posthereads.com Open in urlscan Pro
2a06:98c1:3120::7 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://posthereads.com/395/posts/7-Tickets/63-Travel/1143025-Alaska-Airlines-Baggage-Policy-1-844-460-3598.html
Submission: On April 15 via manual (April 15th 2022, 12:18:15 pm UTC) from IN — Scanned from DE

Summary HTTP 107 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 26 IPs in 6 countries across 18 domains to perform 107 HTTP transactions. The main IP is 2a06:98c1:3120::7, located in United States and belongs to CLOUDFLARENET, US. The main domain is posthereads.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 21st 2021. Valid for: a year.

This is the only time posthereads.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	2a06:98c1:312... 2a06:98c1:3120::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	184.87.212.24 184.87.212.24	16625 (AKAMAI-AS) (AKAMAI-AS)
5	23.35.236.122 23.35.236.122	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	23.35.237.151 23.35.237.151	16625 (AKAMAI-AS) (AKAMAI-AS)
12	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9d	15169 (GOOGLE) (GOOGLE)
1	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
3	103.229.205.242 103.229.205.242	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	2a02:2638::2 2a02:2638::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a02:2638:1::4 2a02:2638:1::4	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:1::2 2a02:2638:1::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
21	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	178.250.2.148 178.250.2.148	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	178.250.0.162 178.250.0.162	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	104.92.107.192 104.92.107.192	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.79.88.164 104.79.88.164	16625 (AKAMAI-AS) (AKAMAI-AS)
1	35.163.38.109 35.163.38.109	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
107	26

10 2a06:98c1:3120::7 (United States)

ASN13335 (CLOUDFLARENET, US)

posthereads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.87.212.24 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a184-87-212-24.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.35.236.122 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-122.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.237.151 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-151.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 103.229.205.242 (Singapore)

ASN30419 (MEDIAMATH-INC, US)

tags.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 178.250.0.162 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.92.107.192 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-107-192.deploy.static.akamaitechnologies.com

creative.mathads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.79.88.164 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-79-88-164.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.163.38.109 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-163-38-109.us-west-2.compute.amazonaws.com

endpoint1.collection.us2.sumologic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	criteo.net static.criteo.net — Cisco Umbrella Rank: 632 csm.eu.criteo.net — Cisco Umbrella Rank: 7420	876 KB
21	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 98 tpc.googlesyndication.com — Cisco Umbrella Rank: 128	228 KB
12	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 40 stats.g.doubleclick.net — Cisco Umbrella Rank: 95	48 KB
10	posthereads.com posthereads.com	75 KB
9	criteo.com rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 13058 ads.eu.criteo.com — Cisco Umbrella Rank: 7422 rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 11325 cat.nl.eu.criteo.com — Cisco Umbrella Rank: 9555	54 KB
5	mathtag.com tags.mathtag.com — Cisco Umbrella Rank: 2919 pixel.mathtag.com — Cisco Umbrella Rank: 1233	6 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 176	145 KB
4	addthis.com s7.addthis.com — Cisco Umbrella Rank: 1487 m.addthis.com — Cisco Umbrella Rank: 1411	141 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 77 www.google.com — Cisco Umbrella Rank: 4	2 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 7579	914 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	20 KB
1	sumologic.com endpoint1.collection.us2.sumologic.com — Cisco Umbrella Rank: 10885
1	mathads.com creative.mathads.com — Cisco Umbrella Rank: 11870	143 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 794	646 B
1	addthisedge.com v1.addthisedge.com — Cisco Umbrella Rank: 1691	207 B
1	moatads.com z.moatads.com — Cisco Umbrella Rank: 390	1 KB
1	media.net contextual.media.net — Cisco Umbrella Rank: 527	55 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	38 KB
107	18

	Domain	Requested by
21	static.criteo.net	ads.eu.criteo.com
11	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
11	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
10	pagead2.googlesyndication.com	posthereads.com pagead2.googlesyndication.com www.googletagservices.com tpc.googlesyndication.com
10	posthereads.com	posthereads.com
6	csm.eu.criteo.net	ads.eu.criteo.com
4	www.googletagservices.com	googleads.g.doubleclick.net
3	cat.nl.eu.criteo.com	ads.eu.criteo.com
3	ads.eu.criteo.com	googleads.g.doubleclick.net
3	tags.mathtag.com	googleads.g.doubleclick.net
3	s7.addthis.com	posthereads.com s7.addthis.com
2	pixel.mathtag.com	googleads.g.doubleclick.net
2	rtb.nl.eu.criteo.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	www.google.com	tpc.googlesyndication.com
1	endpoint1.collection.us2.sumologic.com	googleads.g.doubleclick.net
1	creative.mathads.com	googleads.g.doubleclick.net
1	rtb.fr.eu.criteo.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	z.moatads.com	s7.addthis.com
1	contextual.media.net	posthereads.com
1	www.googletagmanager.com	posthereads.com
107	27

This site contains links to these domains. Also see Links.

Domain
www.addthis.com
www.diigonews.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-05-21` - `2022-05-20`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-27` - `2023-02-28`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-11-27` - `2022-11-29`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.mathtag.com DigiCert SHA2 Secure Server CA	`2020-04-15` - `2022-04-22`	2 years	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-13` - `2022-06-09`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-19` - `2022-06-18`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-15` - `2022-06-13`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-13`	3 months	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-10` - `2022-07-04`	3 months	crt.sh
*.mathads.com DigiCert SHA2 Secure Server CA	`2022-02-21` - `2023-02-22`	a year	crt.sh
pixel.mathtag.com DigiCert SHA2 Secure Server CA	`2021-06-29` - `2022-07-07`	a year	crt.sh
endpoint1.collection.us2.sumologic.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-05` - `2023-01-05`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh

This page contains 15 frames:

Primary Page: https://posthereads.com/395/posts/7-Tickets/63-Travel/1143025-Alaska-Airlines-Baggage-Policy-1-844-460-3598.html
Frame ID: E6404FC9D92B9B02A1E6BA620F987248
Requests: 30 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20190131/zrt_lookup.html
Frame ID: DE712741894BAA3A5BB8DA2055343FA8
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: C55F0A822E5DC0E936500AC2EBFBF3AE
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 26C9A37F97C7A1468B85B42457D042B6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5950405679604215&output=html&adk=1812271804&adf=3025194257&lmt=1650025090&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fposthereads.com%2F395%2Fposts%2F7-Tickets%2F63-Travel%2F1143025-Alaska-Airlines-Baggage-Policy-1-844-460-3598.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650025090304&bpp=3&bdt=402&idt=154&shv=r20220413&mjsv=m202204110101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5678462949565&frm=20&pv=2&ga_vid=646327275.1650025090&ga_sid=1650025090&ga_hid=303782050&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C31067064%2C31065659%2C31062930&oid=2&pvsid=2378705965000664&pem=920&tmod=832950104&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=176
Frame ID: EC3EB66AC8ED525F96167FE255D1860B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5950405679604215&output=html&h=90&slotname=4646811195&adk=64169237&adf=224413005&pi=t.ma~as.4646811195&w=728&lmt=1650025090&psa=0&format=728x90&url=https%3A%2F%2Fposthereads.com%2F395%2Fposts%2F7-Tickets%2F63-Travel%2F1143025-Alaska-Airlines-Baggage-Policy-1-844-460-3598.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650025090307&bpp=2&bdt=405&idt=188&shv=r20220413&mjsv=m202204110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5678462949565&frm=20&pv=1&ga_vid=646327275.1650025090&ga_sid=1650025090&ga_hid=303782050&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=573&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C31067064%2C31065659%2C31062930&oid=2&pvsid=2378705965000664&pem=920&tmod=832950104&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ONIqrLbc45&p=https%3A//posthereads.com&dtd=195
Frame ID: D5012A6A5220F2F9E0F01293A9D0AF5C
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5950405679604215&output=html&h=600&slotname=9200956269&adk=2856261430&adf=3433535837&pi=t.ma~as.9200956269&w=160&lmt=1650025090&psa=0&format=160x600&url=https%3A%2F%2Fposthereads.com%2F395%2Fposts%2F7-Tickets%2F63-Travel%2F1143025-Alaska-Airlines-Baggage-Policy-1-844-460-3598.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650025090309&bpp=2&bdt=407&idt=199&shv=r20220413&mjsv=m202204110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=5678462949565&frm=20&pv=1&ga_vid=646327275.1650025090&ga_sid=1650025090&ga_hid=303782050&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=297&ady=302&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C31067064%2C31065659%2C31062930&oid=2&pvsid=2378705965000664&pem=920&tmod=832950104&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=APUOqZw7DH&p=https%3A//posthereads.com&dtd=202
Frame ID: 1F78C3A3C20634CC82376EE012F93E49
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5950405679604215&output=html&h=250&slotname=7385311712&adk=2292990355&adf=1312291996&pi=t.ma~as.7385311712&w=300&lmt=1650025090&psa=0&format=300x250&url=https%3A%2F%2Fposthereads.com%2F395%2Fposts%2F7-Tickets%2F63-Travel%2F1143025-Alaska-Airlines-Baggage-Policy-1-844-460-3598.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650025090311&bpp=1&bdt=409&idt=221&shv=r20220413&mjsv=m202204110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C160x600&nras=1&correlator=5678462949565&frm=20&pv=1&ga_vid=646327275.1650025090&ga_sid=1650025090&ga_hid=303782050&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=488&ady=184&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C31067064%2C31065659%2C31062930&oid=2&pvsid=2378705965000664&pem=920&tmod=832950104&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=xTowisXL7b&p=https%3A//posthereads.com&dtd=225
Frame ID: 8914963E8C73057B6EE762A40505611D
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5950405679604215&output=html&h=250&slotname=7385311712&adk=2292990355&adf=4152151687&pi=t.ma~as.7385311712&w=300&lmt=1650025090&psa=0&format=300x250&url=https%3A%2F%2Fposthereads.com%2F395%2Fposts%2F7-Tickets%2F63-Travel%2F1143025-Alaska-Airlines-Baggage-Policy-1-844-460-3598.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650025090311&bpp=1&bdt=409&idt=231&shv=r20220413&mjsv=m202204110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C160x600%2C300x250&nras=1&correlator=5678462949565&frm=20&pv=1&ga_vid=646327275.1650025090&ga_sid=1650025090&ga_hid=303782050&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=488&ady=669&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C31067064%2C31065659%2C31062930&oid=2&pvsid=2378705965000664&pem=920&tmod=832950104&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=sX1aTgHamD&p=https%3A//posthereads.com&dtd=234
Frame ID: F3AF27A7108481195B843C530CFAFEE7
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5950405679604215&output=html&h=280&slotname=8988879210&adk=4228275942&adf=700804871&pi=t.ma~as.8988879210&w=1003&fwrn=4&fwrnh=100&lmt=1650025090&rafmt=1&psa=0&format=1003x280&url=https%3A%2F%2Fposthereads.com%2F395%2Fposts%2F7-Tickets%2F63-Travel%2F1143025-Alaska-Airlines-Baggage-Policy-1-844-460-3598.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650025090312&bpp=3&bdt=410&idt=236&shv=r20220413&mjsv=m202204110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C160x600%2C300x250%2C300x250&nras=1&correlator=5678462949565&frm=20&pv=1&ga_vid=646327275.1650025090&ga_sid=1650025090&ga_hid=303782050&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=306&ady=1666&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C31067064%2C31065659%2C31062930&oid=2&pvsid=2378705965000664&pem=920&tmod=832950104&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=1&fsb=1&xpc=rRrWEo6Ylf&p=https%3A//posthereads.com&dtd=240
Frame ID: 38C2035449CA310BC8CCC6EE1EA435FE
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YlligAAOzaQKsuCQAALxBWtFgub8KvnfNVaHRQ&u=%7CIupyApwj8KCe8mHLBsq3UNWxJNO5HGFYpiJpznQMkMU%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wcB12Im2CSJpKIuTSpvnklxTfbzESBbVV3dKL6WMxTCC9RuHN_UwHZITZVcFEry2mF6F42pRH0mxrRnJsZbilzwyxyb9ECWbss8tx5xm8060lSLNn74Z74O8C57Gxz4LC56EodqRqXbfX6aIAcbOSYhkl_Fajbd2Fl3vNCDYBi73S-FhlG42WDcTnzD_T3CsVelEO2O6CTwA9ZnW8UgtkkfY8_CZVaXIPVptfqkc-5-WG5q6apYjPqR098qOb5AbUb0oiXPy2W2pq3yxok49nVCrQeOzb-N8s3nGay4ScxN21AO1cHe7yY_eQDR1gTOwA_1gf1L1j4svSkihB66UUhRh8pMTCi-xWywxxItcYLl5ewD30Jrb2yXdoF3RR2HrZQPmxLFbrqCx1gbSTrXLmGX&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxRi0gGJZYqSbO5DBywWF4ouIBcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk1MDQwNTY3OTYwNDIxNaAB1bbS6gPIAQmpAuHBDbIyILI-qAMBqgSGAk_Q_MLB4cpMsCCkGR_lhrk-Y4fnidwlIC-pQ9LKHPNGmOybulUYBOeNNRiU5Lgi39cVX-WW9gYRfTaJuwv2npSS_bmpf166y_d5wsxvWLT-rOP624C9us5HP_bynV_xSLccrISrYMyuro34AUxXz44_lwAV5usnOFja4h6c3BRQblsMMoubHTCg3I_Of4NnGa9wKdvBgX54JQdofSVwBBmYIpwoXPY5InQIcx_a43Icl13dQnivNFdbWgOIxg4g_fTC3c3oizn7KfTERdoDMZcgad2V9kTrsxkY-oRVNDTI5XM1JjyERmU2bDMyhfu1txMDcPoXEugiakiDMuWTYX1bP7I6iwaABq7fmaCz9ord-AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3PPAsH_NNqTolh6gyL69kEdjv4VQ%26client%3Dca-pub-5950405679604215%26adurl%3D
Frame ID: A960E97DCFDC54A9C6B87F11D1C497E7
Requests: 11 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YlligAAPBR0KsqWUAAmfz2WU6P1ZCb2tY8YDxg&u=%7CIupyApwj8KC9yLtKIvLr2YnPEEwcZj8YyAliuTgGIS4%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6e-4vOkZyr-tuWKbg6CJmKWlYECc58TSh5mSyPXcrKHbb7I_1e551O5aN88wJuIOBCXzftfeFtUrQuoS41cm2qBVtyM0dqXm0YyKMPjDAgQ2YT_vOHgNIR3YPjh0nIdtDi6J7jNmybO5g8-m9Hm8O7JdEq8UxLwvgxRF3PeLc8CAVPxyp5akdm1Xp8ekSLKCNlusck8KfLsNQTRzin4eCqPaz03hc-a_vNji3r56OtuFTaONEkwwPk4APEp3idRkOxsA_MiVI7AekxceoX3oNo0mrKvRWEUWM3iBU0KcGjjNxrwD8wBMeZAprzibt1mu2YJbKwW9mRzc958cHyiXpQRqYfu1MHQOFz2cRduBHGqW1UWm4uLPigSaxQXuuTnxfVTPGa_aFMUzHQt6qyQ8xPd6_eQyAXlhxtYgBRLHGpSX&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCu5SwgGJZYp2KPJTLygXPv6aoDMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk1MDQwNTY3OTYwNDIxNaAB1bbS6gPIAQmpAuHBDbIyILI-qAMBqgSHAk_QCeMx-sJNFH74SXNFGfPPPb-q9b6skDAvWE9at47YbdZjoT17teghJTAGtGsVFYsq2mO7M2nP04WbmuzTev9hMBuaasTgS8VJWVxEutxa8np8y4WOVyMDqCgLWzLuVqlDnL7eNPRBwK2VQAFTH25SYLuebCVdtst4JH0v_QEH-bRstkdILKbjH9KVMGbGLZKsckgTMZrefUTTHRFYNj7DLWE_8z8vEvZq_gi2s4mhmlFMoxLuXHiuB98nnIvqRd6o7eAsOeLjcwu_F6I78ISDH5ZE5iD9mFBhQ9Ow8Swp3d_FCaoKB5160ESTT_UDqExVlaw0VOqv9VFK8qmcQ4_nRtpNrb3kgAau35mgs_aK3fgBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_07JMnPm7hQ_GeJ2q7kg4mqwhrCjQ%26client%3Dca-pub-5950405679604215%26adurl%3D
Frame ID: B26DF9FBC78FF986FFAA1D27A5DC52B6
Requests: 11 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YlligQAANJcKsspbAAF7S0u0TKZx4msytjPwTA&u=%7CIupyApwj8KApmAIy87WXegU1stpd9oCgF3WugFCTLg8%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wcB12Im2CSJpKIuTSpvnklxS-6G21LPd9GU7rlMtM1cSXA7F30WHmlpVgaKHcOoRJZ00Xje4GDBjFvjewP8D0FD8gbOaPSC1f2keswbgSmgnQnoCs-d_XltQa1BuQOlSItLqBjZ437AOuPSK5vJmD2ZMhQaaMrV3qkGwE_l0dyF1eGnpFZusXQuJG6pxu2a-AfFgjL0EkLnQk2lCfyB6qHOueEBDj_7HAAOILaUOgGaN06g6_zcBEg-cju-Jx-Tr8WF2Z995L93Fi1IbGJynH-yDPX9wCICiyUVsENY7Xddo_zmZczFI6aBti9B209UFNvb-uqreNg1ezjAHt6a913TUbxV18G_QeN-Rs6SCRZ7VvLoLDubv8hL1QxtLUhbDqaMzWa_D_2mx8ZDZahy8R4TUARueVDFiVU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxdwcgWJZYpdp25TLBcv2hYANyZ7SsVzVnZH3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTUwNDA1Njc5NjA0MjE1oAHVttLqA8gBCakC2pWIbbkmsj6oAwGqBIcCT9DPP-gzy2BsecDsWxjo6Dzf4-_ttj9cLB1Wlw6gSvPve6ckzzAwQlm-AE5OQl6agiRa2Y2K-DwCKlb8RbYCGYb31muSeD0P-abLuKSAbZD3j8b5kxIskAOm8rSIY74uMzSulDBVSiK16ja1c6-U0BZbF3CtRoLrJQTkUL3HsIexJs91pPfjjXL6Bm1IHBuIAFIpUlTSx0aU_P6A_oUMxrm8spY5KYyvceowfskNoO-7fdrUYTLWWw7xP98eydRPlji12JYmAIRjsNVkP8g04crqLe3iU-G1S-kEsTK-zGsFUESRktdHmsPirARSkoh8qjsagTnrbAtu3c8leshGfrRx0OgFVMeABq7fmaCz9ord-AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1eOU_BYihleWWT5D_X6vzG4GCrLg%26client%3Dca-pub-5950405679604215%26adurl%3D
Frame ID: 3BD2FDAC9436D3B216C9DA676BC0D45E
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 97A20B92AA907F9B007544F527692C5A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 27D37D3D0D95DF49FE5F5CA2D42E9D19
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Alaska Airlines Baggage Policy +1 844 460 3598 - Brentwood, USA - Post Free Ads | Place Online Ads

