:12:15 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 04 Feb 2022 16:12:14 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9BF6
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

99ms
99ms

Document
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9642656946378048&output=html&h=250&slotname=7308585478&adk=4031192151&adf=2889573884&pi=t.ma~as.7308585478&w=300&lmt=1643991133&psa=0&format=300x250&url=https%3A%2F%2Fplaysposter.com%2Focs-mod-apk-2-1-2%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643991133654&bpp=2&bdt=565&idt=192&shv=r20220201&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&correlator=1036765281210&frm=20&pv=2&ga_vid=1216677050.1643991134&ga_sid=1643991134&ga_hid=978333163&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=486&ady=75&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C21065724&oid=2&pvsid=2111618283330465&pem=332&tmod=257431359&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=PKoltf5fFO&p=https%3A//playsposter.com&dtd=209

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 04 Feb 2022 16:12:15 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 04 Feb 2022 16:12:15 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 04 Feb 2022 16:12:14 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 1804 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8ff037b1858ca33397b54598564adaedb9af9d1dc3228065c0c19e6bb47c18c6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 2FEF 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8dbcce7c3b8bd61c7fd500dda9558f696dc0c89a84b79dc48fe92b41ce600ac6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 -RQXuketuW9jWIYsaM5S-Ql31PXoBsmd6vdkFHZtDQI.js Show response
pagead2.googlesyndication.com/bg/ Frame FF72 35 KB
13 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-RQXuketuW9jWIYsaM5S-Ql31PXoBsmd6vdkFHZtDQI.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9642656946378048&output=html&h=250&slotname=7308585478&adk=4031192151&adf=2889573884&pi=t.ma~as.7308585478&w=300&lmt=1643991133&psa=0&format=300x250&url=https%3A%2F%2Fplaysposter.com%2Focs-mod-apk-2-1-2%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643991133654&bpp=2&bdt=565&idt=192&shv=r20220201&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&correlator=1036765281210&frm=20&pv=2&ga_vid=1216677050.1643991134&ga_sid=1643991134&ga_hid=978333163&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=486&ady=75&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C21065724&oid=2&pvsid=2111618283330465&pem=332&tmod=257431359&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=PKoltf5fFO&p=https%3A//playsposter.com&dtd=209

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f91417ba47adb96f6358862c68ce52f90977d4f5e806c99deaf76414766d0d02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 06:44:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34081
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13701
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Feb 2023 06:44:14 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
10 KB 102ms
55ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220201&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0acc1a9e9e5a08193ab20d1c2368f98c6dac812986372bc5d8506fe085d83182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://playsposter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Feb 2022 16:12:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9820
x-xss-protection: 0

GET
H3 200 -RQXuketuW9jWIYsaM5S-Ql31PXoBsmd6vdkFHZtDQI.js Show response
pagead2.googlesyndication.com/bg/ Frame F86B 35 KB
13 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-RQXuketuW9jWIYsaM5S-Ql31PXoBsmd6vdkFHZtDQI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f91417ba47adb96f6358862c68ce52f90977d4f5e806c99deaf76414766d0d02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 06:44:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34081
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13701
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Feb 2023 06:44:14 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 143ms
94ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://playsposter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 16:12:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 04 Feb 2022 16:12:15 GMT

GET
H/1.1 200
OK King-Soopers-MOD-APK-20.1-75x75.png
playsposter.com/wp-content/uploads/2019/12/ 1 KB
1 KB 157ms
156ms Image
image/png 192.64.115.169
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://playsposter.com/wp-content/uploads/2019/12/King-Soopers-MOD-APK-20.1-75x75.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.64.115.169 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server1.ammon.nyc
Software: Apache /
Resource Hash: a8218672ef26244ba584bb3a10fc8df151c7cc15d273edc701bc928ab465b3b6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://playsposter.com/ocs-mod-apk-2-1-2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 04 Feb 2022 16:12:15 GMT
Last-Modified: Sun, 09 Feb 2020 05:16:24 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 1050

