postureinfohub.com Open in urlscan Pro
18.159.80.129 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://cdn-2.postureinfohub.com/
Effective URL:
https://postureinfohub.com/
Submission: On April 23 via automatic, source certstream-suspicious (April 23rd 2022, 1:16:34 am UTC) — Scanned from DE

Summary HTTP 214 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 34 IPs in 7 countries across 36 domains to perform 214 HTTP transactions. The main IP is 18.159.80.129, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is postureinfohub.com.
TLS certificate: Issued by R3 on March 21st 2022. Valid for: 3 months.

This is the only time postureinfohub.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3031::6815:3793	13335 (CLOUDFLAR...) (CLOUDFLARENET)
55	18.159.80.129 18.159.80.129	16509 (AMAZON-02) (AMAZON-02)
17	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
14	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
1	2a06:98c1:312... 2a06:98c1:3120::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
5	2606:4700:303... 2606:4700:3033::6815:3a2a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 7	151.101.194.137 151.101.194.137	54113 (FASTLY) (FASTLY)
1	2600:9000:215... 2600:9000:2156:3600:2:cb38:840:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2620:116:800d... 2620:116:800d:21:fcb8:22d2:d390:5f1b	16509 (AMAZON-02) (AMAZON-02)
14	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:215... 2600:9000:2156:5c00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
12	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700:440... 2606:4700:4400::ac40:98f5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.96.105.8 34.96.105.8	15169 (GOOGLE) (GOOGLE)
1 1	159.65.196.12 159.65.196.12	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3 11	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1 1	31.172.81.160 31.172.81.160	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1 1	80.64.106.150 80.64.106.150	20764 (RASCOM-AS...) (RASCOM-AS CJSC RASCOM ISP)
1 1	35.205.207.25 35.205.207.25	15169 (GOOGLE) (GOOGLE)
3	18.192.242.35 18.192.242.35	16509 (AMAZON-02) (AMAZON-02)
1 3	185.33.220.145 185.33.220.145	29990 (ASN-APPNEX) (ASN-APPNEX)
1	74.214.196.131 74.214.196.131	() ()
1	185.255.84.150 185.255.84.150	200271 (IGUANE-) (IGUANE-)
4	104.22.68.131 104.22.68.131	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	147.75.38.124 147.75.38.124	() ()
2	18.218.108.208 18.218.108.208	() ()
4	2a00:1450:400... 2a00:1450:4001:829::200a	() ()
5	2a00:1450:400... 2a00:1450:4001:828::2006	() ()
3 5	23.35.236.247 23.35.236.247	() ()
214	34

1 2606:4700:3031::6815:3793 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cdn-2.postureinfohub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

55 18.159.80.129 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com

postureinfohub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::7 (United States)

ASN13335 (CLOUDFLARENET, US)

go.ezodn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3033::6815:3a2a (United States)

ASN13335 (CLOUDFLARENET, US)

api.fouanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.101.194.137 (United States) 1 redirects

ASN54113 (FASTLY, US)

capi.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cd.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cds.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:3600:2:cb38:840:93a1 (United States)

ASN16509 (AMAZON-02, US)

go.ezoic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:fcb8:22d2:d390:5f1b (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:5c00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::ac40:98f5 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.65.196.12 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.186.130 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.172.81.160 (Germany) 1 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync3.sniperlog.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.64.106.150 (Moscow, Russian Federation) 1 redirects

ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU)
PTR: s-fr5.rutarget.ru

google-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.205.207.25 (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 25.207.205.35.bc.googleusercontent.com

ads.avads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.192.242.35 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-242-35.eu-central-1.compute.amazonaws.com

pb-server.ezoic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.220.145 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.214.196.131 (None, )

ASN- ()

bid.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.150 (France)

ASN200271 (IGUANE-, FR)

hb-api.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.22.68.131 (None, )

ASN13335 (CLOUDFLARENET, US)

prebid.smilewanted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.38.124 (None, ) 1 redirects

ASN- ()

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.218.108.208 (None, )

ASN- ()

capi-tier-2-us-east-2.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::200a (None, )

ASN- ()

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2006 (None, )

ASN- ()

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.35.236.247 (None, ) 3 redirects

ASN- ()

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
56	postureinfohub.com 1 redirects cdn-2.postureinfohub.com postureinfohub.com	465 KB
32	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 174 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 cm.g.doubleclick.net — Cisco Umbrella Rank: 195 googleads4.g.doubleclick.net	282 KB
32	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 96 bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 127	328 KB
22	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 2294 adservice.google.com — Cisco Umbrella Rank: 64 www.google.com — Cisco Umbrella Rank: 2	89 KB
9	connatix.com 1 redirects capi.connatix.com — Cisco Umbrella Rank: 3458 cd.connatix.com — Cisco Umbrella Rank: 3131 cds.connatix.com — Cisco Umbrella Rank: 3187 capi-tier-2-us-east-2.connatix.com img.connatix.com	268 KB
8	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 39 imasdk.googleapis.com	748 KB
7	google.de adservice.google.de — Cisco Umbrella Rank: 9242	1 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com	4 KB
5	2mdn.net s0.2mdn.net	151 KB
5	fouanalytics.com api.fouanalytics.com — Cisco Umbrella Rank: 6851	8 KB
4	smilewanted.com prebid.smilewanted.com — Cisco Umbrella Rank: 6142	668 B
3	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 226	16 KB
3	ezoic.com pb-server.ezoic.com — Cisco Umbrella Rank: 8855	1 KB
3	gstatic.com www.gstatic.com	14 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	20 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 775 s.tribalfusion.com — Cisco Umbrella Rank: 2340	1 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 163	73 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 892 pixel.quantserve.com — Cisco Umbrella Rank: 398	10 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 58	108 KB
1	a-mo.net 1 redirects prebid.a-mo.net	317 B
1	omnitagjs.com hb-api.omnitagjs.com — Cisco Umbrella Rank: 4151	888 B
1	contextweb.com bid.contextweb.com	780 B
1	avads.net 1 redirects ads.avads.net — Cisco Umbrella Rank: 27908	439 B
1	rutarget.ru 1 redirects google-sync.rutarget.ru — Cisco Umbrella Rank: 183626	381 B
1	sniperlog.ru 1 redirects sync3.sniperlog.ru — Cisco Umbrella Rank: 45436	676 B
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2389	550 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 2793	173 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 773	421 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 833	430 B
1	ezoic.net go.ezoic.net — Cisco Umbrella Rank: 8162	2 KB
1	ezodn.com go.ezodn.com — Cisco Umbrella Rank: 7726	94 KB
0	lijit.com Failed ap.lijit.com Failed
0	sonobi.com Failed sync.go.sonobi.com Failed
0	pubmatic.com Failed image6.pubmatic.com Failed
0	uuidksinc.net Failed s.uuidksinc.net Failed
0	bidswitch.net Failed x.bidswitch.net Failed
214	36

	Domain	Requested by
55	postureinfohub.com	postureinfohub.com
17	pagead2.googlesyndication.com	postureinfohub.com pagead2.googlesyndication.com tpc.googlesyndication.com bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com srcdoc googleads.g.doubleclick.net
13	securepubads.g.doubleclick.net	postureinfohub.com securepubads.g.doubleclick.net cd.connatix.com
12	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com
12	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
10	cm.g.doubleclick.net	3 redirects bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com googleads.g.doubleclick.net
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com postureinfohub.com
7	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
7	adservice.google.de	pagead2.googlesyndication.com securepubads.g.doubleclick.net
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	s0.2mdn.net	imasdk.googleapis.com postureinfohub.com s0.2mdn.net
5	api.fouanalytics.com	postureinfohub.com api.fouanalytics.com
4	imasdk.googleapis.com	cd.connatix.com imasdk.googleapis.com
4	prebid.smilewanted.com	go.ezodn.com
4	fonts.googleapis.com	postureinfohub.com bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com
3	cds.connatix.com	cd.connatix.com
3	ib.adnxs.com	1 redirects go.ezodn.com googleads.g.doubleclick.net
3	pb-server.ezoic.com	go.ezodn.com
3	www.gstatic.com	bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com
3	www.google.com	tpc.googlesyndication.com bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com
3	bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	capi-tier-2-us-east-2.connatix.com	cd.connatix.com
2	www.googletagservices.com	bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com
2	capi.connatix.com	postureinfohub.com cd.connatix.com
2	www.googletagmanager.com	postureinfohub.com www.googletagmanager.com
1	googleads4.g.doubleclick.net	postureinfohub.com
1	img.connatix.com
1	cd.connatix.com	1 redirects
1	prebid.a-mo.net	1 redirects
1	hb-api.omnitagjs.com	go.ezodn.com
1	bid.contextweb.com	go.ezodn.com
1	ads.avads.net	1 redirects
1	google-sync.rutarget.ru	1 redirects
1	sync3.sniperlog.ru	1 redirects
1	match.adsby.bidtheatre.com	1 redirects
1	tr.blismedia.com	bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com
1	s.tribalfusion.com
1	a.tribalfusion.com	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	pixel.quantserve.com	postureinfohub.com
1	rules.quantcount.com	secure.quantserve.com
1	secure.quantserve.com	postureinfohub.com
1	go.ezoic.net	postureinfohub.com
1	go.ezodn.com	postureinfohub.com
1	cdn-2.postureinfohub.com	1 redirects
0	ap.lijit.com Failed	bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com
0	sync.go.sonobi.com Failed	bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com
0	image6.pubmatic.com Failed	bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com
0	s.uuidksinc.net Failed	bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com
0	x.bidswitch.net Failed
214	51

This site contains links to these domains. Also see Links.

Domain
silktide.com
www.ezoic.com

Subject Issuer	Validity	Valid
postureinfohub.com R3	`2022-03-21` - `2022-06-19`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-05` - `2022-07-04`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.connatix.com Go Daddy Secure Certificate Authority - G2	`2021-08-20` - `2022-09-21`	a year	crt.sh
*.ezoic.net Amazon	`2022-01-16` - `2023-02-14`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
tr.blismedia.com GTS CA 1D4	`2022-04-21` - `2022-07-20`	3 months	crt.sh
*.ezoic.com Amazon	`2021-09-29` - `2022-10-28`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.contextweb.com DigiCert SHA2 Secure Server CA	`2020-05-07` - `2022-05-12`	2 years	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-24` - `2022-06-23`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh

This page contains 25 frames:

Primary Page: https://postureinfohub.com/
Frame ID: B4B500A7FEE2CACB9327199825019697
Requests: 140 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220420/r20190131/zrt_lookup.html
Frame ID: 0AD2D3481B7D32E4BAAB9CC21AF87A7C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4916289523661847&output=html&adk=1812271804&adf=3025194257&lmt=1650676588&plat=1%3A16777216%2C8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fpostureinfohub.com%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650676588560&bpp=2&bdt=185&idt=119&shv=r20220420&mjsv=m202204190101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7527079266809&frm=20&pv=2&ga_vid=1728887753.1650676589&ga_sid=1650676589&ga_hid=1812489242&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=2044522174654308&pem=1&tmod=1882633855&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=313
Frame ID: 779FBF9C27312BDA604BFDACF822FD23
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4916289523661847&output=html&h=250&slotname=6150187837&adk=4113919573&adf=1590925058&pi=t.ma~as.6150187837&w=250&lmt=1650676588&psa=0&channel=2753472807&format=250x250&url=https%3A%2F%2Fpostureinfohub.com%2F&host=ca-host-pub-2644536267352236&fwrattr=true&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650676588560&bpp=2&bdt=185&idt=274&shv=r20220420&mjsv=m202204190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7527079266809&frm=20&pv=1&ga_vid=1728887753.1650676589&ga_sid=1650676589&ga_hid=1812489242&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1067&ady=787&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=2044522174654308&pem=1&tmod=1882633855&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=mM%7Cm%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=U5BcZsFfEP&p=https%3A//postureinfohub.com&dtd=319
Frame ID: B76133C5DC8CE2D7011A5D42C073EB14
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4916289523661847&output=html&h=280&adk=2767623100&adf=1730821504&pi=t.aa~a.1372487962~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1650676589&rafmt=1&to=qs&pwprc=9112160430&psa=0&format=1200x280&url=https%3A%2F%2Fpostureinfohub.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650676588992&bpp=2&bdt=617&idt=-M&shv=r20220420&mjsv=m202204190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De38dec53f7156b61-224ba04b7fcd0077%3AT%3D1650676588%3ART%3D1650676588%3AS%3DALNI_MZ21cPHmGEb9jkzKy6t6ofR-hK91A&prev_fmts=0x0%2C250x250&nras=2&correlator=7527079266809&frm=20&pv=1&ga_vid=1728887753.1650676589&ga_sid=1650676589&ga_hid=1812489242&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1798&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=2044522174654308&pem=1&tmod=1882633855&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=zHEq1KMP12&p=https%3A//postureinfohub.com&dtd=15
Frame ID: 4A703530C803ECFC0BC107D96DC25AF3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4916289523661847&output=html&h=90&adk=3130937508&adf=226233620&pi=t.aa~a.697687507~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1650676589&rafmt=1&to=qs&pwprc=9112160430&psa=0&format=1200x90&url=https%3A%2F%2Fpostureinfohub.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650676588992&bpp=1&bdt=617&idt=-M&shv=r20220420&mjsv=m202204190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De38dec53f7156b61-224ba04b7fcd0077%3AT%3D1650676588%3ART%3D1650676588%3AS%3DALNI_MZ21cPHmGEb9jkzKy6t6ofR-hK91A&prev_fmts=0x0%2C250x250%2C1200x280&nras=3&correlator=7527079266809&frm=20&pv=1&ga_vid=1728887753.1650676589&ga_sid=1650676589&ga_hid=1812489242&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2118&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=2044522174654308&pem=1&tmod=1882633855&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=U6XgI8GkkO&p=https%3A//postureinfohub.com&dtd=19
Frame ID: 9788889C20C8CD619F764CD41AC9284C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4916289523661847&output=html&h=90&adk=2743202993&adf=1602281170&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1650676589&rafmt=1&to=qs&pwprc=9112160430&psa=0&format=1200x90&url=https%3A%2F%2Fpostureinfohub.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650676588992&bpp=1&bdt=617&idt=1&shv=r20220420&mjsv=m202204190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De38dec53f7156b61-224ba04b7fcd0077%3AT%3D1650676588%3ART%3D1650676588%3AS%3DALNI_MZ21cPHmGEb9jkzKy6t6ofR-hK91A&prev_fmts=0x0%2C250x250%2C1200x280%2C1200x90&nras=4&correlator=7527079266809&frm=20&pv=1&ga_vid=1728887753.1650676589&ga_sid=1650676589&ga_hid=1812489242&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2638&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=2044522174654308&pem=1&tmod=1882633855&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=gASoy15ETQ&p=https%3A//postureinfohub.com&dtd=22
Frame ID: 01D90B0D532F54FE9129D17B41A8A356
Requests: 1 HTTP requests in this frame

Frame: https://bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D2F7A247EA72C32B09BC47B693318BF8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D18F5E224CE27EA4E1C283A9EAA479A4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CF8E502BD78F88991CAA324FF100AACF
Requests: 2 HTTP requests in this frame

Frame: https://bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F42DD37BAB584FB26AED342F29E76B63
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Frame ID: AFBD38D1715DE9CD3017CEBF05632A90
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B85C0F9008E4744FBD1EAF4BAE0130A4
Requests: 8 HTTP requests in this frame

Frame: https://cds.connatix.com/p/159756/connatix.player.dc.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Frame ID: 37C48B0FC88CF12F4F1F26D43740E922
Requests: 7 HTTP requests in this frame

Frame: https://bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9680A4912C61EFC8DBFBC09FAECA26CC
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjHgujGATAB&v=APEucNVb_FZwHyqjkkJ96FjIrysl95X6sARWdbbfHxVEvFLooLkmPvlznKjLDDkOPohvKffGpueT9STOzNb4T8QbNv-niuJQaXsb-vjvn_cgCKZlRfMtCpdZR0jfpExUZZ-7auJ7QT-5jMHOIc7fYBYly4eobAH5ohXEGGouwAfIdP532_tXm7H_b690hu7ORzfP7P5m62BMzFM_VSFRUDFQKPn2phxC6g
Frame ID: 68B38B3AE5B3F1DA4F677A04678BFDAF
Requests: 5 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.512.0_en.html
Frame ID: D1C7696A9587EF6B0F42BC751DCAC9E0
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.512.0_en.html
Frame ID: 5C0226AAE5616C2D5185A68A56412B31
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.512.0_en.html
Frame ID: CA12F72EA4B3C19E91F2914F0FD4050C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 78970B445EDF55E84D88584C36B47B81
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: E9F022233EB5A745E3C9E0C8197F919F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 1356733B66B5BCB8428459C02F7F4A19
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/5005625392589963264/300x250.html?e=69&leftOffset=0&topOffset=0&c=c5A1nj3uNc&t=1&renderingType=2
Frame ID: D082ACF74BF0B751D6C7D96CFBB59373
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: BBAEE25C7947C39FA2F234ABBEB16C44
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 1B69574CF4735D0E28E446B8FDDC7C04
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

PostureInfoHub - Your posture information source.

Page URL History Show full URLs

https://cdn-2.postureinfohub.com/ HTTP 301
https://postureinfohub.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Osano (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cookieconsent\.min\.js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Page Statistics

214
Requests

89 %
HTTPS

56 %
IPv6

36
Domains

51
Subdomains

34
IPs

7
Countries

2681 kB
Transfer

7633 kB
Size

37
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://silktide.com/cookieconsent
Title: Cookie Consent plugin for the EU cookie law

Search URL Search Domain Scan URL

URL: https://www.ezoic.com/what-is-ezoic/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://cdn-2.postureinfohub.com/ HTTP 301
https://postureinfohub.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 125

https://a.tribalfusion.com/i.match?p=b6&u=CAESEPFs2hheJv_SsGkyxApkav0&google_cver=1&google_push=AYg5qPKP8Z_23L-0jT5FWJSHmVSl8ojlOn2PBMBJCqzD6g-cZrWJxZu0_GFd1I150G3GThSYEP8_scFYXmRypkNBrAo0r-o0Ih8X&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPKP8Z_23L-0jT5FWJSHmVSl8ojlOn2PBMBJCqzD6g-cZrWJxZu0_GFd1I150G3GThSYEP8_scFYXmRypkNBrAo0r-o0Ih8X%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPFs2hheJv_SsGkyxApkav0&google_cver=1&google_push=AYg5qPKP8Z_23L-0jT5FWJSHmVSl8ojlOn2PBMBJCqzD6g-cZrWJxZu0_GFd1I150G3GThSYEP8_scFYXmRypkNBrAo0r-o0Ih8X&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPKP8Z_23L-0jT5FWJSHmVSl8ojlOn2PBMBJCqzD6g-cZrWJxZu0_GFd1I150G3GThSYEP8_scFYXmRypkNBrAo0r-o0Ih8X%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 127

https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEPnZloTaOsqABn3NbgJLPvg&google_cver=1&google_push=AYg5qPLeEoeEAnhU1eYbhgIgSy55-jtMwkMD44_CZDPu9aEBrmxjLJOGY9RFekrJXEOdgf-D5MOsBP3TOmRtVyYvS3Q0e3yxADBE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AYg5qPLeEoeEAnhU1eYbhgIgSy55-jtMwkMD44_CZDPu9aEBrmxjLJOGY9RFekrJXEOdgf-D5MOsBP3TOmRtVyYvS3Q0e3yxADBE

Request Chain 128

https://sync3.sniperlog.ru/?src=ggl_nga&google_gid=CAESEDhGiAeTZVn9vAe_vOihgZM&google_cver=1&google_push=AYg5qPILYmWytvcwMwGT_OrvvQNNxLdffVK2pTUcUZOS4JZQPswvCoq-Blm1u-SgyXIsX79O7JC608wG_lSHY_GdoWbBZ2ybjQcX HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_push=AYg5qPILYmWytvcwMwGT_OrvvQNNxLdffVK2pTUcUZOS4JZQPswvCoq-Blm1u-SgyXIsX79O7JC608wG_lSHY_GdoWbBZ2ybjQcX

Request Chain 129

https://google-sync.rutarget.ru/sync?google_gid=CAESEP6nen0noNC2TuAAFkXlnzs&google_cver=1&google_push=AYg5qPIXppWcZb3r65_-OkO2TOLg-_zWawtl8BP80Iy7-3m1T0wHFM_-V77opxBzqJSZzWDK5F-t8jv9hAK34LdA0UoVjxy2wUbL HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=segmentoru&google_hm=RS1NbHU3MWVsQnQy&google_ula=2046794&google_push=AYg5qPIXppWcZb3r65_-OkO2TOLg-_zWawtl8BP80Iy7-3m1T0wHFM_-V77opxBzqJSZzWDK5F-t8jv9hAK34LdA0UoVjxy2wUbL

Request Chain 130

https://ads.avads.net/sync/ggl?google_gid=CAESEIku2PU0XAVgd09VpDsaXew&google_cver=1&google_push=AYg5qPK-UgaEQkn5BKG3K6P11W4ISm_Ezl9aZW1NEoZ_OC68Kd92LAYPRv0CPC8uV9QkbklPJ8AFaCV7dDg2khiE1hHrSeYKC-am HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=ZmE2ODcwMTItNDNhNS00YzI5LWIyNzctZDIzY2Y0ZjYxZDg5&google_push=AYg5qPK-UgaEQkn5BKG3K6P11W4ISm_Ezl9aZW1NEoZ_OC68Kd92LAYPRv0CPC8uV9QkbklPJ8AFaCV7dDg2khiE1hHrSeYKC-am

Request Chain 149

https://prebid.a-mo.net/cchain/0?gdpr=&us_privacy=1---&cb=https%3A%2F%2Fpb-server.ezoic.com%2Fsetuid%3Fbidder%3Damx%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D HTTP 302
https://pb-server.ezoic.com/setuid?bidder=amx&gdpr=&gdpr_consent=&f=i&uid=325392f6-04f8-420c-ab9f-f242548d81a4&us_privacy=1---

Request Chain 156

https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882 HTTP 302
https://cds.connatix.com/p/159756/connatix.player.dc.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882

Request Chain 188

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAwqedIRo--dXHL0bswMowY&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAwqedIRo--dXHL0bswMowY&google_cver=1&C=1

Request Chain 189

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YmNTcpBpB4ub5NXChOI8mgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAwqedIRo--dXHL0bswMowY&google_cver=1

Request Chain 190

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEIo-dN5nO-Ql6kV7xH3Pz0k&google_cver=1

Request Chain 191

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTE0NTA0OTg0OTEyNDAxMDY5NA%3D%3D

Request Chain 206

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEJkAybs8O5iLQS4R9DNBkJc&google_cver=1&google_push=AYg5qPIHEXna4ngUVLvlGQPVhfWsBxC-XBJkb3DVlIE5ymODFpYmYa1fVjZE0KXnw-PhacJJVo3GUbUKb54NFQfYn7nFph88Wp4 HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEJkAybs8O5iLQS4R9DNBkJc&google_cver=1&google_push=AYg5qPIHEXna4ngUVLvlGQPVhfWsBxC-XBJkb3DVlIE5ymODFpYmYa1fVjZE0KXnw-PhacJJVo3GUbUKb54NFQfYn7nFph88Wp4

Request Chain 211

https://onetag-sys.com/sync/i,19/?google_gid=CAESEPdveA-eO8z3cbMRgecDOz4&google_cver=1&google_push=AYg5qPJq3RYtSTa7D3eCU6MeCzIjD6ydl6lbocKbKoMNrEzpQfIDumXuNIF5AiyxqQRqVyIwHIu-KV5T0F6l6pRvx3nfjt9eKdc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJq3RYtSTa7D3eCU6MeCzIjD6ydl6lbocKbKoMNrEzpQfIDumXuNIF5AiyxqQRqVyIwHIu-KV5T0F6l6pRvx3nfjt9eKdc

Request Chain 212

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEPdveA-eO8z3cbMRgecDOz4&google_cver=1&google_push=AYg5qPKX24Zo-24h4jgmHoxQU3xl9X427RAJveKwWe5nm41JuAJZA9djpbAvQM2PDRIR8twrGXU5VkOMjKuvLtFrNPQBMdjHpacXHw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AYg5qPKX24Zo-24h4jgmHoxQU3xl9X427RAJveKwWe5nm41JuAJZA9djpbAvQM2PDRIR8twrGXU5VkOMjKuvLtFrNPQBMdjHpacXHw

214 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
postureinfohub.com/
Redirect Chain

https://cdn-2.postureinfohub.com/
https://postureinfohub.com/

283 KB
76 KB

214ms
183ms

Document
text/html

18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://postureinfohub.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 02915719f7242ed13cfa8a7368b77f15295a6472874bff52aff65c0970315df4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=0, must-revalidate, no-cache, no-store
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 23 Apr 2022 01:16:28 UTC
display: pub_site_sol
expires: Fri, 22 Apr 2022 01:16:28 GMT
host-header: 8441280b0c35cbc1147f8ba998a563a7
link: <https://postureinfohub.com/wp-json/>; rel="https://api.w.org/"
pagespeed: off
response: 200
server: nginx
vary: Accept-Encoding Accept-Encoding,User-Agent
x-ez-minify-html: 4.61% 289327 / 303312
x-ezoic-cdn: Hit ds;mm;5d3798cb4f8c8ded8404fc41564bc57c;2-218032-15;99cbedb2-275d-4573-4103-bf0a68bae727
x-httpd: 1
x-middleton-display: pub_site_sol
x-middleton-response: 200
x-origin-cache-control
x-proxy-cache: HIT
x-sol: pub_site

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7002c1028e9459a1-MXP
content-length: 0
content-type: text/plain; charset=utf-8
date: Sat, 23 Apr 2022 01:16:28 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://postureinfohub.com/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kGxqvCpUyoRlYhmHkEQ8z7ZmWZk%2BmsTQUW2BOv1aYLNn7CRGvHqi15wJCta4U%2BiOx2tLGEKY2%2BBWu8XYO35yKDolwaEQ21eqlOkXltseC01IQedffaGA9ABVVjTDS6aE5Re%2BhQwypTVXlow5sZP905HDuU9EG1g%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding Accept-Encoding
x-middleton-display: redirect

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 155 KB
54 KB 58ms
33ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: postureinfohub.com
URL: https://postureinfohub.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae24abe473be4c55361dbca393444102cf3aba1b60bf855009f52f4fda2b07f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://postureinfohub.com/
Origin: https://postureinfohub.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 01:16:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54448
x-xss-protection: 0
server: cafe
etag: 13427519488146194403
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 23 Apr 2022 01:16:28 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 84 KB
29 KB 39ms
15ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: postureinfohub.com
URL: https://postureinfohub.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

sffe /

Resource Hash

3b94b6f798453eb2a87e54efd5f67936c01a55dd5289f4ae1e052ef6044de8ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 01:16:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28697
x-xss-protection: 0
server: sffe
etag: "1194 / 509 of 1000 / last-modified: 1650665358"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 23 Apr 2022 01:16:28 GMT

GET
H2 200 dall.js Show response
go.ezodn.com/hb/ 325 KB
94 KB 121ms
46ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,criteo,oftmedia,onemobile,onetag,pulsepoint,sharethrough,smilewanted,yahoossp,yieldmo&cb=195-0-37
Requested by: Host: postureinfohub.com
URL: https://postureinfohub.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a5067e4910e34cb5b10f21eabfde32ab7c6e8da1b7d84dc3add4b979b66ebc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 01:16:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 29 Mar 2022 20:16:05 GMT
server: cloudflare
age: 2091623
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jNZviSmXjgz2ds2mwFsQqcfeLdVcFUwr7jCyDfvlUU4w%2B79BfDRApiw%2BQdEV1CrHj8y%2BhycHxSGsdcqcoK%2BmVx68NufjsgUXDS0dsxwVzaXLMn7JDk8H8wdVsw62ssDUm7nfp4TDa9gyyAE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7002c1060fcd59e9-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 banger.js Show response
postureinfohub.com/porpoiseant/ 53 KB
12 KB 23ms
20ms Script
application/javascript 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://postureinfohub.com/porpoiseant/banger.js?cb=195-0&bv=110&v=58&PageSpeed=off
Requested by: Host: postureinfohub.com
URL: https://postureinfohub.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: d41a99cfbb622d566268df5c305b01494dd30c20c75b0ff05aaaf67571d880c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 01:16:28 GMT
content-encoding: br
server: Apache/2.4.39 (Ubuntu)
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex

GET
H2 200 style.min.css
postureinfohub.com/wp-includes/css/dist/block-library/ 2 KB
688 B 40ms
39ms Stylesheet
text/css 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://postureinfohub.com/wp-includes/css/dist/block-library/style.min.css?ver=5.9.3&ez_used_css_s=13
Requested by: Host: postureinfohub.com
URL: https://postureinfohub.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 847718d1cf7cb93d051b062093829dbfe4428c84e54b114b50d439f283f1b86f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 01:16:28 UTC
content-encoding: br
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
x-sol: orig
display: staticcontent_sol, orig_site_sol
x-ezoic-cdn: Hit ds;mm;5439b4a6b6840d049643cdf7324db1c2;2-218032-15;98a23c12-8b72-4474-6a39-ced6545d505d
x-proxy-cache-info: DT:1
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 543
x-origin-cache-control: max-age=31536000
response: 200
last-modified: Thu, 14 Apr 2022 18:12:37 GMT
server: nginx
etag: W/"624e9b8e-145db-gzip"
x-ez-minify-css: 0.67% 1920 / 1933
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 screen.min.css
postureinfohub.com/wp-content/plugins/table-of-contents-plus/ 707 B
535 B 20ms
19ms Stylesheet
text/css 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://postureinfohub.com/wp-content/plugins/table-of-contents-plus/screen.min.css?ver=2106&ez_used_css_s=13
Requested by: Host: postureinfohub.com
URL: https://postureinfohub.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 8f8a9c03e1f92cc5821a36d3ec2a76dbd868f6fc10dac1d9fff3a64f159cf99a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 01:16:28 UTC
content-encoding: br
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
x-sol: orig
display: staticcontent_sol, orig_site_sol
x-ezoic-cdn: Hit ds;mm;57f1a9fc1f76a2804dea854763b8dbfd;2-218032-15;88b97621-3a32-4651-60b9-7de276cb795f
x-proxy-cache-info: DT:1
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 245
x-origin-cache-control: max-age=31536000
response: 200
last-modified: Thu, 14 Apr 2022 18:12:37 GMT
server: nginx
etag: W/"60fd0cd9-484-gzip"
x-ez-minify-css: 1.26% 707 / 716
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 wp-show-posts-min.css
postureinfohub.com/wp-content/plugins/wp-show-posts/css/ 2 KB
769 B 38ms
36ms Stylesheet
text/css 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://postureinfohub.com/wp-content/plugins/wp-show-posts/css/wp-show-posts-min.css?ver=1.1.3&ez_used_css_s=13
Requested by: Host: postureinfohub.com
URL: https://postureinfohub.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 3e3958e7262adb6a91845204a9f4541f99b1e4ff43cc54d24324daf98ba53c26