Detected technologies

AddThis (Widgets) Expand

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

107
Requests

99 %
HTTPS

60 %
IPv6

18
Domains

27
Subdomains

26
IPs

6
Countries

1834 kB
Transfer

3247 kB
Size

18
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.addthis.com/bookmark.php?v=20
Title: Share

Search URL Search Domain Scan URL

URL: https://www.diigonews.com/alaska-airlines-baggage-policy/
Title: Alaska Airlines Baggage policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

107 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 1143025-Alaska-Airlines-Baggage-Policy-1-844-460-3598.html Show response
posthereads.com/395/posts/7-Tickets/63-Travel/ 16 KB
5 KB 333ms
112ms Document
text/html 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://posthereads.com/395/posts/7-Tickets/63-Travel/1143025-Alaska-Airlines-Baggage-Policy-1-844-460-3598.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.29
Resource Hash: 190a891aee6ff9d2d3c8ec5cd03145bca740323dc91ea244068c146d1b5bc8cb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=3600
cf-cache-status: DYNAMIC
cf-ray: 6fc49f4168740e12-MXP
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 15 Apr 2022 12:18:08 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s50Hj44I9muCbLZCKUulE0pOX4%2B4gIPbd2Y9CmILAvOeXsxGJgvkdCjAm4DV63f0LOFbM2RKdlwbPOAgxFV18n6yUDkCd9cfm7JDdAh0n%2Bj7MgUs8%2FBekvVkAinBxd%2FZB6S1yIZxyRwn1ffEFAw%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.3.29

GET
H2 200 style.css
posthereads.com/ 11 KB
3 KB 29ms
27ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://posthereads.com/style.css
Requested by: Host: posthereads.com
URL: https://posthereads.com/395/posts/7-Tickets/63-Travel/1143025-Alaska-Airlines-Baggage-Policy-1-844-460-3598.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6cd2b852c67a7514c6b4478b921311b8758d5c86a1b149218c6ab9a3b0a4c078

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://posthereads.com/395/posts/7-Tickets/63-Travel/1143025-Alaska-Airlines-Baggage-Policy-1-844-460-3598.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 12:18:08 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 19 Oct 2021 11:27:40 GMT
server: cloudflare
age: 4569
etag: W/"2b47-5ceb2f307e359"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vlf%2FcbyW0p2tWmvmO%2BYrzgc5Ip0NXkwjnM8Yr84Q9G0PsvYhbP%2BKy%2BW2LMvX9%2BGwfXVECdwHYVVOWDH1gtGwTQhm%2Bwkl1o1k2Cd9e%2FSEB9VDE9UZ1dbcudfvwzTqp7R5WP0dTfR3zT3HQxtN2DE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6fc49f425a4f0e12-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 pager.css
posthereads.com/ 965 B
594 B 33ms
32ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://posthereads.com/pager.css
Requested by: Host: posthereads.com
URL: https://posthereads.com/395/posts/7-Tickets/63-Travel/1143025-Alaska-Airlines-Baggage-Policy-1-844-460-3598.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18c6cf371902cb4f0ba1e085daba40066bf6f2711280201578e08d231142b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://posthereads.com/395/posts/7-Tickets/63-Travel/1143025-Alaska-Airlines-Baggage-Policy-1-844-460-3598.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 12:18:08 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 11 Oct 2019 23:03:18 GMT
server: cloudflare
age: 4569
etag: W/"3c5-594aa860e7980"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IxI65guI%2Fpy4F%2F4bvRYaQl1IicuPVq1CYT%2Bq2vI8SCrVA9eLjg73c4CgufUmcz1UsJTQDdXnBTrQjSDKUSB%2FAozusNLyuaddOXD%2BZQIcrfS3HbyppFCDUgpVrNNVrEPpqEFx6G85RRHUHHZdy24%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6fc49f425a520e12-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 cal.css
posthereads.com/ 474 B
563 B 27ms
26ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://posthereads.com/cal.css
Requested by: Host: posthereads.com
URL: https://posthereads.com/395/posts/7-Tickets/63-Travel/1143025-Alaska-Airlines-Baggage-Policy-1-844-460-3598.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fab744b4d3af481417084ece049be0ce196a646abd6204bdba5602e093635e2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://posthereads.com/395/posts/7-Tickets/63-Travel/1143025-Alaska-Airlines-Baggage-Policy-1-844-460-3598.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 12:18:08 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 11 Oct 2019 23:03:18 GMT
server: cloudflare
age: 4569
etag: W/"1da-594aa860e7980"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XR9LzoWQ%2BNvPnR%2FzXp8%2F8b3HRYVvL1c4nmXY3BIP0rDNTBu3ZTA9t5tr2RuuNW6fa6%2B1rbOtunX5uXQoLv4fpyVVZ1F7UI1OPJcqdx9HdgckELzAyuYykLf%2ByDmN8ZtLQPTh95%2ByE8e8fGFgrDI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6fc49f425a530e12-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
38 KB 213ms
21ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-164528275-2

Requested by

Host: posthereads.com
URL: https://posthereads.com/395/posts/7-Tickets/63-Travel/1143025-Alaska-Airlines-Baggage-Policy-1-844-460-3598.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

81474d629ff38713700880af4700fb90d0a67eaed337b90667012564240c7487

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://posthereads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 12:18:08 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38612
x-xss-protection: 0
last-modified: Fri, 15 Apr 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 15 Apr 2022 12:18:08 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 155 KB
54 KB 239ms
47ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: posthereads.com
URL: https://posthereads.com/395/posts/7-Tickets/63-Travel/1143025-Alaska-Airlines-Baggage-Policy-1-844-460-3598.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b198da136a2b24d4b9a62a7399267ccdf74ec14c30e95b5c049e06c98d7f05e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://posthereads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 12:18:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54363
x-xss-protection: 0
server: cafe
etag: 14521970739809990416
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 15 Apr 2022 12:18:08 GMT

GET
H2 200 dmedianet.js Show response
contextual.media.net/ 163 KB
55 KB 250ms
58ms Script
text/javascript 184.87.212.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/dmedianet.js?cid=8CUQEK9ET

Requested by

Host: posthereads.com
URL: https://posthereads.com/395/posts/7-Tickets/63-Travel/1143025-Alaska-Airlines-Baggage-Policy-1-844-460-3598.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.87.212.24 Milan, Italy, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-87-212-24.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

8508a067cc41ee28dfd3b405253ac46898bf281bf378b4e282c9fc721b9386d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://posthereads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-mnt-h: 10-3
content-encoding: gzip
server: Apache
etag: "40cdb63331cd84cf31fec3a493f7a9a7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=300
date: Fri, 15 Apr 2022 12:18:08 GMT
strict-transport-security: max-age=604800
x-mnt-w: 8-10
expires: Fri, 15 Apr 2022 12:23:08 GMT

GET
H3 200 logo.gif
posthereads.com/images/ 5 KB
5 KB 82ms
81ms Image
image/gif 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://posthereads.com/images/logo.gif
Requested by: Host: posthereads.com
URL: https://posthereads.com/395/posts/7-Tickets/63-Travel/1143025-Alaska-Airlines-Baggage-Policy-1-844-460-3598.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91cbbd4894616f50d26f8cb6ecfd64afb7306c07724221ec6c576d17b60ff615

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://posthereads.com/395/posts/7-Tickets/63-Travel/1143025-Alaska-Airlines-Baggage-Policy-1-844-460-3598.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 12:18:08 GMT
cf-cache-status: MISS
last-modified: Fri, 12 Jun 2020 16:13:24 GMT
server: cloudflare
etag: "120d-5a7e55b4f346b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IdsVqbMNedp%2F3ASs%2BrSv17FHvO35iexPfheoh3QnO3QcRU5flNbgdHcBbX4aaztGcD8pF87u%2Fpxb8zI6YKupjKOobPn9hgYKZSYxxLgTqwPAZowNnee3sbVgnUuRov3YOhTPc5jfMuCV1pTtPdU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=7257600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6fc49f42993773d3-MRS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4621

GET
H3 200 spacer.gif
posthereads.com/images/ 43 B
599 B 88ms
87ms Image
image/gif 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://posthereads.com/images/spacer.gif
Requested by: Host: posthereads.com
URL: https://posthereads.com/395/posts/7-Tickets/63-Travel/1143025-Alaska-Airlines-Baggage-Policy-1-844-460-3598.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://posthereads.com/395/posts/7-Tickets/63-Travel/1143025-Alaska-Airlines-Baggage-Policy-1-844-460-3598.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 12:18:08 GMT
cf-cache-status: MISS
last-modified: Fri, 11 Oct 2019 23:03:16 GMT
server: cloudflare
etag: "2b-594aa85eff500"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F6HiZQnIWhjfNVyQ2OIRX7DpvZUBbmUIu2zHJlZzkzFVVU1JghkrshcmvY4Bj2VsR0QY4X0CjsLI7iqyR8lAlAhZt5kN13v7PlJi1xm4vy2L%2FE168tmgCI%2BforwtG1xSk4ZLbvvGjKWR%2FpqaIG8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=7257600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6fc49f42993973d3-MRS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

GET
H2 200 sm-plus.gif
s7.addthis.com/static/btn/ 79 B
294 B 238ms
46ms Image
image/gif 23.35.236.122
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s7.addthis.com/static/btn/sm-plus.gif

Requested by

Host: posthereads.com
URL: https://posthereads.com/395/posts/7-Tickets/63-Travel/1143025-Alaska-Airlines-Baggage-Policy-1-844-460-3598.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.35.236.122 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-35-236-122.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