GET
H/1.1 200
OK Root-Explorer-MOD-APK-3.6.png
playsposter.com/wp-content/uploads/2020/01/ 5 KB
5 KB 161ms
159ms Image
image/png 192.64.115.169
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://playsposter.com/wp-content/uploads/2020/01/Root-Explorer-MOD-APK-3.6.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.64.115.169 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server1.ammon.nyc
Software: Apache /
Resource Hash: 928c1bdc7445f07a37c8e10cb91185d58b4fd25c3c38550b8c7b5c54d77b9685

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://playsposter.com/ocs-mod-apk-2-1-2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 04 Feb 2022 16:12:15 GMT
Last-Modified: Sun, 26 Jan 2020 09:13:25 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 5274

GET
H/1.1 200
OK MOD-APK-5.13.png
playsposter.com/wp-content/uploads/2020/02/ 15 KB
15 KB 158ms
156ms Image
image/png 192.64.115.169
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://playsposter.com/wp-content/uploads/2020/02/MOD-APK-5.13.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.64.115.169 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server1.ammon.nyc
Software: Apache /
Resource Hash: 7cd3b3f8c0156477b392b32657ca52c13dad1ed04d8cdc883f3f701d0b60b9f5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://playsposter.com/ocs-mod-apk-2-1-2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 04 Feb 2022 16:12:15 GMT
Last-Modified: Sun, 09 Feb 2020 04:35:31 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 15056

GET
H/1.1 200
OK Airchat-MOD-APK-0.38.png
playsposter.com/wp-content/uploads/2020/01/ 16 KB
17 KB 157ms
155ms Image
image/png 192.64.115.169
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://playsposter.com/wp-content/uploads/2020/01/Airchat-MOD-APK-0.38.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.64.115.169 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server1.ammon.nyc
Software: Apache /
Resource Hash: 894b717b2fa970177d8d0465136cc351f443948fb0bffb3be443dde8e2b4f99c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://playsposter.com/ocs-mod-apk-2-1-2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 04 Feb 2022 16:12:15 GMT
Last-Modified: Sun, 26 Jan 2020 12:27:39 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 16891

GET
H/1.1 200
OK ACE-Dating-Video-Chat-App-MOD-APK-1.9.1-75x75.png
playsposter.com/wp-content/uploads/2019/12/ 3 KB
3 KB 157ms
156ms Image
image/png 192.64.115.169
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://playsposter.com/wp-content/uploads/2019/12/ACE-Dating-Video-Chat-App-MOD-APK-1.9.1-75x75.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.64.115.169 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server1.ammon.nyc
Software: Apache /
Resource Hash: 6e26641bd4d4595fca76ab29ed927a0ccd623dd01f59d98829bb05ee8d8be3db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://playsposter.com/ocs-mod-apk-2-1-2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 04 Feb 2022 16:12:15 GMT
Last-Modified: Fri, 17 Jan 2020 23:13:32 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 3269

GET
H/1.1 200
OK Azan-Syria-Prayer-time-Syria-MOD-APK-1.2.7-75x75.png
playsposter.com/wp-content/uploads/2019/12/ 11 KB
11 KB 163ms
163ms Image
image/png 192.64.115.169
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://playsposter.com/wp-content/uploads/2019/12/Azan-Syria-Prayer-time-Syria-MOD-APK-1.2.7-75x75.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.64.115.169 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server1.ammon.nyc
Software: Apache /
Resource Hash: 7bb7664aeec368cadad72c0c3bfce3ebbb23606c7632e6a0a80c536639b713d0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://playsposter.com/ocs-mod-apk-2-1-2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 04 Feb 2022 16:12:15 GMT
Last-Modified: Mon, 02 Dec 2019 19:22:28 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 10927

GET
H/1.1 200
OK DENT-Send-mobile-top-up-call-friends-MOD-APK-2.4.2-75x75.png
playsposter.com/wp-content/uploads/2019/12/ 5 KB
6 KB 156ms
156ms Image
image/png 192.64.115.169
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://playsposter.com/wp-content/uploads/2019/12/DENT-Send-mobile-top-up-call-friends-MOD-APK-2.4.2-75x75.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.64.115.169 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server1.ammon.nyc
Software: Apache /
Resource Hash: 3ea0e718e5f5dcdcee3a13598eaa615d3cee099c76dea77b0cdff4c9b2cce533

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://playsposter.com/ocs-mod-apk-2-1-2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 04 Feb 2022 16:12:15 GMT
Last-Modified: Fri, 20 Dec 2019 22:56:44 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 5553