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 01:16:28 UTC
content-encoding: br
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
x-sol: orig
display: staticcontent_sol, orig_site_sol
x-ezoic-cdn: Hit ds;mm;ee155efcdb20bc6aae152e7e89bdeccd;2-218032-15;6a572b88-a6d0-454e-4ec9-6bf6618a1355
x-proxy-cache-info: DT:1
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 627
x-origin-cache-control: max-age=31536000
response: 200
last-modified: Thu, 14 Apr 2022 18:12:37 GMT
server: nginx
etag: W/"5f65747f-d9e-gzip"
x-ez-minify-css: 1.42% 2154 / 2185
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 style.css
postureinfohub.com/wp-content/themes/acabado-1/ 16 KB
4 KB 49ms
47ms Stylesheet
text/css 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://postureinfohub.com/wp-content/themes/acabado-1/style.css?ver=5.9.3&ez_used_css_s=13
Requested by: Host: postureinfohub.com
URL: https://postureinfohub.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 90e717aca5b7ac2b6eb566d3178db0baa199f25dd848fc7c9ac6992d67a281a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 01:16:28 UTC
content-encoding: br
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
x-sol: orig
display: staticcontent_sol, orig_site_sol
x-ezoic-cdn: Hit ds;mm;088ce737523df892b3fd4514c69fae46;2-218032-15;e9881c40-20cf-4142-4e1e-c32060462915
x-proxy-cache-info: DT:1
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 3755
x-origin-cache-control: max-age=31536000
response: 200
last-modified: Thu, 14 Apr 2022 18:12:37 GMT
server: nginx
etag: W/"5f657484-98ac-gzip"
x-ez-minify-css: 1.81% 16645 / 16952
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 front.css
postureinfohub.com/wp-content/plugins/related-posts-thumbnails/assets/css/ 918 B
487 B 48ms
47ms Stylesheet
text/css 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://postureinfohub.com/wp-content/plugins/related-posts-thumbnails/assets/css/front.css?ver=1.9.0&ez_used_css_s=13
Requested by: Host: postureinfohub.com
URL: https://postureinfohub.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 02d0e2a1c3fa6ca74e7d804d9e83a2a668bf406c3f9a4074b025778d2d6cf6ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 01:16:28 UTC
content-encoding: br
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
x-sol: orig
display: staticcontent_sol, orig_site_sol
x-ezoic-cdn: Hit ds;mm;5aebdc17750271d151a429922e160f81;2-218032-15;c8e96f80-f9fa-44b0-7995-81367dfd134c
x-proxy-cache-info: DT:1
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 333
x-origin-cache-control: max-age=31536000
response: 200
last-modified: Thu, 14 Apr 2022 18:12:37 GMT
server: nginx
etag: W/"6079e9ca-ff2-gzip"
x-ez-minify-css: 3.37% 918 / 950
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 style-min.css
postureinfohub.com/wp-content/plugins/gp-premium/blog/functions/css/ 439 B
332 B 66ms
65ms Stylesheet
text/css 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://postureinfohub.com/wp-content/plugins/gp-premium/blog/functions/css/style-min.css?ver=1.8.3&ez_used_css_s=13
Requested by: Host: postureinfohub.com
URL: https://postureinfohub.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 8731237f3331dce1906ec72207570ecdda171bb3ed909d0e644f35fd70916e01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 01:16:28 UTC
content-encoding: br
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
x-sol: orig
display: staticcontent_sol, orig_site_sol
x-ezoic-cdn: Hit ds;mm;41b42e7d55d1f5efd21fe5d5b9fbf825;2-218032-15;38539452-35da-4a1b-7f2f-2277aa55600c
x-proxy-cache-info: DT:1
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 189
x-origin-cache-control: max-age=31536000
response: 200
last-modified: Thu, 14 Apr 2022 18:12:37 GMT
server: nginx
etag: W/"5f657480-1474-gzip"
x-ez-minify-css: 2.44% 439 / 450
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 sticky.min.css
postureinfohub.com/wp-content/plugins/gp-premium/menu-plus/functions/css/ 75 B
350 B 50ms
49ms Stylesheet
text/css 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://postureinfohub.com/wp-content/plugins/gp-premium/menu-plus/functions/css/sticky.min.css?ver=1.8.3&ez_used_css_s=13
Requested by: Host: postureinfohub.com
URL: https://postureinfohub.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: d14b3c60ddf5ba719cc80defbca97f207fbbefd3c57ca8636b9cb20a5562ffe7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 01:16:28 UTC
content-encoding: br
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
x-sol: orig
display: staticcontent_sol, orig_site_sol
x-ezoic-cdn: Hit ds;mm;a1efd1d950b35b237e877c455d8deaec;2-218032-15;0d5c3bca-ac4b-4b19-6195-fc96d50767ef
x-proxy-cache-info: DT:1
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 67
x-origin-cache-control: max-age=31536000
response: 200
last-modified: Thu, 14 Apr 2022 18:12:37 GMT
server: nginx
etag: W/"5f657480-725-gzip"
x-ez-minify-css: 1.32% 75 / 76
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 navigation-branding.min.css
postureinfohub.com/wp-content/plugins/gp-premium/menu-plus/functions/css/ 712 B
358 B 66ms
65ms Stylesheet
text/css 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://postureinfohub.com/wp-content/plugins/gp-premium/menu-plus/functions/css/navigation-branding.min.css?ver=1.8.3&ez_used_css_s=13
Requested by: Host: postureinfohub.com
URL: https://postureinfohub.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 0d1a1920a63de28b1d2fc86fb4aa6b642fe47c856aedbb286dc48f321681864b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 01:16:28 UTC
content-encoding: br
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
x-sol: orig
display: staticcontent_sol, orig_site_sol
x-ezoic-cdn: Hit ds;mm;b54ac0cda5b1efb2436a48b0f82181ac;2-218032-15;3879d42f-bf4d-4967-5e8e-a101358d6914
x-proxy-cache-info: DT:1
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 217
x-origin-cache-control: max-age=31536000
response: 200
last-modified: Thu, 14 Apr 2022 18:12:37 GMT
server: nginx
etag: W/"5f657480-c48-gzip"
x-ez-minify-css: 0.56% 712 / 716
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 101 KB
39 KB 48ms
24ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-155296293-1

Requested by

Host: postureinfohub.com
URL: https://postureinfohub.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

19939ee45ae6d3a60bf3612c0c2b338f9be33a67a65f88ef03ff224af45eff80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 01:16:28 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39851
x-xss-protection: 0
expires: Sat, 23 Apr 2022 01:16:28 GMT

GET
H2 200 Are-Tears-Bad-For-Skin-300x225.jpg
postureinfohub.com/wp-content/uploads/2022/03/ 6 KB
7 KB 30ms
27ms Image
image/webp 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://postureinfohub.com/wp-content/uploads/2022/03/Are-Tears-Bad-For-Skin-300x225.jpg?ezimgfmt=rs%3Adevice%2Frscb1-1%2Fng%3Awebp%2Fngcb1
Requested by: Host: postureinfohub.com
URL: https://postureinfohub.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: c234c061413c6ed6f6a8db9344d5f47f196ffbb3f5c2a4d4a52e3ef55bd7a125

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 01:16:28 UTC
content-encoding: br
display: staticcontent_sol
x-amzn-requestid: 5bfb3a47-66e6-4611-a524-bce7cfbce0c4
x-ezoic-cdn: Hit ds;mm;042fb5ef075b9ff65cc51b9032dd999f;2-218032-15;5d3b3660-163c-4d29-5f01-b05f3f3aa626
x-cache: Miss from cloudfront
x-middleton-display: staticcontent_sol
x-amzn-trace-id: Root=1-624f7933-6960b4840682dfd46ac0e4a2;Sampled=0
x-middleton-response: 200
x-amz-apigw-id: QO_gEHypIAMFWIg=
response: 200
server: Apache/2.4.39 (Ubuntu)
x-origin-cache-control
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
via: 1.1 68eb499493257a6d0620a0f6abdc78ca.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P3
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: gz8R5pTmWonS4CU6mMdmkYtHjBYR_B5M9b8uJ-gumENlfxfRijqqIw==

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7a108193a3c54e5c07c1207c0e38b0279d9cddc0fb844fdbdcaf82629ec69eb8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 librefranklin-bold-webfont.woff
postureinfohub.com/wp-content/themes/acabado/font/ 40 KB
40 KB 18ms
17ms Font
font/woff 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://postureinfohub.com/wp-content/themes/acabado/font/librefranklin-bold-webfont.woff
Requested by: Host: postureinfohub.com
URL: https://postureinfohub.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 7fa71b1deeb52fcab7272afae24d64bc9f091c0aee76cbe4b6b94db394cb9f26

Request headers

Referer: https://postureinfohub.com/
Origin: https://postureinfohub.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 01:16:28 UTC
content-encoding: br
etag: "6227898f-a044-gzip"
display: staticcontent_sol
x-ezoic-cdn: Hit ds;mm;58ca0d5caa2414aa5f4ec993d7ff94d9;2-218032-15;86c8acec-1138-4c24-7d47-e9043b20dc82
x-proxy-cache-info: DT:1
x-middleton-display: staticcontent_sol
x-middleton-response: 200
host-header: 8441280b0c35cbc1147f8ba998a563a7
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
response: 200
last-modified: Thu, 14 Apr 2022 18:12:37 GMT
server: nginx
x-origin-cache-control: max-age=31536000
access-control-max-age: 1728000
access-control-allow-methods: POST, GET, OPTIONS
content-type: font/woff
access-control-allow-origin: https://postureinfohub.com
cache-control: public, max-age=31536000

GET
H2 200 RobotoCondensed-Regular-webfont.woff
postureinfohub.com/wp-content/themes/acabado/font/ 21 KB
21 KB 36ms
35ms Font
font/woff 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://postureinfohub.com/wp-content/themes/acabado/font/RobotoCondensed-Regular-webfont.woff
Requested by: Host: postureinfohub.com
URL: https://postureinfohub.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 168ebd89f3a9ffb66f609bdf01034cb2dd90af136676fde9193abb2ac0e517f4

Request headers

Referer: https://postureinfohub.com/
Origin: https://postureinfohub.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 01:16:28 UTC
content-encoding: br
etag: "6227898f-522c-gzip"
display: staticcontent_sol
x-ezoic-cdn: Hit ds;mm;ef5c0c02de8db2d92099ebf403951645;2-218032-15;8af7373d-09f4-4450-5bf5-4555a772a059
x-proxy-cache-info: DT:1
x-middleton-display: staticcontent_sol
x-middleton-response: 200
host-header: 8441280b0c35cbc1147f8ba998a563a7
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
response: 200
last-modified: Thu, 14 Apr 2022 18:12:37 GMT
server: nginx
x-origin-cache-control: max-age=31536000
access-control-max-age: 1728000
access-control-allow-methods: POST, GET, OPTIONS
content-type: font/woff
access-control-allow-origin: https://postureinfohub.com
cache-control: public, max-age=31536000

GET
H2 200 ET-Bloom.woff
postureinfohub.com/wp-content/plugins/bloom/css/fonts/ 5 KB
3 KB 35ms
34ms Font
font/woff 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://postureinfohub.com/wp-content/plugins/bloom/css/fonts/ET-Bloom.woff?gd6mr8
Requested by: Host: postureinfohub.com
URL: https://postureinfohub.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 4d30b67217580f6bda6b6c7ad2467d1a28cb5f5aacee799071b8c08c403af3a2

Request headers

Referer: https://postureinfohub.com/
Origin: https://postureinfohub.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 01:16:28 UTC
content-encoding: br
etag: "5f65747f-1200-gzip"
display: staticcontent_sol
x-ezoic-cdn: Hit ds;mm;d842e69f34db390d51fa06836bb77d72;2-218032-15;11fa707c-3d1c-4aba-74cc-1d9283197326
x-proxy-cache-info: DT:1
x-middleton-display: staticcontent_sol
x-middleton-response: 200
host-header: 8441280b0c35cbc1147f8ba998a563a7
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
content-length: 3102
response: 200
last-modified: Thu, 14 Apr 2022 18:12:37 GMT
server: nginx
x-origin-cache-control: max-age=31536000
access-control-max-age: 1728000
access-control-allow-methods: POST, GET, OPTIONS
content-type: font/woff
access-control-allow-origin: https://postureinfohub.com
cache-control: public, max-age=31536000

GET
H2 200 cookieconsent.min.js Show response
postureinfohub.com/ezoic/ 4 KB
2 KB 13ms
13ms Script
application/javascript 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://postureinfohub.com/ezoic/cookieconsent.min.js
Requested by: Host: postureinfohub.com
URL: https://postureinfohub.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: 10d4b728888654e0b85c706a9310b551087d3321fb8ebfff147d07b13fa73bf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 01:16:28 GMT
content-encoding: br
last-modified: Thu, 14 Apr 2022 18:12:37 GMT
server: Apache/2.4.39 (Ubuntu)
etag: "11a4-5dca13d216f40-gzip"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
x-robots-tag: noindex
content-length: 1707
expires: Sun, 23 Apr 2023 01:16:28 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 40ms
17ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700&display=optional

Requested by

Host: postureinfohub.com
URL: https://postureinfohub.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b0504286aed51a5def1a80aa288095f148f620184744b3749eed5f34ac310598

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 23 Apr 2022 01:16:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 23 Apr 2022 01:16:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 23 Apr 2022 01:16:28 GMT

GET
H2 200 style.css
postureinfohub.com/wp-content/plugins/bloom/css/ 57 KB
6 KB 60ms
60ms Stylesheet
text/css 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://postureinfohub.com/wp-content/plugins/bloom/css/style.css?ver=1.2.19&ez_used_css_s=13
Requested by: Host: postureinfohub.com
URL: https://postureinfohub.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 47cdcd407305ca24a134b0920ed07569ec7c7c417e169ba9df291f0b7f6834d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 01:16:28 UTC
content-encoding: br
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
x-sol: orig
display: staticcontent_sol, orig_site_sol
x-ezoic-cdn: Hit ds;mm;29b2cd0927b8762ac6545dbe4b1c6b52;2-218032-15;6008e65c-6e0a-4bf9-65da-a0c1e2bbe8e4
x-proxy-cache-info: DT:1
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-origin-cache-control: max-age=31536000
response: 200
last-modified: Thu, 14 Apr 2022 18:12:37 GMT
server: nginx
etag: W/"5f65747f-15df3-gzip"
x-ez-minify-css: 1.18% 58624 / 59323
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 app.min.js Show response
postureinfohub.com/wp-content/themes/acabado-1/js/ 4 KB
2 KB 29ms
28ms Script
application/javascript 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://postureinfohub.com/wp-content/themes/acabado-1/js/app.min.js?ver=1.0.10
Requested by: Host: postureinfohub.com
URL: https://postureinfohub.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 08f33897d80b04fa8fea8f88fae97f11e39fd640af1591661c81f103868ca46a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 01:16:28 UTC
content-encoding: br
x-origin-cache-control: max-age=31536000
display: staticcontent_sol
x-ezoic-cdn: Hit ds;mm;c299bedfa4834705154ee11ab6919cf6;2-218032-15;27eb4aba-a910-4d7d-665a-49991d4fa6f7
x-proxy-cache-info: DT:1
x-middleton-display: staticcontent_sol
x-middleton-response: 200
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 1503
response: 200
last-modified: Thu, 14 Apr 2022 18:12:37 GMT
server: nginx
etag: W/"5f657484-11de-gzip"
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
content-type: application/javascript
cache-control: public, max-age=31536000
x-ez-minify-js: 0.00% 4574 / 4574

GET
H2 200 init-1632lqsy2s4fklqsvsii.js Show response
api.fouanalytics.com/api/ 458 B
943 B 302ms
213ms Script
text/javascript 2606:4700:3033::6815:3a2a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.fouanalytics.com/api/init-1632lqsy2s4fklqsvsii.js
Requested by: Host: postureinfohub.com
URL: https://postureinfohub.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:3a2a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 849c7fcd2fb6a7f85ed1dca58cfc0f0de473c79c4a422a1e03de916d05cf8f61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Apr 2022 01:16:28 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EhD06S20VtMBFW5FyyJWH763dv%2Bqt50%2B848yigh9KoWAGwvNyo3spKaPr0qkhRNmWaahs2TPhNlLX1ftEHCMp03o%2FijMlhxbCjDDxvaprRq9%2BASN4QYWESXqT1QYkeSdQVubXc8YFKuRDuQtNofZqV%2BWTw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
cf-ray: 7002c1065a628397-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 0

GET
H2 200 cmbv2.js Show response
postureinfohub.com/detroitchicago/ 88 KB
25 KB 30ms
29ms Script
application/javascript 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://postureinfohub.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y36-23y55-1y59-21y5d-20&cmbcb=48&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x36x55x59x5d
Requested by: Host: postureinfohub.com
URL: https://postureinfohub.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: 7c15f7ee042c9838a02bd4c09c4536fdeeab8072137a9b6e64c3d1ecc79d8f88

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 01:16:28 GMT
content-encoding: br
server: Apache/2.4.39 (Ubuntu)
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex

GET
DATA 200
OK truncated
/ 71 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a3d9d28eb71a5da47c2e238d6249c1fef88e9429870d25d155ce882deeeb024d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 houston.js Show response
postureinfohub.com/detroitchicago/ 4 KB
1 KB 10ms
10ms Script
application/javascript 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://postureinfohub.com/detroitchicago/houston.js?gcb=0&cb=17
Requested by: Host: postureinfohub.com
URL: https://postureinfohub.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: 559539863676ce8b7493956a42958ab940d9b1fe8587e23d56832a56d8369dc3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 01:16:28 GMT
content-encoding: br
server: Apache/2.4.39 (Ubuntu)
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex
content-length: 1394

GET
H2 200 si
capi.connatix.com/tr/ 0
116 B 145ms
122ms Image
application/json 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capi.connatix.com/tr/si?token=2e231d99-ed03-4d53-b6a9-0d8663387959&cid=5f049401-746e-4449-8c27-b6b9d8e25882
Requested by: Host: postureinfohub.com
URL: https://postureinfohub.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 01:16:28 GMT
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 0
access-control-max-age: 86400
content-type: application/json

GET
H2 200 ezoic.png
go.ezoic.net/utilcave_com/img/ 1 KB
2 KB 271ms
230ms Image
image/png 2600:9000:2156:3600:2:cb38:840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.ezoic.net/utilcave_com/img/ezoic.png
Requested by: Host: postureinfohub.com
URL: https://postureinfohub.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3600:2:cb38:840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e1a156c3daa4ae0c41f21ef266131ca5a34d56695e3d860b232da142ef031234

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 07:27:28 GMT
via: 1.1 baaf38f0a0d54e4834bf934fa5189cea.cloudfront.net (CloudFront)
x-sol: middleton
age: 409740
x-cache: Hit from cloudfront
x-middleton-display: staticcontent_sol
content-length: 1181
x-amz-cf-id: itLYqGQZFk9N-PZusJVPLIskrkbTnPHHf0ET6sc_UFCuW-gSZxG7zQ==
last-modified: Thu, 14 Apr 2022 18:12:37 GMT
server: nginx
etag: "49d-5d9576f862e00-gzip-gzip"
vary: Accept-Encoding,Accept-Encoding
content-type: image/png
cache-control: max-age=604800
x-amz-cf-pop: FRA50-C1
display: staticcontent_sol
expires: Mon, 25 Apr 2022 07:27:27 GMT

GET
H2 200 search-icon.png
postureinfohub.com/wp-content/themes/acabado/img/ 2 KB
2 KB 66ms
65ms Image
image/png 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://postureinfohub.com/wp-content/themes/acabado/img/search-icon.png
Requested by: Host: postureinfohub.com
URL: https://postureinfohub.com/wp-content/themes/acabado-1/style.css?ver=5.9.3&ez_used_css_s=13
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 52c949d45ad0fa1015d43e96f5012e1c98a0dfba9958625e216b45ba21849209

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/wp-content/themes/acabado-1/style.css?ver=5.9.3&ez_used_css_s=13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 01:16:28 UTC
content-encoding: br
x-origin-cache-control: max-age=31536000
display: staticcontent_sol
x-ezoic-cdn: Hit ds;mm;a7508965e91d8d68574fae23c9569ce8;2-218032-15;98fb69a9-ce9a-42d1-68f1-0b28d6bef20b
x-proxy-cache-info: DT:1
x-middleton-display: staticcontent_sol
x-middleton-response: 200
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 1947
response: 200
last-modified: Thu, 14 Apr 2022 18:12:37 GMT
server: nginx
etag: "6227898f-908-gzip"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000

GET
H2 200 pubads_impl_2022041801.js Show response
securepubads.g.doubleclick.net/gpt/ 362 KB
123 KB 7ms
6ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

sffe /

Resource Hash

e79ff5fb403dfd221e1b8a531424bb7579536c61b54839ab8e77ba322a9b212a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 00:20:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3361
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125970
x-xss-protection: 0
last-modified: Mon, 18 Apr 2022 08:34:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 23 Apr 2023 00:20:27 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 115 B
122 B 33ms
17ms XHR
application/json 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=postureinfohub.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

125736671ff4b7df323f501227745905212ce08772352db41a9ee2475a8399f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 23 Apr 2022 01:16:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97
x-xss-protection: 0
expires: Sat, 23 Apr 2022 01:16:28 GMT

GET
DATA 200
OK truncated
/ 44 B
44 B Other
image/webp

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52734ffc9ed5c328ac20a2b1bd1177ade6dd2a4279d2445547fffdd5d1f5e2c4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 imp.gif Show response
postureinfohub.com/detroitchicago/ 43 B
180 B 10ms
10ms XHR
image/gif 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://postureinfohub.com/detroitchicago/imp.gif?e=%7B%22ad_cache_level%22%3A2%2C%22ad_count_adjustment%22%3A1%2C%22ad_lazyload_version%22%3A5%2C%22ad_load_version%22%3A1%2C%22ad_location_ids%22%3A%226%2C34%2C31%2C0%2C4%2C5%22%2C%22ad_transform_level%22%3A0%2C%22adx_ad_count%22%3A4%2C%22bidder_method%22%3A1%2C%22bidder_version%22%3A1%2C%22city%22%3A%22Frankfurt%20am%20Main%22%2C%22country%22%3A%22DE%22%2C%22days_since_last_visit%22%3A-1%2C%22display_ad_count%22%3A4%2C%22domain_id%22%3A218032%2C%22ds_adsize_opt_id%22%3A-1%2C%22engaged_time_visit%22%3A0%2C%22ezcache_level%22%3A2%2C%22ezcache_skip_code%22%3A0%2C%22form_factor_id%22%3A1%2C%22framework_id%22%3A1%2C%22has_bad_image%22%3A0%2C%22has_bad_words%22%3A0%2C%22iab_category%22%3A%22%22%2C%22is_from_recommended_pages%22%3Afalse%2C%22is_return_visitor%22%3Afalse%2C%22is_sitespeed%22%3A1%2C%22last_page_load%22%3A%22%22%2C%22last_pageview_id%22%3A%22%22%2C%22lt_cache_level%22%3A0%2C%22max_ads%22%3A3%2C%22metro_code%22%3A0%2C%22optimization_version%22%3A1%2C%22page_ad_positions%22%3A%221006%2C1100%2C1114%2C1156%2C1158%2C1161%22%2C%22page_view_count%22%3A0%2C%22page_view_id%22%3A%2249477534-195e-4085-7b0b-60f74b918827%22%2C%22position_selection_id%22%3A39%2C%22postal_code%22%3A%2260326%22%2C%22pv_event_count%22%3A0%2C%22response_size_orig%22%3A196672%2C%22response_time_orig%22%3A7%2C%22serverid%22%3A%2218.184.4.16%3A1604%22%2C%22state%22%3A%22HE%22%2C%22sub_page_ad_positions%22%3A%221006%2C1100%2C1114%2C1156%2C1158%2C1161%22%2C%22t_epoch%22%3A1650676588%2C%22template_id%22%3A134%2C%22time_on_site_visit%22%3A0%2C%22url%22%3A%22https%3A%2F%2Fpostureinfohub.com%2F%22%2C%22user_id%22%3A0%2C%22word_count%22%3A406%2C%22worst_bad_word_level%22%3A0%7D
Requested by: Host: postureinfohub.com
URL: https://postureinfohub.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y36-23y55-1y59-21y5d-20&cmbcb=48&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x36x55x59x5d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 01:16:30 GMT
content-encoding: br
vary: Accept-Encoding, Accept-Encoding
content-type: image/gif
x-middleton-display: imp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Fri, 22 Apr 2022 01:16:30 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
10 KB 38ms
9ms Script
application/javascript 2620:116:800d:21:fcb8:22d2:d390:5f1b
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: postureinfohub.com
URL: https://postureinfohub.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y36-23y55-1y59-21y5d-20&cmbcb=48&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x36x55x59x5d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:fcb8:22d2:d390:5f1b , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 01:16:28 GMT
content-encoding: gzip
etag: "u2JtyZzqnTXwzBUswy2r+w=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Sat, 30 Apr 2022 01:16:28 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 style.min.css
postureinfohub.com/wp-includes/css/dist/block-library/ 2 KB
2 KB 30ms
27ms Image
text/css 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://postureinfohub.com/wp-includes/css/dist/block-library/style.min.css?ver=5.9.3&ez_used_css_s=13
Requested by: Host: postureinfohub.com
URL: https://postureinfohub.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 01:16:28 UTC
content-encoding: br
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
x-sol: orig
display: staticcontent_sol, orig_site_sol
x-ezoic-cdn: Hit ds;mm;5439b4a6b6840d049643cdf7324db1c2;2-218032-15;98a23c12-8b72-4474-6a39-ced6545d505d
x-proxy-cache-info: DT:1
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 543
x-origin-cache-control: max-age=31536000
response: 200
last-modified: Thu, 14 Apr 2022 18:12:37 GMT
server: nginx
etag: W/"624e9b8e-145db-gzip"
x-ez-minify-css: 0.67% 1920 / 1933
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 screen.min.css
postureinfohub.com/wp-content/plugins/table-of-contents-plus/ 707 B
707 B 28ms
24ms Image
text/css 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://postureinfohub.com/wp-content/plugins/table-of-contents-plus/screen.min.css?ver=2106&ez_used_css_s=13
Requested by: Host: postureinfohub.com
URL: https://postureinfohub.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 01:16:28 UTC
content-encoding: br
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
x-sol: orig
display: staticcontent_sol, orig_site_sol
x-ezoic-cdn: Hit ds;mm;57f1a9fc1f76a2804dea854763b8dbfd;2-218032-15;88b97621-3a32-4651-60b9-7de276cb795f
x-proxy-cache-info: DT:1
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 245
x-origin-cache-control: max-age=31536000
response: 200
last-modified: Thu, 14 Apr 2022 18:12:37 GMT
server: nginx
etag: W/"60fd0cd9-484-gzip"
x-ez-minify-css: 1.26% 707 / 716
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 wp-show-posts-min.css
postureinfohub.com/wp-content/plugins/wp-show-posts/css/ 2 KB
2 KB 29ms
26ms Image
text/css 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://postureinfohub.com/wp-content/plugins/wp-show-posts/css/wp-show-posts-min.css?ver=1.1.3&ez_used_css_s=13
Requested by: Host: postureinfohub.com
URL: https://postureinfohub.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 01:16:28 UTC
content-encoding: br
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
x-sol: orig
display: staticcontent_sol, orig_site_sol
x-ezoic-cdn: Hit ds;mm;ee155efcdb20bc6aae152e7e89bdeccd;2-218032-15;6a572b88-a6d0-454e-4ec9-6bf6618a1355
x-proxy-cache-info: DT:1
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 627
x-origin-cache-control: max-age=31536000
response: 200
last-modified: Thu, 14 Apr 2022 18:12:37 GMT
server: nginx
etag: W/"5f65747f-d9e-gzip"
x-ez-minify-css: 1.42% 2154 / 2185
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 style.css
postureinfohub.com/wp-content/themes/acabado-1/ 16 KB
16 KB 70ms
66ms Image
text/css 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://postureinfohub.com/wp-content/themes/acabado-1/style.css?ver=5.9.3&ez_used_css_s=13
Requested by: Host: postureinfohub.com
URL: https://postureinfohub.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 01:16:28 UTC
content-encoding: br
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
x-sol: orig
display: staticcontent_sol, orig_site_sol
x-ezoic-cdn: Hit ds;mm;088ce737523df892b3fd4514c69fae46;2-218032-15;e9881c40-20cf-4142-4e1e-c32060462915
x-proxy-cache-info: DT:1
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 3755
x-origin-cache-control: max-age=31536000
response: 200
last-modified: Thu, 14 Apr 2022 18:12:37 GMT
server: nginx
etag: W/"5f657484-98ac-gzip"
x-ez-minify-css: 1.81% 16645 / 16952
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 front.css
postureinfohub.com/wp-content/plugins/related-posts-thumbnails/assets/css/ 918 B
918 B 38ms
35ms Image
text/css 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://postureinfohub.com/wp-content/plugins/related-posts-thumbnails/assets/css/front.css?ver=1.9.0&ez_used_css_s=13
Requested by: Host: postureinfohub.com
URL: https://postureinfohub.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 01:16:28 UTC
content-encoding: br
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
x-sol: orig
display: staticcontent_sol, orig_site_sol
x-ezoic-cdn: Hit ds;mm;5aebdc17750271d151a429922e160f81;2-218032-15;c8e96f80-f9fa-44b0-7995-81367dfd134c
x-proxy-cache-info: DT:1
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 333
x-origin-cache-control: max-age=31536000
response: 200
last-modified: Thu, 14 Apr 2022 18:12:37 GMT
server: nginx
etag: W/"6079e9ca-ff2-gzip"
x-ez-minify-css: 3.37% 918 / 950
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 style-min.css
postureinfohub.com/wp-content/plugins/gp-premium/blog/functions/css/ 439 B
439 B 45ms
42ms Image
text/css 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://postureinfohub.com/wp-content/plugins/gp-premium/blog/functions/css/style-min.css?ver=1.8.3&ez_used_css_s=13
Requested by: Host: postureinfohub.com
URL: https://postureinfohub.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 01:16:28 UTC
content-encoding: br
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
x-sol: orig
display: staticcontent_sol, orig_site_sol
x-ezoic-cdn: Hit ds;mm;41b42e7d55d1f5efd21fe5d5b9fbf825;2-218032-15;38539452-35da-4a1b-7f2f-2277aa55600c
x-proxy-cache-info: DT:1
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 189
x-origin-cache-control: max-age=31536000
response: 200
last-modified: Thu, 14 Apr 2022 18:12:37 GMT
server: nginx
etag: W/"5f657480-1474-gzip"
x-ez-minify-css: 2.44% 439 / 450
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 sticky.min.css
postureinfohub.com/wp-content/plugins/gp-premium/menu-plus/functions/css/ 75 B
75 B 32ms
30ms Image
text/css 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://postureinfohub.com/wp-content/plugins/gp-premium/menu-plus/functions/css/sticky.min.css?ver=1.8.3&ez_used_css_s=13
Requested by: Host: postureinfohub.com
URL: https://postureinfohub.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 01:16:28 UTC
content-encoding: br
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
x-sol: orig
display: staticcontent_sol, orig_site_sol
x-ezoic-cdn: Hit ds;mm;a1efd1d950b35b237e877c455d8deaec;2-218032-15;0d5c3bca-ac4b-4b19-6195-fc96d50767ef
x-proxy-cache-info: DT:1
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 67
x-origin-cache-control: max-age=31536000
response: 200
last-modified: Thu, 14 Apr 2022 18:12:37 GMT
server: nginx
etag: W/"5f657480-725-gzip"
x-ez-minify-css: 1.32% 75 / 76
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 navigation-branding.min.css
postureinfohub.com/wp-content/plugins/gp-premium/menu-plus/functions/css/ 712 B
712 B 27ms
25ms Image
text/css 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://postureinfohub.com/wp-content/plugins/gp-premium/menu-plus/functions/css/navigation-branding.min.css?ver=1.8.3&ez_used_css_s=13
Requested by: Host: postureinfohub.com
URL: https://postureinfohub.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 01:16:28 UTC
content-encoding: br
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
x-sol: orig
display: staticcontent_sol, orig_site_sol
x-ezoic-cdn: Hit ds;mm;b54ac0cda5b1efb2436a48b0f82181ac;2-218032-15;3879d42f-bf4d-4967-5e8e-a101358d6914
x-proxy-cache-info: DT:1
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 217
x-origin-cache-control: max-age=31536000
response: 200
last-modified: Thu, 14 Apr 2022 18:12:37 GMT
server: nginx
etag: W/"5f657480-c48-gzip"
x-ez-minify-css: 0.56% 712 / 716
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 css
fonts.googleapis.com/ 6 KB
6 KB 18ms
16ms Image
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700&display=optional