8eb9e2b352509e84dd54890cec75f6429660d1d5a2dd88422297611adaa4ab57

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://posthereads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: "5f971164-4f"
content-type: image/gif
cache-control: public, max-age=86313600
date: Fri, 15 Apr 2022 12:18:08 GMT
x-host: s7.addthis.com
accept-ranges: bytes
timing-allow-origin: *
content-length: 79

GET
H3 200 62580386a1fc4bc335ee4375b.jpg
posthereads.com/adpics/ 23 KB
24 KB 114ms
113ms Image
image/jpeg 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://posthereads.com/adpics/62580386a1fc4bc335ee4375b.jpg
Requested by: Host: posthereads.com
URL: https://posthereads.com/395/posts/7-Tickets/63-Travel/1143025-Alaska-Airlines-Baggage-Policy-1-844-460-3598.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0556b60fe6e263a7215f86c07aef35947054e5a317a2386d28d223fc3560530

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://posthereads.com/395/posts/7-Tickets/63-Travel/1143025-Alaska-Airlines-Baggage-Policy-1-844-460-3598.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 12:18:08 GMT
cf-cache-status: MISS
last-modified: Thu, 14 Apr 2022 11:20:38 GMT
server: cloudflare
etag: "5cd4-5dc9b7bce7189"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mFbxUSyX4vW4%2BtNHfkv%2BXCEGL7ahd6lCgLGTvnZuNnXhpLiP1pVCeGMkAo%2BMYmcvpidkjUIGwe%2F%2FGHurRwEOznjbuT%2BlMPfbpnjXS6K6pzH1hkGGTzPztHLfKbSBRQXOc8O7dnktFTZMPsLHjV4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=7257600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6fc49f42993b73d3-MRS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23764

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/200/ 353 KB
114 KB 214ms
16ms Script
application/javascript 23.35.236.122
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/200/addthis_widget.js

Requested by

Host: posthereads.com
URL: https://posthereads.com/395/posts/7-Tickets/63-Travel/1143025-Alaska-Airlines-Baggage-Policy-1-844-460-3598.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.35.236.122 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-35-236-122.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://posthereads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Fri, 15 Apr 2022 12:18:08 GMT
x-host: s7.addthis.com
content-length: 116393

GET
H3 200 captcha.image.php
posthereads.com/ 302 B
1003 B 101ms
100ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://posthereads.com/captcha.image.php?839
Requested by: Host: posthereads.com
URL: https://posthereads.com/395/posts/7-Tickets/63-Travel/1143025-Alaska-Airlines-Baggage-Policy-1-844-460-3598.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.29
Resource Hash: 8c28d41a0b87fc627ba9526dbdc4e997178cbcf675ef1957135cd3aa1438e53b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://posthereads.com/395/posts/7-Tickets/63-Travel/1143025-Alaska-Airlines-Baggage-Policy-1-844-460-3598.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Apr 2022 12:18:08 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.3.29
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aqfkkyd3U3%2FoLKKaq3hJYiO%2FKc9QnxT0E3N%2BA6kAKgGMhH7n21GLeOT%2BRTLaop5PNVVQHl9t09Hbr0NvQQdNpSQJu3dC%2BuuOeV7Sj%2BVzXDVa%2FKb0NWbczwUziExjmLukSrDcXFW24lzrLyeMs5Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=3600
cf-ray: 6fc49f42993d73d3-MRS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 302
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 jquery.min.js Show response
posthereads.com/external/client/jquery/ 94 KB
34 KB 150ms
149ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://posthereads.com/external/client/jquery/jquery.min.js
Requested by: Host: posthereads.com
URL: https://posthereads.com/395/posts/7-Tickets/63-Travel/1143025-Alaska-Airlines-Baggage-Policy-1-844-460-3598.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://posthereads.com/395/posts/7-Tickets/63-Travel/1143025-Alaska-Airlines-Baggage-Policy-1-844-460-3598.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 12:18:08 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 11 Oct 2019 23:03:16 GMT
server: cloudflare
etag: W/"176bb-594aa85eff500"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D%2F5XcYkuhIJ%2BpcFQMLpA0kCmHy9yx4zOO4YJmDkJzO3EMo25NiRtaC39I%2BI%2FyZLOGeuVYR2N8N2cbfGx5i68OTO9EqQ79wRzIptPu5fNh2uHY24MJFQ%2BqWKqWRBR1rB8WR0jpEsKPa6%2FxfE1IJg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6fc49f42992b73d3-MRS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 adapter.js Show response
posthereads.com/themes/xz-adapter/scripts/ 2 KB
1 KB 92ms
91ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://posthereads.com/themes/xz-adapter/scripts/adapter.js
Requested by: Host: posthereads.com
URL: https://posthereads.com/395/posts/7-Tickets/63-Travel/1143025-Alaska-Airlines-Baggage-Policy-1-844-460-3598.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c69dd4280a00a3000e33dc1e666a01ac230c6eee57900dd38601a7163de3ab37

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://posthereads.com/395/posts/7-Tickets/63-Travel/1143025-Alaska-Airlines-Baggage-Policy-1-844-460-3598.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 12:18:08 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 11 Oct 2019 23:03:18 GMT
server: cloudflare
etag: W/"9ef-594aa860e7980"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qy6xwtF1dna771%2BuaiMZD4zvv8ze4Ll1mUXwVEA0tjVF2sZuYEGCaXQfBKe9JfaOdOJ5ofvXvyiWOYVXnJdPQ6GK1nkxecO7T6kumUjueHbxzfZRL1ILHMP1fjgvk7qMObhpfNBSW3ZYxskP1jM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6fc49f42993173d3-MRS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 30ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-164528275-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://posthereads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 57
date: Fri, 15 Apr 2022 12:17:11 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 15 Apr 2022 14:17:11 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 59ms
26ms Script
application/x-javascript 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/200/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://posthereads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 12:18:08 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=29365
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204110101/ 303 KB
108 KB 50ms
34ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5950405679604215&plah=posthereads.com&bust=31067064

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731ed94e90189b62da3e5cab10ff3e74cb2600fdbe739c00b8e47dce884ca0b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://posthereads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 12:18:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110742
x-xss-protection: 0
server: cafe
etag: 3909468757968645355
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 15 Apr 2022 12:18:08 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220413/r20190131/ Frame DE71 10 KB
5 KB 28ms
6ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220413/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

340b20f9ff6d073c2fea911631d8a6e13af185d983cbe842ddca27df91d0f295

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://posthereads.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 53169
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4398
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Apr 2022 21:31:59 GMT
etag: 14837630671339829333
expires: Thu, 28 Apr 2022 21:31:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 30ms
14ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=303782050&t=pageview&_s=1&dl=https%3A%2F%2Fposthereads.com%2F395%2Fposts%2F7-Tickets%2F63-Travel%2F1143025-Alaska-Airlines-Baggage-Policy-1-844-460-3598.html&ul=en-us&de=UTF-8&dt=Alaska%20Airlines%20Baggage%20Policy%20%2B1%20844%20460%203598%20-%20Brentwood%2C%20USA%20-%20Post%20Free%20Ads%20%7C%20Place%20Online%20Ads&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1819312425&gjid=1272986730&cid=646327275.1650025090&tid=UA-164528275-2&_gid=1684305600.1650025090&_r=1&gtm=2ou4d0&z=450411671

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://posthereads.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 15 Apr 2022 12:18:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://posthereads.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/4a1806ae49a62752/ 27 B
207 B 70ms
68ms Script
application/javascript 23.35.236.122
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/4a1806ae49a62752/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/200/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.236.122 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-122.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 19a26d6046c4fcfe9e3efbc1fb7532f424c6b0b7590b9e193788e30bce8b9836

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://posthereads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 12:18:08 GMT
content-encoding: gzip
content-disposition: attachment; filename=1.txt
cache-control: public, max-age=16, s-maxage=86400
content-length: 47
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 89 B
249 B 181ms
181ms Script
application/javascript 23.35.236.122
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=62596282c8f345e7&bkl=0&bl=1&pdt=368&sid=62596282c8f345e7&pub=4a1806ae49a62752&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=posthereads.com&fp=395%2Fposts%2F7-Tickets%2F63-Travel%2F1143025-Alaska-Airlines-Baggage-Policy-1-844-460-3598.html&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=Post%20Free%20Ads%20Here%2COnline%2Cclassifieds%2Cposts%2Cads%2Cevents%2Cimages%2Cbuy%2Csell%2Ctrade%2Creal%20estate%2Capartments%2Cpersonals%2Ccommunity%20classifieds%2Cxzero%20classifieds%2Ccommunity%20classifieds%2Ccommunity%2Csociety&colc=1650025090415&jsl=1&uvs=62596282bc3cee8c000&skipb=1&callback=addthis.cbs.jsonp__55133551504446880
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/200/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.236.122 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-122.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0888fcfb96eff1ee2234b38e769e40c8dca5d4a0687bcfefcdfcbcff870ff84c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://posthereads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Apr 2022 12:18:09 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 89
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame C55F 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame 26C9 71 KB
26 KB 43ms
43ms Document
text/html 23.35.236.122
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/200/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.35.236.122 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-35-236-122.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://posthereads.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=86313600
content-encoding: gzip
content-length: 26421
content-type: text/html
date: Fri, 15 Apr 2022 12:18:08 GMT
etag: W/"5f971164-11adc"
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
p3p: CP="NON ADM OUR DEV IND COM STA"
server: nginx/1.15.8
strict-transport-security: max-age=15724800; includeSubDomains
timing-allow-origin: *
vary: Accept-Encoding
x-host: s7.addthis.com

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
438 B 57ms
19ms XHR
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-164528275-2&cid=646327275.1650025090&jid=1819312425&gjid=1272986730&_gid=1684305600.1650025090&_u=YEBAAUAAAAAAAC~&z=469422713

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://posthereads.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 15 Apr 2022 12:18:08 GMT
content-type: text/plain
access-control-allow-origin: https://posthereads.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 219 B
646 B 65ms
14ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=posthereads.com&callback=_gfp_s_&client=ca-pub-5950405679604215

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5950405679604215&plah=posthereads.com&bust=31067064

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

6703627cd92e90e4b0894800d0c61091d02555fe97f262df06f848f2744ee25e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://posthereads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 12:18:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 202
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 39ms
16ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=posthereads.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://posthereads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 15 Apr 2022 12:18:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 43ms
20ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=posthereads.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://posthereads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 15 Apr 2022 12:18:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EC3E 9 KB
4 KB 170ms
155ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5950405679604215&output=html&adk=1812271804&adf=3025194257&lmt=1650025090&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fposthereads.com%2F395%2Fposts%2F7-Tickets%2F63-Travel%2F1143025-Alaska-Airlines-Baggage-Policy-1-844-460-3598.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650025090304&bpp=3&bdt=402&idt=154&shv=r20220413&mjsv=m202204110101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5678462949565&frm=20&pv=2&ga_vid=646327275.1650025090&ga_sid=1650025090&ga_hid=303782050&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C31067064%2C31065659%2C31062930&oid=2&pvsid=2378705965000664&pem=920&tmod=832950104&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=176

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6fbfe70e8294d43297c811344e8e3de570d4cb32b9b5f551b33b450bf097fe19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://posthereads.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 4007
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 15 Apr 2022 12:18:09 GMT
expires: Fri, 15 Apr 2022 12:18:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D501 22 KB
9 KB 209ms
209ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5950405679604215&output=html&h=90&slotname=4646811195&adk=64169237&adf=224413005&pi=t.ma~as.4646811195&w=728&lmt=1650025090&psa=0&format=728x90&url=https%3A%2F%2Fposthereads.com%2F395%2Fposts%2F7-Tickets%2F63-Travel%2F1143025-Alaska-Airlines-Baggage-Policy-1-844-460-3598.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650025090307&bpp=2&bdt=405&idt=188&shv=r20220413&mjsv=m202204110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5678462949565&frm=20&pv=1&ga_vid=646327275.1650025090&ga_sid=1650025090&ga_hid=303782050&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=573&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C31067064%2C31065659%2C31062930&oid=2&pvsid=2378705965000664&pem=920&tmod=832950104&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ONIqrLbc45&p=https%3A//posthereads.com&dtd=195

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1aabda7a5e03a52ed97bb7eef6cb1dbd2eef845661300939a2ea352eb4be6510

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://posthereads.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 9393
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 15 Apr 2022 12:18:09 GMT
expires: Fri, 15 Apr 2022 12:18:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1F78 23 KB
10 KB 209ms
208ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5950405679604215&output=html&h=600&slotname=9200956269&adk=2856261430&adf=3433535837&pi=t.ma~as.9200956269&w=160&lmt=1650025090&psa=0&format=160x600&url=https%3A%2F%2Fposthereads.com%2F395%2Fposts%2F7-Tickets%2F63-Travel%2F1143025-Alaska-Airlines-Baggage-Policy-1-844-460-3598.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650025090309&bpp=2&bdt=407&idt=199&shv=r20220413&mjsv=m202204110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=5678462949565&frm=20&pv=1&ga_vid=646327275.1650025090&ga_sid=1650025090&ga_hid=303782050&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=297&ady=302&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C31067064%2C31065659%2C31062930&oid=2&pvsid=2378705965000664&pem=920&tmod=832950104&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=APUOqZw7DH&p=https%3A//posthereads.com&dtd=202

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83eb40809c99952b0c3cf9c31a3f4ddeadb4e0147948ed3a25d6cb82b7a83339

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://posthereads.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 9769
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 15 Apr 2022 12:18:09 GMT
expires: Fri, 15 Apr 2022 12:18:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8914 24 KB
10 KB 184ms
184ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5950405679604215&output=html&h=250&slotname=7385311712&adk=2292990355&adf=1312291996&pi=t.ma~as.7385311712&w=300&lmt=1650025090&psa=0&format=300x250&url=https%3A%2F%2Fposthereads.com%2F395%2Fposts%2F7-Tickets%2F63-Travel%2F1143025-Alaska-Airlines-Baggage-Policy-1-844-460-3598.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650025090311&bpp=1&bdt=409&idt=221&shv=r20220413&mjsv=m202204110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C160x600&nras=1&correlator=5678462949565&frm=20&pv=1&ga_vid=646327275.1650025090&ga_sid=1650025090&ga_hid=303782050&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=488&ady=184&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C31067064%2C31065659%2C31062930&oid=2&pvsid=2378705965000664&pem=920&tmod=832950104&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=xTowisXL7b&p=https%3A//posthereads.com&dtd=225