GET
H/1.1 200
OK How-To-Draw-Drinks-MOD-APK-2.1-75x75.png
playsposter.com/wp-content/uploads/2019/12/ 15 KB
15 KB 157ms
156ms Image
image/png 192.64.115.169
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://playsposter.com/wp-content/uploads/2019/12/How-To-Draw-Drinks-MOD-APK-2.1-75x75.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.64.115.169 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server1.ammon.nyc
Software: Apache /
Resource Hash: 676999b19be56aa86958f6e4e78dcc700ba15697c5ff73e446678d5c6b65c6ec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://playsposter.com/ocs-mod-apk-2-1-2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 04 Feb 2022 16:12:15 GMT
Last-Modified: Mon, 23 Dec 2019 21:44:04 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 15382

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BF06 13 KB
5 KB 39ms
39ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://playsposter.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 04 Feb 2022 15:17:42 GMT
expires: Sat, 04 Feb 2023 15:17:42 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 3273
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 37F6 783 B
532 B 98ms
50ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

05b1735216f917ef887458176526395f17b6ed863ac1994c859619975dfa3175

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1L/d1pSo5JraEvvdbfOulQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://playsposter.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Fri, 04 Feb 2022 16:12:15 GMT
date: Fri, 04 Feb 2022 16:12:15 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-1L/d1pSo5JraEvvdbfOulQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 510
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 -RQXuketuW9jWIYsaM5S-Ql31PXoBsmd6vdkFHZtDQI.js Show response
pagead2.googlesyndication.com/bg/ Frame BF06 35 KB
13 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-RQXuketuW9jWIYsaM5S-Ql31PXoBsmd6vdkFHZtDQI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f91417ba47adb96f6358862c68ce52f90977d4f5e806c99deaf76414766d0d02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 06:44:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34081
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13701
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Feb 2023 06:44:14 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 37F6 0
0 73ms
73ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220201&jk=2111618283330465&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H/1.1 200
OK USA-VPN-Free-VPN-Proxy-Wi-Fi-Security-MOD-APK-4.8t.png
playsposter.com/wp-content/uploads/2020/01/ 14 KB
14 KB 162ms
162ms Image
image/png 192.64.115.169
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://playsposter.com/wp-content/uploads/2020/01/USA-VPN-Free-VPN-Proxy-Wi-Fi-Security-MOD-APK-4.8t.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.64.115.169 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server1.ammon.nyc
Software: Apache /
Resource Hash: bd972e69aa31cc94e52635f96f25e700e37392d5e99c9fce9cb99213a70d098c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://playsposter.com/ocs-mod-apk-2-1-2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 04 Feb 2022 16:12:15 GMT
Last-Modified: Mon, 13 Jan 2020 18:36:00 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 14595