Requested by

Host: postureinfohub.com
URL: https://postureinfohub.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 23 Apr 2022 01:07:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 23 Apr 2022 01:16:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 23 Apr 2022 01:16:28 GMT

GET
H2 200 style.css
postureinfohub.com/wp-content/plugins/bloom/css/ 57 KB
57 KB 73ms
71ms Image
text/css 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://postureinfohub.com/wp-content/plugins/bloom/css/style.css?ver=1.2.19&ez_used_css_s=13
Requested by: Host: postureinfohub.com
URL: https://postureinfohub.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 01:16:28 UTC
content-encoding: br
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
x-sol: orig
display: staticcontent_sol, orig_site_sol
x-ezoic-cdn: Hit ds;mm;29b2cd0927b8762ac6545dbe4b1c6b52;2-218032-15;6008e65c-6e0a-4bf9-65da-a0c1e2bbe8e4
x-proxy-cache-info: DT:1
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-origin-cache-control: max-age=31536000
response: 200
last-modified: Thu, 14 Apr 2022 18:12:37 GMT
server: nginx
etag: W/"5f65747f-15df3-gzip"
x-ez-minify-css: 1.18% 58624 / 59323
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 cmbdv2.js Show response
postureinfohub.com/detroitchicago/ 49 KB
11 KB 18ms
17ms Script
application/javascript 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://postureinfohub.com/detroitchicago/cmbdv2.js?gcb=195-0&cb=03-5y0c-5y18-4y37-23y5a-21y5e-20&cmbcb=48&sj=x03x0cx18x37x5ax5e
Requested by: Host: postureinfohub.com
URL: https://postureinfohub.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: 9ffd1008561e9126f578f470969fbe3cb0fec387992b79f1977f4daa0547fdfd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 01:16:28 GMT
content-encoding: br
server: Apache/2.4.39 (Ubuntu)
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204190101/ 304 KB
108 KB 60ms
32ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4916289523661847&plah=postureinfohub.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4cac2b6e631ea1278d68a318d3c4a48d77699bcea2fe5f5422eb09e5b6a7df11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 01:16:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110978
x-xss-protection: 0
server: cafe
etag: 8200830252181525575
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 23 Apr 2022 01:16:28 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220420/r20190131/ Frame 0AD2 10 KB
5 KB 32ms
8ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220420/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

340b20f9ff6d073c2fea911631d8a6e13af185d983cbe842ddca27df91d0f295

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://postureinfohub.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 9335
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4398
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 22 Apr 2022 22:40:53 GMT
etag: 14837630671339829333
expires: Fri, 06 May 2022 22:40:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 nmash.js
postureinfohub.com/porpoiseant/ 24 KB
6 KB 10ms
10ms Other
application/javascript 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://postureinfohub.com/porpoiseant/nmash.js?v=110
Requested by: Host: postureinfohub.com
URL: https://postureinfohub.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: ffb648200f12e9e83c7a7d94892271c74f23b39d6f77b9df5e21c96166a41ecb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 01:16:28 GMT
content-encoding: br
last-modified: Thu, 14 Apr 2022 18:12:37 GMT
server: Apache/2.4.39 (Ubuntu)
etag: "6003-5dca13d216f40;5dca13d216f40-gzip"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
x-robots-tag: noindex

GET
H2 200 Can-You-Cry-Without-Tears-300x168.jpg
postureinfohub.com/wp-content/uploads/2022/03/ 5 KB
5 KB 33ms
32ms Image
image/webp 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://postureinfohub.com/wp-content/uploads/2022/03/Can-You-Cry-Without-Tears-300x168.jpg?ezimgfmt=rs%3Adevice%2Frscb1-1%2Fng%3Awebp%2Fngcb1
Requested by: Host: postureinfohub.com
URL: https://postureinfohub.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: 0920eba9e0817885e18e9d813525532e77dfafc04943af8a3ea37c813e9501b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 01:16:28 UTC
content-encoding: br
display: staticcontent_sol
x-amzn-requestid: 0aa644e1-c7ef-444b-a742-bdbfd2aa40fa
x-ezoic-cdn: Hit ds;mm;20ad2defd136e31281f4db82bcd027d3;2-218032-15;3c65603e-0565-410c-6522-0a344078f4fa
x-cache: Miss from cloudfront
x-middleton-display: staticcontent_sol
x-amzn-trace-id: Root=1-624f7933-39221c441e2be3132b973f39;Sampled=0
x-middleton-response: 200
x-amz-apigw-id: QO_gJH_soAMF1yQ=
response: 200
server: Apache/2.4.39 (Ubuntu)
x-origin-cache-control
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
via: 1.1 c7f7b4cf7fd5efe64bac95586db3f62a.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: uOEfld7e_jSjNW3Xwkku9V1cTdYZFPAE3HCdrTcJ5m900-KAZdyNHA==

GET
H2 200 Can-You-Be-Allergic-To-Tears-300x300.jpg
postureinfohub.com/wp-content/uploads/2022/03/ 13 KB
13 KB 16ms
15ms Image
image/webp 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://postureinfohub.com/wp-content/uploads/2022/03/Can-You-Be-Allergic-To-Tears-300x300.jpg?ezimgfmt=rs%3Adevice%2Frscb1-1%2Fng%3Awebp%2Fngcb1
Requested by: Host: postureinfohub.com
URL: https://postureinfohub.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: f27af84a93dad4766e05cd00bef6813b0743dc348c693e5c27554c417f7a6a8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 01:16:28 UTC
content-encoding: br
display: staticcontent_sol
x-amzn-requestid: e26230f6-11b9-4e17-8fdc-fe4ee41756cf
x-ezoic-cdn: Hit ds;mm;e1c4cfd5d28404a3873eafb1d4cf18e9;2-218032-15;8d4d0b69-f534-415f-7e13-7be37bd15766
x-cache: Miss from cloudfront
x-middleton-display: staticcontent_sol
x-amzn-trace-id: Root=1-624f7933-5eac8818301509583e03db74;Sampled=0
x-middleton-response: 200
x-amz-apigw-id: QO_gHEwBoAMFdsQ=
response: 200
server: Apache/2.4.39 (Ubuntu)
x-origin-cache-control
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
via: 1.1 51bcd21e941ceaec99864557d86202ae.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P3
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: iTmUXPaScCYdlysmGuT3EqVYOTQGBgiIA-KO1RTCwhZzXcQ3IS2d_w==

GET
H2 200 Can-You-Eat-Frankincense-Tears-1-177x300.jpg
postureinfohub.com/wp-content/uploads/2022/03/ 7 KB
7 KB 23ms
22ms Image
image/webp 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://postureinfohub.com/wp-content/uploads/2022/03/Can-You-Eat-Frankincense-Tears-1-177x300.jpg?ezimgfmt=rs%3Adevice%2Frscb1-1%2Fng%3Awebp%2Fngcb1
Requested by: Host: postureinfohub.com
URL: https://postureinfohub.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: 1cfddb71fe3ddaec9a44e9688d4484499217fce341a8e244ae5128cc7f1d90d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 01:16:28 UTC
content-encoding: br
display: staticcontent_sol
x-amzn-requestid: 8c116f1e-1b41-4a1c-9c14-3b8904973929
x-ezoic-cdn: Hit ds;mm;142f0b118018539d04e538a5b2c379cf;2-218032-15;4361cb50-f5b4-450e-57a3-b0ccaed7e514
x-cache: Miss from cloudfront
x-middleton-display: staticcontent_sol
x-amzn-trace-id: Root=1-624f7934-3721f575321601bc50bb3f67;Sampled=0
x-middleton-response: 200
x-amz-apigw-id: QO_gLE3boAMFZQA=
response: 200
server: Apache/2.4.39 (Ubuntu)
x-origin-cache-control
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
via: 1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA6-C1
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: M8Byb5sj_vTGXwufY4AxyPAMY8SEdQ_hv9NzW2zWVLJ44EGmIoc2XA==

GET
H2 200 Why-Do-My-Tears-Burn-Like-Acid-300x300.gif
postureinfohub.com/wp-content/uploads/2022/03/ 76 KB
75 KB 97ms
97ms Image
image/gif 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://postureinfohub.com/wp-content/uploads/2022/03/Why-Do-My-Tears-Burn-Like-Acid-300x300.gif
Requested by: Host: postureinfohub.com
URL: https://postureinfohub.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6f2d4d11b1c4aab7786a7e7b1dfbf038e28f4afa170e99cb6138a131136b7d35

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 01:16:28 UTC
content-encoding: br
x-origin-cache-control: max-age=31536000
display: staticcontent_sol
x-ezoic-cdn: Hit ds;mm;e578f80b8b8333ce771ef77cf7c1de04;2-218032-15;502fe313-8c5b-4dff-69db-2a5ef0d7d07a
x-proxy-cache-info: DT:1
x-middleton-display: staticcontent_sol
x-middleton-response: 200
host-header: 8441280b0c35cbc1147f8ba998a563a7
response: 200
last-modified: Thu, 14 Apr 2022 18:12:37 GMT
server: nginx
etag: "6239483e-1300e-gzip"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
content-type: image/gif
cache-control: public, max-age=31536000

GET
H2 200 rules-p-31iz6hfFutd16.js Show response
rules.quantcount.com/ 3 B
430 B 64ms
17ms Script
application/javascript 2600:9000:2156:5c00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-31iz6hfFutd16.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:5c00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 02:45:27 GMT
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b4.cloudfront.net (CloudFront)
age: 81062
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 19:50:24 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: bHokpWjc4hY9ZIKhNnQYOW0DcSNFqY-qam5vD9-JbvzNIZi8RmpgTQ==

GET
H2 200 army.gif Show response
postureinfohub.com/porpoiseant/ 0
133 B 8ms
8ms XHR
text/plain 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://postureinfohub.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTY3Njk0ODMzMzY3ODI0MiIsImRvbWFpbl9pZCI6IjIxODAzMiIsInVuaXQiOiJkaXYtZ3B0LWFkLXBvc3R1cmVpbmZvaHViX2NvbS1sYXJnZS1iaWxsYm9hcmQtMi0wIiwidF9lcG9jaCI6MTY1MDY3NjU4OCwiYWRfcG9zaXRpb24iOjExNTgsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI0OTQ3NzUzNC0xOTVlLTQwODUtN2IwYi02MGY3NGI5MTg4MjciLCJjb21wX2lkIjoxLCJkYXRhIjpbeyJuYW1lIjoic3RhdF9zb3VyY2VfaWQiLCJ2YWwiOiI0NCJ9XSwiaXNfb3JpZyI6MH1d
Requested by: Host: postureinfohub.com
URL: https://postureinfohub.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y36-23y55-1y59-21y5d-20&cmbcb=48&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x36x55x59x5d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-middleton-display: ezp_sol
date: Sat, 23 Apr 2022 01:16:27 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
expires: Fri, 22 Apr 2022 01:16:27 GMT
content-length: 0
vary: Accept-Encoding, Accept-Encoding
content-type: text/plain; charset=utf-8

GET
H2 200 army.gif Show response
postureinfohub.com/porpoiseant/ 0
64 B 11ms
10ms XHR
text/plain 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://postureinfohub.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTY3Njk0ODMzMzY3ODI0MiIsImRvbWFpbl9pZCI6IjIxODAzMiIsInVuaXQiOiJkaXYtZ3B0LWFkLXBvc3R1cmVpbmZvaHViX2NvbS1sYXJnZS1iaWxsYm9hcmQtMi0wIiwidF9lcG9jaCI6MTY1MDY3NjU4OCwiYWRfcG9zaXRpb24iOjExNTgsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI0OTQ3NzUzNC0xOTVlLTQwODUtN2IwYi02MGY3NGI5MTg4MjciLCJjb21wX2lkIjoxLCJkYXRhIjpbeyJuYW1lIjoiYWRzZW5zZXR5cGUiLCJ2YWwiOiIyIn1dLCJpc19vcmlnIjowfV0=
Requested by: Host: postureinfohub.com
URL: https://postureinfohub.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y36-23y55-1y59-21y5d-20&cmbcb=48&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x36x55x59x5d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-middleton-display: ezp_sol
date: Sat, 23 Apr 2022 01:16:30 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
expires: Fri, 22 Apr 2022 01:16:30 GMT
content-length: 0
vary: Accept-Encoding, Accept-Encoding
content-type: text/plain; charset=utf-8

GET
H2 200 ca-pub-4916289523661847 Show response
fundingchoicesmessages.google.com/i/ 91 KB
32 KB 65ms
38ms Script
application/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-4916289523661847?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4916289523661847&plah=postureinfohub.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

75722c04583ae0f35608e61329e69348677705838dde9289b4bbda495e6d31b4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-+R9xuA8UUAP3rU9GzUFcKw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-+R9xuA8UUAP3rU9GzUFcKw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

content-security-policy: script-src 'report-sample' 'nonce-+R9xuA8UUAP3rU9GzUFcKw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-+R9xuA8UUAP3rU9GzUFcKw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
date: Sat, 23 Apr 2022 01:16:28 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: application/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 190 KB
68 KB 43ms
21ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-E15G21MEWF&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-155296293-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

612b2d62aa0a911b94aebf2dec4c6bfad52cc444fc0eeea3fa41832dc1e1df75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 01:16:28 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69931
x-xss-protection: 0
expires: Sat, 23 Apr 2022 01:16:28 GMT

GET
H2 200 pixel;r=133231424;labels=Domain.postureinfohub_com%2CDomainId.218032;rf=0;a=p-31iz6hfFutd16;url=https%3A%2F%2Fpostureinfohub.com%2F;uht=2;fpan=1;fpa=P0-1291458293-1650676588750;pbc=;ns=0;ce=1;qjs=1...
pixel.quantserve.com/ 35 B
371 B 19ms
10ms Image
image/gif 2620:116:800d:21:fcb8:22d2:d390:5f1b
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=133231424;labels=Domain.postureinfohub_com%2CDomainId.218032;rf=0;a=p-31iz6hfFutd16;url=https%3A%2F%2Fpostureinfohub.com%2F;uht=2;fpan=1;fpa=P0-1291458293-1650676588750;pbc=;ns=0;ce=1;qjs=1;qv=a98acd33-20220316110313;cm=;gdpr=0;ref=;d=postureinfohub.com;je=0;sr=1600x1200x24;dst=0;et=1650676588750;tzo=0;ogl=title.PostureInfoHub%2Cdescription.Your%20posture%20information%20source%252E%2Ctype.website%2Curl.https%3A%2F%2Fpostureinfohub%252Ecom%2F%2Csite_name.PostureInfoHub

Requested by

Host: postureinfohub.com
URL: https://postureinfohub.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:fcb8:22d2:d390:5f1b , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Apr 2022 01:16:28 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 pp.js Show response
api.fouanalytics.com/s/ 15 KB
6 KB 345ms
44ms Script
text/javascript 2606:4700:3033::6815:3a2a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.fouanalytics.com/s/pp.js
Requested by: Host: postureinfohub.com
URL: https://postureinfohub.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:3a2a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c5d23f0dc92f851fcd7ca54b20b6de36d56a0104ff9681959e781d328e985aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 01:16:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 18 Apr 2022 06:58:46 GMT
server: cloudflare
age: 593
etag: W/"625d0c26-3acd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fH%2B0a%2Fg02BuBqB5TUC3Dqj2EBbP8NFlTzmilj0Z4QKNMEE3fB7N00INrfOn3aIIoNRtsW2ZqO%2FcNJqirwZ934Wx7FS%2BA6WvHGlBk8OurhnoJs5hMmeHFbR9CUVyPM0MmOZcAxU6gu333r9292NqrxlJ11Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7002c109be608397-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 Why-Do-Tears-Burn-My-Face-1-300x200.jpg
postureinfohub.com/wp-content/uploads/2022/03/ 4 KB
4 KB 48ms
47ms Image
image/webp 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://postureinfohub.com/wp-content/uploads/2022/03/Why-Do-Tears-Burn-My-Face-1-300x200.jpg?ezimgfmt=rs%3Adevice%2Frscb1-1%2Fng%3Awebp%2Fngcb1
Requested by: Host: postureinfohub.com
URL: https://postureinfohub.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: 2b7cd21726525c284e26d898f1bf3fb19cf28256608c1da91ca231463f3a0f3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 01:16:28 UTC
content-encoding: br
display: staticcontent_sol
x-amzn-requestid: 476bf301-56ec-4ad8-a3af-cda68ba7fc3b
x-ezoic-cdn: Hit ds;mm;7b12339b06d52984a419a1c9fa3213b1;2-218032-15;d6327e85-422f-4eea-477b-21653e265c29
x-cache: Miss from cloudfront
x-middleton-display: staticcontent_sol
x-amzn-trace-id: Root=1-624f7937-0ecd638f669c69616e330fd9;Sampled=0
x-middleton-response: 200
x-amz-apigw-id: QO_goEDjoAMFubw=
content-length: 3748
response: 200
server: Apache/2.4.39 (Ubuntu)
x-origin-cache-control
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
via: 1.1 e026b2802d48048e9935caadbecf124e.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P3
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: MqS1cWhlVFycycga96ktKVoLDr7D1JTjARxSTXw9CanMm3Rw6jWMAQ==

POST
H2 204 collect
www.google-analytics.com/g/ 0
173 B 36ms
14ms Ping
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-E15G21MEWF&gtm=2oe4k0&_p=1812489242&_z=ccd.NbB&cid=1728887753.1650676589&ul=en-us&sr=1600x1200&_s=1&sid=1650676588&sct=1&seg=0&dl=https%3A%2F%2Fpostureinfohub.com%2F&dt=PostureInfoHub%20-%20Your%20posture%20information%20source.&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-E15G21MEWF&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Apr 2022 01:16:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://postureinfohub.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 25ms
6ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-155296293-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 3557
date: Sat, 23 Apr 2022 00:17:11 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sat, 23 Apr 2022 02:17:11 GMT

POST
H3 204 AGSKWxVpHkEXmpaF-3GY9Y0BEIBgO6_PwfK39ECXcTW7DQXBZPwz-wN8Nw8g8U4SeBeBGzshLpYM7RXVzsS_RZqSrWE= Show response
fundingchoicesmessages.google.com/el/ 0
29 B 39ms
23ms XHR
text/html 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVpHkEXmpaF-3GY9Y0BEIBgO6_PwfK39ECXcTW7DQXBZPwz-wN8Nw8g8U4SeBeBGzshLpYM7RXVzsS_RZqSrWE=?pvid=498BC1D6-9D59-41C8-892A-6B14DF898673&anonid=C88AF551-975B-403A-9C9D-58A0B22E403B

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.AQaE9o5XtuY.es5.O/d=1/rs=AJlcJMyOV23XGvWmuisJCRaEBvjM4x2MLg/m=kernel_loader,loader_js_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-nLQMkEpI+axYpSpw6lnaRg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-nLQMkEpI+axYpSpw6lnaRg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://postureinfohub.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 23 Apr 2022 01:16:28 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
access-control-allow-origin: https://postureinfohub.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-nLQMkEpI+axYpSpw6lnaRg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-nLQMkEpI+axYpSpw6lnaRg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 222 B
421 B 15ms
14ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=postureinfohub.com&callback=_gfp_s_&client=ca-pub-4916289523661847

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

dd0e6b4f944ff475fcb9d920e9a9539d0441b252cb1a3c09895791130f0d7cb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 01:16:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 206
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 91ms
27ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=postureinfohub.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 23 Apr 2022 01:16:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 53ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=postureinfohub.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 23 Apr 2022 01:16:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 39ms
39ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fpostureinfohub.com%2F&tn=DIV&id=ezmobfooter&cls=ezmob-footer%20ezoic-floating-bottom%20ezo_ad%20ezmob-footer-desktop&ign=false&pw=1600&ph=1200&x=0&y=1130.4

Requested by

Host: postureinfohub.com
URL: https://postureinfohub.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Apr 2022 01:16:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 779F 18 KB
5 KB 82ms
67ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4916289523661847&output=html&adk=1812271804&adf=3025194257&lmt=1650676588&plat=1%3A16777216%2C8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fpostureinfohub.com%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650676588560&bpp=2&bdt=185&idt=119&shv=r20220420&mjsv=m202204190101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7527079266809&frm=20&pv=2&ga_vid=1728887753.1650676589&ga_sid=1650676589&ga_hid=1812489242&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=2044522174654308&pem=1&tmod=1882633855&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=313

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac0fc2b68d8fd9930ce6e2d781b7e76dd2c2d59cf94b00891c0d3026920487e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://postureinfohub.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 5188
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 23 Apr 2022 01:16:28 GMT
expires: Sat, 23 Apr 2022 01:16:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B761 436 B
235 B 90ms
81ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4916289523661847&output=html&h=250&slotname=6150187837&adk=4113919573&adf=1590925058&pi=t.ma~as.6150187837&w=250&lmt=1650676588&psa=0&channel=2753472807&format=250x250&url=https%3A%2F%2Fpostureinfohub.com%2F&host=ca-host-pub-2644536267352236&fwrattr=true&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650676588560&bpp=2&bdt=185&idt=274&shv=r20220420&mjsv=m202204190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7527079266809&frm=20&pv=1&ga_vid=1728887753.1650676589&ga_sid=1650676589&ga_hid=1812489242&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1067&ady=787&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=2044522174654308&pem=1&tmod=1882633855&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=mM%7Cm%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=U5BcZsFfEP&p=https%3A//postureinfohub.com&dtd=319

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b600e7a9de4cffca6d4ea20e5b47a23f2762eaa3b6265138c96782426d4fe303

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://postureinfohub.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 23 Apr 2022 01:16:28 GMT
expires: Sat, 23 Apr 2022 01:16:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 AGSKWxXNlG9UdruH59d2RwDatec5zGC77JZOviXCxR_P2cex0JowWloYfarbzc9wyk281chlrlvfxqSZe0Vn4XMec_A= Show response
fundingchoicesmessages.google.com/f/ 44 KB
17 KB 59ms
41ms Script
application/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXNlG9UdruH59d2RwDatec5zGC77JZOviXCxR_P2cex0JowWloYfarbzc9wyk281chlrlvfxqSZe0Vn4XMec_A=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjUwNjc2NTg4LDg4NzAwMDAwMF0sIjQ5OEJDMUQ2LTlENTktNDFDOC04OTJBLTZCMTRERjg5ODY3MyIsIkM4OEFGNTUxLTk3NUItNDAzQS05QzlELTU4QTBCMjJFNDAzQiIsbnVsbCxbbnVsbCxbN10sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLHRydWUsdHJ1ZV0sImh0dHBzOi8vcG9zdHVyZWluZm9odWIuY29tLyIsbnVsbCxbXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6f059aaed513b7ed93a1d3d01c5231fd32d06c939129fd3ddcc3d2efa57b590b

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-8l8bfOF5ggDcljzL1C1txQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-8l8bfOF5ggDcljzL1C1txQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 01:16:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options: SAMEORIGIN
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-8l8bfOF5ggDcljzL1C1txQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-8l8bfOF5ggDcljzL1C1txQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 37ms
14ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1812489242&t=pageview&_s=1&dl=https%3A%2F%2Fpostureinfohub.com%2F&ul=en-us&de=UTF-8&dt=PostureInfoHub%20-%20Your%20posture%20information%20source.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACUABBAAAAC~&jid=1347705614&gjid=775928576&cid=1728887753.1650676589&tid=UA-155296293-1&_gid=184884041.1650676589&_r=1&gtm=2ou4k0&did=dZTNiMT&gdid=dZTNiMT&z=1795574826

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://postureinfohub.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 23 Apr 2022 01:16:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://postureinfohub.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWMABMqMpnHMIQflsduKJQUYtRcngFga1lFFZ41gMRAFFQJHk4lb3UWx4ul6wTOekqvRgV7HOuyr0JQo_bE8pddsMPs-bua1KepudDr9w1d3lTrjieRPGMOcqpJn-Bp_tgFTFs7l5POgeVps8G2wH-SMJoMz34tVPVfDkuRNPzAY42GtKhQpSH4SQ6b Show response
fundingchoicesmessages.google.com/el/ 0
29 B 19ms
19ms XHR
text/html 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWMABMqMpnHMIQflsduKJQUYtRcngFga1lFFZ41gMRAFFQJHk4lb3UWx4ul6wTOekqvRgV7HOuyr0JQo_bE8pddsMPs-bua1KepudDr9w1d3lTrjieRPGMOcqpJn-Bp_tgFTFs7l5POgeVps8G2wH-SMJoMz34tVPVfDkuRNPzAY42GtKhQpSH4SQ6b

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabCcpaWebSignalJs.de.2ynnQySk_B8.es5.O/d=1/rs=AJlcJMy0zpINWf-i7MyjMwYOTOKmQx4m7g/m=iabccpawebsignalscript

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-R5Kr36BDpQOzzqKVkBvFgQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-R5Kr36BDpQOzzqKVkBvFgQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://postureinfohub.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 23 Apr 2022 01:16:28 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
access-control-allow-origin: https://postureinfohub.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-R5Kr36BDpQOzzqKVkBvFgQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-R5Kr36BDpQOzzqKVkBvFgQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxUdFWv_iSrM_CR0jYnQHJQbjyvGB-CLZhRpXZ29YkMCNOcBfShceC2Zb2Y4XTPhchgwMU2_UaD1LY39y_8-HfYn-L8xew8DtfMduS_oTwCIkz1SlRNTO2ejLdFhLvKdVYgSgb-_xSW4b2JJDGrzGUjvXzBTv3-DoaKFYEimxxdTE0F1Nh4bLyUqQE6r Show response
fundingchoicesmessages.google.com/f/ 63 KB
23 KB 28ms
28ms Script
application/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUdFWv_iSrM_CR0jYnQHJQbjyvGB-CLZhRpXZ29YkMCNOcBfShceC2Zb2Y4XTPhchgwMU2_UaD1LY39y_8-HfYn-L8xew8DtfMduS_oTwCIkz1SlRNTO2ejLdFhLvKdVYgSgb-_xSW4b2JJDGrzGUjvXzBTv3-DoaKFYEimxxdTE0F1Nh4bLyUqQE6r?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjUwNjc2NTg4LDk1ODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTBdLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxLDFdLCJodHRwczovL3Bvc3R1cmVpbmZvaHViLmNvbS8iLG51bGwsW11d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1bf6c652267a140913fbd4ef79e3943f129c5d26dd38fcec8de9664b4180c96d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-BmsYgT6FBysWU4GYmXnDBg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-BmsYgT6FBysWU4GYmXnDBg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 01:16:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: application/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'report-sample' 'nonce-BmsYgT6FBysWU4GYmXnDBg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-BmsYgT6FBysWU4GYmXnDBg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 30ms
15ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=postureinfohub.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 23 Apr 2022 01:16:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 44ms
17ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=postureinfohub.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 23 Apr 2022 01:16:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4A70 436 B
236 B 111ms
111ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4916289523661847&output=html&h=280&adk=2767623100&adf=1730821504&pi=t.aa~a.1372487962~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1650676589&rafmt=1&to=qs&pwprc=9112160430&psa=0&format=1200x280&url=https%3A%2F%2Fpostureinfohub.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650676588992&bpp=2&bdt=617&idt=-M&shv=r20220420&mjsv=m202204190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De38dec53f7156b61-224ba04b7fcd0077%3AT%3D1650676588%3ART%3D1650676588%3AS%3DALNI_MZ21cPHmGEb9jkzKy6t6ofR-hK91A&prev_fmts=0x0%2C250x250&nras=2&correlator=7527079266809&frm=20&pv=1&ga_vid=1728887753.1650676589&ga_sid=1650676589&ga_hid=1812489242&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1798&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=2044522174654308&pem=1&tmod=1882633855&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=zHEq1KMP12&p=https%3A//postureinfohub.com&dtd=15

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c648ea5194eb437aaa123f7c1aed2a6096cef35dd8c70f0284c16f363ab54ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://postureinfohub.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 23 Apr 2022 01:16:29 GMT
expires: Sat, 23 Apr 2022 01:16:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9788 436 B
236 B 113ms
113ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4916289523661847&output=html&h=90&adk=3130937508&adf=226233620&pi=t.aa~a.697687507~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1650676589&rafmt=1&to=qs&pwprc=9112160430&psa=0&format=1200x90&url=https%3A%2F%2Fpostureinfohub.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650676588992&bpp=1&bdt=617&idt=-M&shv=r20220420&mjsv=m202204190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De38dec53f7156b61-224ba04b7fcd0077%3AT%3D1650676588%3ART%3D1650676588%3AS%3DALNI_MZ21cPHmGEb9jkzKy6t6ofR-hK91A&prev_fmts=0x0%2C250x250%2C1200x280&nras=3&correlator=7527079266809&frm=20&pv=1&ga_vid=1728887753.1650676589&ga_sid=1650676589&ga_hid=1812489242&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2118&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=2044522174654308&pem=1&tmod=1882633855&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=U6XgI8GkkO&p=https%3A//postureinfohub.com&dtd=19

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb89ff207f3df982fda2c609ef71fe7adb48165eb406d482c9210974811d8b8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://postureinfohub.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 23 Apr 2022 01:16:29 GMT
expires: Sat, 23 Apr 2022 01:16:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 01D9 436 B
235 B 105ms
104ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4916289523661847&output=html&h=90&adk=2743202993&adf=1602281170&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1650676589&rafmt=1&to=qs&pwprc=9112160430&psa=0&format=1200x90&url=https%3A%2F%2Fpostureinfohub.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650676588992&bpp=1&bdt=617&idt=1&shv=r20220420&mjsv=m202204190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De38dec53f7156b61-224ba04b7fcd0077%3AT%3D1650676588%3ART%3D1650676588%3AS%3DALNI_MZ21cPHmGEb9jkzKy6t6ofR-hK91A&prev_fmts=0x0%2C250x250%2C1200x280%2C1200x90&nras=4&correlator=7527079266809&frm=20&pv=1&ga_vid=1728887753.1650676589&ga_sid=1650676589&ga_hid=1812489242&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2638&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=2044522174654308&pem=1&tmod=1882633855&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=gASoy15ETQ&p=https%3A//postureinfohub.com&dtd=22

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d3eab7425840b3ed6c456fb94bb88cd0c7ce69a908b29c303dcbe89ffb53c836