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a85bc2c67ff78e33fe0ec5b95451ad2262c9a0dc6a46e1f5439564c2f0e5f946

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://posthereads.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 10458
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 15 Apr 2022 12:18:09 GMT
expires: Fri, 15 Apr 2022 12:18:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F3AF 23 KB
10 KB 269ms
269ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5950405679604215&output=html&h=250&slotname=7385311712&adk=2292990355&adf=4152151687&pi=t.ma~as.7385311712&w=300&lmt=1650025090&psa=0&format=300x250&url=https%3A%2F%2Fposthereads.com%2F395%2Fposts%2F7-Tickets%2F63-Travel%2F1143025-Alaska-Airlines-Baggage-Policy-1-844-460-3598.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650025090311&bpp=1&bdt=409&idt=231&shv=r20220413&mjsv=m202204110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C160x600%2C300x250&nras=1&correlator=5678462949565&frm=20&pv=1&ga_vid=646327275.1650025090&ga_sid=1650025090&ga_hid=303782050&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=488&ady=669&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C31067064%2C31065659%2C31062930&oid=2&pvsid=2378705965000664&pem=920&tmod=832950104&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=sX1aTgHamD&p=https%3A//posthereads.com&dtd=234

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

130a5fa56f0a924d6591fa0fd6ff4ec5d7fa3bdb50c78d930fa2c8d18a1b18a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://posthereads.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 9764
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 15 Apr 2022 12:18:09 GMT
expires: Fri, 15 Apr 2022 12:18:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 31ms
16ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=posthereads.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://posthereads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 15 Apr 2022 12:18:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 31ms
16ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=posthereads.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://posthereads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 15 Apr 2022 12:18:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 38C2 436 B
236 B 456ms
456ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5950405679604215&output=html&h=280&slotname=8988879210&adk=4228275942&adf=700804871&pi=t.ma~as.8988879210&w=1003&fwrn=4&fwrnh=100&lmt=1650025090&rafmt=1&psa=0&format=1003x280&url=https%3A%2F%2Fposthereads.com%2F395%2Fposts%2F7-Tickets%2F63-Travel%2F1143025-Alaska-Airlines-Baggage-Policy-1-844-460-3598.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650025090312&bpp=3&bdt=410&idt=236&shv=r20220413&mjsv=m202204110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C160x600%2C300x250%2C300x250&nras=1&correlator=5678462949565&frm=20&pv=1&ga_vid=646327275.1650025090&ga_sid=1650025090&ga_hid=303782050&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=306&ady=1666&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C31067064%2C31065659%2C31062930&oid=2&pvsid=2378705965000664&pem=920&tmod=832950104&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=1&fsb=1&xpc=rRrWEo6Ylf&p=https%3A//posthereads.com&dtd=240

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

89e308bd100f78d849e073c50ebfee188753e68461b1871a3abdcd08c2c2e8f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://posthereads.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 213
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 15 Apr 2022 12:18:09 GMT
expires: Fri, 15 Apr 2022 12:18:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame D501 3 KB
1 KB 74ms
18ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5950405679604215&output=html&h=90&slotname=4646811195&adk=64169237&adf=224413005&pi=t.ma~as.4646811195&w=728&lmt=1650025090&psa=0&format=728x90&url=https%3A%2F%2Fposthereads.com%2F395%2Fposts%2F7-Tickets%2F63-Travel%2F1143025-Alaska-Airlines-Baggage-Policy-1-844-460-3598.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650025090307&bpp=2&bdt=405&idt=188&shv=r20220413&mjsv=m202204110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5678462949565&frm=20&pv=1&ga_vid=646327275.1650025090&ga_sid=1650025090&ga_hid=303782050&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=573&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C31067064%2C31065659%2C31062930&oid=2&pvsid=2378705965000664&pem=920&tmod=832950104&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ONIqrLbc45&p=https%3A//posthereads.com&dtd=195

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 12:02:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 913
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Apr 2022 12:02:56 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame D501 15 KB
6 KB 68ms
12ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6808c7f1192e091f9e9b4e15e28fa2a8904117ba54c11e51fc8eb9d179733e1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 11:51:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1619
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6368
x-xss-protection: 0
server: cafe
etag: 1861550861606854559
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Apr 2022 11:51:10 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D501 119 KB
37 KB 89ms
34ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

708369fe8dc1fd8fce92d3a7078852bb50ba4ba1a1884b1358c3bf03e1670d50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 12:18:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36909
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1649897599747219"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 15 Apr 2022 12:18:09 GMT

GET
H/1.1 200
OK js Show response
tags.mathtag.com/notify/ Frame 8914 10 KB
4 KB 1344ms
553ms Script
application/x-javascript 103.229.205.242
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTnpCa1pXTXhNV0l0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg1ODI3Nzg0Mjg2MjYzNzkxODkvMTAxNDQzMzkvOTU4NzU1OC80L0dyQjZQcjB3VU5JTk50VW5JNVdja05QZkphU3NGV0x1VnBYYTR1RVhESzAvMS80LzAvMC8xNjk5NTI5LzAvMjQ3NzIzLzEwMTY2NjEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMS84NTgyNzc4NDI4NjI2Mzc5MTg5L2Ftcy8wLzk5MDAvMzAvNTEvMjU4LzIwMDE6YWM4OjIwOjovMC4wMDAvMTY1MDAyNTA4OS8xNjUwMDM3Njg5LzQvcHViLTU5NTA0MDU2Nzk2MDQyMTUv/-AEEBjNSYaVRYGXHDd5Js7xO6WY&nodeid=329&group=cdg&auctionid=8582778428626379189&shardkey=8582778428626379189&sid=9587558&cid=10144339&bp=a_ajdefi&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.134.180&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCToM4gWJZYp02u5TF3A_TqI7QD8-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NTA0MDU2Nzk2MDQyMTXIAQmoAwGqBIcCT9D7w80GVLSZX4lXlHyCSgnn5hYC-ri7l-bKi3XoJX4YWPCYZbO2uWukBh21BZF6Fb6w5eOEEhNEKqItScFzFudcO0DAmrTbJGCL1lwYjVPO526prd-ZE8MAFKByhssrXho3tZ5NwrandSds2Ibv6nMrmXgVkih5gnTC8fETe8bsD_RW0JqScQ8fj9h1WQspR_yONPSoMANqj3SAwlsFCBBc-ZDGME1kBCzRXNHUuZMdJMX0HAnHaw2-jM1JywCDvdiphuyW6bT93PPWs_y8cE8aHfHhIj9jK-U6iwxNLSBsfNhzIrcA60OkPkP16FI07cJ5gTWLieCtTEkV1z5TLPiiNd4yUBqABp-EwYXxtYD37wGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0Ud5y31o1OUj3URXM_LheNQacVXQ%26client%3Dca-pub-5950405679604215%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5950405679604215&output=html&h=250&slotname=7385311712&adk=2292990355&adf=1312291996&pi=t.ma~as.7385311712&w=300&lmt=1650025090&psa=0&format=300x250&url=https%3A%2F%2Fposthereads.com%2F395%2Fposts%2F7-Tickets%2F63-Travel%2F1143025-Alaska-Airlines-Baggage-Policy-1-844-460-3598.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650025090311&bpp=1&bdt=409&idt=221&shv=r20220413&mjsv=m202204110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C160x600&nras=1&correlator=5678462949565&frm=20&pv=1&ga_vid=646327275.1650025090&ga_sid=1650025090&ga_hid=303782050&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=488&ady=184&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C31067064%2C31065659%2C31062930&oid=2&pvsid=2378705965000664&pem=920&tmod=832950104&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=xTowisXL7b&p=https%3A//posthereads.com&dtd=225
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.229.205.242 , Singapore, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.308.0 /
Resource Hash: 8631a5ceb37e514859108c0bd129fbe05a68a8e9b74141387e7a02cbec53e595

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Fri, 15 Apr 2022 12:18:10 GMT
Content-Encoding: gzip
x-mm-bid-request-time: 1650025089
Last-Modified: Fri, 15 Apr 2022 12:18:09 GMT
Server: MMBD/3.308.0
x-mm-latency: 300 (1)
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
x-mm-dbg: Count
Cache-Control: no-cache
x-mm-host: nrt-router-x15, cdg-bidder-x39
Connection: close
Content-Type: application/x-javascript; charset=UTF-8
Expires: Fri, 15 Apr 2022 12:18:09 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 8914 3 KB
1 KB 59ms
9ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5950405679604215&output=html&h=250&slotname=7385311712&adk=2292990355&adf=1312291996&pi=t.ma~as.7385311712&w=300&lmt=1650025090&psa=0&format=300x250&url=https%3A%2F%2Fposthereads.com%2F395%2Fposts%2F7-Tickets%2F63-Travel%2F1143025-Alaska-Airlines-Baggage-Policy-1-844-460-3598.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650025090311&bpp=1&bdt=409&idt=221&shv=r20220413&mjsv=m202204110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C160x600&nras=1&correlator=5678462949565&frm=20&pv=1&ga_vid=646327275.1650025090&ga_sid=1650025090&ga_hid=303782050&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=488&ady=184&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C31067064%2C31065659%2C31062930&oid=2&pvsid=2378705965000664&pem=920&tmod=832950104&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=xTowisXL7b&p=https%3A//posthereads.com&dtd=225

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 12:12:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 321
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Apr 2022 12:12:48 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8914 119 KB
36 KB 96ms
48ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

708369fe8dc1fd8fce92d3a7078852bb50ba4ba1a1884b1358c3bf03e1670d50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 12:18:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36909
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1649897599747219"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 15 Apr 2022 12:18:09 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 8914 15 KB
7 KB 55ms
7ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 12:05:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 760
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6409
x-xss-protection: 0
server: cafe
etag: 15284592792851369840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Apr 2022 12:05:29 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 1F78 3 KB
1 KB 58ms
11ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5950405679604215&output=html&h=600&slotname=9200956269&adk=2856261430&adf=3433535837&pi=t.ma~as.9200956269&w=160&lmt=1650025090&psa=0&format=160x600&url=https%3A%2F%2Fposthereads.com%2F395%2Fposts%2F7-Tickets%2F63-Travel%2F1143025-Alaska-Airlines-Baggage-Policy-1-844-460-3598.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650025090309&bpp=2&bdt=407&idt=199&shv=r20220413&mjsv=m202204110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=5678462949565&frm=20&pv=1&ga_vid=646327275.1650025090&ga_sid=1650025090&ga_hid=303782050&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=297&ady=302&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C31067064%2C31065659%2C31062930&oid=2&pvsid=2378705965000664&pem=920&tmod=832950104&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=APUOqZw7DH&p=https%3A//posthereads.com&dtd=202

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 12:12:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 321
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Apr 2022 12:12:48 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 1F78 15 KB
6 KB 53ms
9ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 12:05:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 760
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6409
x-xss-protection: 0
server: cafe
etag: 15284592792851369840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Apr 2022 12:05:29 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1F78 119 KB
36 KB 87ms
44ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

708369fe8dc1fd8fce92d3a7078852bb50ba4ba1a1884b1358c3bf03e1670d50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 12:18:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36909
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1649897599747219"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 15 Apr 2022 12:18:09 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D501 0
0 55ms
53ms Fetch
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CVTDOgGJZYqSbO5DBywWF4ouIBcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk1MDQwNTY3OTYwNDIxNaAB1bbS6gPIAQmpAuHBDbIyILI-qAMBqgSDAk_Q_MLB4cpMsCCkGR_lhrk-Y4fnidwlIC-pQ9LKHPNGmOybulUYBOeNNRiU5Lgi39cVX-WW9gYRfTaJuwv2npSS_bmpf166y_d5wsxvWLT-rOP624C9us5HP_bynV_xSLccrISrYMyuro34AUxXz44_lwAV5usnOFja4h6c3BRQblsMMoubHTCg3I_Of4NnGa9wKdvBgX54JQdofSVwBBmYIpwoXPY5InQIcx_a43Icl13dQnivNFdbWgOIxg4g_fTC3c3oizn7KfTERdoDMZcgad2V9kTrsxkY-oRVdjbpd_S6ui872nGVvA6UffKhvaUJXuKVpiAfzLo8LMmL5NffLA2ABq7fmaCz9ord-AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi01OTUwNDA1Njc5NjA0MjE1GAA&sigh=XL2A5XTzldI&uach_m=[UACH]&cid=CAQSGwCNIrLMQgblShvyADgMrduD63OSPhfA64UDthgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5950405679604215&output=html&h=90&slotname=4646811195&adk=64169237&adf=224413005&pi=t.ma~as.4646811195&w=728&lmt=1650025090&psa=0&format=728x90&url=https%3A%2F%2Fposthereads.com%2F395%2Fposts%2F7-Tickets%2F63-Travel%2F1143025-Alaska-Airlines-Baggage-Policy-1-844-460-3598.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650025090307&bpp=2&bdt=405&idt=188&shv=r20220413&mjsv=m202204110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5678462949565&frm=20&pv=1&ga_vid=646327275.1650025090&ga_sid=1650025090&ga_hid=303782050&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=573&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C31067064%2C31065659%2C31062930&oid=2&pvsid=2378705965000664&pem=920&tmod=832950104&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ONIqrLbc45&p=https%3A//posthereads.com&dtd=195
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 15 Apr 2022 12:18:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 15 Apr 2022 12:18:09 GMT