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame BF06 0
9 B 39ms
38ms Image
text/plain 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?6yQbZA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 16:12:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2FEF 42 B
64 B 75ms
75ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvvaoyJj-Vgmw5Pygevv3oN5w7Vp1HLxI8ONrIBdaXe52FCpJM7zi-C6Lb4WLIxfN01AP0ybtQQ62Zlcj0EJnUTu8U_6ESdMzgYjWXfdizvjR444OfQgw&sai=AMfl-YSWefG3kpJ77xzZkqidYo7YQY61CjUDT3aYNIsuunVcYvJHrZHzj7EI1nGPHIv0ICKXFoRlb4ztTSCD&sig=Cg0ArKJSzHlMUFh39irbEAE&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=4031192151&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1643991133865&rpt=1007&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Feb 2022 16:12:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 74ms
73ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220201&jk=2111618283330465&bg=!enmleT3NAAYZkRhwGZE7ACkAdvg8Wq-4blxR_eWVvrQ2lXz1cr5U9wxbnV5SORMx17kc_wX7asXuJwIAAABcUgAAAANoAQeZAsKM2p5dfEkm-mZG_Ng38UbrWvA8UzIX6Fi5Z1OyQgtZHP6eaU2zG--JOUjnvTMkbOsGUl9Jj_JB8Euc1rBjjNVHOqBg8GfErHtLUt-1OvRDIrRliU6x3Sm-3vy5UWYrGgmAXrFZbTehT1VC_dz1BYShRLEDckXXDk8TJIaPnoG8u_ehXiePL7oPVleBZlYLySn3Sc4VrfQ16JrlUMVEXyRdIm87wskwAMzKj4lE28gadBZHKfF_jMY4xOKatgP4OFL4Avt7_8IkwCztE3soPJz8_p7K0eic1sxEDHdEsVbqAEcRkEYrWPANa83JeuIarMDR4xmLyq-ap2X4WysAwTaDbnSPoDE8UA-iIw8q7aNvQhSPQPLJ8F0yNRWgFg9u3qQUXhWER-fbzJP5phST_yTVQSEb0T2cURtbquYKrV6Wf7nSaJhmd1pju2Rzm247N89wROqtCkZYilL1xRnpGfesVdJNHODmMefxFxarfrMbkohA_xKcWibgUcNE9E6sbxL7xwQkmrtGmqAJJXNsrUQuCb4siri-Trn6yd97qdbt5348PeT7C_yU266uxF7D82N36HMhr8NHDGTUpqrQlz_IBpGqKr3oHtNrdAtG4Rb8Tm5Qe5u5SzQ6u-btN4Z8vQnFV7zGjGvhqR2z7ntPJ0MqWqeFpvXGxHy4yXYkIJjEkEhR2CfI19L07Hn17Bgv68glTitgXylFz6-oK5JB0m4UkGU1ZQqC8dveloOl8dckqIzA6F5RTcQfEbZDKTJp8N5Pgl0Jc0q4SIpzbWPbEf-IAoJvRP8GMcC1AI3EptI8Bj1OaB8NCtwVIrlhuDvgRWtDpHU6lpHwUupviSVwLLJgSe29ThTv0ulxgqQGdw5gDyIId394NeD7SA9wdIqHSRMdV7niv1OTo4TH2ZRLxPsCyQs9WNMn-sdWq1MTugofOYLt

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://playsposter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Feb 2022 16:12:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