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://postureinfohub.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 211
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 23 Apr 2022 01:16:29 GMT
expires: Sat, 23 Apr 2022 01:16:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 897 B
275 B 567ms
566ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2044522174654308&correlator=4477229190048532&eid=31067094%2C31065517&output=ldjh&gdfp_req=1&vrg=2022041801&ptt=17&impl=fifs&us_privacy=1---&iu_parts=1254144%3A22489788787%2Cpostureinfohub_com-box-1%2Cpostureinfohub_com-banner-2&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=250x250%2C320x50%7C250x250%7C320x100%7C120x240%7C200x200%7C180x150%7C336x280%7C300x250%7C234x60%7C320x50%7C125x125&fluid=0%2Cheight&ifi=6&adks=3513116733%2C3380762877&sfv=1-0-38&ecs=20220423&fsapi=false&prev_scp=a%3D%257C1%257C%26iid1%3D1099241015697677%26eid%3D1099241015697677%26t%3D134%26d%3D218032%26t1%3D134%26pvc%3D0%26ap%3D1156%26sap%3D1156%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dpostureinfohub_com-box-1-1099241015697677%26eb_br%3D9ae587f95e95c876b7b76fd4c72a3838%26eba%3D1%26asau%3D6150187837%26bv%3D12%26bvm%3D0%26bvr%3D2%26shp%3D2%26ftsn%3D3%26acptad%3D1%26br1%3D180%26br2%3D90%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2526%2C2527%2C2761%2C2763%2C2764%2C2765%7Ca%3D%257C1%257C%26iid1%3D900992943744399%26eid%3D900992943744399%26t%3D134%26d%3D218032%26t1%3D134%26pvc%3D0%26ap%3D1161%26sap%3D1161%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D31%26al%3D1031%26compid%3D0%26tap%3Dpostureinfohub_com-banner-2-900992943744399%26eb_br%3D9ae587f95e95c876b7b76fd4c72a3838%26eba%3D1%26asau%3D6150187837%26bv%3D13%26bvm%3D0%26bvr%3D3%26shp%3D2%26ftsn%3D3%26br1%3D180%26br2%3D90%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2526%2C2527%2C2761%2C2763%2C2764%2C2765&eri=1&sc=1&cookie=ID%3De38dec53f7156b61-224ba04b7fcd0077%3AT%3D1650676588%3ART%3D1650676588%3AS%3DALNI_MZ21cPHmGEb9jkzKy6t6ofR-hK91A&abxe=1&dt=1650676589054&lmt=1650676589&dlt=1650676588375&idt=262&biw=1600&bih=1200&adxs=1109%2C1067&adys=244%2C1125&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fpostureinfohub.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=332x-1%7C332x-1&msz=250x-1%7C332x-1&fws=4%2C516&ohw=1600%2C1600&ga_vid=1728887753.1650676589&ga_sid=1650676589&ga_hid=1812489242&ga_fc=true&btvi=0%7C0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

4ad64a2b0dfb4643a375069469ef6c8c4f7d65944d94aa7d6f83ec1331d6a011

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 01:16:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 244
x-xss-protection: 0
google-lineitem-id: -2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://postureinfohub.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D2F7 6 KB
4 KB 65ms
14ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://postureinfohub.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 23 Apr 2022 01:16:29 GMT
expires: Sun, 23 Apr 2023 01:16:29 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 17ms
16ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=postureinfohub.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 23 Apr 2022 01:16:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=postureinfohub.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 23 Apr 2022 01:16:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ad.gif
api.fouanalytics.com/s/ 43 B
400 B 343ms
42ms Image
image/gif 2606:4700:3033::6815:3a2a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.fouanalytics.com/s/ad.gif
Requested by: Host: postureinfohub.com
URL: https://postureinfohub.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:3a2a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 01:16:29 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Apr 2022 06:58:45 GMT
server: cloudflare
age: 591
etag: "625d0c25-2b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jl%2FaemoZ3fjYTdI0bAlpUr9EiMRB1gNni6baB6zsi0OC5nigg4eOzmE9s8vK0HIP%2FmuECVaid3F2xUphp1mN97pK9kPKf4KOyo4OedEkoe3%2B5K468Udfj2j0v2RnKerIeSVU6naAzyQ%2FnSWrsZ9%2BiHz7nA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7002c10cb9b98397-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 455 B
262 B 312ms
311ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2044522174654308&correlator=3822884379407341&eid=31067094%2C31065517&output=ldjh&gdfp_req=1&vrg=2022041801&ptt=17&impl=fifs&us_privacy=1---&iu_parts=1254144%3A22489788787%2Cpostureinfohub_com-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90&ifi=8&adks=3506309094&sfv=1-0-38&ecs=20220423&fsapi=false&prev_scp=a%3D%257C1%257C%26iid1%3D7376814837707077%26eid%3D7376814837707077%26t%3D134%26d%3D218032%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D4%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dpostureinfohub_com-medrectangle-2-7376814837707077%26eb_br%3D86802a923a1f32517e4c5d3b6d550271%26eba%3D1%26asau%3D6150187837%26bv%3D23%26bvm%3D0%26bvr%3D3%26shp%3D1%26ftsn%3D3%26br1%3D200%26br2%3D100%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2526%2C2527%2C2763%2C2764%2C2765&eri=1&sc=1&cookie=ID%3De38dec53f7156b61-224ba04b7fcd0077%3AT%3D1650676588%3ART%3D1650676588%3AS%3DALNI_MZ21cPHmGEb9jkzKy6t6ofR-hK91A&abxe=1&dt=1650676589235&lmt=1650676589&dlt=1650676588375&idt=262&biw=1600&bih=1200&adxs=315&adys=1110&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fpostureinfohub.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=970x-1&msz=970x-1&fws=516&ohw=1600&ga_vid=1728887753.1650676589&ga_sid=1650676589&ga_hid=1812489242&ga_fc=true&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

7dd5e00e8359ee3c69493eb0693c1fb8756bb0e70fc8ab62a1fd77d5c992c4eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 01:16:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 233
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://postureinfohub.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 x Show response
api.fouanalytics.com/api/ 0
521 B 279ms
210ms XHR
text/plain 2606:4700:3033::6815:3a2a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.fouanalytics.com/api/x?FxVn68aCGEs3YleK$dXJsJDAkaHR0cHM6Ly9wb3N0dXJlaW5mb2h1Yi5jb20vIiwicmVmZXJyZXIkMCQiLCJhbmNlc3Rvck9yaWdpbnMkMCQiLCJ2aWRlbyQwJDE2MDB4MTIwMHgyNCIsImZyYW1lJDAkMCIsImhpZGRlbiQwJDAiLCJ2aXNpYmlsaXR5U3RhdGUkMCR2aXNpYmxlIiwiaGFzRm9jdXMkMCQxIiwid2luZG93JDAkMTYwMHgxMjAwIiwicGl4ZWxyYXRpbyQwJDEiLCJpbm5lciQwJDE2MDB4MTIwMCIsIm91dGVyJDAkMTYwMHgxMjAwIiwibG9jYWxTdG9yYWdlJDAkMSIsInNlc3Npb25TdG9yYWdlJDEkMSIsImFwcENvZGVOYW1lJDEkTW96aWxsYSIsImFwcE5hbWUkMSROZXRzY2FwZSIsImFwcFZlcnNpb24kMSQ1LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwMC4wLjQ4OTYuMTI3IFNhZmFyaS81MzcuMzYiLCJjb29raWVFbmFibGVkJDEkdHJ1ZSIsImRldmljZU1lbW9yeSQxJDgiLCJkb05vdFRyYWNrJDEkIiwiaGFyZHdhcmVDb25jdXJyZW5jeSQxJDQiLCJsYW5ndWFnZSQxJGVuLVVTIiwicGxhdGZvcm0kMSRMaW51eCB4ODZfNjQiLCJwcm9kdWN0JDEkR2Vja28iLCJwcm9kdWN0U3ViJDEkMjAwMzAxMDciLCJ1c2VyQWdlbnQkMSRNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTAwLjAuNDg5Ni4xMjcgU2FmYXJpLzUzNy4zNiIsInZlbmRvciQxJEdvb2dsZSBJbmMuIiwidmVuZG9yU3ViJDEkIiwibmF2aWdhdG9yLWhhc2gkNSQyNGExMTA1MiIsIm5hdmlnYXRvci10aW1lJDUkMy41Iiwic2VuZEJlYWNvbiQ1JDEiLCJmb250cmVuZGVyJDQyJDEiLCJ0aW1lJDQyJDE2NTA2NzY1ODkxOTYiLCJ0aW1lem9uZSQ0MiQwIiwicGx1Z2lucy10aW1lJDQyJDAiLCJwbHVnaW5zJDQyJGI2ZDA1NTU4IiwibWVtLXRvdGFsSlNIZWFwU2l6ZSQ0MiQyMy4xIiwibWVtLXVzZWRKU0hlYXBTaXplJDQyJDE5LjMiLCJtZW0tanNIZWFwU2l6ZUxpbWl0JDQzJDM3NjAiLCJ0aW1lLWZldGNoU3RhcnQkNDMkMzMxIiwidGltZS1kb21haW5Mb29rdXBTdGFydCQ0MyQzMzEiLCJ0aW1lLWRvbWFpbkxvb2t1cEVuZCQ0MyQzMzkiLCJ0aW1lLWNvbm5lY3RTdGFydCQ0MyQzMzkiLCJ0aW1lLWNvbm5lY3RFbmQkNDMkMzYxIiwidGltZS1zZWN1cmVDb25uZWN0aW9uU3RhcnQkNDMkMzQ2IiwidGltZS1yZXF1ZXN0U3RhcnQkNDMkMzYxIiwidGltZS1yZXNwb25zZVN0YXJ0JDQzJDU0NCIsInRpbWUtcmVzcG9uc2VFbmQkNDMkNTc1IiwidGltZS1kb21Mb2FkaW5nJDQzJDU0NyIsInRpbWUtZG9tSW50ZXJhY3RpdmUkNDMkNjcwIiwidGltZS1kb21Db250ZW50TG9hZGVkRXZlbnRTdGFydCQ0MyQ2NzAiLCJ0aW1lLWRvbUNvbnRlbnRMb2FkZWRFdmVudEVuZCQ0MyQ2NzAiLCJuYXZpZ2F0aW9uLXJlZGlyZWN0Q291bnQkNDMkMCIsIm5hdmlnYXRpb24tdHlwZSQ0MyRuYXZpZ2F0ZSIsImdsb2JhbHMtdGltZSQ1MSQwLjMiLCJnbG9iYWxzJDUxJDc0MDNmZDg2IiwiZG9jdW1lbnQtdGltZSQ1OSQyIiwiZG9jdW1lbnQkNjAkOTAyZDBiYzMiLCJjb25uZWN0aW9uJDYwJCIsImRvd25saW5rTWF4JDYwJCIsImdldFVzZXJNZWRpYSQ2MCQyIiwicGFnZS1mcmFtZS1jb3VudCQ2MSQxMSIsInBhZ2UtZnJhbWUtbGlzdCQ2MSQyNTB4MjUwI2dvb2dsZWFkcy5nLmRvdWJsZWNsaWNrLm5ldCAxMjAweDI4MCNnb29nbGVhZHMuZy5kb3VibGVjbGljay5uZXQgMTIwMHg5MCNnb29nbGVhZHMuZy5kb3VibGVjbGljay5uZXQgMHgwI2JmNWRkZmMwMDAwZDc2OWRkNzM0MmVhZGEzOTZjMzA5LnNhZmVmcmFtZS5nb29nbGVzeW5kaWNhdGlvbi5jb20gMHgwI2dvb2dsZWFkcy5nLmRvdWJsZWNsaWNrLm5ldCAweDAjIDB4MCMgMHgwIyAweDAjIDEyMDB4OTAjZ29vZ2xlYWRzLmcuZG91YmxlY2xpY2submV0IDB4MCNnb29nbGVhZHMuZy5kb3VibGVjbGljay5uZXQiLCJwYWdlLWhhc2gtdGltZSQ2NSQ0LjMiLCJwYWdlLWhhc2gkNjUkYTM3ZWE2Y2IiLCJmb250JDc2JDEwMDAwMDAiLCJzdHlsZS1oYXNoJDc2JDM0ZDc2YTMyIiwic3R5bGUtdGltZSQ3NiQwLjUiLCJhdWRpby1jb2RlYyQ3NiQyMjIxMiIsInZpZGVvLWNvZGVjJDc3JDIyMjAwMCIsImNsb2NrJDkzJDU1NjkiLCJzb3J0JDEwNCQxMC43Iiwic3RhY2skMTA1JDEzOTgzIiwic3RhY2stZXJyb3IkMTA2JFJhbmdlRXJyb3I6IE1heGltdW0gY2FsbCBzdGFjayBzaXplIGV4Y2VlZGVkIiwic3RhY2stdGltZSQxMDYkMS42Iiwid2ViZ2wkMTEwJDEiLCJ3ZWJnbDIkMTEwJDEiLCJ3ZWJnbC12ZW5kb3IkMTEwJEludGVsIEluYy4iLCJ3ZWJnbC1yZW5kZXJlciQxMTAkSW50ZWwgSXJpcyBPcGVuR0wgRW5naW5lIiwid2ViZ2wtZXh0ZW5zaW9ucyQxMTAkYzUzODIwZmUiLCJ3ZWJnbC10aW1lJDExMCQ0LjUiLCJwZXJtaXNzaW9uLWdlb2xvY2F0aW9uJDExMiRwcm9tcHQiLCJiYXR0ZXJ5JDExMyQxIDEgMCBJbmZpbml0eSIsImF1ZGlvY29udGV4dCQxMTYkZjdlNzEyZDkiLCJhdWRpb2NvbnRleHQtdGltZSQxMTYkMjcuNCIsImludGVyc2VjdGlvbi1zaXplJDExNyQxNjAweDEyMDAiLCJpbnRlcnNlY3Rpb24kMTE3JDQ4IiwicGVybWlzc2lvbi1ub3RpZmljYXRpb25zJDExOSRwcm9tcHQiLCJwZXJtaXNzaW9uLWNhbWVyYSQxMTkkcHJvbXB0IiwicGVybWlzc2lvbi1taWNyb3Bob25lJDExOSRwcm9tcHQiLCJwZXJtaXNzaW9uLXBlcnNpc3RlbnQtc3RvcmFnZSQxMTkkcHJvbXB0IiwiZnJhbWVyYXRlJDE4OCQ3MA~~
Requested by: Host: api.fouanalytics.com
URL: https://api.fouanalytics.com/s/pp.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a2a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 01:16:29 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: *
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XQyn7iPbZJnaoAgcW979Il5iu6M13yJQuD2MCi63zVNGTQtU6yPTxYA2mCKOYjnSm5FzCucCj7blyCCg2sOdNBx5P6RsJDrvUbsg1EX1mH1U7YHgQNN%2BjjG1v93MwtJoae1iC5OXEZw2MZ1i%2FE%2B4nsjzFA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7002c10cbe9e375b-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=postureinfohub.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 23 Apr 2022 01:16:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=postureinfohub.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 23 Apr 2022 01:16:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 120 KB
33 KB 525ms
525ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2044522174654308&correlator=3501372739167208&eid=31067094%2C31065517&output=ldjh&gdfp_req=1&vrg=2022041801&ptt=17&impl=fifs&us_privacy=1---&iu_parts=1254144%3A22489788787%2Cpostureinfohub_com-pixel1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=9&adks=2170752990&sfv=1-0-38&ecs=20220423&ists=1&fas=8&fsapi=false&prev_scp=ga%3D2497208%26tap%3Dpostureinfohub_com-pixel1-8577832379742550%26ezoic%3D1%26eb_br%3Da495ce7dbb4cefcd3e0a722048894f41%26ap%3D9999%26iid1%3D8577832379742550%26bra%3Dmod1&eri=1&sc=1&cookie=ID%3De38dec53f7156b61-224ba04b7fcd0077%3AT%3D1650676588%3ART%3D1650676588%3AS%3DALNI_MZ21cPHmGEb9jkzKy6t6ofR-hK91A&abxe=1&dt=1650676589495&lmt=1650676589&dlt=1650676588375&idt=262&biw=1600&bih=1200&adxs=-9&adys=-9&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fpostureinfohub.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1728887753.1650676589&ga_sid=1650676589&ga_hid=1812489242&ga_fc=true&btvi=-1&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

7a05542d728b360ce8f1e0491d01030c5809ae2f2b8a133c28bd63eaf71a21c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 01:16:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33332
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://postureinfohub.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubads_impl_page_level_ads_2022041801.js Show response
securepubads.g.doubleclick.net/gpt/ 35 KB
13 KB 7ms
6ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022041801.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

sffe /

Resource Hash

294d469e73c0d495bf74e979c340d8c18a45d4b2bc8de4a651a495c0e0b3fd90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 10:32:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 398613
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13271
x-xss-protection: 0
last-modified: Mon, 18 Apr 2022 08:34:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 18 Apr 2023 10:32:56 GMT

GET
H2 200 greenoaks.gif Show response
postureinfohub.com/detroitchicago/ 0
64 B 8ms
7ms XHR
text/plain 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://postureinfohub.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI0OTQ3NzUzNC0xOTVlLTQwODUtN2IwYi02MGY3NGI5MTg4MjciLCJkb21haW5faWQiOiIyMTgwMzIiLCJ0X2Vwb2NoIjoxNjUwNjc2NTg4LCJkYXRhIjpbeyJuYW1lIjoiZGV2aWNlX3dpZHRoIiwidmFsIjoiMTYwMCJ9LHsibmFtZSI6ImRldmljZV9oZWlnaHQiLCJ2YWwiOiIxMjAwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiNDk0Nzc1MzQtMTk1ZS00MDg1LTdiMGItNjBmNzRiOTE4ODI3IiwiZG9tYWluX2lkIjoiMjE4MDMyIiwidF9lcG9jaCI6MTY1MDY3NjU4OCwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjItMDQtMjMifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIxIn0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjYifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjQ5NDc3NTM0LTE5NWUtNDA4NS03YjBiLTYwZjc0YjkxODgyNyIsImRvbWFpbl9pZCI6IjIxODAzMiIsInRfZXBvY2giOjE2NTA2NzY1ODgsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV90YWciLCJ2YWwiOiJlbi1VUyJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjQ5NDc3NTM0LTE5NWUtNDA4NS03YjBiLTYwZjc0YjkxODgyNyIsImRvbWFpbl9pZCI6IjIxODAzMiIsInRfZXBvY2giOjE2NTA2NzY1ODgsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV9wcmltYXJ5X3N1YnRhZyIsInZhbCI6ImVuIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiNDk0Nzc1MzQtMTk1ZS00MDg1LTdiMGItNjBmNzRiOTE4ODI3IiwiZG9tYWluX2lkIjoiMjE4MDMyIiwidF9lcG9jaCI6MTY1MDY3NjU4OCwiZGF0YSI6W3sibmFtZSI6InRpbWVyX2ZpcnN0X2FkX3JlcXVlc3QiLCJ2YWwiOiIxMTU5In1dfV0=
Requested by: Host: postureinfohub.com
URL: https://postureinfohub.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y36-23y55-1y59-21y5d-20&cmbcb=48&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x36x55x59x5d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-middleton-display: ezp_sol
date: Sat, 23 Apr 2022 01:16:28 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
expires: Fri, 22 Apr 2022 01:16:28 GMT
content-length: 0
vary: Accept-Encoding, Accept-Encoding
content-type: text/plain; charset=utf-8

GET
H2 200 dark-bottom.css
postureinfohub.com/ezoic/styles/ 3 KB
850 B 10ms
10ms Stylesheet
text/css 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://postureinfohub.com/ezoic/styles/dark-bottom.css
Requested by: Host: postureinfohub.com
URL: https://postureinfohub.com/ezoic/cookieconsent.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: 94edf973e9deb80b5eccf17f8f3108eafe15209fe25fe417e8f8962a4d8f48b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 01:16:29 GMT
content-encoding: br
last-modified: Thu, 14 Apr 2022 18:12:37 GMT
server: Apache/2.4.39 (Ubuntu)
etag: "bd7-5dca13d216f40-gzip"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, public
accept-ranges: bytes
x-robots-tag: noindex
content-length: 725

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 35ms
20ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220420&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

073d13119d19ef3bed0baa15848269e79ef9448660aab4d8913c782c596d6fd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 23 Apr 2022 01:16:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10626
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 54ms
27ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 01:16:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 23 Apr 2022 01:16:29 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D18F 13 KB
5 KB 23ms
7ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://postureinfohub.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 7294
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 22 Apr 2022 23:14:55 GMT
expires: Sat, 22 Apr 2023 23:14:55 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame CF8E 783 B
1 KB 37ms
16ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d92bd906f0bd475afa7747a41c21b11fde8beb27d8c475f5db0335dd1d4f3d30

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-FRaVieD6UMeWba/BsDJ3HA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://postureinfohub.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-FRaVieD6UMeWba/BsDJ3HA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 23 Apr 2022 01:16:29 GMT
expires: Sat, 23 Apr 2022 01:16:29 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 d_XgMe7_8DX3JscHlpumBxzOcHqlAtWKp75Cu0r3_I4.js Show response
pagead2.googlesyndication.com/bg/ Frame D18F 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/d_XgMe7_8DX3JscHlpumBxzOcHqlAtWKp75Cu0r3_I4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77f5e031eefff035f726c707969ba6071cce707aa502d58aa7be42bb4af7fc8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 23:14:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7293
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13694
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Apr 2023 23:14:56 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame CF8E 0
0 200ms
199ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220420&jk=2044522174654308&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

POST
H3 200 x
api.fouanalytics.com/api/ 0
523 B 256ms
199ms Ping
text/plain 2606:4700:3033::6815:3a2a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.fouanalytics.com/api/x?FxVn68aCGEs3YleK$YWRibG9jayQ0MjEkMA~~
Requested by: Host: api.fouanalytics.com
URL: https://api.fouanalytics.com/s/pp.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a2a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 01:16:29 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: *
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kxsP6qy0VGK7NO6bf5zLBnkaJltcPuFt9zcdLw4c8muZ2xoZxjTZsQCDG5beaK%2BgV2cxgazsk2Oj2xFi%2BXGahfV%2FKAUxAEjrxWB1AYdyxmThFxugm5LJawgbORvwEnkmVLynTWuInmYxhNUk2zY%2FZyK5Og%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7002c10e3cff3755-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 slideinad. Show response
fundingchoicesmessages.google.com/f/AGSKWxVIKHYPEViCUDEyzgHuHMBwZQRavlK3CsQ4gIyHMaXEvf79D15vGYUvc4QySyOTUVC1Ui4SSzoijzKMd1Im0Y3Lx-kEEcHhTLBk5p2ZD2Hie2HF-_RHNHH5QCMFeAojYfZ6Zrp1saN6rGSqudAasuk9J5cxz... 54 B
108 B 21ms
21ms Script
application/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVIKHYPEViCUDEyzgHuHMBwZQRavlK3CsQ4gIyHMaXEvf79D15vGYUvc4QySyOTUVC1Ui4SSzoijzKMd1Im0Y3Lx-kEEcHhTLBk5p2ZD2Hie2HF-_RHNHH5QCMFeAojYfZ6Zrp1saN6rGSqudAasuk9J5cxz2s084Ty_QenAAU68pPCLfvYclSN4ec4j0YhSm8FZrp6hBiUDh3buj_SfCdb3eEuLQV8ciWFTEOewBKkeBo=/_/yahoo_overture./as3overstreamplatformadapter./300x250ad._id/ads//slideinad.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.lJSEkbsatms.es5.O/d=1/rs=AJlcJMyPIKOX0oVuUaEh_MjWOpg2B0V0eg/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b58745444487eb62b6b6f51e9554512fd70002b581320a1651fe669f88dab66f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2CJ4TaHVKXFPSZ/ZZCpA1A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-2CJ4TaHVKXFPSZ/ZZCpA1A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

content-security-policy: script-src 'report-sample' 'nonce-2CJ4TaHVKXFPSZ/ZZCpA1A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-2CJ4TaHVKXFPSZ/ZZCpA1A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options: SAMEORIGIN
date: Sat, 23 Apr 2022 01:16:29 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 google_top_exp.js Show response
pagead2.googlesyndication.com/pagead/js/ 47 B
93 B 7ms
7ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js?fcd=true

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.lJSEkbsatms.es5.O/d=1/rs=AJlcJMyPIKOX0oVuUaEh_MjWOpg2B0V0eg/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 15:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35684
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
server: cafe
etag: 13036835877489095579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 06 May 2022 15:21:45 GMT

POST
H3 204 AGSKWxVVmuKuEuWi0na03iLxDhuvcFRqS_evcSo2_Tj2OzEHp6tU6LoCWTXZDVQUch0muIECGlr40vffbaCMqz7gKzADokgxiJgbaZuCA9TEttVtL5sntf6JYCzIyRGWygJZPd5o0Ie0QwwopdejBv9S3AD2ONzaO9B9X1u1dPcA_cNC5c_0BpbmZ48A38H3 Show response
fundingchoicesmessages.google.com/el/ 0
29 B 20ms
20ms XHR
text/html 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVVmuKuEuWi0na03iLxDhuvcFRqS_evcSo2_Tj2OzEHp6tU6LoCWTXZDVQUch0muIECGlr40vffbaCMqz7gKzADokgxiJgbaZuCA9TEttVtL5sntf6JYCzIyRGWygJZPd5o0Ie0QwwopdejBv9S3AD2ONzaO9B9X1u1dPcA_cNC5c_0BpbmZ48A38H3

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.lJSEkbsatms.es5.O/d=1/rs=AJlcJMyPIKOX0oVuUaEh_MjWOpg2B0V0eg/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-VoofFeKz08UlcIhttpjh/w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-VoofFeKz08UlcIhttpjh/w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://postureinfohub.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 23 Apr 2022 01:16:29 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
access-control-allow-origin: https://postureinfohub.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'report-sample' 'nonce-VoofFeKz08UlcIhttpjh/w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-VoofFeKz08UlcIhttpjh/w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVVmuKuEuWi0na03iLxDhuvcFRqS_evcSo2_Tj2OzEHp6tU6LoCWTXZDVQUch0muIECGlr40vffbaCMqz7gKzADokgxiJgbaZuCA9TEttVtL5sntf6JYCzIyRGWygJZPd5o0Ie0QwwopdejBv9S3AD2ONzaO9B9X1u1dPcA_cNC5c_0BpbmZ48A38H3 Show response
fundingchoicesmessages.google.com/el/ 0
28 B 53ms
53ms XHR
text/html 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.lJSEkbsatms.es5.O/d=1/rs=AJlcJMyPIKOX0oVuUaEh_MjWOpg2B0V0eg/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9eJbDHJq8S3CXKu+eG9/NA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-9eJbDHJq8S3CXKu+eG9/NA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://postureinfohub.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 23 Apr 2022 01:16:29 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://postureinfohub.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'report-sample' 'nonce-9eJbDHJq8S3CXKu+eG9/NA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-9eJbDHJq8S3CXKu+eG9/NA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D18F 0
9 B 7ms
7ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?sb-xXg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 01:16:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H3 204 AGSKWxVVmuKuEuWi0na03iLxDhuvcFRqS_evcSo2_Tj2OzEHp6tU6LoCWTXZDVQUch0muIECGlr40vffbaCMqz7gKzADokgxiJgbaZuCA9TEttVtL5sntf6JYCzIyRGWygJZPd5o0Ie0QwwopdejBv9S3AD2ONzaO9B9X1u1dPcA_cNC5c_0BpbmZ48A38H3 Show response
fundingchoicesmessages.google.com/el/ 0
28 B 30ms
30ms XHR
text/html 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.lJSEkbsatms.es5.O/d=1/rs=AJlcJMyPIKOX0oVuUaEh_MjWOpg2B0V0eg/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-EKA0kd2RqaVwdGFN0mKUMQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-EKA0kd2RqaVwdGFN0mKUMQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://postureinfohub.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 23 Apr 2022 01:16:29 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://postureinfohub.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'report-sample' 'nonce-EKA0kd2RqaVwdGFN0mKUMQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-EKA0kd2RqaVwdGFN0mKUMQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxWARIp1wXoDiDBxoOlkQMHJ-YFJRQsXjuEUJv8OifQgpil3wN3CvMJ7hPVANVxf3VwNn7XHkTyOi4T-_T83Zu4Xzc9zNMRddNgYwZi80t5EjsSD5U4MbppJC9x8X7V3w_bFri8fF3NPAANBnUFGzCx6BKTjeWvpPNTo6QFXpQlIkKpSAfs5e031UWhL Show response
fundingchoicesmessages.google.com/f/ 39 KB
15 KB 28ms
28ms Script
application/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWARIp1wXoDiDBxoOlkQMHJ-YFJRQsXjuEUJv8OifQgpil3wN3CvMJ7hPVANVxf3VwNn7XHkTyOi4T-_T83Zu4Xzc9zNMRddNgYwZi80t5EjsSD5U4MbppJC9x8X7V3w_bFri8fF3NPAANBnUFGzCx6BKTjeWvpPNTo6QFXpQlIkKpSAfs5e031UWhL?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjUwNjc2NTg5LDgxNzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTAsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLDEsMSxudWxsLG51bGwsMV0sImh0dHBzOi8vcG9zdHVyZWluZm9odWIuY29tLyIsbnVsbCxbXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.lJSEkbsatms.es5.O/d=1/rs=AJlcJMyPIKOX0oVuUaEh_MjWOpg2B0V0eg/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

97bf5749190f524898f4ba631cf8f8ed7ff90c2a05c02e032ca554b0ae03345f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-FxvdODXD8eV2PTSiWSEEzw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-FxvdODXD8eV2PTSiWSEEzw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 01:16:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: application/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'report-sample' 'nonce-FxvdODXD8eV2PTSiWSEEzw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-FxvdODXD8eV2PTSiWSEEzw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVVmuKuEuWi0na03iLxDhuvcFRqS_evcSo2_Tj2OzEHp6tU6LoCWTXZDVQUch0muIECGlr40vffbaCMqz7gKzADokgxiJgbaZuCA9TEttVtL5sntf6JYCzIyRGWygJZPd5o0Ie0QwwopdejBv9S3AD2ONzaO9B9X1u1dPcA_cNC5c_0BpbmZ48A38H3 Show response
fundingchoicesmessages.google.com/el/ 0
29 B 56ms
56ms XHR
text/html 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.lJSEkbsatms.es5.O/d=1/rs=AJlcJMyPIKOX0oVuUaEh_MjWOpg2B0V0eg/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-y44yRhLHSOdfiGhyNfYDeA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-y44yRhLHSOdfiGhyNfYDeA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://postureinfohub.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 23 Apr 2022 01:16:29 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
access-control-allow-origin: https://postureinfohub.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-y44yRhLHSOdfiGhyNfYDeA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-y44yRhLHSOdfiGhyNfYDeA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXW6G_Jp2snHHd2bzo_QseeOgx904_5V8vdnVhk9yC-tMR-V2h8BR_FezvYpqCQ22dhCGeEsVrOI-aPyRSkDJF-852ck3vw-lNpqXp_hXMPn03sf7K2AeqWzZ9r0aEcBUq13Y4bhzG2ZajzXaaep1s6k9WOcUR5uLThhWOhMMPybiPerFtHPAR6OX2I Show response
fundingchoicesmessages.google.com/el/ 0
29 B 20ms
20ms XHR
text/html 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXW6G_Jp2snHHd2bzo_QseeOgx904_5V8vdnVhk9yC-tMR-V2h8BR_FezvYpqCQ22dhCGeEsVrOI-aPyRSkDJF-852ck3vw-lNpqXp_hXMPn03sf7K2AeqWzZ9r0aEcBUq13Y4bhzG2ZajzXaaep1s6k9WOcUR5uLThhWOhMMPybiPerFtHPAR6OX2I

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingCookieRefreshClientJs.de.OTLk2v7F8YA.es5.O/d=1/rs=AJlcJMzJWA10wfOO19LSzBhBC8efgWq_-g/m=cookie_refresh