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame D501 0
0 68ms
16ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=Uv2jEt6BMNgFWp2DYgICAAAAVnMQGBoVDinR3BaTEIFiWWIKjQcuF-HG0Wwt7QAS&wp=YlligAAOzaQKsuCQAALxBWtFgub8KvnfNVaHRQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 12:18:08 GMT
server: Kestrel
server-processing-duration-in-ticks: 326665
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame A960 48 KB
19 KB 75ms
28ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YlligAAOzaQKsuCQAALxBWtFgub8KvnfNVaHRQ&u=%7CIupyApwj8KCe8mHLBsq3UNWxJNO5HGFYpiJpznQMkMU%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wcB12Im2CSJpKIuTSpvnklxTfbzESBbVV3dKL6WMxTCC9RuHN_UwHZITZVcFEry2mF6F42pRH0mxrRnJsZbilzwyxyb9ECWbss8tx5xm8060lSLNn74Z74O8C57Gxz4LC56EodqRqXbfX6aIAcbOSYhkl_Fajbd2Fl3vNCDYBi73S-FhlG42WDcTnzD_T3CsVelEO2O6CTwA9ZnW8UgtkkfY8_CZVaXIPVptfqkc-5-WG5q6apYjPqR098qOb5AbUb0oiXPy2W2pq3yxok49nVCrQeOzb-N8s3nGay4ScxN21AO1cHe7yY_eQDR1gTOwA_1gf1L1j4svSkihB66UUhRh8pMTCi-xWywxxItcYLl5ewD30Jrb2yXdoF3RR2HrZQPmxLFbrqCx1gbSTrXLmGX&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxRi0gGJZYqSbO5DBywWF4ouIBcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk1MDQwNTY3OTYwNDIxNaAB1bbS6gPIAQmpAuHBDbIyILI-qAMBqgSGAk_Q_MLB4cpMsCCkGR_lhrk-Y4fnidwlIC-pQ9LKHPNGmOybulUYBOeNNRiU5Lgi39cVX-WW9gYRfTaJuwv2npSS_bmpf166y_d5wsxvWLT-rOP624C9us5HP_bynV_xSLccrISrYMyuro34AUxXz44_lwAV5usnOFja4h6c3BRQblsMMoubHTCg3I_Of4NnGa9wKdvBgX54JQdofSVwBBmYIpwoXPY5InQIcx_a43Icl13dQnivNFdbWgOIxg4g_fTC3c3oizn7KfTERdoDMZcgad2V9kTrsxkY-oRVNDTI5XM1JjyERmU2bDMyhfu1txMDcPoXEugiakiDMuWTYX1bP7I6iwaABq7fmaCz9ord-AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3PPAsH_NNqTolh6gyL69kEdjv4VQ%26client%3Dca-pub-5950405679604215%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

9cb409cc0a4baba7b7ddcf3c7a2bd175c4593267ebe783bb2f98d143e80bf09b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Fri, 15 Apr 2022 12:18:08 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=Tuyv8tGmttUUtOjbn6ilwOQ01s974y6GsJPIE6lIeYIdioQUhfDdhc83cH_hhtlZ7kh_-dsEt4k6yNkhKVwIDQR1qh89Bww3Gy6upj_VuYOJbktV8n_FqTARO5htJxg0mSd7uQika2p83lmnk6YsrYd1kIUbp0pZkI68_u2y_hxabDVnDoRK6PiGxueOQxYQO73_gkvsRrzI4yu8CWyhSBIR_uNQOi0i2HkQROK1_Bc0meIYLWnDNuBMXz5piARHheO6S-Pn1R06Z_4o"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 5706547
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8914 0
0 59ms
51ms Fetch
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CGTyogWJZYp02u5TF3A_TqI7QD8-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NTA0MDU2Nzk2MDQyMTXIAQmoAwGqBIQCT9D7w80GVLSZX4lXlHyCSgnn5hYC-ri7l-bKi3XoJX4YWPCYZbO2uWukBh21BZF6Fb6w5eOEEhNEKqItScFzFudcO0DAmrTbJGCL1lwYjVPO526prd-ZE8MAFKByhssrXho3tZ5NwrandSds2Ibv6nMrmXgVkih5gnTC8fETe8bsD_RW0JqScQ8fj9h1WQspR_yONPSoMANqj3SAwlsFCBBc-ZDGME1kBCzRXNHUuZMdJMX0HAnHaw2-jM1JywCDvdiphuyW6bT93PPWs_y8cE8aHfHhIj9jK-U6iwxNbyJN7nTPhrCNTwsP5gNaGE8g535zry1qNCDt47O0yRJLgmEeMlOABp-EwYXxtYD37wGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi01OTUwNDA1Njc5NjA0MjE1GAA&sigh=fxeK1C-yq6Y&uach_m=[UACH]&cid=CAQSGwCNIrLMDWDp7PY2fcb7R6Atqm9vIoUp7ExKvBgB&tpd=AGWhJmuqytywijN69KKSF1l_KnC_XtgD6RDzzu8jnKH14VJZRM1JPCIEj6Eo4L4enICJT1fYwpBvUbyTqTs6zAlbW1BAnPPSpAGhF4uMdjTvWRfWEcYqq3ghwvngYKwYPlKfTs3Oa5bjpgR97nigPBqZeMIMWZBRhFtycYggKnRwzrSnQASdkfw4HejtSx0H0H_FqLcWSAaf5YbNuIHgVM_wZo2Z4exOdBtl3Spe0b3rHmG9VnSAG58a-DLAhq94KeDOpXqqEnO7lKZjR9LKjRNoUxATR_j1ZTw6i670EXba3D5T0H0TFuxyj_byGVJJZ0Smo6YrBPPxYM1WYbIZ5PBJduT8Lu--kigzYWZpM5krCM6w5PUsVvW9IWqa28sksd_AJeoT8_7J0lQnws78dq3wcSI8iTBjAbPGnIcdbXHolEDH4dRx8bfvDUSRxSohOgb4Jpbr6fYR_soH3UVxaxNxtcZSEiLvjBeFABAWY0tNvaCNewpFjZuMQsfsX-1gbXorRPJmVD8q1ONYnrAEREwGVTDAFuG9o56Pcwmgf6jp2SPHOvADNRxhwVVNP1RX2vigHGag8IDM-oIbYpiaMvU5qhjd1XJy8rzhOfIaLUkrJ6mp8577ZK1AEsLvmUtmWAVb10mVK6yqaJDrYRhguBR_M_LxcFFG6qKGPfOUXVZUnCLgG-d4My7FWD0MTBLmN633UeUemhVscyO4VW3MA50m9EwHq8hUYVxXdBy9mtdyHEl45GzRoKKnIjhKPdQp3AGCb0At2xG51tDYHwHo9I3rRw1zp8WiQKRGsw9149fHGM1Hbqfu7Wwolp4Pneezbk9IO09UURVe7wMEzB16dsviWenXUwZxB9DzZtbHWMUdZGOuGVimIr1HpZ-A5EMeLPh7UFVF01dApT_x8h00JmWjF7nKexVO5JdkfRIPvd82GLi1UlhNTH7JVn-wZP3-zXgzTpXhV3SNYfaT8lz7cIpCVq9L9xAJBCmR93iMQqCi-SjTFnh4znYbqWD8t-lqcGgy1khI4altC0Fwi3wfytzglrbn4ZMVaJcORA3jwR9OGI7FnC5Ktfrnii7sF6WWBnYxlvpHVwYYeA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5950405679604215&output=html&h=250&slotname=7385311712&adk=2292990355&adf=1312291996&pi=t.ma~as.7385311712&w=300&lmt=1650025090&psa=0&format=300x250&url=https%3A%2F%2Fposthereads.com%2F395%2Fposts%2F7-Tickets%2F63-Travel%2F1143025-Alaska-Airlines-Baggage-Policy-1-844-460-3598.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650025090311&bpp=1&bdt=409&idt=221&shv=r20220413&mjsv=m202204110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C160x600&nras=1&correlator=5678462949565&frm=20&pv=1&ga_vid=646327275.1650025090&ga_sid=1650025090&ga_hid=303782050&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=488&ady=184&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C31067064%2C31065659%2C31062930&oid=2&pvsid=2378705965000664&pem=920&tmod=832950104&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=xTowisXL7b&p=https%3A//posthereads.com&dtd=225
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 15 Apr 2022 12:18:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 15 Apr 2022 12:18:09 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1F78 0
0 64ms
52ms Fetch
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CWq8sgGJZYp2KPJTLygXPv6aoDMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk1MDQwNTY3OTYwNDIxNaAB1bbS6gPIAQmpAuHBDbIyILI-qAMBqgSEAk_QCeMx-sJNFH74SXNFGfPPPb-q9b6skDAvWE9at47YbdZjoT17teghJTAGtGsVFYsq2mO7M2nP04WbmuzTev9hMBuaasTgS8VJWVxEutxa8np8y4WOVyMDqCgLWzLuVqlDnL7eNPRBwK2VQAFTH25SYLuebCVdtst4JH0v_QEH-bRstkdILKbjH9KVMGbGLZKsckgTMZrefUTTHRFYNj7DLWE_8z8vEvZq_gi2s4mhmlFMoxLuXHiuB98nnIvqRd6o7eAsOeLjcwu_F6I78ISDH5ZE5iD9mFBhQ9Ow8W4r_E1ChjYZuAFuc5Su6Q0KvEbjn4Is1l5nyPe4TbewWwpNwsnygAau35mgs_aK3fgBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNTk1MDQwNTY3OTYwNDIxNRgA&sigh=gpArHQTqr0U&uach_m=[UACH]&cid=CAQSGwCNIrLMv-UAEV9XBjKv2zBWW5invxDzzMpqPxgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5950405679604215&output=html&h=600&slotname=9200956269&adk=2856261430&adf=3433535837&pi=t.ma~as.9200956269&w=160&lmt=1650025090&psa=0&format=160x600&url=https%3A%2F%2Fposthereads.com%2F395%2Fposts%2F7-Tickets%2F63-Travel%2F1143025-Alaska-Airlines-Baggage-Policy-1-844-460-3598.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650025090309&bpp=2&bdt=407&idt=199&shv=r20220413&mjsv=m202204110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=5678462949565&frm=20&pv=1&ga_vid=646327275.1650025090&ga_sid=1650025090&ga_hid=303782050&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=297&ady=302&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C31067064%2C31065659%2C31062930&oid=2&pvsid=2378705965000664&pem=920&tmod=832950104&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=APUOqZw7DH&p=https%3A//posthereads.com&dtd=202
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 15 Apr 2022 12:18:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 15 Apr 2022 12:18:09 GMT

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 1F78 0
0 78ms
17ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=Uv2jEtyBMKAB2ASdg2ICAgAAAKZ64tug62iX0dwWkxCAYlliBTNUL0teJeIoMVYAEg&wp=YlligAAPBR0KsqWUAAmfz2WU6P1ZCb2tY8YDxg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 12:18:08 GMT
server: Kestrel
server-processing-duration-in-ticks: 218413
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame B26D 44 KB
17 KB 59ms
41ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YlligAAPBR0KsqWUAAmfz2WU6P1ZCb2tY8YDxg&u=%7CIupyApwj8KC9yLtKIvLr2YnPEEwcZj8YyAliuTgGIS4%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6e-4vOkZyr-tuWKbg6CJmKWlYECc58TSh5mSyPXcrKHbb7I_1e551O5aN88wJuIOBCXzftfeFtUrQuoS41cm2qBVtyM0dqXm0YyKMPjDAgQ2YT_vOHgNIR3YPjh0nIdtDi6J7jNmybO5g8-m9Hm8O7JdEq8UxLwvgxRF3PeLc8CAVPxyp5akdm1Xp8ekSLKCNlusck8KfLsNQTRzin4eCqPaz03hc-a_vNji3r56OtuFTaONEkwwPk4APEp3idRkOxsA_MiVI7AekxceoX3oNo0mrKvRWEUWM3iBU0KcGjjNxrwD8wBMeZAprzibt1mu2YJbKwW9mRzc958cHyiXpQRqYfu1MHQOFz2cRduBHGqW1UWm4uLPigSaxQXuuTnxfVTPGa_aFMUzHQt6qyQ8xPd6_eQyAXlhxtYgBRLHGpSX&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCu5SwgGJZYp2KPJTLygXPv6aoDMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk1MDQwNTY3OTYwNDIxNaAB1bbS6gPIAQmpAuHBDbIyILI-qAMBqgSHAk_QCeMx-sJNFH74SXNFGfPPPb-q9b6skDAvWE9at47YbdZjoT17teghJTAGtGsVFYsq2mO7M2nP04WbmuzTev9hMBuaasTgS8VJWVxEutxa8np8y4WOVyMDqCgLWzLuVqlDnL7eNPRBwK2VQAFTH25SYLuebCVdtst4JH0v_QEH-bRstkdILKbjH9KVMGbGLZKsckgTMZrefUTTHRFYNj7DLWE_8z8vEvZq_gi2s4mhmlFMoxLuXHiuB98nnIvqRd6o7eAsOeLjcwu_F6I78ISDH5ZE5iD9mFBhQ9Ow8Swp3d_FCaoKB5160ESTT_UDqExVlaw0VOqv9VFK8qmcQ4_nRtpNrb3kgAau35mgs_aK3fgBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_07JMnPm7hQ_GeJ2q7kg4mqwhrCjQ%26client%3Dca-pub-5950405679604215%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

1656d0e986200d7a28676d8e6541b4569ade3865d44ed85ebef0756888988371

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Fri, 15 Apr 2022 12:18:08 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=n8yhJNGmttUUtOjb1ymG9pHqOB22X8gvLDgPfgjD8K2gWE7Df0dl04OBkHx7ioPzX58A0zRdovBE_P3tO_PW2DrX6nI0MHgGc0fJyHoCcq0NeeyqC894k1hOIIBhmc-KEfnNDea4qlQ1jOddfqwAqaZ1nz6OeXeYitxnMKdSscrWnh4uS9KHWsb6CRrLsbE1E__5vW1Rww4mDMvFV7h7vnAoMXmNS8ztWtdMETuQwberYujC5Lu8YqX7cHPpKBWIoODurg"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 6499649
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame F3AF 3 KB
1 KB 35ms
7ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5950405679604215&output=html&h=250&slotname=7385311712&adk=2292990355&adf=4152151687&pi=t.ma~as.7385311712&w=300&lmt=1650025090&psa=0&format=300x250&url=https%3A%2F%2Fposthereads.com%2F395%2Fposts%2F7-Tickets%2F63-Travel%2F1143025-Alaska-Airlines-Baggage-Policy-1-844-460-3598.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650025090311&bpp=1&bdt=409&idt=231&shv=r20220413&mjsv=m202204110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C160x600%2C300x250&nras=1&correlator=5678462949565&frm=20&pv=1&ga_vid=646327275.1650025090&ga_sid=1650025090&ga_hid=303782050&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=488&ady=669&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C31067064%2C31065659%2C31062930&oid=2&pvsid=2378705965000664&pem=920&tmod=832950104&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=sX1aTgHamD&p=https%3A//posthereads.com&dtd=234