83 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: GbunLituh_Y
.youtube.com/	1970-01-20 04:59:03	Name: VISITOR_INFO1_LIVE Value: mjmLO6adh8M
.playsposter.com/	1970-01-20 10:01:27	Name: __gads Value: ID=2754cdac1c85d695-2226122a35cd005d:T=1643991134:RT=1643991134:S=ALNI_MaxL7kjBKXt7SOXcEFQl2gU6iQWTQ
.doubleclick.net/	1970-01-20 10:01:27	Name: IDE Value: AHWqTUl436M1iGRuzhtD17QFgIkJHIXUfvu8hwA49wdaBPqILMq-LZzYPnkjVNiLsyY
.doubleclick.net/	1970-01-20 00:39:54	Name: DSID Value: NO_DATA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.wp.com
playsposter.com
stackpath.bootstrapcdn.com
stats.wp.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.youtube.com
172.217.23.98
192.0.76.3
192.64.115.169
2606:4700::6812:bcf
2a00:1450:4001:801::200e
2a00:1450:4001:808::2003
2a00:1450:4001:809::200a
2a00:1450:4001:80f::2004
2a00:1450:4001:811::2001
2a00:1450:4001:812::2002
2a00:1450:4001:827::2002
2a00:1450:4001:829::2002
2a00:1450:4001:831::2002
05b1735216f917ef887458176526395f17b6ed863ac1994c859619975dfa3175
072cfdc3b5c6541f3d3c06ebd4c138ab38b6e7983704b73dcb46710ac3ccb05b
0acc1a9e9e5a08193ab20d1c2368f98c6dac812986372bc5d8506fe085d83182
0ffa9f23ee02365415c701c526e6f1a64038c6d6c463781545b67872e3b2df28
101df151aa008e88d6f4e497cc3558f63d2524f788e46e3e3a109a4620aff141
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
16c307255900c6a9f126562128ced32f5794e545303a8d6f08e48b14e9f2267a
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3c14ccf6a00377f45702108989a95492e238026b1623cc3af58f8e5fc8ae4dcc
3ea0e718e5f5dcdcee3a13598eaa615d3cee099c76dea77b0cdff4c9b2cce533
4b8fe5c3d0e5ef7a6582185cbf5c535b5d369c8df1da98c03ed69833e55f474d
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5767c778dad811edc1a2db57df1339adce5a16d6b98f29edf81e8e7069e20635
5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a
5f1067d30610175ebdfc9f963dc2a1268708408fba8fd9f0cd05c663cc39cd06
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
676999b19be56aa86958f6e4e78dcc700ba15697c5ff73e446678d5c6b65c6ec
6800338e5713694412dcf157f443c5e2feb78aa5f421ffc508b092b24b505f48
6e26641bd4d4595fca76ab29ed927a0ccd623dd01f59d98829bb05ee8d8be3db
76d507787e9cb8cc91e5cf3f2aae4a816e9466a7164df455e377f47cff68bef3
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7bb7664aeec368cadad72c0c3bfce3ebbb23606c7632e6a0a80c536639b713d0
7cd3b3f8c0156477b392b32657ca52c13dad1ed04d8cdc883f3f701d0b60b9f5
80182a21e69d7232583dcf7b19a5cfb9a597e7adbcc22f1a14e4096d8602612d
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
8467a8357349298073591bd163beabc28e27331b03e6dc9bf7f9d2a66757bf7a
863bbad0c7c730171adebba7240dfd978d41771f8d2cf885a510dda2779f7535
894b717b2fa970177d8d0465136cc351f443948fb0bffb3be443dde8e2b4f99c
8dbcce7c3b8bd61c7fd500dda9558f696dc0c89a84b79dc48fe92b41ce600ac6
8ff037b1858ca33397b54598564adaedb9af9d1dc3228065c0c19e6bb47c18c6
928c1bdc7445f07a37c8e10cb91185d58b4fd25c3c38550b8c7b5c54d77b9685
9bbd6260e02ee6f23658a48fe4c7dc340cb946930e7800ef48805b72eebfff55
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b
a8218672ef26244ba584bb3a10fc8df151c7cc15d273edc701bc928ab465b3b6
ab3e084e6285c81c29f81c07780c74c18583caa4c9f4f5bdd26acaf5e29911b9
ab5d27ab77fee0db5088de21a3f632cbb2c2ffa2af2ac65b0fcb5eab3948b5ff
acba7700c65a303259a6db3a27287db345e0f2ec3931e04e908e8351a2c28ad1
b55a1ed4fd116490d2e818d9389fe286f8e5ddc5d6f2a3940efa1abcffcbc422
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bd972e69aa31cc94e52635f96f25e700e37392d5e99c9fce9cb99213a70d098c
c1e059602bb5ea93ab17c7324d864cb01c7eed419737435de565586c1ab28b67
c607ffd463124f60d8569dc49738df743dc304fac7ffa19477b4794ce0fd5486
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cf6b341854d8aefcc002311e2b67380966b7548b533889e8dcb1a2f9a8a3bb7a
d3a6fb9e39c82eed501889521b19cc4fc13d1104f83128928775b520c86f8abc
e0f2e934d64b74cd073cc8c02dab080c73a2e1bc4ce9aea9e4db79378a523101
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e448d76a59f5f01a90ef8af324ef9ed39bbb535bf97e87819fe4eca0c3e1671a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efca83e79e13aa16514d1701ce07ee7329f4b012681a8ce892adf67abd5fdd31
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f3eb4a50d5410a4f00a231eb0c437809c304a430986147306e2ee6bd8c05cf88
f7c61b1aaa0bcf11e5424186b2d412e79b9cf4c04337500693e1dae0fcd9fb5b
f91417ba47adb96f6358862c68ce52f90977d4f5e806c99deaf76414766d0d02

playsposter.com Open in urlscan Pro 192.64.115.169 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

71 Requests

100 %HTTPS

77 %IPv6

12 Domains

16 Subdomains

14 IPs

2 Countries

926 kBTransfer

2219 kBSize

5 Cookies

0 Outgoing links

Redirected requests

71 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

playsposter.com Open in urlscan Pro
192.64.115.169 Public Scan

Screenshot
Live screenshot

Full Image

71
Requests

100 %
HTTPS

77 %
IPv6

12
Domains

16
Subdomains

14
IPs

2
Countries

926 kB
Transfer

2219 kB
Size

5
Cookies

71 HTTP transactions
3 data transactions