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-w7bUREqrN3+i+4TOCmMyhg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-w7bUREqrN3+i+4TOCmMyhg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://postureinfohub.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 23 Apr 2022 01:16:29 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
access-control-allow-origin: https://postureinfohub.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'report-sample' 'nonce-w7bUREqrN3+i+4TOCmMyhg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-w7bUREqrN3+i+4TOCmMyhg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F42D 6 KB
3 KB 26ms
11ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://postureinfohub.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 23 Apr 2022 01:16:29 GMT
expires: Sun, 23 Apr 2023 01:16:29 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 greenoaks.gif Show response
postureinfohub.com/detroitchicago/ 0
41 B 9ms
8ms XHR
text/plain 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://postureinfohub.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI0OTQ3NzUzNC0xOTVlLTQwODUtN2IwYi02MGY3NGI5MTg4MjciLCJkb21haW5faWQiOiIyMTgwMzIiLCJ0X2Vwb2NoIjoxNjUwNjc2NTg4LCJkYXRhIjpbeyJuYW1lIjoibmF2aWdhdGlvbl90eXBlIiwidmFsIjoiMCJ9LHsibmFtZSI6InJlZGlyZWN0X2NvdW50IiwidmFsIjoiMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjQ5NDc3NTM0LTE5NWUtNDA4NS03YjBiLTYwZjc0YjkxODgyNyIsImRvbWFpbl9pZCI6IjIxODAzMiIsInRfZXBvY2giOjE2NTA2NzY1ODgsImRhdGEiOlt7Im5hbWUiOiJwZXJmX2lzX3RyYWNrZWQiLCJ2YWwiOiIxIn0seyJuYW1lIjoicGVyZl9uYXZfdG9fY29ubmVjdCIsInZhbCI6IjM2MSJ9LHsibmFtZSI6InBlcmZfY29ubmVjdF90b19yZXNwX3N0YXJ0IiwidmFsIjoiNTQ1In0seyJuYW1lIjoicGVyZl9yZXNwX3RpbWUiLCJ2YWwiOiIzMSJ9LHsibmFtZSI6InBlcmZfaW50ZXJhY3RpdmUiLCJ2YWwiOiI5NSJ9LHsibmFtZSI6InBlcmZfY29udGVudGxvYWRlZCIsInZhbCI6Ijk1In0seyJuYW1lIjoicGVyZl9jb21wbGV0ZSIsInZhbCI6IjExNzIifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI0OTQ3NzUzNC0xOTVlLTQwODUtN2IwYi02MGY3NGI5MTg4MjciLCJkb21haW5faWQiOiIyMTgwMzIiLCJ0X2Vwb2NoIjoxNjUwNjc2NTg4LCJkYXRhIjpbeyJuYW1lIjoiZmlyc3RfcGFpbnQiLCJ2YWwiOiI2ODEifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI0OTQ3NzUzNC0xOTVlLTQwODUtN2IwYi02MGY3NGI5MTg4MjciLCJkb21haW5faWQiOiIyMTgwMzIiLCJ0X2Vwb2NoIjoxNjUwNjc2NTg4LCJkYXRhIjpbeyJuYW1lIjoiZmlyc3RfY29udGVudGZ1bF9wYWludCIsInZhbCI6IjY4MSJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjQ5NDc3NTM0LTE5NWUtNDA4NS03YjBiLTYwZjc0YjkxODgyNyIsImRvbWFpbl9pZCI6IjIxODAzMiIsInRfZXBvY2giOjE2NTA2NzY1ODgsImRhdGEiOlt7Im5hbWUiOiJjb25uZWN0aW9uX2VmZmVjdGl2ZV90eXBlIiwidmFsIjoiNGcifV19XQ==
Requested by: Host: postureinfohub.com
URL: https://postureinfohub.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y36-23y55-1y59-21y5d-20&cmbcb=48&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x36x55x59x5d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-middleton-display: ezp_sol
date: Sat, 23 Apr 2022 01:16:29 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
expires: Fri, 22 Apr 2022 01:16:29 GMT
content-length: 0
vary: Accept-Encoding, Accept-Encoding
content-type: text/plain; charset=utf-8

GET
H2 200 greenoaks.gif Show response
postureinfohub.com/detroitchicago/ 0
18 B 9ms
8ms XHR
text/plain 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://postureinfohub.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI0OTQ3NzUzNC0xOTVlLTQwODUtN2IwYi02MGY3NGI5MTg4MjciLCJkb21haW5faWQiOiIyMTgwMzIiLCJ0X2Vwb2NoIjoxNjUwNjc2NTg4LCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9kb3dubGluayIsInZhbCI6IjkuMiJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjQ5NDc3NTM0LTE5NWUtNDA4NS03YjBiLTYwZjc0YjkxODgyNyIsImRvbWFpbl9pZCI6IjIxODAzMiIsInRfZXBvY2giOjE2NTA2NzY1ODgsImRhdGEiOlt7Im5hbWUiOiJjb25uZWN0aW9uX3J0dCIsInZhbCI6IjAifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI0OTQ3NzUzNC0xOTVlLTQwODUtN2IwYi02MGY3NGI5MTg4MjciLCJkb21haW5faWQiOiIyMTgwMzIiLCJ0X2Vwb2NoIjoxNjUwNjc2NTg4LCJkYXRhIjpbeyJuYW1lIjoidGltZXJfZmlyc3RfYWRfbG9hZCIsInZhbCI6IjE2NTUifV19XQ==
Requested by: Host: postureinfohub.com
URL: https://postureinfohub.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y36-23y55-1y59-21y5d-20&cmbcb=48&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x36x55x59x5d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-middleton-display: ezp_sol
date: Sat, 23 Apr 2022 01:16:27 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
expires: Fri, 22 Apr 2022 01:16:27 GMT
content-length: 0
vary: Accept-Encoding, Accept-Encoding
content-type: text/plain; charset=utf-8

GET
H2 200 army.gif Show response
postureinfohub.com/porpoiseant/ 0
18 B 8ms
8ms XHR
text/plain 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://postureinfohub.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiODU3NzgzMjM3OTc0MjU1MCIsImRvbWFpbl9pZCI6IjIxODAzMiIsInVuaXQiOiJwb3N0dXJlaW5mb2h1Yl9jb20tcGl4ZWwxIiwidF9lcG9jaCI6MTY1MDY3NjU4OCwiYXVjdGlvbl9lcG9jaCI6MTY1MDY3NjU5MCwiYWRfcG9zaXRpb24iOjk5OTksImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI0OTQ3NzUzNC0xOTVlLTQwODUtN2IwYi02MGY3NGI5MTg4MjciLCJiaWRfZmxvb3JfaW5pdGlhbCI6bnVsbCwiYmlkX2Zsb29yX3ByZXYiOm51bGwsImJpZF9mbG9vcl9maWxsZWQiOm51bGwsImF1Y3Rpb25fY291bnQiOjEsInJlZnJlc2hfYWRfY291bnQiOjAsImF1Y3Rpb25fZHVyYXRpb24iOjU0NywibXVsdGlfYWRfdW5pdCI6bnVsbCwibXVsdGlfYWRfY291bnQiOm51bGwsIm5ldHdvcmtfY29kZSI6MTI1NDE0NCwiZGF0YSI6W3sibmFtZSI6IiIsInZhbCI6IiJ9XSwibGluZV9pdGVtX2lkIjoyODY4NzI3NH1d
Requested by: Host: postureinfohub.com
URL: https://postureinfohub.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y36-23y55-1y59-21y5d-20&cmbcb=48&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x36x55x59x5d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-middleton-display: ezp_sol
date: Sat, 23 Apr 2022 01:16:29 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
expires: Fri, 22 Apr 2022 01:16:29 GMT
content-length: 0
vary: Accept-Encoding, Accept-Encoding
content-type: text/plain; charset=utf-8

GET
H3 200 css2
fonts.googleapis.com/ Frame F42D 4 KB
634 B 18ms
18ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com
URL: https://bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 22 Apr 2022 23:52:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 23 Apr 2022 01:16:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 23 Apr 2022 01:16:30 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame AFBD 6 KB
670 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com
URL: https://bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 23 Apr 2022 01:07:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 23 Apr 2022 01:16:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 23 Apr 2022 01:16:30 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/ Frame AFBD 2 KB
904 B 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com
URL: https://bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 00:19:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3402
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 07 May 2022 00:19:48 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220420/r20110914/ Frame AFBD 19 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220420/r20110914/abg_lite_fy2019.js

Requested by

Host: bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com
URL: https://bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 00:04:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4346
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8002
x-xss-protection: 0
server: cafe
etag: 5332015062585099865
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 07 May 2022 00:04:04 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/ Frame AFBD 3 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/window_focus_fy2019.js

Requested by

Host: bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com
URL: https://bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 00:51:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1479
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 07 May 2022 00:51:51 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AFBD 119 KB
37 KB 62ms
18ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com
URL: https://bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef2e3293c1558e5b49e30e1e094cfc3412ec386a68067aee04a92fc913f2c2ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 01:16:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36950
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1650454428054601"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 23 Apr 2022 01:16:30 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/ Frame AFBD 15 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com
URL: https://bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 01:00:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 934
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6409
x-xss-protection: 0
server: cafe
etag: 15284592792851369840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 07 May 2022 01:00:56 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame AFBD 0
0 32ms
16ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR48-Kk2ZF7zgNWoCmcJoQCitjAicSjDTgMwm7hMeuRlkhfKtwI7zvALrki_wmOpuz99IhrC9e5JrVFwAF-LANfrg2pQg
Requested by: Host: bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com
URL: https://bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

GET
H2 200 3bde1d5944145a46a8b91d920db5ec4d.js Show response
www.gstatic.com/mysidia/ Frame AFBD 30 KB
13 KB 40ms
7ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3bde1d5944145a46a8b91d920db5ec4d.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com
URL: https://bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f748110cf8280254c6705d7cf18de8b04369c521d9db43e63897e531c283578d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 14:06:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 126608
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12194
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 05:04:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 20 Jul 2022 14:06:22 GMT

GET
H3 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220420/r20110914/elements/html/ Frame F42D 19 KB
8 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220420/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com
URL: https://bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1240106b570dda5fdb8cf5e703d20b1068194eb2f18795e20fa85fcb96108fdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 01:05:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 643
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 13275616604445095965
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 07 May 2022 01:05:47 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame F42D 205 B
518 B 38ms
8ms Image
image/png 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com
URL: https://bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 00:28:10 GMT
x-content-type-options: nosniff
age: 2900
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 23 Apr 2023 00:28:10 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame F42D 604 B
694 B 39ms
9ms Image
image/png 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com
URL: https://bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 23:48:44 GMT
x-content-type-options: nosniff
age: 5266
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 22 Apr 2023 23:48:44 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B85C 1 KB
749 B 8ms
7ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com
URL: https://bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 69766
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 22 Apr 2022 05:53:44 GMT
etag: 48472445140208031
expires: Sat, 23 Apr 2022 05:53:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame B85C
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEPFs2hheJv_SsGkyxApkav0&google_cver=1&google_push=AYg5qPKP8Z_23L-0jT5FWJSHmVSl8ojlOn2PBMBJCqzD6g-cZrWJxZu0_GFd1I150G3GThSYEP8_scFYXmRypkNBrAo0r-o0Ih8X&...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPFs2hheJv_SsGkyxApkav0&google_cver=1&google_push=AYg5qPKP8Z_23L-0jT5FWJSHmVSl8ojlOn2PBMBJCqzD6g-cZrWJxZu0_GFd1I150G3GThSYEP8_scFYXmRypkNBrAo0r-o0Ih8...

43 B
411 B

209ms
191ms

Image
image/gif

2606:4700:4400::ac40:98f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPFs2hheJv_SsGkyxApkav0&google_cver=1&google_push=AYg5qPKP8Z_23L-0jT5FWJSHmVSl8ojlOn2PBMBJCqzD6g-cZrWJxZu0_GFd1I150G3GThSYEP8_scFYXmRypkNBrAo0r-o0Ih8X&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPKP8Z_23L-0jT5FWJSHmVSl8ojlOn2PBMBJCqzD6g-cZrWJxZu0_GFd1I150G3GThSYEP8_scFYXmRypkNBrAo0r-o0Ih8X%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Apr 2022 01:16:31 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 7002c1171f3b01db-ZRH
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 23 Apr 2022 01:16:31 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 7002c1115c1e01db-ZRH
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPFs2hheJv_SsGkyxApkav0&google_cver=1&google_push=AYg5qPKP8Z_23L-0jT5FWJSHmVSl8ojlOn2PBMBJCqzD6g-cZrWJxZu0_GFd1I150G3GThSYEP8_scFYXmRypkNBrAo0r-o0Ih8X&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPKP8Z_23L-0jT5FWJSHmVSl8ojlOn2PBMBJCqzD6g-cZrWJxZu0_GFd1I150G3GThSYEP8_scFYXmRypkNBrAo0r-o0Ih8X%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control: no-cache, private
content-type: text/html
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame B85C 0
173 B 36ms
14ms Image
text/plain 34.96.105.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESECcMmAinNggfgeTYuDkG-YM&google_cver=1&google_push=AYg5qPJPHU7HLS_nrYZap85QWLTbcEY6OITvNNln-FxW5lLixyc2CdToqIolo-oaSgGs6FWnrmPIJuWeFrx6BC_tC9C02TUitgM7
Requested by: Host: bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com
URL: https://bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 01:16:30 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B85C
Redirect Chain

https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEPnZloTaOsqABn3NbgJLPvg&google_cver=1&google_push=AYg5qPLeEoeEAnhU1eYbhgIgSy55-jtMwkMD44_CZDPu9aEBrmxjLJOGY9RFekrJXEOdgf-D5MOsBP3TOmR...
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AYg5qPLeEoeEAnhU1eYbhgIgSy55-jtMwkMD44_CZDPu9aEBrmxjLJOGY9RFekrJXEOdgf-D5MOsBP3TOmRtVyYvS3Q0e3yxADBE

170 B
188 B

18ms
17ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AYg5qPLeEoeEAnhU1eYbhgIgSy55-jtMwkMD44_CZDPu9aEBrmxjLJOGY9RFekrJXEOdgf-D5MOsBP3TOmRtVyYvS3Q0e3yxADBE

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Apr 2022 01:16:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AYg5qPLeEoeEAnhU1eYbhgIgSy55-jtMwkMD44_CZDPu9aEBrmxjLJOGY9RFekrJXEOdgf-D5MOsBP3TOmRtVyYvS3Q0e3yxADBE
Date: Sat, 23 Apr 2022 01:16:31 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B85C
Redirect Chain

https://sync3.sniperlog.ru/?src=ggl_nga&google_gid=CAESEDhGiAeTZVn9vAe_vOihgZM&google_cver=1&google_push=AYg5qPILYmWytvcwMwGT_OrvvQNNxLdffVK2pTUcUZOS4JZQPswvCoq-Blm1u-SgyXIsX79O7JC608wG_lSHY_GdoWbB...
https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_push=AYg5qPILYmWytvcwMwGT_OrvvQNNxLdffVK2pTUcUZOS4JZQPswvCoq-Blm1u-SgyXIsX79O7JC608wG_lSHY_GdoWbBZ2ybjQcX

170 B
188 B

41ms
18ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_push=AYg5qPILYmWytvcwMwGT_OrvvQNNxLdffVK2pTUcUZOS4JZQPswvCoq-Blm1u-SgyXIsX79O7JC608wG_lSHY_GdoWbBZ2ybjQcX

Requested by

Host: bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com
URL: https://bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Apr 2022 01:16:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 23 Apr 2022 01:16:30 GMT
Server: nginx
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_push=AYg5qPILYmWytvcwMwGT_OrvvQNNxLdffVK2pTUcUZOS4JZQPswvCoq-Blm1u-SgyXIsX79O7JC608wG_lSHY_GdoWbBZ2ybjQcX
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B85C
Redirect Chain

https://google-sync.rutarget.ru/sync?google_gid=CAESEP6nen0noNC2TuAAFkXlnzs&google_cver=1&google_push=AYg5qPIXppWcZb3r65_-OkO2TOLg-_zWawtl8BP80Iy7-3m1T0wHFM_-V77opxBzqJSZzWDK5F-t8jv9hAK34LdA0UoVjxy...
https://cm.g.doubleclick.net/pixel?google_nid=segmentoru&google_hm=RS1NbHU3MWVsQnQy&google_ula=2046794&google_push=AYg5qPIXppWcZb3r65_-OkO2TOLg-_zWawtl8BP80Iy7-3m1T0wHFM_-V77opxBzqJSZzWDK5F-t8jv9hA...

170 B
188 B

106ms
105ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=segmentoru&google_hm=RS1NbHU3MWVsQnQy&google_ula=2046794&google_push=AYg5qPIXppWcZb3r65_-OkO2TOLg-_zWawtl8BP80Iy7-3m1T0wHFM_-V77opxBzqJSZzWDK5F-t8jv9hAK34LdA0UoVjxy2wUbL

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Apr 2022 01:16:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=segmentoru&google_hm=RS1NbHU3MWVsQnQy&google_ula=2046794&google_push=AYg5qPIXppWcZb3r65_-OkO2TOLg-_zWawtl8BP80Iy7-3m1T0wHFM_-V77opxBzqJSZzWDK5F-t8jv9hAK34LdA0UoVjxy2wUbL
date: Sat, 23 Apr 2022 01:16:30 GMT
server: nginx
content-length: 0
p3p: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B85C
Redirect Chain

https://ads.avads.net/sync/ggl?google_gid=CAESEIku2PU0XAVgd09VpDsaXew&google_cver=1&google_push=AYg5qPK-UgaEQkn5BKG3K6P11W4ISm_Ezl9aZW1NEoZ_OC68Kd92LAYPRv0CPC8uV9QkbklPJ8AFaCV7dDg2khiE1hHrSeYKC-am
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=ZmE2ODcwMTItNDNhNS00YzI5LWIyNzctZDIzY2Y0ZjYxZDg5&google_push=AYg5qPK-UgaEQkn5BKG3K6P11W4ISm_Ezl9aZW1NEoZ_OC68Kd92LAYPRv0CPC8uV9Qkbkl...

170 B
188 B

34ms
18ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=ZmE2ODcwMTItNDNhNS00YzI5LWIyNzctZDIzY2Y0ZjYxZDg5&google_push=AYg5qPK-UgaEQkn5BKG3K6P11W4ISm_Ezl9aZW1NEoZ_OC68Kd92LAYPRv0CPC8uV9QkbklPJ8AFaCV7dDg2khiE1hHrSeYKC-am

Requested by

Host: bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com
URL: https://bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Apr 2022 01:16:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=ZmE2ODcwMTItNDNhNS00YzI5LWIyNzctZDIzY2Y0ZjYxZDg5&google_push=AYg5qPK-UgaEQkn5BKG3K6P11W4ISm_Ezl9aZW1NEoZ_OC68Kd92LAYPRv0CPC8uV9QkbklPJ8AFaCV7dDg2khiE1hHrSeYKC-am
date: Sat, 23 Apr 2022 01:16:29 GMT
x-envoy-upstream-service-time: 6
server: istio-envoy
content-length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame B85C 0
223 B 39ms
17ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KG1UyxjXmtE-2FJndX5v4R414kSZOLje05XaQ8VgJyo5WM3WfyEhclkNl-RAyCbcI

Requested by

Host: bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com
URL: https://bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 01:16:30 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 46ms
46ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220420&jk=2044522174654308&bg=!PzylPHjNAAYXWUUuN1k7ACkAdvg8WlBR2OJD3uudPVUruLM9jTWCPbIKitLxlADAJ2BTjsWVKD5TsAIAAABZUgAAAAJoAQcKAFcdOXc4SfIVGir8vuLvfmYxHjS9JlaxkaeTMrEXTERWkaVCb8eM41H3OXznk6q3ReNghYDh2Bz9cIdm5PrIrKJbDyfnfFA_a9SXnedPmvjoYvJldPYOxLiZAq-B0D9KKhwSh7bP9kg-3K58LxfB8_slOuc4CiLNghmWtmVJU2Nq6Khl4qi6RzKiCGtdK94PDsKXl9yG_P9fjCWB9CLiyP8nZHghnBSQ2dpRoL0IZ99QisNWWDfx2gihIpeNvtYF_Zp5uwkFz21U7U6lg-eD_uOJi9bD0MbMuSkFV7dX1THtjNFZoGcfYi8QV-U2uOSzXGDc1uuLjohG8r1iDndcoeqfQBUZOC6G6DNTJClm4oKyOkUtQdisfPXtDif0vpbSEw_cmfy-BBtwcwi1jXiEwsKUBWuJr6RZZgc1xTodfwEbVSYWe3etKurEcXpAzBnHkpDG-2j6A0sKQnqywxrUg-gYtK18ld0Dlu5dOuheZ2N8wEKiVfXYWpTuLim_j2E9g_xW7wVACzeibwzGrxdNpKa_b7Oy_4pp57uG-VizBXDhTeoClR7zz3Cx7cmzU7p-zqT6ud6id_lOhMz_o3IZi6-d-ulf1BT_nmVHBRAdF6kcUzqMuBEX4qd335lOFWYsyIp3yHkKRuYp_bE1za6ZgAxIen2VaJL8f87wOEA_hVIzx-R9OcpGT0mbS0PwA69gJZbmvdP_Qgncbq5EqvugeuDRzA0GjOfHvlCTD81uHfDMjeYwzeWuNPW1Nq6oSH9IPSIubvMcnuQ60vM5oG_4HPyOp58rR6RLE1lcGAmk0HuZJcyaA-fG5lL-sAxR_6AwWDfuYjbzD88D4TZOCum_K_mNgkr93pTx5TWgITta57FboBZoyq0QyCv8-VJBxI66UG0eBRMCnrYKb_K-fDC98J5GHPqepappBEwleli5ELirFy8vVtJiydDZLaQ0PSUsIJKv3mF5JnIXpNONk2IS6p5xlmZfRjS9II9TWuyfMcSdL0lUrTQNl1c10gq82g-_lE5O49jj_Slsvjo
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

GET
H2 200 army.gif Show response
postureinfohub.com/porpoiseant/ 0
18 B 8ms
8ms XHR
text/plain 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://postureinfohub.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODU3NzgzMjM3OTc0MjU1MCIsImRvbWFpbl9pZCI6IjIxODAzMiIsInVuaXQiOiJwb3N0dXJlaW5mb2h1Yl9jb20tcGl4ZWwxIiwidF9lcG9jaCI6MTY1MDY3NjU4OCwiYWRfcG9zaXRpb24iOjk5OTksImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiNDk0Nzc1MzQtMTk1ZS00MDg1LTdiMGItNjBmNzRiOTE4ODI3IiwiY29tcF9pZCI6bnVsbCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9zaXplIiwidmFsIjoiWzE2MDAsMTIwMF0ifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6Ijg1Nzc4MzIzNzk3NDI1NTAiLCJkb21haW5faWQiOiIyMTgwMzIiLCJ1bml0IjoicG9zdHVyZWluZm9odWJfY29tLXBpeGVsMSIsInRfZXBvY2giOjE2NTA2NzY1ODgsImFkX3Bvc2l0aW9uIjo5OTk5LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6IjQ5NDc3NTM0LTE5NWUtNDA4NS03YjBiLTYwZjc0YjkxODgyNyIsImNvbXBfaWQiOm51bGwsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfZmx1aWQiLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODU3NzgzMjM3OTc0MjU1MCIsImRvbWFpbl9pZCI6IjIxODAzMiIsInVuaXQiOiJwb3N0dXJlaW5mb2h1Yl9jb20tcGl4ZWwxIiwidF9lcG9jaCI6MTY1MDY3NjU4OCwiYWRfcG9zaXRpb24iOjk5OTksImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiNDk0Nzc1MzQtMTk1ZS00MDg1LTdiMGItNjBmNzRiOTE4ODI3IiwiY29tcF9pZCI6bnVsbCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImRvbWFpbl9kZnBfc3R5bGVfaWQiLCJ2YWwiOiJ1bmRlZmluZWQifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: postureinfohub.com
URL: https://postureinfohub.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y36-23y55-1y59-21y5d-20&cmbcb=48&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x36x55x59x5d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-middleton-display: ezp_sol
date: Sat, 23 Apr 2022 01:16:29 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
expires: Fri, 22 Apr 2022 01:16:29 GMT
content-length: 0
vary: Accept-Encoding, Accept-Encoding
content-type: text/plain; charset=utf-8

POST
H2 200 lcpel.go Show response
postureinfohub.com/cheetah/ 0
84 B 9ms
8ms XHR
text/plain 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://postureinfohub.com/cheetah/lcpel.go
Requested by: Host: postureinfohub.com
URL: https://postureinfohub.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://postureinfohub.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 23 Apr 2022 01:16:31 GMT
server: Apache/2.4.39 (Ubuntu)
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://postureinfohub.com
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Fri, 22 Apr 2022 01:16:31 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=postureinfohub.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 23 Apr 2022 01:16:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=postureinfohub.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 23 Apr 2022 01:16:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 348 B
180 B 355ms
354ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2044522174654308&correlator=2608048949036089&eid=31067094%2C31065517&output=ldjh&gdfp_req=1&vrg=2022041801&ptt=17&impl=fifs&us_privacy=1---&iu_parts=1254144%3A22489788787%2Cpostureinfohub_com-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90&ifi=10&adks=3506309094&sfv=1-0-38&ecs=20220423&ris=3&rcs=1&fsapi=false&prev_scp=a%3D%257C1%257C%26iid1%3D7376814837707077%26eid%3D7376814837707077%26t%3D134%26d%3D218032%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D4%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dpostureinfohub_com-medrectangle-2-7376814837707077%26eb_br%3Da495ce7dbb4cefcd3e0a722048894f41%26eba%3D1%26asau%3D6150187837%26bv%3D23%26bvm%3D0%26bvr%3D3%26shp%3D1%26ftsn%3D3%26br1%3D100%26br2%3D100%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2526%2C2527%2C2763%2C2764%2C2765%2C17%2C2351%2C2610%2C2761%26lb%3D200%26reqt%3D1650676592122&eri=1&sc=1&cookie=ID%3De38dec53f7156b61%3AT%3D1650676588%3AS%3DALNI_MZrffBg8jS5Hq1aQ_Mv1zWn7xFEOA&abxe=1&dt=1650676592129&lmt=1650676592&dlt=1650676588375&idt=262&biw=1600&bih=1200&adxs=315&adys=1110&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fpostureinfohub.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=970x-1&msz=970x-1&fws=516&ohw=1600&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1728887753.1650676589&ga_sid=1650676589&ga_hid=1812489242&ga_fc=true&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

97fffd10ae09fcb84da570665efdc630991743dc2eb0e1c49d4f4b105bc2d68f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 01:16:32 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 151
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://postureinfohub.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 343 B
171 B 295ms
295ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2044522174654308&correlator=3145440853605926&eid=31067094%2C31065517&output=ldjh&gdfp_req=1&vrg=2022041801&ptt=17&impl=fifs&us_privacy=1---&iu_parts=1254144%3A22489788787%2Cpostureinfohub_com-banner-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C250x250%7C320x100%7C120x240%7C200x200%7C180x150%7C336x280%7C300x250%7C234x60%7C320x50%7C125x125&fluid=height&ifi=11&adks=3380762877&sfv=1-0-38&ecs=20220423&ris=3&rcs=1&fsapi=false&prev_scp=a%3D%257C1%257C%26iid1%3D900992943744399%26eid%3D900992943744399%26t%3D134%26d%3D218032%26t1%3D134%26pvc%3D0%26ap%3D1161%26sap%3D1161%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D31%26al%3D1031%26compid%3D0%26tap%3Dpostureinfohub_com-banner-2-900992943744399%26eb_br%3Db355e9227b551c119a30a68852723b62%26eba%3D1%26asau%3D6150187837%26bv%3D13%26bvm%3D0%26bvr%3D3%26shp%3D2%26ftsn%3D3%26br1%3D90%26br2%3D90%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2526%2C2527%2C2761%2C2763%2C2764%2C2765%2C17%2C19%2C2351%2C2610%2C2688%26lb%3D180%26reqt%3D1650676592114&eri=1&sc=1&cookie=ID%3De38dec53f7156b61%3AT%3D1650676588%3AS%3DALNI_MZrffBg8jS5Hq1aQ_Mv1zWn7xFEOA&abxe=1&dt=1650676592136&lmt=1650676592&dlt=1650676588375&idt=262&biw=1600&bih=1200&adxs=1067&adys=1125&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fpostureinfohub.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=332x-1&msz=332x-1&fws=516&ohw=1600&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1728887753.1650676589&ga_sid=1650676589&ga_hid=1812489242&ga_fc=true&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

f12dcfcf6470c60d1f46bc73a50e4561eaf4302d1ebbbf48e7af51f80801e6f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 01:16:32 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 142
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://postureinfohub.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 340 B
168 B 289ms
289ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2044522174654308&correlator=2387232547593326&eid=31067094%2C31065517&output=ldjh&gdfp_req=1&vrg=2022041801&ptt=17&impl=fifs&us_privacy=1---&iu_parts=1254144%3A22489788787%2Cpostureinfohub_com-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=250x250&ifi=12&adks=3513116733&sfv=1-0-38&ecs=20220423&ris=3&rcs=1&fsapi=false&prev_scp=a%3D%257C1%257C%26iid1%3D1099241015697677%26eid%3D1099241015697677%26t%3D134%26d%3D218032%26t1%3D134%26pvc%3D0%26ap%3D1156%26sap%3D1156%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dpostureinfohub_com-box-1-1099241015697677%26eb_br%3Db355e9227b551c119a30a68852723b62%26eba%3D1%26asau%3D6150187837%26bv%3D12%26bvm%3D0%26bvr%3D2%26shp%3D2%26ftsn%3D3%26acptad%3D1%26br1%3D90%26br2%3D90%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2526%2C2527%2C2761%2C2763%2C2764%2C2765%2C17%2C19%2C2351%2C2610%2C2688%26lb%3D180%26reqt%3D1650676592119&eri=1&sc=1&cookie=ID%3De38dec53f7156b61%3AT%3D1650676588%3AS%3DALNI_MZrffBg8jS5Hq1aQ_Mv1zWn7xFEOA&abxe=1&dt=1650676592140&lmt=1650676592&dlt=1650676588375&idt=262&biw=1600&bih=1200&adxs=1109&adys=244&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fpostureinfohub.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=332x-1&msz=250x-1&fws=4&ohw=1600&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1728887753.1650676589&ga_sid=1650676589&ga_hid=1812489242&ga_fc=true&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

cd34e05bb1f519e7ac782586ff5edae2f8f3d5b30b483d63a7a5f42c5188c0b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 01:16:32 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 139
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://postureinfohub.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 cookie_sync Show response
pb-server.ezoic.com/ 275 B
498 B 33ms
8ms XHR
application/json 18.192.242.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pb-server.ezoic.com/cookie_sync
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,criteo,oftmedia,onemobile,onetag,pulsepoint,sharethrough,smilewanted,yahoossp,yieldmo&cb=195-0-37
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.192.242.35 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-242-35.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 73d8828126ae3435ffef589ef431c970da716ddfd04f6fc3bcdbbf0d1f54b4f0

Request headers

Referer: https://postureinfohub.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 23 Apr 2022 01:16:33 GMT
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://postureinfohub.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 275
expires: 0

POST
H2 200 auction Show response
pb-server.ezoic.com/openrtb2/ 150 B
361 B 234ms
211ms XHR
application/json 18.192.242.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pb-server.ezoic.com/openrtb2/auction
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,criteo,oftmedia,onemobile,onetag,pulsepoint,sharethrough,smilewanted,yahoossp,yieldmo&cb=195-0-37
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.192.242.35 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-242-35.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: a9a97835a1defab41dd69558db397bb1d5d90a77f75917c9308582caeb88a97e

Request headers

Referer: https://postureinfohub.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 23 Apr 2022 01:16:33 GMT
vary: Origin
content-type: application/json
access-control-allow-origin: https://postureinfohub.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 150
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 49 KB
14 KB 122ms
92ms XHR
application/json 185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,criteo,oftmedia,onemobile,onetag,pulsepoint,sharethrough,smilewanted,yahoossp,yieldmo&cb=195-0-37

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e456c05c302391cdfda9f2fbbc85d5bcb083fd1a60e1ed85d4a5e6581420f745