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 12:12:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 321
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Apr 2022 12:12:48 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F3AF 119 KB
36 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5950405679604215&output=html&h=250&slotname=7385311712&adk=2292990355&adf=4152151687&pi=t.ma~as.7385311712&w=300&lmt=1650025090&psa=0&format=300x250&url=https%3A%2F%2Fposthereads.com%2F395%2Fposts%2F7-Tickets%2F63-Travel%2F1143025-Alaska-Airlines-Baggage-Policy-1-844-460-3598.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650025090311&bpp=1&bdt=409&idt=231&shv=r20220413&mjsv=m202204110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C160x600%2C300x250&nras=1&correlator=5678462949565&frm=20&pv=1&ga_vid=646327275.1650025090&ga_sid=1650025090&ga_hid=303782050&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=488&ady=669&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C31067064%2C31065659%2C31062930&oid=2&pvsid=2378705965000664&pem=920&tmod=832950104&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=sX1aTgHamD&p=https%3A//posthereads.com&dtd=234

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

708369fe8dc1fd8fce92d3a7078852bb50ba4ba1a1884b1358c3bf03e1670d50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 12:18:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36909
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1649897599747219"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 15 Apr 2022 12:18:09 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame F3AF 15 KB
6 KB 34ms
8ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5950405679604215&output=html&h=250&slotname=7385311712&adk=2292990355&adf=4152151687&pi=t.ma~as.7385311712&w=300&lmt=1650025090&psa=0&format=300x250&url=https%3A%2F%2Fposthereads.com%2F395%2Fposts%2F7-Tickets%2F63-Travel%2F1143025-Alaska-Airlines-Baggage-Policy-1-844-460-3598.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650025090311&bpp=1&bdt=409&idt=231&shv=r20220413&mjsv=m202204110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C160x600%2C300x250&nras=1&correlator=5678462949565&frm=20&pv=1&ga_vid=646327275.1650025090&ga_sid=1650025090&ga_hid=303782050&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=488&ady=669&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C31067064%2C31065659%2C31062930&oid=2&pvsid=2378705965000664&pem=920&tmod=832950104&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=sX1aTgHamD&p=https%3A//posthereads.com&dtd=234

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 12:14:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 244
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6409
x-xss-protection: 0
server: cafe
etag: 15284592792851369840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Apr 2022 12:14:05 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F3AF 0
0 46ms
45ms Fetch
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CuJtugWJZYpdp25TLBcv2hYANyZ7SsVzVnZH3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTUwNDA1Njc5NjA0MjE1oAHVttLqA8gBCakC2pWIbbkmsj6oAwGqBIQCT9DPP-gzy2BsecDsWxjo6Dzf4-_ttj9cLB1Wlw6gSvPve6ckzzAwQlm-AE5OQl6agiRa2Y2K-DwCKlb8RbYCGYb31muSeD0P-abLuKSAbZD3j8b5kxIskAOm8rSIY74uMzSulDBVSiK16ja1c6-U0BZbF3CtRoLrJQTkUL3HsIexJs91pPfjjXL6Bm1IHBuIAFIpUlTSx0aU_P6A_oUMxrm8spY5KYyvceowfskNoO-7fdrUYTLWWw7xP98eydRPlji12JYmAIRjsNVkP8g04crqLe3iU-G1S-kEsTK-jmkkwsMeDsT4BtdBfDn0aoFooI0QryFp2MNTez2aZORe-x71w1eABq7fmaCz9ord-AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi01OTUwNDA1Njc5NjA0MjE1GAA&sigh=aNyfu_5bjVQ&uach_m=[UACH]&cid=CAQSGwCNIrLMcv2Vtv-2zUrOL7Z8ekKH9m9WVVBLThgB

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5950405679604215&output=html&h=250&slotname=7385311712&adk=2292990355&adf=4152151687&pi=t.ma~as.7385311712&w=300&lmt=1650025090&psa=0&format=300x250&url=https%3A%2F%2Fposthereads.com%2F395%2Fposts%2F7-Tickets%2F63-Travel%2F1143025-Alaska-Airlines-Baggage-Policy-1-844-460-3598.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650025090311&bpp=1&bdt=409&idt=231&shv=r20220413&mjsv=m202204110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C160x600%2C300x250&nras=1&correlator=5678462949565&frm=20&pv=1&ga_vid=646327275.1650025090&ga_sid=1650025090&ga_hid=303782050&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=488&ady=669&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C31067064%2C31065659%2C31062930&oid=2&pvsid=2378705965000664&pem=920&tmod=832950104&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=sX1aTgHamD&p=https%3A//posthereads.com&dtd=234

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5950405679604215&output=html&h=250&slotname=7385311712&adk=2292990355&adf=4152151687&pi=t.ma~as.7385311712&w=300&lmt=1650025090&psa=0&format=300x250&url=https%3A%2F%2Fposthereads.com%2F395%2Fposts%2F7-Tickets%2F63-Travel%2F1143025-Alaska-Airlines-Baggage-Policy-1-844-460-3598.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650025090311&bpp=1&bdt=409&idt=231&shv=r20220413&mjsv=m202204110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C160x600%2C300x250&nras=1&correlator=5678462949565&frm=20&pv=1&ga_vid=646327275.1650025090&ga_sid=1650025090&ga_hid=303782050&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=488&ady=669&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C31067064%2C31065659%2C31062930&oid=2&pvsid=2378705965000664&pem=920&tmod=832950104&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=sX1aTgHamD&p=https%3A//posthereads.com&dtd=234
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 15 Apr 2022 12:18:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame F3AF 0
0 44ms
17ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=Uv2jEt2BMKwC-gGdg2ICAgAAAPoY8hM53BvS0dwWkxCAYlliif2ocaZ6Mnl8xkwAEg&wp=YlligQAANJcKsspbAAF7S0u0TKZx4msytjPwTA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5950405679604215&output=html&h=250&slotname=7385311712&adk=2292990355&adf=4152151687&pi=t.ma~as.7385311712&w=300&lmt=1650025090&psa=0&format=300x250&url=https%3A%2F%2Fposthereads.com%2F395%2Fposts%2F7-Tickets%2F63-Travel%2F1143025-Alaska-Airlines-Baggage-Policy-1-844-460-3598.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650025090311&bpp=1&bdt=409&idt=231&shv=r20220413&mjsv=m202204110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C160x600%2C300x250&nras=1&correlator=5678462949565&frm=20&pv=1&ga_vid=646327275.1650025090&ga_sid=1650025090&ga_hid=303782050&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=488&ady=669&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C31067064%2C31065659%2C31062930&oid=2&pvsid=2378705965000664&pem=920&tmod=832950104&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=sX1aTgHamD&p=https%3A//posthereads.com&dtd=234

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 12:18:08 GMT
server: Kestrel
server-processing-duration-in-ticks: 339769
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 3BD2 43 KB
17 KB 26ms
18ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YlligQAANJcKsspbAAF7S0u0TKZx4msytjPwTA&u=%7CIupyApwj8KApmAIy87WXegU1stpd9oCgF3WugFCTLg8%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wcB12Im2CSJpKIuTSpvnklxS-6G21LPd9GU7rlMtM1cSXA7F30WHmlpVgaKHcOoRJZ00Xje4GDBjFvjewP8D0FD8gbOaPSC1f2keswbgSmgnQnoCs-d_XltQa1BuQOlSItLqBjZ437AOuPSK5vJmD2ZMhQaaMrV3qkGwE_l0dyF1eGnpFZusXQuJG6pxu2a-AfFgjL0EkLnQk2lCfyB6qHOueEBDj_7HAAOILaUOgGaN06g6_zcBEg-cju-Jx-Tr8WF2Z995L93Fi1IbGJynH-yDPX9wCICiyUVsENY7Xddo_zmZczFI6aBti9B209UFNvb-uqreNg1ezjAHt6a913TUbxV18G_QeN-Rs6SCRZ7VvLoLDubv8hL1QxtLUhbDqaMzWa_D_2mx8ZDZahy8R4TUARueVDFiVU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxdwcgWJZYpdp25TLBcv2hYANyZ7SsVzVnZH3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTUwNDA1Njc5NjA0MjE1oAHVttLqA8gBCakC2pWIbbkmsj6oAwGqBIcCT9DPP-gzy2BsecDsWxjo6Dzf4-_ttj9cLB1Wlw6gSvPve6ckzzAwQlm-AE5OQl6agiRa2Y2K-DwCKlb8RbYCGYb31muSeD0P-abLuKSAbZD3j8b5kxIskAOm8rSIY74uMzSulDBVSiK16ja1c6-U0BZbF3CtRoLrJQTkUL3HsIexJs91pPfjjXL6Bm1IHBuIAFIpUlTSx0aU_P6A_oUMxrm8spY5KYyvceowfskNoO-7fdrUYTLWWw7xP98eydRPlji12JYmAIRjsNVkP8g04crqLe3iU-G1S-kEsTK-zGsFUESRktdHmsPirARSkoh8qjsagTnrbAtu3c8leshGfrRx0OgFVMeABq7fmaCz9ord-AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1eOU_BYihleWWT5D_X6vzG4GCrLg%26client%3Dca-pub-5950405679604215%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5950405679604215&output=html&h=250&slotname=7385311712&adk=2292990355&adf=4152151687&pi=t.ma~as.7385311712&w=300&lmt=1650025090&psa=0&format=300x250&url=https%3A%2F%2Fposthereads.com%2F395%2Fposts%2F7-Tickets%2F63-Travel%2F1143025-Alaska-Airlines-Baggage-Policy-1-844-460-3598.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650025090311&bpp=1&bdt=409&idt=231&shv=r20220413&mjsv=m202204110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C160x600%2C300x250&nras=1&correlator=5678462949565&frm=20&pv=1&ga_vid=646327275.1650025090&ga_sid=1650025090&ga_hid=303782050&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=488&ady=669&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C31067064%2C31065659%2C31062930&oid=2&pvsid=2378705965000664&pem=920&tmod=832950104&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=sX1aTgHamD&p=https%3A//posthereads.com&dtd=234

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6939d70996ad2fea432e773da036b6ca2df4b5ab45f12dccc9cb4d3f0c737220

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Fri, 15 Apr 2022 12:18:08 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=SuevptGmttUUtOjbP8Qv2pyTGAPJe4m-YgbyS-ttHglPnj6OHm0gkv_3z4bRCS4bkYWboSpx0_9QP5CFS2P5T_7b05gMYcMXLAfS-o7E4nZOQu80O0xwoRVIjTLqJbdS-emG03BzjQBOMMovjMgiXiKvo0cJK0CgW3BD34XrH9RYm8M-f3cb2VhhS7T6zd95FetFUvRl1HEIrxcUq2uQ9wB692SQ1Z_gcvpaY3C_HmDE3Dv9FGQlBqVRo0HUiyEK4L_sxkImdF9Z_TEN"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 4149091
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame 1F78 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dcb0dc2971cfb012f07b5eea6c6a63243f72e131324f4871d0a9faa704ae78c9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame D501 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8aeb826e41ea23d6857e84402f827aeff1f0c1dc203dddff93bd5d12fdcfb49d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame A960 2 KB
1 KB 43ms
13ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YlligAAOzaQKsuCQAALxBWtFgub8KvnfNVaHRQ&u=%7CIupyApwj8KCe8mHLBsq3UNWxJNO5HGFYpiJpznQMkMU%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wcB12Im2CSJpKIuTSpvnklxTfbzESBbVV3dKL6WMxTCC9RuHN_UwHZITZVcFEry2mF6F42pRH0mxrRnJsZbilzwyxyb9ECWbss8tx5xm8060lSLNn74Z74O8C57Gxz4LC56EodqRqXbfX6aIAcbOSYhkl_Fajbd2Fl3vNCDYBi73S-FhlG42WDcTnzD_T3CsVelEO2O6CTwA9ZnW8UgtkkfY8_CZVaXIPVptfqkc-5-WG5q6apYjPqR098qOb5AbUb0oiXPy2W2pq3yxok49nVCrQeOzb-N8s3nGay4ScxN21AO1cHe7yY_eQDR1gTOwA_1gf1L1j4svSkihB66UUhRh8pMTCi-xWywxxItcYLl5ewD30Jrb2yXdoF3RR2HrZQPmxLFbrqCx1gbSTrXLmGX&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxRi0gGJZYqSbO5DBywWF4ouIBcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk1MDQwNTY3OTYwNDIxNaAB1bbS6gPIAQmpAuHBDbIyILI-qAMBqgSGAk_Q_MLB4cpMsCCkGR_lhrk-Y4fnidwlIC-pQ9LKHPNGmOybulUYBOeNNRiU5Lgi39cVX-WW9gYRfTaJuwv2npSS_bmpf166y_d5wsxvWLT-rOP624C9us5HP_bynV_xSLccrISrYMyuro34AUxXz44_lwAV5usnOFja4h6c3BRQblsMMoubHTCg3I_Of4NnGa9wKdvBgX54JQdofSVwBBmYIpwoXPY5InQIcx_a43Icl13dQnivNFdbWgOIxg4g_fTC3c3oizn7KfTERdoDMZcgad2V9kTrsxkY-oRVNDTI5XM1JjyERmU2bDMyhfu1txMDcPoXEugiakiDMuWTYX1bP7I6iwaABq7fmaCz9ord-AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3PPAsH_NNqTolh6gyL69kEdjv4VQ%26client%3Dca-pub-5950405679604215%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 12:18:09 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 10 Apr 2023 12:18:09 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame A960 2 KB
1 KB 80ms
51ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 12:18:09 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 10 Apr 2023 12:18:09 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame A960 308 B
636 B 71ms
58ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 12:18:09 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 10 Apr 2023 12:18:09 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame A960 507 B
835 B 27ms
14ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 12:18:09 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Mon, 10 Apr 2023 12:18:09 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/m/delivery/ Frame A960 43 B
348 B 51ms
16ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=7-9aR37yhZ3SxTMvEAd9vGFmcfBJRFT9Rlhw5iNynGchGTLny5MqyzsZjlrQuAKKTpzc9btcs6aNi1GvIiHONR0bfsg-p6Q2RNp1-Z5C2Z50RPGC7igNh6dO5HQddhVHUXnntho21q9-D58Zgxyo-vg60YssEHwJ5dtJt3vtXnVjjNL7p22s9kytK2T3i8kPt6CXWvXfb4aMRF8oZ9EZNOhWdmhFKj6HhEnBrjhs1HB9WCBUX2gtO1WAVQVH0ms1QIA_sOfIW22_MnFDJ9sypUKZ5tCwita6XYo51HIsaDEg58sXeQYVt8y-U06a8UMHIeKjHhtGoCiAdCnbimDGCQOWY4i7dq239c2nmtBhpMPah0TWG0CG9nK-0AMmgnxCOqwtPw1BVs2Je1iCGPVFVS2ejNaDJ_aj06pQLsFQ-EYNHZOqoBINnKNUQjRn6dZA6_eWNg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Apr 2022 12:18:08 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2724843
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 de7ceb82d2b34a9aaa87b9198d2d2b2c_image_ad_728x90.gif
static.criteo.net/design/dt/90764/220105/ Frame A960 431 KB
432 KB 37ms
25ms Image
image/gif 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/90764/220105/de7ceb82d2b34a9aaa87b9198d2d2b2c_image_ad_728x90.gif