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://postureinfohub.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sat, 23 Apr 2022 01:16:33 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 193.27.14.37; 193.27.14.37; 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 17357431-3475-4893-9c1f-63ca79ff029e
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://postureinfohub.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 ortb Show response
bid.contextweb.com/header/ 0
780 B 619ms
297ms XHR
text/plain 74.214.196.131

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.contextweb.com/header/ortb?src=prebid

Requested by

Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,criteo,oftmedia,onemobile,onetag,pulsepoint,sharethrough,smilewanted,yahoossp,yieldmo&cb=195-0-37

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.214.196.131 -, , ASN (),

Reverse DNS

Software

Jetty(9.4.14.v20181114) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://postureinfohub.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://postureinfohub.com
access-control-expose-headers: Access-Control-Allow-Origin
access-control-allow-credentials: true
server: Jetty(9.4.14.v20181114)
cw-server: bid-deployment-7b4979948f-hw295
strict-transport-security: max-age=15768000
cwdl: 22/148,22/148,22/148,22/148

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ 536 B
888 B 142ms
99ms XHR
application/json 185.255.84.150
IGUANE-

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fpostureinfohub.com%2F&CanonicalUrl=https%3A%2F%2Fpostureinfohub.com%2F&PublisherDomain=https%3A%2F%2Fpostureinfohub.com

Requested by

Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,criteo,oftmedia,onemobile,onetag,pulsepoint,sharethrough,smilewanted,yahoossp,yieldmo&cb=195-0-37

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.150 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

5a8ecf03f117a4cc9288354285445180a6cd2c1fce370521c4ff0813cb843efd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://postureinfohub.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 23 Apr 2022 01:16:33 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://postureinfohub.com
access-control-max-age: 3600
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 83
access-control-allow-headers: Accept-Encoding, Content-Type
content-length: 536
expires: 0

POST
H2 200 / Show response
prebid.smilewanted.com/ 0
75 B 56ms
28ms XHR
application/json 104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,criteo,oftmedia,onemobile,onetag,pulsepoint,sharethrough,smilewanted,yahoossp,yieldmo&cb=195-0-37
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://postureinfohub.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 23 Apr 2022 01:16:33 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: https://postureinfohub.com
access-control-allow-credentials: true
cf-ray: 7002c1251c929bd0-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 200 / Show response
prebid.smilewanted.com/ 0
439 B 53ms
26ms XHR
application/json 104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,criteo,oftmedia,onemobile,onetag,pulsepoint,sharethrough,smilewanted,yahoossp,yieldmo&cb=195-0-37
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://postureinfohub.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 23 Apr 2022 01:16:33 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: https://postureinfohub.com
access-control-allow-credentials: true
cf-ray: 7002c1251c939bd0-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 200 / Show response
prebid.smilewanted.com/ 0
77 B 59ms
31ms XHR
application/json 104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,criteo,oftmedia,onemobile,onetag,pulsepoint,sharethrough,smilewanted,yahoossp,yieldmo&cb=195-0-37
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://postureinfohub.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 23 Apr 2022 01:16:33 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: https://postureinfohub.com
access-control-allow-credentials: true
cf-ray: 7002c1251c949bd0-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 200 / Show response
prebid.smilewanted.com/ 0
77 B 64ms
37ms XHR
application/json 104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,criteo,oftmedia,onemobile,onetag,pulsepoint,sharethrough,smilewanted,yahoossp,yieldmo&cb=195-0-37
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://postureinfohub.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 23 Apr 2022 01:16:33 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: https://postureinfohub.com
access-control-allow-credentials: true
cf-ray: 7002c1251c969bd0-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2

200

setuid
pb-server.ezoic.com/
Redirect Chain

https://prebid.a-mo.net/cchain/0?gdpr=&us_privacy=1---&cb=https%3A%2F%2Fpb-server.ezoic.com%2Fsetuid%3Fbidder%3Damx%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D
https://pb-server.ezoic.com/setuid?bidder=amx&gdpr=&gdpr_consent=&f=i&uid=325392f6-04f8-420c-ab9f-f242548d81a4&us_privacy=1---

86 B
455 B

7ms
7ms

Image
image/png

18.192.242.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pb-server.ezoic.com/setuid?bidder=amx&gdpr=&gdpr_consent=&f=i&uid=325392f6-04f8-420c-ab9f-f242548d81a4&us_privacy=1---
Protocol: H2
Server: 18.192.242.35 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-242-35.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Apr 2022 01:16:33 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/png
content-length: 86
vary: Origin
expires: 0

Redirect headers

location: https://pb-server.ezoic.com/setuid?bidder=amx&gdpr=&gdpr_consent=&f=i&uid=325392f6-04f8-420c-ab9f-f242548d81a4&us_privacy=1---
date: Sat, 23 Apr 2022 01:16:33 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 1
server: envoy
content-length: 0

GET
H2 200 wp-emoji-release.min.js Show response
postureinfohub.com/wp-includes/js/ 18 KB
5 KB 32ms
32ms Script
application/javascript 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://postureinfohub.com/wp-includes/js/wp-emoji-release.min.js?ver=5.9.3
Requested by: Host: postureinfohub.com
URL: https://postureinfohub.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5c3c4b20f3096c37f00d79fe0c4234f888926728ba3eddd94c8d6395266741f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 01:16:33 UTC
content-encoding: br
x-origin-cache-control: max-age=31536000
display: staticcontent_sol
x-ezoic-cdn: Hit ds;mm;aef97faec5950e92cfb98b885fb528d0;2-218032-15;38844d94-a667-4804-75fc-3619f72a0a48
x-proxy-cache-info: DT:1
x-middleton-display: staticcontent_sol
x-middleton-response: 200
host-header: 8441280b0c35cbc1147f8ba998a563a7
response: 200
last-modified: Thu, 14 Apr 2022 18:12:37 GMT
server: nginx
etag: W/"60fd0cd6-4705-gzip"
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
content-type: application/javascript
cache-control: public, max-age=31536000
x-ez-minify-js: 0.48% 18094 / 18181

GET
H2 200 adsbygoogle.js Show response
postureinfohub.com/ezossp/https/pagead2.googlesyndication.com/pagead/js/ 138 KB
46 KB 70ms
69ms Script
text/javascript 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://postureinfohub.com/ezossp/https/pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4916289523661847&screx=1&sxcb=1a

Requested by

Host: postureinfohub.com
URL: https://postureinfohub.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y36-23y55-1y59-21y5d-20&cmbcb=48&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x36x55x59x5d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-159-80-129.eu-central-1.compute.amazonaws.com

Software

cafe /

Resource Hash

c9219320c936753eb8d6060058f4bfc967c95cea82f7b929f7483291e91880dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 01:16:33 GMT
content-encoding: br
x-content-type-options: nosniff
x-ezoic-cdn: Miss
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
x-middleton-display: staticcontent_sol
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
x-middleton-response: 200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: cafe
x-origin-cache-control: private, max-age=3600
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
etag: 6922614220999426746
timing-allow-origin: *
expires: Sat, 23 Apr 2022 01:16:33 GMT

GET
H2 200 frontend.js Show response
postureinfohub.com/wp-content/plugins/link-whisper-premium/js/ 6 KB
2 KB 23ms
21ms Script
application/javascript 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://postureinfohub.com/wp-content/plugins/link-whisper-premium/js/frontend.js?screx=1&sxcb=1a&ver=1639117093
Requested by: Host: postureinfohub.com
URL: https://postureinfohub.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y36-23y55-1y59-21y5d-20&cmbcb=48&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x36x55x59x5d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ca04d26010ca412e51fc3fd8d4912543db0adfc724c18269645cf643629a367b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 01:16:33 UTC
content-encoding: br
x-origin-cache-control: max-age=31536000
display: staticcontent_sol
x-ezoic-cdn: Hit ds;mm;3f4757923043033f471454c896c83539;2-218032-15;ef9b8986-7963-4149-5c50-fde303093e37
x-proxy-cache-info: DT:1
x-middleton-display: staticcontent_sol
x-middleton-response: 200
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 1716
response: 200
last-modified: Thu, 14 Apr 2022 18:12:37 GMT
server: nginx
etag: W/"61b2f125-25c3-gzip"
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
content-type: application/javascript
cache-control: public, max-age=31536000
x-ez-minify-js: 38.01% 6052 / 9763

GET
H2 200 js.cookie.min.js Show response
postureinfohub.com/wp-content/plugins/ad-invalid-click-protector/assets/js/ 1 KB
912 B 21ms
20ms Script
application/javascript 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://postureinfohub.com/wp-content/plugins/ad-invalid-click-protector/assets/js/js.cookie.min.js?screx=1&sxcb=1a&ver=3.0.0
Requested by: Host: postureinfohub.com
URL: https://postureinfohub.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y36-23y55-1y59-21y5d-20&cmbcb=48&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x36x55x59x5d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6ca44caa743f976b97e6bbca105b2ba1493a8695d8552738700e00433e24044b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 01:16:33 UTC
content-encoding: br
x-origin-cache-control: max-age=31536000
display: staticcontent_sol
x-ezoic-cdn: Hit ds;mm;e117ff1f31c67cf4235d8f741ebd0048;2-218032-15;108d3d76-ac1a-4f87-4503-34573db709e0
x-proxy-cache-info: DT:1
x-middleton-display: staticcontent_sol
x-middleton-response: 200
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 675
response: 200
last-modified: Thu, 14 Apr 2022 18:12:37 GMT
server: nginx
etag: W/"6091db31-5dc-gzip"
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
content-type: application/javascript
cache-control: public, max-age=31536000
x-ez-minify-js: 0.26% 1530 / 1534

GET
H2 200 parallax.min.js Show response
postureinfohub.com/wp-content/plugins/gp-premium/elements//assets/js/ 404 B
364 B 26ms
25ms Script
application/javascript 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://postureinfohub.com/wp-content/plugins/gp-premium/elements//assets/js/parallax.min.js?screx=1&sxcb=1a&ver=1.8.3
Requested by: Host: postureinfohub.com
URL: https://postureinfohub.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y36-23y55-1y59-21y5d-20&cmbcb=48&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x36x55x59x5d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 080e5601078819b7f6e65224dd51e9bf010e30a22c37ba95281efef78800800b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 01:16:33 UTC
content-encoding: br
x-origin-cache-control: max-age=31536000
display: staticcontent_sol
x-ezoic-cdn: Hit ds;mm;465dbbcf72fe8ee787a4c1d0ac28ad75;2-218032-15;3dd92e92-5327-407e-4ea2-e21769d8c205
x-proxy-cache-info: DT:1
x-middleton-display: staticcontent_sol
x-middleton-response: 200
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 211
response: 200
last-modified: Thu, 14 Apr 2022 18:12:37 GMT
server: nginx
etag: W/"5f657480-195-gzip"
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
content-type: application/javascript
cache-control: public, max-age=31536000
x-ez-minify-js: 0.25% 404 / 405

GET
H2 200 forms.js Show response
postureinfohub.com/wp-content/plugins/mailchimp-for-wp/assets/js/ 6 KB
3 KB 28ms
28ms Script
application/javascript 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://postureinfohub.com/wp-content/plugins/mailchimp-for-wp/assets/js/forms.js?screx=1&sxcb=1a&ver=4.8.7
Requested by: Host: postureinfohub.com
URL: https://postureinfohub.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y36-23y55-1y59-21y5d-20&cmbcb=48&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x36x55x59x5d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 31e46a485be66da172d95fd7d8abf26fa35b65b78748b0c4b0af3108d98a4032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 01:16:33 UTC
content-encoding: br
x-origin-cache-control: max-age=31536000
display: staticcontent_sol
x-ezoic-cdn: Hit ds;mm;5f00a94995a7cc1f4f04a0fd840313d2;2-218032-15;14b76e5c-3f6f-44ac-6826-566997c1532e
x-proxy-cache-info: DT:1
x-middleton-display: staticcontent_sol
x-middleton-response: 200
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 2436
response: 200
last-modified: Thu, 14 Apr 2022 18:12:37 GMT
server: nginx
etag: W/"622d578a-1842-gzip"
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
content-type: application/javascript
cache-control: public, max-age=31536000
x-ez-minify-js: 0.05% 6303 / 6306

GET
H2

200

connatix.player.dc.js Show response
cds.connatix.com/p/159756/ Frame 37C4
Redirect Chain

https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
https://cds.connatix.com/p/159756/connatix.player.dc.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882

864 KB
201 KB

15ms
8ms

Script
application/javascript

151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/159756/connatix.player.dc.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Protocol: H2
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2b4c726433fe66ef3c033576e87b1ddbb18950d60f72679a58d6f2afe346d329

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 01:16:33 GMT
content-encoding: br
last-modified: Thu, 21 Apr 2022 16:20:10 GMT
age: 118397
etag: "a883e207da8f4e723e30a6028c8f66bc"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 205823

Redirect headers

location: https://cds.connatix.com/p/159756/connatix.player.dc.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
date: Sat, 23 Apr 2022 01:16:33 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=0
accept-ranges: bytes
content-length: 0
access-control-max-age: 86400

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=postureinfohub.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 23 Apr 2022 01:16:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=postureinfohub.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 23 Apr 2022 01:16:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 348 B
180 B 265ms
265ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2044522174654308&correlator=4440055038452645&eid=31067094%2C31065517&output=ldjh&gdfp_req=1&vrg=2022041801&ptt=17&impl=fifs&us_privacy=1---&iu_parts=1254144%3A22489788787%2Cpostureinfohub_com-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90&ifi=13&adks=3506309094&sfv=1-0-38&ecs=20220423&ris=2&rcs=2&fsapi=false&prev_scp=a%3D%257C1%257C%26iid1%3D7376814837707077%26eid%3D7376814837707077%26t%3D134%26d%3D218032%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D4%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dpostureinfohub_com-medrectangle-2-7376814837707077%26eb_br%3D8c5ffefb122f59a66a8b7672d4452af2%26eba%3D1%26asau%3D6150187837%26bv%3D23%26bvm%3D0%26bvr%3D3%26shp%3D1%26ftsn%3D3%26br1%3D36%26br2%3D100%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2526%2C2527%2C2763%2C2764%2C2765%2C17%2C2351%2C2610%2C2761%2C17%2C19%2C2351%2C2610%2C2688%2C2693%2C2761%26lb%3D100%26reqt%3D1650676592642&eri=1&sc=1&cookie=ID%3De38dec53f7156b61%3AT%3D1650676588%3AS%3DALNI_MZrffBg8jS5Hq1aQ_Mv1zWn7xFEOA&abxe=1&dt=1650676593649&lmt=1650676593&dlt=1650676588375&idt=262&biw=1600&bih=1200&adxs=315&adys=1110&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fpostureinfohub.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=970x-1&msz=970x-1&fws=516&ohw=1600&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1728887753.1650676589&ga_sid=1650676589&ga_hid=1812489242&ga_fc=true&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

62d0470a5034e5ef49d9f25beb651d9a7f52fb14bf7704d0e83a27253b51adf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 01:16:33 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 151
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://postureinfohub.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 18 KB
10 KB 370ms
370ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2044522174654308&correlator=116118397924853&eid=31067094%2C31065517&output=ldjh&gdfp_req=1&vrg=2022041801&ptt=17&impl=fifs&us_privacy=1---&iu_parts=1254144%3A22489788787%2Cpostureinfohub_com-banner-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C250x250%7C320x100%7C120x240%7C200x200%7C180x150%7C336x280%7C300x250%7C234x60%7C320x50%7C125x125&fluid=height&ifi=14&adks=3380762877&sfv=1-0-38&ecs=20220423&ris=2&rcs=2&fsapi=false&prev_scp=a%3D%257C1%257C%26iid1%3D900992943744399%26eid%3D900992943744399%26t%3D134%26d%3D218032%26t1%3D134%26pvc%3D0%26ap%3D1161%26sap%3D1161%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D31%26al%3D1031%26compid%3D0%26tap%3Dpostureinfohub_com-banner-2-900992943744399%26eb_br%3Da7a863b24978e69c4cdbb5a49be70d5e%26eba%3D1%26asau%3D6150187837%26bv%3D13%26bvm%3D0%26bvr%3D3%26shp%3D2%26ftsn%3D3%26br1%3D34%26br2%3D90%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2526%2C2527%2C2761%2C2763%2C2764%2C2765%2C17%2C19%2C2351%2C2610%2C2688%2C17%2C19%2C2351%2C2610%2C2688%2C2693%26lb%3D90%26reqt%3D1650676592643&eri=1&sc=1&cookie=ID%3De38dec53f7156b61%3AT%3D1650676588%3AS%3DALNI_MZrffBg8jS5Hq1aQ_Mv1zWn7xFEOA&abxe=1&dt=1650676593672&lmt=1650676593&dlt=1650676588375&idt=262&biw=1600&bih=1200&adxs=1067&adys=1125&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fpostureinfohub.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=332x-1&msz=332x-1&fws=516&ohw=1600&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1728887753.1650676589&ga_sid=1650676589&ga_hid=1812489242&ga_fc=true&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

7c39dbe95379fae8c06c18f8f9c8947ed55f8213fa8695073b2863c4a8ba4e85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 01:16:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9731
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://postureinfohub.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET ads
securepubads.g.doubleclick.net/gampad/ 0
0

GET
H2 200 hls.5b3b785f487abbe00eee.js
cds.connatix.com/p/159756/ Frame 37C4 0
47 KB 14ms
14ms Other
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/159756/hls.5b3b785f487abbe00eee.js
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 01:16:33 GMT
content-encoding: br
last-modified: Thu, 21 Apr 2022 16:20:11 GMT
age: 118398
etag: "182f65d040bfb9544bd8f71472475672"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 48258

GET
H2 200 player.css
cds.connatix.com/p/159756/ 56 KB
9 KB 15ms
14ms Stylesheet
text/css 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/159756/player.css
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0bfa346d7611b406e1c95c3ae1c7bd1a9a7c5340a7a197842f0005f7380546be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 01:16:33 GMT
content-encoding: br
last-modified: Thu, 21 Apr 2022 16:20:11 GMT
age: 118397
etag: "563e0ae70a190337a57b9f3faf012f8e"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 8661

POST
H2 200 pls Show response
capi.connatix.com/core/ Frame 37C4 7 KB
4 KB 145ms
145ms XHR
application/x-protobuf 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/core/pls?v=159756&cid=5f049401-746e-4449-8c27-b6b9d8e25882
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c477d2f82c191b86231d1842e95b2bcd837a6384c216b68801ab5c8cfe404387

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Sat, 23 Apr 2022 01:16:33 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://postureinfohub.com
access-control-max-age: 86400
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 3992

POST
H/1.1 200
OK sr
capi-tier-2-us-east-2.connatix.com/tr/ Frame 37C4 0
319 B 563ms
105ms XHR
application/x-protobuf 18.218.108.208

General

Check archive.org

Show headers Download Go to

Full URL: https://capi-tier-2-us-east-2.connatix.com/tr/sr?v=159756&cid=5f049401-746e-4449-8c27-b6b9d8e25882
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.218.108.208 -, , ASN (),
Reverse DNS
Software: Kestrel /
Resource Hash

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Sat, 23 Apr 2022 01:16:34 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://postureinfohub.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 84 KB
28 KB 15ms
15ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

sffe /

Resource Hash

3b94b6f798453eb2a87e54efd5f67936c01a55dd5289f4ae1e052ef6044de8ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 01:16:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28697
x-xss-protection: 0
server: sffe
etag: "1194 / 652 of 1000 / last-modified: 1650665358"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 23 Apr 2022 01:16:34 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 37C4 376 KB
126 KB 67ms
15ms Script
text/javascript 2a00:1450:4001:829::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

61b2100a8748346132ab227b5cbb6710c66aa8ed5c6caf241e1d85e7bcc049bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 01:16:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 128368
x-xss-protection: 0
expires: Sat, 23 Apr 2022 01:16:34 GMT

GET
H2 200 5.png
img.connatix.com/pid-dceed97a-951e-4c47-b565-c2794ffae817/dceed97a-951e-4c47-b565-c2794ffae817/ 5 KB
5 KB 14ms
6ms Image
image/png 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/pid-dceed97a-951e-4c47-b565-c2794ffae817/dceed97a-951e-4c47-b565-c2794ffae817/5.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a525824d7672e22ce39795da065ac4ef98058bebc829124c84b7bb67e4243029

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 01:16:34 GMT
content-encoding: br
age: 3261677
etag: "WyY66hWo5OdoXuQtIRPU7kBpkP2OfioY7IdwgbKwCN4"
access-control-max-age: 86400
fastly-io-info: ifsz=5795 idim=59x61 ifmt=png ofsz=5076 odim=59x61 ofmt=png
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/png
content-length: 5081

POST
H/1.1 200
OK g
capi-tier-2-us-east-2.connatix.com/rtb/ Frame 37C4 640 B
788 B 491ms
177ms XHR
application/x-protobuf 18.218.108.208

General

Check archive.org

Show headers Download Go to

Full URL: https://capi-tier-2-us-east-2.connatix.com/rtb/g?v=159756&cid=5f049401-746e-4449-8c27-b6b9d8e25882
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.218.108.208 -, , ASN (),
Reverse DNS
Software: Kestrel /
Resource Hash

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Sat, 23 Apr 2022 01:16:34 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://postureinfohub.com
transfer-encoding: chunked
Connection: keep-alive
access-control-allow-credentials: true

GET
H3 200 container.html Show response
bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9680 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://postureinfohub.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 5
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 23 Apr 2022 01:16:29 GMT
expires: Sun, 23 Apr 2023 01:16:29 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 army.gif Show response
postureinfohub.com/porpoiseant/ 0
64 B 309ms
8ms XHR
text/plain 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://postureinfohub.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiOTAwOTkyOTQzNzQ0Mzk5IiwiZG9tYWluX2lkIjoiMjE4MDMyIiwidW5pdCI6ImRpdi1ncHQtYWQtcG9zdHVyZWluZm9odWJfY29tLWJhbm5lci0yLTAiLCJ0X2Vwb2NoIjoxNjUwNjc2NTg4LCJhZF9wb3NpdGlvbiI6MTE2MSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI0OTQ3NzUzNC0xOTVlLTQwODUtN2IwYi02MGY3NGI5MTg4MjciLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NDg2LCJkYXRhIjpbeyJuYW1lIjoicmVmcmVzaF9jb3VudCIsInZhbCI6IjMifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjkwMDk5Mjk0Mzc0NDM5OSIsImRvbWFpbl9pZCI6IjIxODAzMiIsInVuaXQiOiJkaXYtZ3B0LWFkLXBvc3R1cmVpbmZvaHViX2NvbS1iYW5uZXItMi0wIiwidF9lcG9jaCI6MTY1MDY3NjU4OCwiYWRfcG9zaXRpb24iOjExNjEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiNDk0Nzc1MzQtMTk1ZS00MDg1LTdiMGItNjBmNzRiOTE4ODI3IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDQ4NiwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9iaWRfaGFzaCIsInZhbCI6ImE3YTg2M2IyNDk3OGU2OWM0Y2RiYjVhNDliZTcwZDVlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI5MDA5OTI5NDM3NDQzOTkiLCJkb21haW5faWQiOiIyMTgwMzIiLCJ1bml0IjoiZGl2LWdwdC1hZC1wb3N0dXJlaW5mb2h1Yl9jb20tYmFubmVyLTItMCIsInRfZXBvY2giOjE2NTA2NzY1ODgsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDM0LCJhZF9wb3NpdGlvbiI6MTE2MSwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAuMDAwMzQsImJpZF9mbG9vcl9wcmV2IjowLjAwMDksInN0YXRfc291cmNlX2lkIjozNSwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6IjQ5NDc3NTM0LTE5NWUtNDA4NS03YjBiLTYwZjc0YjkxODgyNyIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ0ODYsImRhdGEiOlt7Im5hbWUiOiJsb2FkZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI5MDA5OTI5NDM3NDQzOTkiLCJkb21haW5faWQiOiIyMTgwMzIiLCJ1bml0IjoiZGl2LWdwdC1hZC1wb3N0dXJlaW5mb2h1Yl9jb20tYmFubmVyLTItMCIsInRfZXBvY2giOjE2NTA2NzY1ODgsImFkX3Bvc2l0aW9uIjoxMTYxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6IjQ5NDc3NTM0LTE5NWUtNDA4NS03YjBiLTYwZjc0YjkxODgyNyIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ0ODYsImRhdGEiOlt7Im5hbWUiOiJjcmVhdGl2ZV9pZCIsInZhbCI6IjEzODMxMDAzNDQ4NiJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiOTAwOTkyOTQzNzQ0Mzk5IiwiZG9tYWluX2lkIjoiMjE4MDMyIiwidW5pdCI6ImRpdi1ncHQtYWQtcG9zdHVyZWluZm9odWJfY29tLWJhbm5lci0yLTAiLCJ0X2Vwb2NoIjoxNjUwNjc2NTg4LCJhZF9wb3NpdGlvbiI6MTE2MSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI0OTQ3NzUzNC0xOTVlLTQwODUtN2IwYi02MGY3NGI5MTg4MjciLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NDg2LCJkYXRhIjpbeyJuYW1lIjoibGluZWl0ZW1faWQiLCJ2YWwiOiIyODY4NzI3NCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: postureinfohub.com
URL: https://postureinfohub.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y36-23y55-1y59-21y5d-20&cmbcb=48&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x36x55x59x5d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-middleton-display: ezp_sol
date: Sat, 23 Apr 2022 01:16:36 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
expires: Fri, 22 Apr 2022 01:16:36 GMT
content-length: 0
vary: Accept-Encoding, Accept-Encoding
content-type: text/plain; charset=utf-8

GET
H2 200 army.gif Show response
postureinfohub.com/porpoiseant/ 0
110 B 308ms
8ms XHR
text/plain 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://postureinfohub.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiOTAwOTkyOTQzNzQ0Mzk5IiwiZG9tYWluX2lkIjoiMjE4MDMyIiwidW5pdCI6ImRpdi1ncHQtYWQtcG9zdHVyZWluZm9odWJfY29tLWJhbm5lci0yLTAiLCJ0X2Vwb2NoIjoxNjUwNjc2NTg4LCJhZF9wb3NpdGlvbiI6MTE2MSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI0OTQ3NzUzNC0xOTVlLTQwODUtN2IwYi02MGY3NGI5MTg4MjciLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NDg2LCJkYXRhIjpbeyJuYW1lIjoidF9sb2NhbF9kYXRlIiwidmFsIjoiMjAyMi0wNC0yMyJ9LHsibmFtZSI6InRfbG9jYWxfaG91ciIsInZhbCI6IjEifSx7Im5hbWUiOiJ0X2xvY2FsX2RheV9vZl93ZWVrIiwidmFsIjoiNiJ9LHsibmFtZSI6InRfbG9jYWxfdGltZXpvbmUiLCJ2YWwiOiIwIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by: Host: postureinfohub.com
URL: https://postureinfohub.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y36-23y55-1y59-21y5d-20&cmbcb=48&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x36x55x59x5d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-middleton-display: ezp_sol
date: Sat, 23 Apr 2022 01:16:33 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
expires: Fri, 22 Apr 2022 01:16:33 GMT
content-length: 0
vary: Accept-Encoding, Accept-Encoding
content-type: text/plain; charset=utf-8

GET
H2 200 army.gif Show response
postureinfohub.com/porpoiseant/ 0
64 B 308ms
8ms XHR
text/plain 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://postureinfohub.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiOTAwOTkyOTQzNzQ0Mzk5IiwiZG9tYWluX2lkIjoiMjE4MDMyIiwidW5pdCI6ImRpdi1ncHQtYWQtcG9zdHVyZWluZm9odWJfY29tLWJhbm5lci0yLTAiLCJ0X2Vwb2NoIjoxNjUwNjc2NTg4LCJhdWN0aW9uX2Vwb2NoIjoxNjUwNjc2NTk0LCJhZF9wb3NpdGlvbiI6MTE2MSwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6IjQ5NDc3NTM0LTE5NWUtNDA4NS03YjBiLTYwZjc0YjkxODgyNyIsImJpZF9mbG9vcl9pbml0aWFsIjoxODAsImJpZF9mbG9vcl9wcmV2Ijo5MCwiYmlkX2Zsb29yX2ZpbGxlZCI6MzQsImF1Y3Rpb25fY291bnQiOjMsInJlZnJlc2hfYWRfY291bnQiOjAsImF1Y3Rpb25fZHVyYXRpb24iOjM5MSwibXVsdGlfYWRfdW5pdCI6MCwibXVsdGlfYWRfY291bnQiOjAsIm5ldHdvcmtfY29kZSI6MTI1NDE0NCwiZGF0YSI6W3sibmFtZSI6IiIsInZhbCI6IiJ9XSwibGluZV9pdGVtX2lkIjoyODY4NzI3NH1d
Requested by: Host: postureinfohub.com
URL: https://postureinfohub.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y36-23y55-1y59-21y5d-20&cmbcb=48&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x36x55x59x5d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-middleton-display: ezp_sol
date: Sat, 23 Apr 2022 01:16:34 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
expires: Fri, 22 Apr 2022 01:16:34 GMT
content-length: 0
vary: Accept-Encoding, Accept-Encoding
content-type: text/plain; charset=utf-8

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 68B3 624 B
297 B 18ms
18ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjHgujGATAB&v=APEucNVb_FZwHyqjkkJ96FjIrysl95X6sARWdbbfHxVEvFLooLkmPvlznKjLDDkOPohvKffGpueT9STOzNb4T8QbNv-niuJQaXsb-vjvn_cgCKZlRfMtCpdZR0jfpExUZZ-7auJ7QT-5jMHOIc7fYBYly4eobAH5ohXEGGouwAfIdP532_tXm7H_b690hu7ORzfP7P5m62BMzFM_VSFRUDFQKPn2phxC6g

Requested by

Host: bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com
URL: https://bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 23 Apr 2022 01:16:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 9680 82 KB
33 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CEgwa2-5PrGYmoyby9sUMDdOYTwyFKPXfJSI00pWK2G9akV1OQlJG2RoPSt93zhvPNHM6vbarmIQi7zVaM2uFv2_pDb7vJkd_O4JPzi-WAzNJl_sOFJfYJnzVRCprTrAAoIzh7-lWqq5itTdbnvOQjXPEZ6A&dbm_d=AKAmf-C36TH920fRsH4V5ZkypDG7k5bG6xy0qr4WFWANOXyV-yG7XVbI-Tg50C3TSLFz-IQQoyUn9VINd3XNmhjLnRAE8yvgz3tbaCanxB2evKSurZwNceuTJDXQED_xZDtlbCWG7hxwjJGMoIbkIfLMmIWdIGdt4K1PPLVnNQVMD0drwGwsYIhlgd9DBHE1fW9rZatPW-nOLZOy3fu1qzup78uZpG9YFLh-LZ_yL4naC58JaE9kobDU4wHP1XMsNkDx3XTQa611VW7qzqtB5SKTLnM5HRdDGfyuUaCt-qpT7JLqpQSZcQQ9lbBKSZ1VqvOuA9PXyZNo1PbWP-o-gd-X4sn0D4Kx0RMWRZ-h5qvfgIt_zYyIBRj1yhobhoyYAWeBI_In9GApJ02x1jLEsH6yQuM7goqtsyX3ezG7w885C2uQ62BowBIsZo40O2qRhKfkNOose_P9srs6ucO_KjesAQclzHb3PQEd8GFgkjvdSPLauUeeuOW6NYum1Uu8Sa_CYPHvD-3WWd8LlcoCwJMMAYufPiONvlxyoY6tueiq-sKbU-tv3Yf1yXxmw5VdMrGNU8aB8pCHl-L2AwvWYhI2wOENg2F8AkABUmg86hlUy3VB59YQafRx1CBfsu99t7cH9Hb73rC62PFbfbhpb0R5oQmXpy34fOWS1YPLzWeFlBFIurjC3aBghcx4B3iXxjekiWsNTC9hi82ywI-xz5HXXm0YQvN3vXr32sOemEyqfI-9TPX6O6tFn6Tms4rr4Ec0KKmOcmy8EvAFizRH_kGWYyG0MnCzGH7XUIXmkTgYnBHLf842GhiJiSV90kGwgOoL5buf-RrzjQcTEUodAFc1qAJmeBLdiegUs8_ykoeVnRvYMrecTt2mX1ZGJhObgohRYwODOxG1UoWJ1dGsBKAKTLg3VNN2zdn_SsJj9P_Mpsa7v1-bnJ6lG08TSwH2iL2sVcQ-nCB97O5zE9HiAt66osTdHOku0gSMv04_LVLF39oV3qu9OkgQMg7kmsgic0BX7S1_6hGBdYsP1f0mnij0CMuRchDoGPWU5HzWNL5BN4cXzaBpnjmzDVilDffYML3bM7Wnk3WZeRQ0LMEV5BTjTrdHiq28z_-rf5UtHP3J-yHqunHxwL4Kv9bdU5mFCpBZZmOltzsuT3u-9g4wk6QfUD07GjsDEcQf4DNb-gup_kY6v5D8Y5u2GPM5ZcFw_EfUT7tZD1HTd5OXIwdrV6OWSk2b5ZE30Xu0CtP7YtRff13Isde-_me7Ko_VidNj4G3UKYafT7HmGhYctP7OqH9Iz6qOqYLZ5jcCbI5XAeZYo8FMRuYB6nxphz-aZVn9QZvEy7B7wz61mmZu8LEaZruhnJxWhiyNAQ_W9kbthD2oJfW2zqy8mHVjna9dupjY6RWUp_Qo_agU0JUkHXiRp2pJoKdYdMuQerhpxRDt-PY9wdmoc8V-ztfireHxhNSD9pdNNuiVJ1wG9xmWEMl85tq3xfBEipqkq5KAUQ4wYxLroFHiEAICIRsWop-Gni8zKVCYlwf4gOFr5Yq-3hTmJ3-6_hnrGPoKErI-xyI7nJZAMgpRfOz6nh1EHg-cGoCJETRx-NoC8HxWBJiqVcPWlnzqsCQ4jPiSftft5hYfMyre6FhqlbNVKEsDHrlfvtNkHeRCgflS8X7PvQQY2JmhogsQEC5cmYt-UNGHbmraUY8UPLbHXqcbd-uMPHrADZ1qImCtepC4-IXHRyM2nnBn4pJ6NSYHzsh__w6VqBxnaO23-GhzHLc19AHhZnKQ_UVI0PpwJD5GOOlSgwqPvBZBkCSguHXESwyPTCtxSYUatJKqCUlmfw40Ug-c6b8A1eFfH0t-sToNl7ImVjIMp1SE3-wdhuAlCDFYju-saNG_cvdvp_TS7vCkYLyQTD7NXKjlRkBpH9sLo7GlzYvltD98vESwYflUdpo3K_ULl2VRKrIZy429C7HE4lQGRzkUeT5d3F-407wtd-R8oatZ7KshL5CzBLW8f2c5PVkEKeKCQ9tiGUd0jASNuixXRAYJ_Ixz7e3Q6YVIq-6aWt0ED75Dik0KB_1SJk9K4x0cyOavlTaCt9V-K_HRGKsEkF4TiYlY6C5IbHldSBCpCiwAZ00sUQl_29QuSK3CJsqjJ_iGG9c30qK8E_F4sK9gqUrresoAWAzofKZYcZEvDgC2VqUHOqWupMTYTDshb_8l77eCw97f2gdAR6HAbnT_QvLx28hb_QFAmr7gQY1AJaElNwBes3QHmeOsgEdBDXibGQ0qxHg28SwNWvxvkYwMQTD1m4q-Bg-rAfYYPLIhRKht1ea3_dswLEEDtKNiKlAFM54PYZ1KA4bpqAbMunrwP6FMk6AGoyCsH3BrIF9hfGH3L60VXhLcU0bX-iIIj5WSKLb3jXyVYxcY74GUo29NaqT3nz-bcs49zbxPFvVDAP9s8AK6qyMJihOeHAkeoTQHELQmWekFffAAg3x55C8A_Cdt_wlVnB4DlWIlY1MUCMM10Ay6jHAd1Td63AWYIJ87bLkqq9KY2fWIECQp9OutJ7Gyv50nY_shv17pyP_NFhpCyu4VYAD1NVkEFATULAUx2EWT8boKXvrUrjau3Q-Cnuu-3gryDfsHb10odf3MXkFRZOKxrc-vQV5rLW_p4djQfxfXpujYBKrhgz33MXM0JHvyFWMGLu1T1VXUHtjy7Lj6yDXZohlJeCHqWPID4peIL6AId5TThlPYFwtQUqFiHuDpZ-HmG6xA_VemwgcsbVSX6_Y2zYdkDbccCs3sguurTyib-GgyG74spcLZL6f_mqdRLzjcQnz_GtpeJPpxw5TIrV3ejW6g_8BMUOPgb7bWRl82b5ZiIODkHaDCEqEKJFROwBYpiy2R3BQknfkyKTWafzWR2BFpj0nZ250GFXTyWw-KqSam2cFWX2kEjCcblCD3H-wsHT5Ym5tDGi699pptnxy9za5mfC8Bh3QGdFQjLwCji2nUqV9ftNKA6xzVj7u6XeJACXIU1pmt21XXIu0oWoy2sdmiqoc7SrlugX6_ELNAwc_K911h1O0BoBHBfZaOpCJKoo-rKOo9tkUdrmdVRidH0KGgybXX2J24VrI8Vz7fKY3em4F56B3AgvnptsR4oPefNdNlDkcxQnbUdQISA1-P-OnSpdRAXhv0jW3wAs_jaeA4jihstY54RhtZHuU0CTsqqDIOQqgxjhg3r6d2cp1qLRVvEp0RD2PpMS1TYo-smavLXCy44b4vd7Y_w73HGMAR8_MdM5Yjr8OGKOgDZ-hccj8EIq39GSF2_g&cid=CAASJeRoBlEvIkuTzf-3K7AqqMl_mNfoTcv7qiiLHo73mb0fjMetV8A&rfl=1%2Chttps%253A%252F%252Fpostureinfohub.com%252F%240

Requested by

Host: postureinfohub.com
URL: https://postureinfohub.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a4f8d711adc0905d293a96f06d9a7fcadbe5d642410b835065c7359c9d1751b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Apr 2022 01:16:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33885
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9680 42 B
63 B 40ms
39ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BQ_LFK4vZrGvPekZB89UR4jFYHOMvOIHXtR0uTJ90DMPgDJ7CoeOsMezETFZ3LYUdjKEO3x7u9zxHBO0mmdDYk5lxeHJbT7nEhc4DKuDYu-1iRZRM

Requested by

Host: bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com
URL: https://bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Apr 2022 01:16:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/ Frame 9680 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/window_focus_fy2019.js

Requested by

Host: bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com
URL: https://bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 00:51:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1483
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 07 May 2022 00:51:51 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9680 119 KB
36 KB 31ms
16ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com
URL: https://bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef2e3293c1558e5b49e30e1e094cfc3412ec386a68067aee04a92fc913f2c2ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 01:16:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36950
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1650454428054601"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 23 Apr 2022 01:16:34 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/ Frame 9680 15 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com
URL: https://bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 01:00:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 938
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6409
x-xss-protection: 0
server: cafe
etag: 15284592792851369840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 07 May 2022 01:00:56 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 9680 0
0 15ms
15ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTf7KkA9QsjgQlrA59RmEjKCfUQ3tP-vfa4-RVOZgKY9W0TAz6dGbJblFS_Anu8XIV1P1i9Gxe6y_PlvYi9_9HOD0Euvg
Requested by: Host: bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com
URL: https://bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

GET
H3 200 bridge3.512.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame D1C7 630 KB
205 KB 22ms
7ms Document
text/html 2a00:1450:4001:829::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.512.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

19ede6d9e804c8651d1a03850401c29716427827ad0aa2308ce140c076d2c566

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://postureinfohub.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 191929
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 209474
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Wed, 20 Apr 2022 19:57:45 GMT
expires: Thu, 20 Apr 2023 19:57:45 GMT
last-modified: Wed, 20 Apr 2022 19:54:57 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 37C4 44 KB
17 KB 95ms
19ms Script
text/javascript 2a00:1450:4001:828::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 01:16:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 23 Apr 2022 01:16:34 GMT

GET
H3 200 bridge3.512.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 5C02 630 KB
205 KB 7ms
7ms Document
text/html 2a00:1450:4001:829::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.512.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

19ede6d9e804c8651d1a03850401c29716427827ad0aa2308ce140c076d2c566

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://postureinfohub.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 191929
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 209474
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Wed, 20 Apr 2022 19:57:45 GMT
expires: Thu, 20 Apr 2023 19:57:45 GMT
last-modified: Wed, 20 Apr 2022 19:54:57 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 bridge3.512.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame CA12 630 KB
205 KB 7ms
6ms Document
text/html 2a00:1450:4001:829::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.512.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

19ede6d9e804c8651d1a03850401c29716427827ad0aa2308ce140c076d2c566

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://postureinfohub.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 191929
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 209474
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Wed, 20 Apr 2022 19:57:45 GMT
expires: Thu, 20 Apr 2023 19:57:45 GMT
last-modified: Wed, 20 Apr 2022 19:54:57 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 7897 37 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 00:36:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2424
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sat, 23 Apr 2022 01:36:10 GMT

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame E9F0 37 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 00:36:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2424
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sat, 23 Apr 2022 01:36:10 GMT

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 1356 37 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 00:36:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2424
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sat, 23 Apr 2022 01:36:10 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 68B3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAwqedIRo--dXHL0bswMowY&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAwqedIRo--dXHL0bswMowY&google_cver=1&C=1

43 B
1014 B

20ms
20ms

Image
image/gif

23.35.236.247

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAwqedIRo--dXHL0bswMowY&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjHgujGATAB&v=APEucNVb_FZwHyqjkkJ96FjIrysl95X6sARWdbbfHxVEvFLooLkmPvlznKjLDDkOPohvKffGpueT9STOzNb4T8QbNv-niuJQaXsb-vjvn_cgCKZlRfMtCpdZR0jfpExUZZ-7auJ7QT-5jMHOIc7fYBYly4eobAH5ohXEGGouwAfIdP532_tXm7H_b690hu7ORzfP7P5m62BMzFM_VSFRUDFQKPn2phxC6g
Protocol: HTTP/1.1
Server: 23.35.236.247 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 23 Apr 2022 01:16:34 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 23 Apr 2022 01:16:34 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 23 Apr 2022 01:16:34 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAwqedIRo--dXHL0bswMowY&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Sat, 23 Apr 2022 01:16:34 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 68B3
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YmNTcpBpB4ub5NXChOI8mgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAwqedIRo--dXHL0bswMowY&google_cver=1

43 B
894 B

21ms
21ms

Image
image/gif

23.35.236.247

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAwqedIRo--dXHL0bswMowY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjHgujGATAB&v=APEucNVb_FZwHyqjkkJ96FjIrysl95X6sARWdbbfHxVEvFLooLkmPvlznKjLDDkOPohvKffGpueT9STOzNb4T8QbNv-niuJQaXsb-vjvn_cgCKZlRfMtCpdZR0jfpExUZZ-7auJ7QT-5jMHOIc7fYBYly4eobAH5ohXEGGouwAfIdP532_tXm7H_b690hu7ORzfP7P5m62BMzFM_VSFRUDFQKPn2phxC6g
Protocol: HTTP/1.1
Server: 23.35.236.247 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 23 Apr 2022 01:16:34 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 23 Apr 2022 01:16:34 GMT

Redirect headers

pragma: no-cache
date: Sat, 23 Apr 2022 01:16:34 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAwqedIRo--dXHL0bswMowY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 68B3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEIo-dN5nO-Ql6kV7xH3Pz0k&google_cver=1

43 B
1014 B

13ms
13ms

Image
image/gif

185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEIo-dN5nO-Ql6kV7xH3Pz0k&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjHgujGATAB&v=APEucNVb_FZwHyqjkkJ96FjIrysl95X6sARWdbbfHxVEvFLooLkmPvlznKjLDDkOPohvKffGpueT9STOzNb4T8QbNv-niuJQaXsb-vjvn_cgCKZlRfMtCpdZR0jfpExUZZ-7auJ7QT-5jMHOIc7fYBYly4eobAH5ohXEGGouwAfIdP532_tXm7H_b690hu7ORzfP7P5m62BMzFM_VSFRUDFQKPn2phxC6g

Protocol

HTTP/1.1

Server

185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 23 Apr 2022 01:16:34 GMT
X-Proxy-Origin: 193.27.14.37; 193.27.14.37; 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: efc8aee4-a9de-49be-81e9-c8ad41194a41
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 23 Apr 2022 01:16:34 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEIo-dN5nO-Ql6kV7xH3Pz0k&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 68B3
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTE0NTA0OTg0OTEyNDAxMDY5NA%3D%3D

170 B
188 B

17ms
16ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTE0NTA0OTg0OTEyNDAxMDY5NA%3D%3D

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Apr 2022 01:16:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 23 Apr 2022 01:16:34 GMT
X-Proxy-Origin: 193.27.14.37; 193.27.14.37; 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 8e2b1795-6853-40c0-b1b1-d82179a498fd
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTE0NTA0OTg0OTEyNDAxMDY5NA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=postureinfohub.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 23 Apr 2022 01:16:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js
adservice.google.com/adsid/ 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=postureinfohub.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://postureinfohub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 23 Apr 2022 01:16:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 9680 169 KB
59 KB 28ms
8ms Script
text/javascript 2a00:1450:4001:828::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Requested by

Host: postureinfohub.com
URL: https://postureinfohub.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com/
Origin: https://bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 08:22:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60868
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60173
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 23 Apr 2022 08:22:06 GMT

GET
H3 200 omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220420/r20110914/elements/html/ Frame 9680 8 KB
3 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220420/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CEgwa2-5PrGYmoyby9sUMDdOYTwyFKPXfJSI00pWK2G9akV1OQlJG2RoPSt93zhvPNHM6vbarmIQi7zVaM2uFv2_pDb7vJkd_O4JPzi-WAzNJl_sOFJfYJnzVRCprTrAAoIzh7-lWqq5itTdbnvOQjXPEZ6A&dbm_d=AKAmf-C36TH920fRsH4V5ZkypDG7k5bG6xy0qr4WFWANOXyV-yG7XVbI-Tg50C3TSLFz-IQQoyUn9VINd3XNmhjLnRAE8yvgz3tbaCanxB2evKSurZwNceuTJDXQED_xZDtlbCWG7hxwjJGMoIbkIfLMmIWdIGdt4K1PPLVnNQVMD0drwGwsYIhlgd9DBHE1fW9rZatPW-nOLZOy3fu1qzup78uZpG9YFLh-LZ_yL4naC58JaE9kobDU4wHP1XMsNkDx3XTQa611VW7qzqtB5SKTLnM5HRdDGfyuUaCt-qpT7JLqpQSZcQQ9lbBKSZ1VqvOuA9PXyZNo1PbWP-o-gd-X4sn0D4Kx0RMWRZ-h5qvfgIt_zYyIBRj1yhobhoyYAWeBI_In9GApJ02x1jLEsH6yQuM7goqtsyX3ezG7w885C2uQ62BowBIsZo40O2qRhKfkNOose_P9srs6ucO_KjesAQclzHb3PQEd8GFgkjvdSPLauUeeuOW6NYum1Uu8Sa_CYPHvD-3WWd8LlcoCwJMMAYufPiONvlxyoY6tueiq-sKbU-tv3Yf1yXxmw5VdMrGNU8aB8pCHl-L2AwvWYhI2wOENg2F8AkABUmg86hlUy3VB59YQafRx1CBfsu99t7cH9Hb73rC62PFbfbhpb0R5oQmXpy34fOWS1YPLzWeFlBFIurjC3aBghcx4B3iXxjekiWsNTC9hi82ywI-xz5HXXm0YQvN3vXr32sOemEyqfI-9TPX6O6tFn6Tms4rr4Ec0KKmOcmy8EvAFizRH_kGWYyG0MnCzGH7XUIXmkTgYnBHLf842GhiJiSV90kGwgOoL5buf-RrzjQcTEUodAFc1qAJmeBLdiegUs8_ykoeVnRvYMrecTt2mX1ZGJhObgohRYwODOxG1UoWJ1dGsBKAKTLg3VNN2zdn_SsJj9P_Mpsa7v1-bnJ6lG08TSwH2iL2sVcQ-nCB97O5zE9HiAt66osTdHOku0gSMv04_LVLF39oV3qu9OkgQMg7kmsgic0BX7S1_6hGBdYsP1f0mnij0CMuRchDoGPWU5HzWNL5BN4cXzaBpnjmzDVilDffYML3bM7Wnk3WZeRQ0LMEV5BTjTrdHiq28z_-rf5UtHP3J-yHqunHxwL4Kv9bdU5mFCpBZZmOltzsuT3u-9g4wk6QfUD07GjsDEcQf4DNb-gup_kY6v5D8Y5u2GPM5ZcFw_EfUT7tZD1HTd5OXIwdrV6OWSk2b5ZE30Xu0CtP7YtRff13Isde-_me7Ko_VidNj4G3UKYafT7HmGhYctP7OqH9Iz6qOqYLZ5jcCbI5XAeZYo8FMRuYB6nxphz-aZVn9QZvEy7B7wz61mmZu8LEaZruhnJxWhiyNAQ_W9kbthD2oJfW2zqy8mHVjna9dupjY6RWUp_Qo_agU0JUkHXiRp2pJoKdYdMuQerhpxRDt-PY9wdmoc8V-ztfireHxhNSD9pdNNuiVJ1wG9xmWEMl85tq3xfBEipqkq5KAUQ4wYxLroFHiEAICIRsWop-Gni8zKVCYlwf4gOFr5Yq-3hTmJ3-6_hnrGPoKErI-xyI7nJZAMgpRfOz6nh1EHg-cGoCJETRx-NoC8HxWBJiqVcPWlnzqsCQ4jPiSftft5hYfMyre6FhqlbNVKEsDHrlfvtNkHeRCgflS8X7PvQQY2JmhogsQEC5cmYt-UNGHbmraUY8UPLbHXqcbd-uMPHrADZ1qImCtepC4-IXHRyM2nnBn4pJ6NSYHzsh__w6VqBxnaO23-GhzHLc19AHhZnKQ_UVI0PpwJD5GOOlSgwqPvBZBkCSguHXESwyPTCtxSYUatJKqCUlmfw40Ug-c6b8A1eFfH0t-sToNl7ImVjIMp1SE3-wdhuAlCDFYju-saNG_cvdvp_TS7vCkYLyQTD7NXKjlRkBpH9sLo7GlzYvltD98vESwYflUdpo3K_ULl2VRKrIZy429C7HE4lQGRzkUeT5d3F-407wtd-R8oatZ7KshL5CzBLW8f2c5PVkEKeKCQ9tiGUd0jASNuixXRAYJ_Ixz7e3Q6YVIq-6aWt0ED75Dik0KB_1SJk9K4x0cyOavlTaCt9V-K_HRGKsEkF4TiYlY6C5IbHldSBCpCiwAZ00sUQl_29QuSK3CJsqjJ_iGG9c30qK8E_F4sK9gqUrresoAWAzofKZYcZEvDgC2VqUHOqWupMTYTDshb_8l77eCw97f2gdAR6HAbnT_QvLx28hb_QFAmr7gQY1AJaElNwBes3QHmeOsgEdBDXibGQ0qxHg28SwNWvxvkYwMQTD1m4q-Bg-rAfYYPLIhRKht1ea3_dswLEEDtKNiKlAFM54PYZ1KA4bpqAbMunrwP6FMk6AGoyCsH3BrIF9hfGH3L60VXhLcU0bX-iIIj5WSKLb3jXyVYxcY74GUo29NaqT3nz-bcs49zbxPFvVDAP9s8AK6qyMJihOeHAkeoTQHELQmWekFffAAg3x55C8A_Cdt_wlVnB4DlWIlY1MUCMM10Ay6jHAd1Td63AWYIJ87bLkqq9KY2fWIECQp9OutJ7Gyv50nY_shv17pyP_NFhpCyu4VYAD1NVkEFATULAUx2EWT8boKXvrUrjau3Q-Cnuu-3gryDfsHb10odf3MXkFRZOKxrc-vQV5rLW_p4djQfxfXpujYBKrhgz33MXM0JHvyFWMGLu1T1VXUHtjy7Lj6yDXZohlJeCHqWPID4peIL6AId5TThlPYFwtQUqFiHuDpZ-HmG6xA_VemwgcsbVSX6_Y2zYdkDbccCs3sguurTyib-GgyG74spcLZL6f_mqdRLzjcQnz_GtpeJPpxw5TIrV3ejW6g_8BMUOPgb7bWRl82b5ZiIODkHaDCEqEKJFROwBYpiy2R3BQknfkyKTWafzWR2BFpj0nZ250GFXTyWw-KqSam2cFWX2kEjCcblCD3H-wsHT5Ym5tDGi699pptnxy9za5mfC8Bh3QGdFQjLwCji2nUqV9ftNKA6xzVj7u6XeJACXIU1pmt21XXIu0oWoy2sdmiqoc7SrlugX6_ELNAwc_K911h1O0BoBHBfZaOpCJKoo-rKOo9tkUdrmdVRidH0KGgybXX2J24VrI8Vz7fKY3em4F56B3AgvnptsR4oPefNdNlDkcxQnbUdQISA1-P-OnSpdRAXhv0jW3wAs_jaeA4jihstY54RhtZHuU0CTsqqDIOQqgxjhg3r6d2cp1qLRVvEp0RD2PpMS1TYo-smavLXCy44b4vd7Y_w73HGMAR8_MdM5Yjr8OGKOgDZ-hccj8EIq39GSF2_g&cid=CAASJeRoBlEvIkuTzf-3K7AqqMl_mNfoTcv7qiiLHo73mb0fjMetV8A&rfl=1%2Chttps%253A%252F%252Fpostureinfohub.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 23:46:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5402
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 06 May 2022 23:46:32 GMT

GET
H3 200 abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220420/r20110914/ Frame 9680 25 KB
10 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220420/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 01:02:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 852
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9777
x-xss-protection: 0
server: cafe
etag: 12512753850102923420
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 07 May 2022 01:02:22 GMT

GET ads
securepubads.g.doubleclick.net/gampad/ 0
0

GET
H3 200 300x250.html
s0.2mdn.net/sadbundle/5005625392589963264/ Frame D082 45 KB
11 KB 30ms
15ms Document
text/html 2a00:1450:4001:828::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5005625392589963264/300x250.html?e=69&leftOffset=0&topOffset=0&c=c5A1nj3uNc&t=1&renderingType=2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 23 Apr 2022 01:16:34 GMT
expires: Sun, 23 Apr 2023 01:16:34 GMT
last-modified: Fri, 11 Feb 2022 09:35:50 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9680 0
466 B 65ms
51ms Ping
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssOlzLKE3cyHhJiIcD9wStRIL9FYL0kaOZ27DoqBPnLBlzojit-EC1FlW4QFNLr2sGCzfG9fEsv_KJGsvN-55SNcJceGOIKgKRtM9CrkexRVCwmZa4emGSAai1BTXonbrOEOjm-OvCiS56izKh-Z_fTd1uIQwpJk0NMSjitcL4OlSFGuZ5Vh2qDwhItZrEAvHQL7GD4szvfnFIZH-Om7rZBYKLf2Lv2kRxhYnyeB_6wJTmDbCv9gOZF7TVRyUg0jJAPmLkMA-4J2BBZ--tPUXOMwW2A2mkeRnZpTQBTVSAZvUfKkYUpOt3bAuC9cUTr-aqj_wtt-RYHupviS3Ce3-hnta3zTUzz-uPKbExUJ5dCTLpqjJfVexbW26gQLYGFdrgvYDjzVRqhkzobSDBr9WiU_YBYqgYATcLWcwcP6Ew_4zkipr1YyXKUMjq21BdB0UP5yMpJ1goBcnB2kRHc1uSxWMpsIs9S7srWUpnZiVQji2-tCZNi7lOnEQTBvOMW9jI-7tuQjWFzMq7QQJZNtzxBNgLkB7hQvFV3up4cNK4dK9fSbJRNhAbPKHdR8SEO8oSEvQUQnaEv3HdTn_NDyXPfNGWEWEfzCSKFnDfS7m0eXN0gW0sLyh1f7HWAyGMYIp6QIlMB9604XqpqSMSYE0Oq2303UdBxkl6b8WsTYQF8ViD3CYr6VQSjFXsQ71djbkFYgJeZxTK2toxatURHNnDTOtDPuU84BOunbDDXmASQksYiCuWu0Nk5YHu--3Floac9QYeIyjXLbkmKG6ssjOSPcExc-fvBdcCKYhxrdsa20fLigIM0nDxg2-hzEItuV8z_vS2USLqSzIu9fDDXvUK2YFdl2-tTXX2oMvcxPpkBKayNNBHUEWsPQxLnS4KFX0Ns4fwigzuEELevHH8rAIeVBTNKZvaG6F_ECUNTUh0cSP-GlhHji2nmXhi0vK7qZyIRBdn1jtMHSmKmGHkIDHIkctcC_5DVv0FJ7LA7w5Hdm0p3gCDNaNf36wY_fntmahy0K0SIT0g8Qn2LX4y5I06BmXP1CIAAAC-P_X397SIAH4Y5DLERRUmx0AYuGf_zwCcet4ZwwZazr1_LyycfLrB-9EmV7F4JINj18RlFSFVtycVS8Xifv0A5N0eDiYTwG704JNhbs2B4gSOtnm5mxIn7xofC2sRu6WTUKcCmYdJ2C7g1Y-K8F1vB1C1ArWs-ZybBx8q0DAo9GaPzXZNuuMO4epJefceZwChEq6KWNmHa0LpbAWdOGvIYgv6geK4vyP5eifmtbAXyO49u-B0W1EjroQ&sai=AMfl-YRhaMAGP5txvA5IdMqWd_TB-hakv6wZK_kSWyeaP8on9KcHlvzTgHQNVluT0JXsh2QwsIq0dJAgq2yPKEhy4oRyNz5nlSh6PQsH0JcD3AEVlaVAevLKcrRbQ58Vl_W1yw_qjzVNGwl_0bVLDNCGIOxkmRF9gJqx6eHSIQfXWxJwUWkD1GSh3biHjcMy0OaBKlNQHHfIAXqrm6c__SB5YWuY&sig=Cg0ArKJSzH3rnG64fzh6EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=272&cbvp=1&cstd=267&cisv=r20220420.87437&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: postureinfohub.com
URL: https://postureinfohub.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Sat, 23 Apr 2022 01:16:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 9680 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com
URL: https://bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 08:56:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 231614
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Apr 2023 08:56:20 GMT

GET
H3 200 cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame BBAE 1 KB
750 B 6ms
6ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com
URL: https://bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 69770
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 22 Apr 2022 05:53:44 GMT
etag: 48472445140208031
expires: Sat, 23 Apr 2022 05:53:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 9680 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 1B69 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 231614
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 20 Apr 2022 08:56:20 GMT
expires: Thu, 20 Apr 2023 08:56:20 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enabler_01_247.js
s0.2mdn.net/879366/ Frame D082 118 KB
40 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5005625392589963264/300x250.html?e=69&leftOffset=0&topOffset=0&c=c5A1nj3uNc&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5005625392589963264/300x250.html?e=69&leftOffset=0&topOffset=0&c=c5A1nj3uNc&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 15:41:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34516
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 23 Apr 2022 15:41:18 GMT

GET
H3 200 gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame D082 60 KB
24 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:828::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5005625392589963264/300x250.html?e=69&leftOffset=0&topOffset=0&c=c5A1nj3uNc&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5005625392589963264/300x250.html?e=69&leftOffset=0&topOffset=0&c=c5A1nj3uNc&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 01:16:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 23 Apr 2022 01:16:34 GMT

GET

sync
x.bidswitch.net/ul_cb/ Frame BBAE
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEJkAybs8O5iLQS4R9DNBkJc&google_cver=1&google_push=AYg5qPIHEXna4ngUVLvlGQPVhfWsBxC-XBJkb3DVlIE5ymODFpYmYa1fVjZE0KXnw-PhacJJVo3GUbUKb54NFQfYn7nF...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEJkAybs8O5iLQS4R9DNBkJc&google_cver=1&google_push=AYg5qPIHEXna4ngUVLvlGQPVhfWsBxC-XBJkb3DVlIE5ymODFpYmYa1fVjZE0KXnw-PhacJJVo3GUbUKb54NFQ...