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

6a5a94d0b2fb606a853bc24347234da9e31ecca4a6e35841c6a2443833fdfc30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 12:18:09 GMT
last-modified: Wed, 05 Jan 2022 18:27:39 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "61d5e31b-6bc67"
strict-transport-security: max-age=31536000; preload;
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 441447
expires: Mon, 10 Apr 2023 12:18:09 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame B26D 2 KB
1 KB 35ms
14ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YlligAAPBR0KsqWUAAmfz2WU6P1ZCb2tY8YDxg&u=%7CIupyApwj8KC9yLtKIvLr2YnPEEwcZj8YyAliuTgGIS4%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6e-4vOkZyr-tuWKbg6CJmKWlYECc58TSh5mSyPXcrKHbb7I_1e551O5aN88wJuIOBCXzftfeFtUrQuoS41cm2qBVtyM0dqXm0YyKMPjDAgQ2YT_vOHgNIR3YPjh0nIdtDi6J7jNmybO5g8-m9Hm8O7JdEq8UxLwvgxRF3PeLc8CAVPxyp5akdm1Xp8ekSLKCNlusck8KfLsNQTRzin4eCqPaz03hc-a_vNji3r56OtuFTaONEkwwPk4APEp3idRkOxsA_MiVI7AekxceoX3oNo0mrKvRWEUWM3iBU0KcGjjNxrwD8wBMeZAprzibt1mu2YJbKwW9mRzc958cHyiXpQRqYfu1MHQOFz2cRduBHGqW1UWm4uLPigSaxQXuuTnxfVTPGa_aFMUzHQt6qyQ8xPd6_eQyAXlhxtYgBRLHGpSX&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCu5SwgGJZYp2KPJTLygXPv6aoDMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk1MDQwNTY3OTYwNDIxNaAB1bbS6gPIAQmpAuHBDbIyILI-qAMBqgSHAk_QCeMx-sJNFH74SXNFGfPPPb-q9b6skDAvWE9at47YbdZjoT17teghJTAGtGsVFYsq2mO7M2nP04WbmuzTev9hMBuaasTgS8VJWVxEutxa8np8y4WOVyMDqCgLWzLuVqlDnL7eNPRBwK2VQAFTH25SYLuebCVdtst4JH0v_QEH-bRstkdILKbjH9KVMGbGLZKsckgTMZrefUTTHRFYNj7DLWE_8z8vEvZq_gi2s4mhmlFMoxLuXHiuB98nnIvqRd6o7eAsOeLjcwu_F6I78ISDH5ZE5iD9mFBhQ9Ow8Swp3d_FCaoKB5160ESTT_UDqExVlaw0VOqv9VFK8qmcQ4_nRtpNrb3kgAau35mgs_aK3fgBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_07JMnPm7hQ_GeJ2q7kg4mqwhrCjQ%26client%3Dca-pub-5950405679604215%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 12:18:09 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 10 Apr 2023 12:18:09 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame B26D 2 KB
1 KB 34ms
14ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 12:18:09 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 10 Apr 2023 12:18:09 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame B26D 308 B
636 B 46ms
45ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 12:18:09 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 10 Apr 2023 12:18:09 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame B26D 507 B
835 B 45ms
45ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 12:18:09 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Mon, 10 Apr 2023 12:18:09 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/m/delivery/ Frame B26D 43 B
347 B 30ms
17ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=NiKHHFwmtHnLL1_guGeHLVy_dTsLClPD0Rz5G19m4uxKkJGHLsZ609YjsGwdU7prLuO4eBneAQpGIXSf-ZKq82biytjGWrKXJuw689q5WFe7tt3tah8AbtNngcmyOiu2h-yWqdXvbY7ztXSP1Whhl7Gky45-PAxkJS2dLj0vS5PC2nP692QuRIbeOYOXKfJzZWEOUNe5Z9ls88DjW-WF3bFrC2phwYLh-VImFnceyOBhUpmmLWKo3Y-wAJKyqUva6nhMel9DsQteZbxV1bksqjD80AIwWxUqT_5b3WZxzDNmTR5R95SPS-IqAdekQFIgkD5e-OqnO-uAGtXMXn3l9jjpEePtVpcMNV6mUAw_JVNjzjal6rxG0jsQCTrl6vtsbTJbCL-ICSnG5b6CZokgjlRkTtDQxS-KBdqM9Rvf7bFn3oYwyRc34WNzH8ULBIJPokK4Ng

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Apr 2022 12:18:09 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3684734
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 010176d8751a44d8922f8b325c26ec43_image_ad_160x600.gif
static.criteo.net/design/dt/90764/220105/ Frame B26D 162 KB
163 KB 52ms
51ms Image
image/gif 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/90764/220105/010176d8751a44d8922f8b325c26ec43_image_ad_160x600.gif

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

fdaeb32f2f2b026d74b2e820d614241b2354687e456819ece14659f8d8511dc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 12:18:09 GMT
last-modified: Wed, 05 Jan 2022 18:27:39 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "61d5e31b-288fc"
strict-transport-security: max-age=31536000; preload;
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 166140
expires: Mon, 10 Apr 2023 12:18:09 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 3BD2 2 KB
1 KB 53ms
53ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YlligQAANJcKsspbAAF7S0u0TKZx4msytjPwTA&u=%7CIupyApwj8KApmAIy87WXegU1stpd9oCgF3WugFCTLg8%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wcB12Im2CSJpKIuTSpvnklxS-6G21LPd9GU7rlMtM1cSXA7F30WHmlpVgaKHcOoRJZ00Xje4GDBjFvjewP8D0FD8gbOaPSC1f2keswbgSmgnQnoCs-d_XltQa1BuQOlSItLqBjZ437AOuPSK5vJmD2ZMhQaaMrV3qkGwE_l0dyF1eGnpFZusXQuJG6pxu2a-AfFgjL0EkLnQk2lCfyB6qHOueEBDj_7HAAOILaUOgGaN06g6_zcBEg-cju-Jx-Tr8WF2Z995L93Fi1IbGJynH-yDPX9wCICiyUVsENY7Xddo_zmZczFI6aBti9B209UFNvb-uqreNg1ezjAHt6a913TUbxV18G_QeN-Rs6SCRZ7VvLoLDubv8hL1QxtLUhbDqaMzWa_D_2mx8ZDZahy8R4TUARueVDFiVU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxdwcgWJZYpdp25TLBcv2hYANyZ7SsVzVnZH3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTUwNDA1Njc5NjA0MjE1oAHVttLqA8gBCakC2pWIbbkmsj6oAwGqBIcCT9DPP-gzy2BsecDsWxjo6Dzf4-_ttj9cLB1Wlw6gSvPve6ckzzAwQlm-AE5OQl6agiRa2Y2K-DwCKlb8RbYCGYb31muSeD0P-abLuKSAbZD3j8b5kxIskAOm8rSIY74uMzSulDBVSiK16ja1c6-U0BZbF3CtRoLrJQTkUL3HsIexJs91pPfjjXL6Bm1IHBuIAFIpUlTSx0aU_P6A_oUMxrm8spY5KYyvceowfskNoO-7fdrUYTLWWw7xP98eydRPlji12JYmAIRjsNVkP8g04crqLe3iU-G1S-kEsTK-zGsFUESRktdHmsPirARSkoh8qjsagTnrbAtu3c8leshGfrRx0OgFVMeABq7fmaCz9ord-AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1eOU_BYihleWWT5D_X6vzG4GCrLg%26client%3Dca-pub-5950405679604215%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 12:18:09 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 10 Apr 2023 12:18:09 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 3BD2 2 KB
1 KB 48ms
47ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 12:18:09 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 10 Apr 2023 12:18:09 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 3BD2 308 B
636 B 53ms
52ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 12:18:09 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 10 Apr 2023 12:18:09 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame 3BD2 507 B
835 B 48ms
47ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 12:18:09 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Mon, 10 Apr 2023 12:18:09 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/m/delivery/ Frame 3BD2 43 B
347 B 17ms
16ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=yiT1cQn4vvZV5CDdlLNOexD51ykTfVrqVULxfApUDxZe8SBn4dOm4F3ovJvGd0C7gIBXTNwjpfcJgNBQC6FJhP3wY8yvuqyp5hJW0y0AT2KI2BhuvyZcb-oZJ8TgFgAN-eVADgP4bxXT9euRXLwsmg3zfQ7oXLisjrTyl_NZhu8hJ0sFWOLPWDUKEYh7FU8TXIcUJV2Cb_b-QX4DE0M6unusCNUKocP6txol1H6hZCEXHr8WaoSc--O16g5QvmmE9YgYla2meme_9tXkXNr9BNZM-yCiU-MgIUejndAnzGbneTU5ddwQ5dgek3GgqUloF8LtH_trcE-_xNYXOTUCmDLRe1SjMqlbyM0Mktn2AcF8nXp6-Wib7FsQnXpgsIluvAvtrjdGhYfgAzyIQ2PdNt-GosTm5lRado0QybxfPGMNIpHwmcNcGjxU3LwMe3XA-Cm5Iw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Apr 2022 12:18:08 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2844863
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 b0136391d4ea4d4a997f7f03dea470a1_image_ad_300x250.gif
static.criteo.net/design/dt/90764/220105/ Frame 3BD2 261 KB
262 KB 48ms
47ms Image
image/gif 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/90764/220105/b0136391d4ea4d4a997f7f03dea470a1_image_ad_300x250.gif

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

101d2adecdc84a8dddd428b3de2cc7a12373eda82eb2057893960437dc55a1d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 12:18:09 GMT
last-modified: Wed, 05 Jan 2022 18:27:39 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "61d5e31b-41466"
strict-transport-security: max-age=31536000; preload;
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 267366
expires: Mon, 10 Apr 2023 12:18:09 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame A960 0
127 B 48ms
16ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=Tuyv8tGmttUUtOjbn6ilwOQ01s974y6GsJPIE6lIeYIdioQUhfDdhc83cH_hhtlZ7kh_-dsEt4k6yNkhKVwIDQR1qh89Bww3Gy6upj_VuYOJbktV8n_FqTARO5htJxg0mSd7uQika2p83lmnk6YsrYd1kIUbp0pZkI68_u2y_hxabDVnDoRK6PiGxueOQxYQO73_gkvsRrzI4yu8CWyhSBIR_uNQOi0i2HkQROK1_Bc0meIYLWnDNuBMXz5piARHheO6S-Pn1R06Z_4o&sds=2&rev=81123&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 15 Apr 2022 12:18:08 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame A960 2 KB
1 KB 50ms
50ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 12:18:09 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 10 Apr 2023 12:18:09 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame A960 2 KB
1 KB 47ms
47ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 12:18:09 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 10 Apr 2023 12:18:09 GMT

GET
DATA 200
OK truncated
/ Frame F3AF 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 48469a54f85cf6269498fca1d7d927358742f7c571ef2bcf82216f4591aacaa4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 all
csm.eu.criteo.net/ Frame B26D 0
128 B 34ms
16ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=n8yhJNGmttUUtOjb1ymG9pHqOB22X8gvLDgPfgjD8K2gWE7Df0dl04OBkHx7ioPzX58A0zRdovBE_P3tO_PW2DrX6nI0MHgGc0fJyHoCcq0NeeyqC894k1hOIIBhmc-KEfnNDea4qlQ1jOddfqwAqaZ1nz6OeXeYitxnMKdSscrWnh4uS9KHWsb6CRrLsbE1E__5vW1Rww4mDMvFV7h7vnAoMXmNS8ztWtdMETuQwberYujC5Lu8YqX7cHPpKBWIoODurg&sds=2&rev=81123&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 15 Apr 2022 12:18:08 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame B26D 2 KB
1 KB 48ms
47ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 12:18:09 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 10 Apr 2023 12:18:09 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame B26D 2 KB
1 KB 45ms
45ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 12:18:09 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 10 Apr 2023 12:18:09 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 3BD2 0
127 B 21ms
21ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=SuevptGmttUUtOjbP8Qv2pyTGAPJe4m-YgbyS-ttHglPnj6OHm0gkv_3z4bRCS4bkYWboSpx0_9QP5CFS2P5T_7b05gMYcMXLAfS-o7E4nZOQu80O0xwoRVIjTLqJbdS-emG03BzjQBOMMovjMgiXiKvo0cJK0CgW3BD34XrH9RYm8M-f3cb2VhhS7T6zd95FetFUvRl1HEIrxcUq2uQ9wB692SQ1Z_gcvpaY3C_HmDE3Dv9FGQlBqVRo0HUiyEK4L_sxkImdF9Z_TEN&sds=2&rev=81123&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 15 Apr 2022 12:18:09 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 3BD2 2 KB
1 KB 38ms
38ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 12:18:09 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 10 Apr 2023 12:18:09 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 3BD2 2 KB
1 KB 39ms
39ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 12:18:09 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 10 Apr 2023 12:18:09 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1F78 42 B
64 B 55ms
41ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstnP3fWBFY0kuI1y2IOnSumH3-mS2nFDkARxmkWXOcuXzzfnrQbNhG59xaXQaLmC2Hj_8QibgZ0h4DTXvOjcTT5&sig=Cg0ArKJSzAMKodosIs_YEAE&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220413&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2856261430&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1650025090513&rpt=439&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Apr 2022 12:18:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D501 42 B
64 B 53ms
40ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsucCSJUV4WEVDfPT5T_ukQmB0CYazKgO83GcxYQmlyZxqDMRpEW37sISX7HG_l3wpeh_V9R45EqgM4e6FbEaMSW&sig=Cg0ArKJSzBT4CzOL-BFcEAE&id=lidar2&mcvt=1002&p=0,0,90,728&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20220413&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=64169237&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1650025090503&rpt=432&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Apr 2022 12:18:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F3AF 42 B
64 B 41ms
40ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvUEdTRHZ1ObexWy6BbnMJayJoWjapvIyLCeEprjr-URFXLqabQEIQSRraMFtuVFanin_GNH2m9_lpal0GBVkU6&sig=Cg0ArKJSzL28ACLn-FqnEAE&id=lidar2&mcvt=1001&p=0,0,250,300&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220413&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2292990355&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1650025090546&rpt=444&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Apr 2022 12:18:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame A960 0
127 B 16ms
15ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 15 Apr 2022 12:18:09 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