0
0

GET /
s.uuidksinc.net/match/47/ Frame BBAE 0
0

GET UCookieSetPug
image6.pubmatic.com/AdServer/ Frame BBAE 0
0

GET us
sync.go.sonobi.com/ Frame BBAE 0
0

GET pixelmatch
ap.lijit.com/dsp/google/ Frame BBAE 0
0

GET

pixel
cm.g.doubleclick.net/ Frame BBAE
Redirect Chain

https://onetag-sys.com/sync/i,19/?google_gid=CAESEPdveA-eO8z3cbMRgecDOz4&google_cver=1&google_push=AYg5qPJq3RYtSTa7D3eCU6MeCzIjD6ydl6lbocKbKoMNrEzpQfIDumXuNIF5AiyxqQRqVyIwHIu-KV5T0F6l6pRvx3nfjt9eKdc
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJq3RYtSTa7D3eCU6MeCzIjD6ydl6lbocKbKoMNrEzpQfIDumXuNIF5AiyxqQRqVyIwHIu-KV5T0F6l6pRvx3nfjt9eKdc

0
0

GET

pixel
cm.g.doubleclick.net/ Frame BBAE
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEPdveA-eO8z3cbMRgecDOz4&google_cver=1&google_push=AYg5qPKX24Zo-24h4jgmHoxQU3xl9X427RAJveKwWe5nm41JuAJZA9djpbAvQM2PDRIR8twrGXU5VkOMjKu...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AYg5qPKX24Zo-24h4jgmHoxQU3xl9X427RAJveKwWe5nm41JuAJZA9djpbAvQM2PDRIR8twrGXU5VkOMjKuvLtFrNPQBMdjHpacXHw

0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame BBAE 0
12 B 16ms
15ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IngAg3UK2vS9JeAXfWC62mOPhpE55x3NBHrXlNrKGCNzSURAGu6ImLcqI4zk5qnyvqEoG-UA

Requested by

Host: bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com
URL: https://bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 01:16:34 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 d_XgMe7_8DX3JscHlpumBxzOcHqlAtWKp75Cu0r3_I4.js
pagead2.googlesyndication.com/bg/ Frame 1B69 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/d_XgMe7_8DX3JscHlpumBxzOcHqlAtWKp75Cu0r3_I4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 23:14:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7298
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13694
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Apr 2023 23:14:56 GMT

POST view
googleads4.g.doubleclick.net/pcs/ Frame 9680 0
0

GET army.gif
postureinfohub.com/porpoiseant/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2044522174654308&correlator=3890984366307599&eid=31067094%2C31065517&output=ldjh&gdfp_req=1&vrg=2022041801&ptt=17&impl=fifs&us_privacy=1---&iu_parts=1254144%3A22489788787%2Cpostureinfohub_com-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=250x250&ifi=15&adks=3513116733&sfv=1-0-38&ecs=20220423&ris=2&rcs=2&fsapi=false&prev_scp=a%3D%257C1%257C%26iid1%3D1099241015697677%26eid%3D1099241015697677%26t%3D134%26d%3D218032%26t1%3D134%26pvc%3D0%26ap%3D1156%26sap%3D1156%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dpostureinfohub_com-box-1-1099241015697677%26eb_br%3D2e8b8c60843e52e5aaa1e3a52287a2bb%26eba%3D1%26asau%3D6150187837%26bv%3D12%26bvm%3D0%26bvr%3D2%26shp%3D2%26ftsn%3D3%26acptad%3D1%26br1%3D8%26br2%3D90%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2526%2C2527%2C2761%2C2763%2C2764%2C2765%2C17%2C19%2C2351%2C2610%2C2688%2C17%2C18%2C19%2C1428%2C2351%2C2610%2C2688%2C2693%26lb%3D90%26reqt%3D1650676592659&eri=1&sc=1&cookie=ID%3De38dec53f7156b61%3AT%3D1650676588%3AS%3DALNI_MZrffBg8jS5Hq1aQ_Mv1zWn7xFEOA&abxe=1&dt=1650676593677&lmt=1650676593&dlt=1650676588375&idt=262&biw=1600&bih=1200&adxs=1109&adys=244&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fpostureinfohub.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=332x-1&msz=250x-1&fws=4&ohw=1600&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1728887753.1650676589&ga_sid=1650676589&ga_hid=1812489242&ga_fc=true&btvi=0&nvt=1

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2044522174654308&correlator=2492708597978566&eid=31067094%2C31065517&output=ldjh&gdfp_req=1&vrg=2022041801&ptt=17&impl=fifs&us_privacy=1---&iu_parts=1254144%3A22489788787%2Cpostureinfohub_com-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90&ifi=16&adks=3506309094&sfv=1-0-38&ecs=20220423&ris=1&rcs=3&fsapi=false&prev_scp=a%3D%257C1%257C%26iid1%3D7376814837707077%26eid%3D7376814837707077%26t%3D134%26d%3D218032%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D4%26at%3Dmbf%26adr%3D399%26ezosn%3D4%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dpostureinfohub_com-medrectangle-2-7376814837707077%26eb_br%3D9c3e4ee8eae7f1433cb2fe69b1326605%26eba%3D1%26asau%3D6150187837%26bv%3D23%26bvm%3D0%26bvr%3D3%26shp%3D1%26ftsn%3D3%26br1%3D4%26br2%3D100%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2526%2C2527%2C2763%2C2764%2C2765%2C17%2C2351%2C2610%2C2761%2C17%2C19%2C2351%2C2610%2C2688%2C2693%2C2761%2C17%2C18%2C19%2C1428%2C2351%2C2610%2C2688%2C2693%2C2761%26lb%3D36%26reqt%3D1650676594205&eri=1&sc=1&cookie=ID%3De38dec53f7156b61%3AT%3D1650676588%3AS%3DALNI_MZrffBg8jS5Hq1aQ_Mv1zWn7xFEOA&abxe=1&dt=1650676594256&lmt=1650676594&dlt=1650676588375&idt=262&biw=1600&bih=1200&adxs=315&adys=1110&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fpostureinfohub.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=970x-1&msz=970x-1&fws=516&ohw=1600&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1728887753.1650676589&ga_sid=1650676589&ga_hid=1812489242&ga_fc=true&btvi=0&nvt=1

Domain: x.bidswitch.net
URL: https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEJkAybs8O5iLQS4R9DNBkJc&google_cver=1&google_push=AYg5qPIHEXna4ngUVLvlGQPVhfWsBxC-XBJkb3DVlIE5ymODFpYmYa1fVjZE0KXnw-PhacJJVo3GUbUKb54NFQfYn7nFph88Wp4

Domain: s.uuidksinc.net
URL: https://s.uuidksinc.net/match/47/?remote_uid=CAESELNUpaG-hlprbPxOP6MNzG8&c_param1=AYg5qPJDU55ffugmKjnPe1zbUKKcWENJUm4BkUdWu4nh42gBE4-Sdtd0ZgS69l5EMA-UMO9AzVG8H4a3ETVKLdpB7DLA1DoZhPPP&google_cver=1

Domain: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKRN9PnJDn6mdG5OluwlnfI&google_cver=1&google_push=AYg5qPL8mRGvy4ntKXo4Ca_V5Ak5JraCBYpY7Y9Fxtn0i4hdLEBgY-OabX7mM3B6Ok1C23dMhYZNWXN6IsHzVkxdi6vXb-mvTnA

Domain: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAYg5qPJMQObFs7oP5Bf6OCSHHVvuHgsNSEddJGUQ4qrn6y_FqPI-mv0PuDBs4pLJMu-ahiVmsLbX36o2izSvo2yLBIobdXF4P9g%26google_hm%3D%5BUID%5D&google_gid=CAESEHFyzw7KdCjdrpZ5zT_v9UE&google_cver=1

Domain: ap.lijit.com
URL: https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEJ6uLY67MNt6wpiBTDcNi9g&google_cver=1&google_push=AYg5qPI9nUMqc-lvZ3rPlHT_qikwhxjwCSkWdlVCG06515GZ1NBmZ_M4FhAvu1DSy8kC5-w4XaDE9v8ejBXz__e2HvUgNNumf6SO

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJq3RYtSTa7D3eCU6MeCzIjD6ydl6lbocKbKoMNrEzpQfIDumXuNIF5AiyxqQRqVyIwHIu-KV5T0F6l6pRvx3nfjt9eKdc

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AYg5qPKX24Zo-24h4jgmHoxQU3xl9X427RAJveKwWe5nm41JuAJZA9djpbAvQM2PDRIR8twrGXU5VkOMjKuvLtFrNPQBMdjHpacXHw

Domain: googleads4.g.doubleclick.net
URL: https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssOlzLKE3cyHhJiIcD9wStRIL9FYL0kaOZ27DoqBPnLBlzojit-EC1FlW4QFNLr2sGCzfG9fEsv_KJGsvN-55SNcJceGOIKgKRtM9CrkexRVCwmZa4emGSAai1BTXonbrOEOjm-OvCiS56izKh-Z_fTd1uIQwpJk0NMSjitcL4OlSFGuZ5Vh2qDwhItZrEAvHQL7GD4szvfnFIZH-Om7rZBYKLf2Lv2kRxhYnyeB_6wJTmDbCv9gOZF7TVRyUg0jJAPmLkMA-4J2BBZ--tPUXOMwW2A2mkeRnZpTQBTVSAZvUfKkYUpOt3bAuC9cUTr-aqj_wtt-RYHupviS3Ce3-hnta3zTUzz-uPKbExUJ5dCTLpqjJfVexbW26gQLYGFdrgvYDjzVRqhkzobSDBr9WiU_YBYqgYATcLWcwcP6Ew_4zkipr1YyXKUMjq21BdB0UP5yMpJ1goBcnB2kRHc1uSxWMpsIs9S7srWUpnZiVQji2-tCZNi7lOnEQTBvOMW9jI-7tuQjWFzMq7QQJZNtzxBNgLkB7hQvFV3up4cNK4dK9fSbJRNhAbPKHdR8SEO8oSEvQUQnaEv3HdTn_NDyXPfNGWEWEfzCSKFnDfS7m0eXN0gW0sLyh1f7HWAyGMYIp6QIlMB9604XqpqSMSYE0Oq2303UdBxkl6b8WsTYQF8ViD3CYr6VQSjFXsQ71djbkFYgJeZxTK2toxatURHNnDTOtDPuU84BOunbDDXmASQksYiCuWu0Nk5YHu--3Floac9QYeIyjXLbkmKG6ssjOSPcExc-fvBdcCKYhxrdsa20fLigIM0nDxg2-hzEItuV8z_vS2USLqSzIu9fDDXvUK2YFdl2-tTXX2oMvcxPpkBKayNNBHUEWsPQxLnS4KFX0Ns4fwigzuEELevHH8rAIeVBTNKZvaG6F_ECUNTUh0cSP-GlhHji2nmXhi0vK7qZyIRBdn1jtMHSmKmGHkIDHIkctcC_5DVv0FJ7LA7w5Hdm0p3gCDNaNf36wY_fntmahy0K0SIT0g8Qn2LX4y5I06BmXP1CIAAAC-P_X397SIAH4Y5DLERRUmx0AYuGf_zwCcet4ZwwZazr1_LyycfLrB-9EmV7F4JINj18RlFSFVtycVS8Xifv0A5N0eDiYTwG704JNhbs2B4gSOtnm5mxIn7xofC2sRu6WTUKcCmYdJ2C7g1Y-K8F1vB1C1ArWs-ZybBx8q0DAo9GaPzXZNuuMO4epJefceZwChEq6KWNmHa0LpbAWdOGvIYgv6geK4vyP5eifmtbAXyO49u-B0W1EjroQ&sai=AMfl-YRhaMAGP5txvA5IdMqWd_TB-hakv6wZK_kSWyeaP8on9KcHlvzTgHQNVluT0JXsh2QwsIq0dJAgq2yPKEhy4oRyNz5nlSh6PQsH0JcD3AEVlaVAevLKcrRbQ58Vl_W1yw_qjzVNGwl_0bVLDNCGIOxkmRF9gJqx6eHSIQfXWxJwUWkD1GSh3biHjcMy0OaBKlNQHHfIAXqrm6c__SB5YWuY&sig=Cg0ArKJSzH3rnG64fzh6EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=359&vt=11&dtpt=87&dett=3&cstd=267&cisv=r20220420.87437&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Domain: postureinfohub.com
URL: https://postureinfohub.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTA5OTI0MTAxNTY5NzY3NyIsImRvbWFpbl9pZCI6IjIxODAzMiIsInVuaXQiOiJkaXYtZ3B0LWFkLXBvc3R1cmVpbmZvaHViX2NvbS1ib3gtMS0wIiwidF9lcG9jaCI6MTY1MDY3NjU4OCwiYWRfcG9zaXRpb24iOjExNTYsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiNDk0Nzc1MzQtMTk1ZS00MDg1LTdiMGItNjBmNzRiOTE4ODI3IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6IndvcmRzX2JlZm9yZSIsInZhbCI6IjMwIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI5MDA5OTI5NDM3NDQzOTkiLCJkb21haW5faWQiOiIyMTgwMzIiLCJ1bml0IjoiZGl2LWdwdC1hZC1wb3N0dXJlaW5mb2h1Yl9jb20tYmFubmVyLTItMCIsInRfZXBvY2giOjE2NTA2NzY1ODgsImFkX3Bvc2l0aW9uIjoxMTYxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6IjQ5NDc3NTM0LTE5NWUtNDA4NS03YjBiLTYwZjc0YjkxODgyNyIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ0ODYsImRhdGEiOlt7Im5hbWUiOiJ3b3Jkc19iZWZvcmUiLCJ2YWwiOiIyNjUifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjczNzY4MTQ4Mzc3MDcwNzciLCJkb21haW5faWQiOiIyMTgwMzIiLCJ1bml0IjoiZGl2LWdwdC1hZC1wb3N0dXJlaW5mb2h1Yl9jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2NTA2NzY1ODgsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6IjQ5NDc3NTM0LTE5NWUtNDA4NS03YjBiLTYwZjc0YjkxODgyNyIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJ3b3Jkc19iZWZvcmUiLCJ2YWwiOiIyNjIifV0sImlzX29yaWciOmZhbHNlfV0=

Domain: postureinfohub.com
URL: https://postureinfohub.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTA5OTI0MTAxNTY5NzY3NyIsImRvbWFpbl9pZCI6IjIxODAzMiIsInVuaXQiOiJkaXYtZ3B0LWFkLXBvc3R1cmVpbmZvaHViX2NvbS1ib3gtMS0wIiwidF9lcG9jaCI6MTY1MDY3NjU4OCwiYWRfcG9zaXRpb24iOjExNTYsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiNDk0Nzc1MzQtMTk1ZS00MDg1LTdiMGItNjBmNzRiOTE4ODI3IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6InBvc194IiwidmFsIjoiMTEwOSJ9LHsibmFtZSI6InBvc195IiwidmFsIjoiMjQ0In0seyJuYW1lIjoiaXNfZmxvYXRpbmciLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiOTAwOTkyOTQzNzQ0Mzk5IiwiZG9tYWluX2lkIjoiMjE4MDMyIiwidW5pdCI6ImRpdi1ncHQtYWQtcG9zdHVyZWluZm9odWJfY29tLWJhbm5lci0yLTAiLCJ0X2Vwb2NoIjoxNjUwNjc2NTg4LCJhZF9wb3NpdGlvbiI6MTE2MSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI0OTQ3NzUzNC0xOTVlLTQwODUtN2IwYi02MGY3NGI5MTg4MjciLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NDg2LCJkYXRhIjpbeyJuYW1lIjoicG9zX3giLCJ2YWwiOiIxMDY3In0seyJuYW1lIjoicG9zX3kiLCJ2YWwiOiIxMTI1In0seyJuYW1lIjoiaXNfZmxvYXRpbmciLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNzM3NjgxNDgzNzcwNzA3NyIsImRvbWFpbl9pZCI6IjIxODAzMiIsInVuaXQiOiJkaXYtZ3B0LWFkLXBvc3R1cmVpbmZvaHViX2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTY1MDY3NjU4OCwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiNDk0Nzc1MzQtMTk1ZS00MDg1LTdiMGItNjBmNzRiOTE4ODI3IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6InBvc194IiwidmFsIjoiMCJ9LHsibmFtZSI6InBvc195IiwidmFsIjoiMTEwNCJ9LHsibmFtZSI6ImlzX2Zsb2F0aW5nIiwidmFsIjoidHJ1ZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==

Verdicts & Comments Add Verdict or Comment

320 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

37 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.postureinfohub.com/	1970-01-20 02:31:18	Name: ezoadgid_218032 Value: -1
.postureinfohub.com/	1970-01-20 02:31:23	Name: ezoref_218032 Value:
.postureinfohub.com/	1970-01-20 11:16:52	Name: ezosuibasgeneris-1 Value: dd67f600-db74-4153-5ddb-aed05764f9c5
.postureinfohub.com/	1970-01-20 02:31:23	Name: ezoab_218032 Value: mod1
.postureinfohub.com/	1970-01-20 02:34:09	Name: active_template::218032 Value: pub_site.1650676588
.postureinfohub.com/	1970-01-20 02:31:18	Name: ezopvc_218032 Value: 1
.postureinfohub.com/	1970-01-20 02:32:42	Name: ezepvv Value: 1427
.postureinfohub.com/	1970-01-20 02:31:18	Name: ezovid_218032 Value: 764140844
.postureinfohub.com/	1970-01-20 02:31:18	Name: lp_218032 Value: https://postureinfohub.com/
.postureinfohub.com/	1970-01-20 02:34:09	Name: ezovuuidtime_218032 Value: 1650676588
.postureinfohub.com/	1970-01-20 02:31:18	Name: ezovuuid_218032 Value: 4fb60f9b-1bad-4c1d-635e-3bb6251aaeeb
postureinfohub.com/	1970-01-22 15:50:28	Name: ezds Value: ffid%3D1%2Cw%3D1600%2Ch%3D1200
postureinfohub.com/	1970-01-22 15:50:28	Name: ezohw Value: w%3D1600%2Ch%3D1200
postureinfohub.com/	1969-12-31 23:59:59	Name: ezouspvv Value: 0
.quantserve.com/	1970-01-20 12:01:30	Name: mc Value: 6263536c-bc211-5cdb7-ee5f5
.postureinfohub.com/	1970-01-20 11:55:45	Name: __qca Value: P0-1291458293-1650676588750
.postureinfohub.com/	1970-01-20 20:02:28	Name: _ga_E15G21MEWF Value: GS1.1.1650676588.1.0.1650676588.0
.postureinfohub.com/	1970-01-20 20:02:28	Name: _ga Value: GA1.2.1728887753.1650676589
.postureinfohub.com/	1970-01-20 02:32:42	Name: _gid Value: GA1.2.184884041.1650676589
.postureinfohub.com/	1970-01-20 02:31:16	Name: _gat_gtag_UA_155296293_1 Value: 1
.postureinfohub.com/	1970-01-20 11:52:52	Name: __gads Value: ID=e38dec53f7156b61:T=1650676588:S=ALNI_MZrffBg8jS5Hq1aQ_Mv1zWn7xFEOA
postureinfohub.com/	1970-01-20 11:16:52	Name: ezux_lpl_218032 Value: 1650676589576\|49477534-195e-4085-7b0b-60f74b918827\|false
.doubleclick.net/	1970-01-20 11:52:52	Name: IDE Value: AHWqTUm1UAl5vCiwEP_GENnGg5mp6L25FiGGP62o_N_kDB54JWaN29aeEStr744DGYs
.postureinfohub.com/	1970-01-20 11:16:52	Name: FCNEC Value: [["AKsRol-h1wfskhXpA0Bf6qf0Typ3FnoIcRNVSgodiqBwxUCtRn4Bn6Q5GCDt3n9L7G4k0wEKjybXbf4z3VjigSR3Mpkiq7b4Rj9tQMcNeBGI2fttl_QHYCIEx9BK725DgznXscf80FMZerJMGHgdlvIGUxOPWet28Q=="],null,[]]
postureinfohub.com/	1969-12-31 23:59:59	Name: ezouspva Value: 1
.blismedia.com/	1970-01-20 11:16:56	Name: b Value: 6263536E527AF66AC2C9442EBLIS
.sniperlog.ru/	1970-01-20 15:28:52	Name: guid Value: C485E798685C3F4
.ads.avads.net/	1970-01-20 12:11:35	Name: av-mid Value: fa687012-43a5-4c29-b277-d23cf4f61d89
.ads.avads.net/	1970-01-20 02:51:26	Name: av-tp-gadx Value: 1
.rutarget.ru/	1970-01-20 06:50:28	Name: userId Value: E-Mlu71elBt2
.tribalfusion.com/	1970-01-20 04:40:52	Name: ANON_ID Value: aans6Ex2eNkSE0U7bdfvgt9qZbpRmOyl1SQIUUbQECOPpQF1of9nZbTs9HAlhjcDjnIws3vmB1UDuq3xlhPTeO
.adsby.bidtheatre.com/	1970-01-20 02:41:21	Name: __kuid Value: 92551d9e-644f-45ef-9da1-e5cc27c31539.419890591
postureinfohub.com/	1970-01-20 03:14:28	Name: _pbjs_userid_consent_data Value: 3524755945110770
.adnxs.com/	1970-01-20 04:40:52	Name: icu Value: ChgIkfo_EAoYASABKAEw8aaNkwY4AUABSAEQ8aaNkwYYAA..
.adnxs.com/	1970-01-20 04:40:52	Name: uuid2 Value: 1145049849124010694
.a-mo.net/	1970-01-20 11:16:52	Name: amuid2 Value: 325392f6-04f8-420c-ab9f-f242548d81a4
pb-server.ezoic.com/	1970-01-20 04:40:52	Name: uids Value: eyJ0ZW1wVUlEcyI6eyJhbXgiOnsidWlkIjoiMzI1MzkyZjYtMDRmOC00MjBjLWFiOWYtZjI0MjU0OGQ4MWE0IiwiZXhwaXJlcyI6IjIwMjItMDUtMDdUMDE6MTY6MzMuNzUyNzMxNzk0WiJ9fSwiYmRheSI6IjIwMjItMDQtMjNUMDE6MTY6MzMuNzUyNzI4MjMxWiJ9

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ads.avads.net
adservice.google.com
adservice.google.de
ap.lijit.com
api.fouanalytics.com
bf5ddfc0000d769dd7342eada396c309.safeframe.googlesyndication.com
bid.contextweb.com
capi-tier-2-us-east-2.connatix.com
capi.connatix.com
cd.connatix.com
cdn-2.postureinfohub.com
cds.connatix.com
cm.g.doubleclick.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fundingchoicesmessages.google.com
go.ezodn.com
go.ezoic.net
google-sync.rutarget.ru
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hb-api.omnitagjs.com
ib.adnxs.com
image6.pubmatic.com
imasdk.googleapis.com
img.connatix.com
match.adsby.bidtheatre.com
pagead2.googlesyndication.com
partner.googleadservices.com
pb-server.ezoic.com
pixel.quantserve.com
postureinfohub.com
prebid.a-mo.net
prebid.smilewanted.com
rules.quantcount.com
s.tribalfusion.com
s.uuidksinc.net
s0.2mdn.net
secure.quantserve.com
securepubads.g.doubleclick.net
sync.go.sonobi.com
sync3.sniperlog.ru
tpc.googlesyndication.com
tr.blismedia.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
ap.lijit.com
cm.g.doubleclick.net
googleads4.g.doubleclick.net
image6.pubmatic.com
postureinfohub.com
s.uuidksinc.net
securepubads.g.doubleclick.net
sync.go.sonobi.com
x.bidswitch.net
104.22.68.131
142.250.186.130
147.75.38.124
151.101.194.137
159.65.196.12
172.217.18.98
18.159.80.129
18.192.242.35
18.218.108.208
185.255.84.150
185.33.220.145
23.35.236.247
2600:9000:2156:3600:2:cb38:840:93a1
2600:9000:2156:5c00:6:44e3:f8c0:93a1
2606:4700:3031::6815:3793
2606:4700:3033::6815:3a2a
2606:4700:4400::ac40:98f5
2620:116:800d:21:fcb8:22d2:d390:5f1b
2a00:1450:4001:803::200a
2a00:1450:4001:809::2003
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:811::2002
2a00:1450:4001:811::2004
2a00:1450:4001:812::2002
2a00:1450:4001:812::2008
2a00:1450:4001:828::2006
2a00:1450:4001:829::2001
2a00:1450:4001:829::200a
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2002
2a00:1450:4001:831::200e
2a06:98c1:3120::7
31.172.81.160
34.96.105.8
35.205.207.25
74.214.196.131
80.64.106.150
02915719f7242ed13cfa8a7368b77f15295a6472874bff52aff65c0970315df4
02d0e2a1c3fa6ca74e7d804d9e83a2a668bf406c3f9a4074b025778d2d6cf6ca
073d13119d19ef3bed0baa15848269e79ef9448660aab4d8913c782c596d6fd3
080e5601078819b7f6e65224dd51e9bf010e30a22c37ba95281efef78800800b
08f33897d80b04fa8fea8f88fae97f11e39fd640af1591661c81f103868ca46a
0920eba9e0817885e18e9d813525532e77dfafc04943af8a3ea37c813e9501b5
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bfa346d7611b406e1c95c3ae1c7bd1a9a7c5340a7a197842f0005f7380546be
0d1a1920a63de28b1d2fc86fb4aa6b642fe47c856aedbb286dc48f321681864b
10d4b728888654e0b85c706a9310b551087d3321fb8ebfff147d07b13fa73bf0
1240106b570dda5fdb8cf5e703d20b1068194eb2f18795e20fa85fcb96108fdb
125736671ff4b7df323f501227745905212ce08772352db41a9ee2475a8399f5
168ebd89f3a9ffb66f609bdf01034cb2dd90af136676fde9193abb2ac0e517f4
19939ee45ae6d3a60bf3612c0c2b338f9be33a67a65f88ef03ff224af45eff80
19ede6d9e804c8651d1a03850401c29716427827ad0aa2308ce140c076d2c566
1bf6c652267a140913fbd4ef79e3943f129c5d26dd38fcec8de9664b4180c96d
1cfddb71fe3ddaec9a44e9688d4484499217fce341a8e244ae5128cc7f1d90d7
294d469e73c0d495bf74e979c340d8c18a45d4b2bc8de4a651a495c0e0b3fd90
2b4c726433fe66ef3c033576e87b1ddbb18950d60f72679a58d6f2afe346d329
2b7cd21726525c284e26d898f1bf3fb19cf28256608c1da91ca231463f3a0f3a
2c5d23f0dc92f851fcd7ca54b20b6de36d56a0104ff9681959e781d328e985aa
2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396
31e46a485be66da172d95fd7d8abf26fa35b65b78748b0c4b0af3108d98a4032
340b20f9ff6d073c2fea911631d8a6e13af185d983cbe842ddca27df91d0f295
3a4f8d711adc0905d293a96f06d9a7fcadbe5d642410b835065c7359c9d1751b
3b94b6f798453eb2a87e54efd5f67936c01a55dd5289f4ae1e052ef6044de8ee
3e3958e7262adb6a91845204a9f4541f99b1e4ff43cc54d24324daf98ba53c26
47cdcd407305ca24a134b0920ed07569ec7c7c417e169ba9df291f0b7f6834d6
4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98
4ad64a2b0dfb4643a375069469ef6c8c4f7d65944d94aa7d6f83ec1331d6a011
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cac2b6e631ea1278d68a318d3c4a48d77699bcea2fe5f5422eb09e5b6a7df11
4d30b67217580f6bda6b6c7ad2467d1a28cb5f5aacee799071b8c08c403af3a2
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
52734ffc9ed5c328ac20a2b1bd1177ade6dd2a4279d2445547fffdd5d1f5e2c4
52c949d45ad0fa1015d43e96f5012e1c98a0dfba9958625e216b45ba21849209
559539863676ce8b7493956a42958ab940d9b1fe8587e23d56832a56d8369dc3
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a8ecf03f117a4cc9288354285445180a6cd2c1fce370521c4ff0813cb843efd
5c3c4b20f3096c37f00d79fe0c4234f888926728ba3eddd94c8d6395266741f7
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
612b2d62aa0a911b94aebf2dec4c6bfad52cc444fc0eeea3fa41832dc1e1df75
61b2100a8748346132ab227b5cbb6710c66aa8ed5c6caf241e1d85e7bcc049bf
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62d0470a5034e5ef49d9f25beb651d9a7f52fb14bf7704d0e83a27253b51adf8
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ca44caa743f976b97e6bbca105b2ba1493a8695d8552738700e00433e24044b
6f059aaed513b7ed93a1d3d01c5231fd32d06c939129fd3ddcc3d2efa57b590b
6f2d4d11b1c4aab7786a7e7b1dfbf038e28f4afa170e99cb6138a131136b7d35
73d8828126ae3435ffef589ef431c970da716ddfd04f6fc3bcdbbf0d1f54b4f0
75722c04583ae0f35608e61329e69348677705838dde9289b4bbda495e6d31b4
77f5e031eefff035f726c707969ba6071cce707aa502d58aa7be42bb4af7fc8e
7a05542d728b360ce8f1e0491d01030c5809ae2f2b8a133c28bd63eaf71a21c8
7a108193a3c54e5c07c1207c0e38b0279d9cddc0fb844fdbdcaf82629ec69eb8
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7c15f7ee042c9838a02bd4c09c4536fdeeab8072137a9b6e64c3d1ecc79d8f88
7c39dbe95379fae8c06c18f8f9c8947ed55f8213fa8695073b2863c4a8ba4e85
7c648ea5194eb437aaa123f7c1aed2a6096cef35dd8c70f0284c16f363ab54ce
7dd5e00e8359ee3c69493eb0693c1fb8756bb0e70fc8ab62a1fd77d5c992c4eb
7fa71b1deeb52fcab7272afae24d64bc9f091c0aee76cbe4b6b94db394cb9f26
847718d1cf7cb93d051b062093829dbfe4428c84e54b114b50d439f283f1b86f
849c7fcd2fb6a7f85ed1dca58cfc0f0de473c79c4a422a1e03de916d05cf8f61
8731237f3331dce1906ec72207570ecdda171bb3ed909d0e644f35fd70916e01
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468
8f8a9c03e1f92cc5821a36d3ec2a76dbd868f6fc10dac1d9fff3a64f159cf99a
90e717aca5b7ac2b6eb566d3178db0baa199f25dd848fc7c9ac6992d67a281a3
94edf973e9deb80b5eccf17f8f3108eafe15209fe25fe417e8f8962a4d8f48b3
97bf5749190f524898f4ba631cf8f8ed7ff90c2a05c02e032ca554b0ae03345f
97fffd10ae09fcb84da570665efdc630991743dc2eb0e1c49d4f4b105bc2d68f
9a5067e4910e34cb5b10f21eabfde32ab7c6e8da1b7d84dc3add4b979b66ebc1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
9ffd1008561e9126f578f470969fbe3cb0fec387992b79f1977f4daa0547fdfd
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3d9d28eb71a5da47c2e238d6249c1fef88e9429870d25d155ce882deeeb024d
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a525824d7672e22ce39795da065ac4ef98058bebc829124c84b7bb67e4243029
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c
a9a97835a1defab41dd69558db397bb1d5d90a77f75917c9308582caeb88a97e
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
ac0fc2b68d8fd9930ce6e2d781b7e76dd2c2d59cf94b00891c0d3026920487e8
ae24abe473be4c55361dbca393444102cf3aba1b60bf855009f52f4fda2b07f5
b0504286aed51a5def1a80aa288095f148f620184744b3749eed5f34ac310598
b58745444487eb62b6b6f51e9554512fd70002b581320a1651fe669f88dab66f
b600e7a9de4cffca6d4ea20e5b47a23f2762eaa3b6265138c96782426d4fe303
c234c061413c6ed6f6a8db9344d5f47f196ffbb3f5c2a4d4a52e3ef55bd7a125
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c477d2f82c191b86231d1842e95b2bcd837a6384c216b68801ab5c8cfe404387
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15
c9219320c936753eb8d6060058f4bfc967c95cea82f7b929f7483291e91880dc
ca04d26010ca412e51fc3fd8d4912543db0adfc724c18269645cf643629a367b
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb89ff207f3df982fda2c609ef71fe7adb48165eb406d482c9210974811d8b8c
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
cd34e05bb1f519e7ac782586ff5edae2f8f3d5b30b483d63a7a5f42c5188c0b2
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d14b3c60ddf5ba719cc80defbca97f207fbbefd3c57ca8636b9cb20a5562ffe7
d3eab7425840b3ed6c456fb94bb88cd0c7ce69a908b29c303dcbe89ffb53c836
d41a99cfbb622d566268df5c305b01494dd30c20c75b0ff05aaaf67571d880c5
d92bd906f0bd475afa7747a41c21b11fde8beb27d8c475f5db0335dd1d4f3d30
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd0e6b4f944ff475fcb9d920e9a9539d0441b252cb1a3c09895791130f0d7cb6
e1a156c3daa4ae0c41f21ef266131ca5a34d56695e3d860b232da142ef031234
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e456c05c302391cdfda9f2fbbc85d5bcb083fd1a60e1ed85d4a5e6581420f745
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e79ff5fb403dfd221e1b8a531424bb7579536c61b54839ab8e77ba322a9b212a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2e3293c1558e5b49e30e1e094cfc3412ec386a68067aee04a92fc913f2c2ce
f12dcfcf6470c60d1f46bc73a50e4561eaf4302d1ebbbf48e7af51f80801e6f6
f27af84a93dad4766e05cd00bef6813b0743dc348c693e5c27554c417f7a6a8e
f748110cf8280254c6705d7cf18de8b04369c521d9db43e63897e531c283578d
ffb648200f12e9e83c7a7d94892271c74f23b39d6f77b9df5e21c96166a41ecb

postureinfohub.com Open in urlscan Pro 18.159.80.129 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

214 Requests

89 %HTTPS

56 %IPv6

36 Domains

51 Subdomains

34 IPs

7 Countries

2681 kBTransfer

7633 kBSize

37 Cookies

2 Outgoing links

Page URL History

Redirected requests

214 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

postureinfohub.com Open in urlscan Pro
18.159.80.129 Public Scan

Screenshot
Live screenshot

Full Image

214
Requests

89 %
HTTPS

56 %
IPv6

36
Domains

51
Subdomains

34
IPs

7
Countries

2681 kB
Transfer

7633 kB
Size

37
Cookies

214 HTTP transactions
5 data transactions