POST
H2 200 all
csm.eu.criteo.net/ Frame B26D 0
127 B 15ms
15ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 15 Apr 2022 12:18:09 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

POST
H2 200 all
csm.eu.criteo.net/ Frame 3BD2 0
127 B 15ms
15ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 15 Apr 2022 12:18:10 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H/1.1 200
OK 82e9ac5244208706e17f1a760e385c08.gif
creative.mathads.com/0001/a7/5c/59/89/ Frame 8914 142 KB
143 KB 51ms
9ms Image
image/gif 104.92.107.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://creative.mathads.com/0001/a7/5c/59/89/82e9ac5244208706e17f1a760e385c08.gif
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5950405679604215&output=html&h=250&slotname=7385311712&adk=2292990355&adf=1312291996&pi=t.ma~as.7385311712&w=300&lmt=1650025090&psa=0&format=300x250&url=https%3A%2F%2Fposthereads.com%2F395%2Fposts%2F7-Tickets%2F63-Travel%2F1143025-Alaska-Airlines-Baggage-Policy-1-844-460-3598.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650025090311&bpp=1&bdt=409&idt=221&shv=r20220413&mjsv=m202204110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C160x600&nras=1&correlator=5678462949565&frm=20&pv=1&ga_vid=646327275.1650025090&ga_sid=1650025090&ga_hid=303782050&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=488&ady=184&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C31067064%2C31065659%2C31062930&oid=2&pvsid=2378705965000664&pem=920&tmod=832950104&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=xTowisXL7b&p=https%3A//posthereads.com&dtd=225
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.92.107.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-107-192.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 3690fab6a83ebfb70e985d520716053a2baaee486792a7e859165692b7d97fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Fri, 15 Apr 2022 12:18:10 GMT
Last-Modified: Fri, 18 Feb 2022 07:18:44 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P3
ETag: "d2a644842dadd13684f400d70e552a0e"
Content-Type: image/gif
Cache-Control: private, max-age=31536000
Connection: keep-alive
Content-Length: 145657
X-Amz-Cf-Id: tXSYee2hD05Mm2KLwILYjaCTmicE7E7aNJ2qo6cKd_FdUFYnuJjh6g==

GET
H/1.1 200
OK ck-confirm
tags.mathtag.com/ Frame 8914 49 B
329 B 927ms
927ms Image
image/gif 103.229.205.242
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/ck-confirm?bid_id=8582778428626379189&node_id=329&exch_id=4
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5950405679604215&output=html&h=250&slotname=7385311712&adk=2292990355&adf=1312291996&pi=t.ma~as.7385311712&w=300&lmt=1650025090&psa=0&format=300x250&url=https%3A%2F%2Fposthereads.com%2F395%2Fposts%2F7-Tickets%2F63-Travel%2F1143025-Alaska-Airlines-Baggage-Policy-1-844-460-3598.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650025090311&bpp=1&bdt=409&idt=221&shv=r20220413&mjsv=m202204110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C160x600&nras=1&correlator=5678462949565&frm=20&pv=1&ga_vid=646327275.1650025090&ga_sid=1650025090&ga_hid=303782050&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=488&ady=184&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C31067064%2C31065659%2C31062930&oid=2&pvsid=2378705965000664&pem=920&tmod=832950104&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=xTowisXL7b&p=https%3A//posthereads.com&dtd=225
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.229.205.242 , Singapore, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.308.0 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Fri, 15 Apr 2022 12:18:11 GMT
Server: MMBD/3.308.0
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: nrt-router-x13, cdg-bidder-x39
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Fri, 15 Apr 2022 12:18:10 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame 8914 43 B
405 B 175ms
101ms Image
image/gif 104.79.88.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=8582778428626379189&v3=1016661&v4=9587558&v5=10144339&mt_nsync=1&no_attr=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5950405679604215&output=html&h=250&slotname=7385311712&adk=2292990355&adf=1312291996&pi=t.ma~as.7385311712&w=300&lmt=1650025090&psa=0&format=300x250&url=https%3A%2F%2Fposthereads.com%2F395%2Fposts%2F7-Tickets%2F63-Travel%2F1143025-Alaska-Airlines-Baggage-Policy-1-844-460-3598.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650025090311&bpp=1&bdt=409&idt=221&shv=r20220413&mjsv=m202204110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C160x600&nras=1&correlator=5678462949565&frm=20&pv=1&ga_vid=646327275.1650025090&ga_sid=1650025090&ga_hid=303782050&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=488&ady=184&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C31067064%2C31065659%2C31062930&oid=2&pvsid=2378705965000664&pem=920&tmod=832950104&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=xTowisXL7b&p=https%3A//posthereads.com&dtd=225
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.79.88.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-79-88-164.deploy.static.akamaitechnologies.com
Software: MT3 4281 354de82 master iad-pixel-x13 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Fri, 15 Apr 2022 12:18:10 GMT
Server: MT3 4281 354de82 master iad-pixel-x13 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 15 Apr 2022 12:18:09 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame 8914 49 B
329 B 1053ms
549ms Image
image/gif 103.229.205.242
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=8582778428626379189&st=9587558&time=1650025090&nodeid=329
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5950405679604215&output=html&h=250&slotname=7385311712&adk=2292990355&adf=1312291996&pi=t.ma~as.7385311712&w=300&lmt=1650025090&psa=0&format=300x250&url=https%3A%2F%2Fposthereads.com%2F395%2Fposts%2F7-Tickets%2F63-Travel%2F1143025-Alaska-Airlines-Baggage-Policy-1-844-460-3598.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650025090311&bpp=1&bdt=409&idt=221&shv=r20220413&mjsv=m202204110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C160x600&nras=1&correlator=5678462949565&frm=20&pv=1&ga_vid=646327275.1650025090&ga_sid=1650025090&ga_hid=303782050&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=488&ady=184&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C31067064%2C31065659%2C31062930&oid=2&pvsid=2378705965000664&pem=920&tmod=832950104&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=xTowisXL7b&p=https%3A//posthereads.com&dtd=225
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.229.205.242 , Singapore, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.308.0 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Fri, 15 Apr 2022 12:18:11 GMT
Server: MMBD/3.308.0
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: nrt-router-x11, cdg-bidder-x39
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Fri, 15 Apr 2022 12:18:10 GMT

GET
DATA 200
OK truncated
/ Frame 8914 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 239ac3ed5c44f0c0b2a4e78ffc754bc4f0556bd44c4101419070c01452794b65

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame 8914 43 B
404 B 119ms
102ms Image
image/gif 104.79.88.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1370448&mt_adid=216764&mt_nsync=1&s1=8582778428626379189&v1=4&v2=393176820&v3=posthereads.com&v4=1016661&v5=9587558&v6=10144339&v7=https://creative.mathads.com/0001/a7/5c/59/89/82e9ac5244208706e17f1a760e385c08.gif&v8=300x250&v9=null&v10=null&v11=&v12=Google%20Inc.&v13=5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/100.0.4896.75%20Safari/537.36&v14=en-US&v15=Linux%20x86_64&v16=display_1.7&v17=CREATIVE_IMAGE_LOAD_SUCCESSFUL
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5950405679604215&output=html&h=250&slotname=7385311712&adk=2292990355&adf=1312291996&pi=t.ma~as.7385311712&w=300&lmt=1650025090&psa=0&format=300x250&url=https%3A%2F%2Fposthereads.com%2F395%2Fposts%2F7-Tickets%2F63-Travel%2F1143025-Alaska-Airlines-Baggage-Policy-1-844-460-3598.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650025090311&bpp=1&bdt=409&idt=221&shv=r20220413&mjsv=m202204110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C160x600&nras=1&correlator=5678462949565&frm=20&pv=1&ga_vid=646327275.1650025090&ga_sid=1650025090&ga_hid=303782050&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=488&ady=184&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C31067064%2C31065659%2C31062930&oid=2&pvsid=2378705965000664&pem=920&tmod=832950104&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=xTowisXL7b&p=https%3A//posthereads.com&dtd=225
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.79.88.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-79-88-164.deploy.static.akamaitechnologies.com
Software: MT3 4320 2f2dfe5 master iad-pixel-x5 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Fri, 15 Apr 2022 12:18:10 GMT
Server: MT3 4320 2f2dfe5 master iad-pixel-x5 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 15 Apr 2022 12:18:09 GMT

GET
H2 200 ZaVnC4dhaV2J8yam9q0oeoUEQknx2kt-Qi51rnjncjQdvrkcAqXrV2WUr4GDbBE6hi3urQvYo08J86L5VoGCfuagXxJF4C-_1XPBmbXcu4qx1ul_a6ufJg==
endpoint1.collection.us2.sumologic.com/receiver/v1/http/ Frame 8914 0
0 501ms
157ms Image
text/plain 35.163.38.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://endpoint1.collection.us2.sumologic.com/receiver/v1/http/ZaVnC4dhaV2J8yam9q0oeoUEQknx2kt-Qi51rnjncjQdvrkcAqXrV2WUr4GDbBE6hi3urQvYo08J86L5VoGCfuagXxJF4C-_1XPBmbXcu4qx1ul_a6ufJg==?s1=8582778428626379189&v1=4&v2=393176820&v3=posthereads.com&v4=1016661&v5=9587558&v6=10144339&v7=https://creative.mathads.com/0001/a7/5c/59/89/82e9ac5244208706e17f1a760e385c08.gif&v8=300x250&v9=null&v10=null&v11=&v12=Google%20Inc.&v13=5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/100.0.4896.75%20Safari/537.36&v14=en-US&v15=Linux%20x86_64&v16=display_1.7&v17=CREATIVE_IMAGE_LOAD_SUCCESSFUL
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5950405679604215&output=html&h=250&slotname=7385311712&adk=2292990355&adf=1312291996&pi=t.ma~as.7385311712&w=300&lmt=1650025090&psa=0&format=300x250&url=https%3A%2F%2Fposthereads.com%2F395%2Fposts%2F7-Tickets%2F63-Travel%2F1143025-Alaska-Airlines-Baggage-Policy-1-844-460-3598.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650025090311&bpp=1&bdt=409&idt=221&shv=r20220413&mjsv=m202204110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C160x600&nras=1&correlator=5678462949565&frm=20&pv=1&ga_vid=646327275.1650025090&ga_sid=1650025090&ga_hid=303782050&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=488&ady=184&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C31067064%2C31065659%2C31062930&oid=2&pvsid=2378705965000664&pem=920&tmod=832950104&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=xTowisXL7b&p=https%3A//posthereads.com&dtd=225
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.163.38.109 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-163-38-109.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 21ms
21ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220413&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b93e8c5557db84830db42ef2d4a5fdcc88a8f895f6fa2953758ed53229bb1dc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://posthereads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 15 Apr 2022 12:18:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10544
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8914 42 B
64 B 39ms
39ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstEz6m6luXmC6tdYZldghWp3urQ35jUW36aTZ4R74HpTIbXkJ-kqYkTkmGZbQXNrzxKBmrBzGulGxwNPMPONxqm2w&sig=Cg0ArKJSzAfwJ5D5S567EAE&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220413&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2292990355&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1650025090538&rpt=1666&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Apr 2022 12:18:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://posthereads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 12:18:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 15 Apr 2022 12:18:11 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 97A2 13 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://posthereads.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2249
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 15 Apr 2022 11:40:42 GMT
expires: Sat, 15 Apr 2023 11:40:42 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 27D3 783 B
1 KB 37ms
16ms Document
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

24612240341fe3731d90ea999a0de8936e2b12ce905554cee90da76e121167c2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Kp/DdFOwkFvvfwRqrIGPkw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://posthereads.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-Kp/DdFOwkFvvfwRqrIGPkw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 15 Apr 2022 12:18:11 GMT
expires: Fri, 15 Apr 2022 12:18:11 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 iDHsPPU-w9vlnufKSHbr26QNWWZn22uKUKQjwtrxHns.js Show response
pagead2.googlesyndication.com/bg/ Frame 97A2 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/iDHsPPU-w9vlnufKSHbr26QNWWZn22uKUKQjwtrxHns.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8831ec3cf53ec3dbe59ee7ca4876ebdba40d596667db6b8a50a423c2daf11e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 12:05:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 735
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13566
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 15 Apr 2023 12:05:56 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 27D3 0
0 56ms
55ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220413&jk=2378705965000664&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 97A2 0
9 B 6ms
6ms Image
text/plain 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?lHsaHA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 12:18:11 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220413&jk=2378705965000664&bg=!KimlKW3NAAZvJBiFTyQ7ACkAdvg8WpxIwCUPIdfG_CBd7ZUVWyoakfDXfLqSKLlUzLpKakELl5AAGQIAAABoUgAAAANoAQcKAGQ1zgYZfz56O4EYkQXG7bKzoKk-ohLeEmos1Hh_StGjSgyPKF7At8ClSYIM4O-eCJuANMH1fA_UzXd0OH3lmTtEm2cLbApZ-tPAl7Va6Rs2Q0OQMSasvzpr1lvWbm64yzLRu-yNmQKZXCI6xlVw1WOV7vl13cL9T25OPDhPjDZGHqu_4GXGasUkhcT9veGhNIJ25KcNgNMk7hb01PSH7cAuyuiIL3XKE0x3AWYhANT8eE1lm6QlCb9cXfYOcDyMSb2QOaON6QkGlT80Jvh8xmJAvEtF5GlPLSfaSL_CjtGP8P2yDPGIcyL57mm2tdKMnyD3Vc1KUL9u3m2aLEg8JuQaPmRcSaEo71wkvUDCo3-UVfKi_N8x6LkeZR4CTN5bAADbNG-A41CUF0Ynr1KhIL0uaIxF2OL-qCydbgWyRnKgas19_-hLk6xJs9w_WohgHbMunUgzsB3XfRQrI-ux9yr3P2VPJWxr9O_NHJC0mVT1zAtixMHRchspnIb36lg8h_tmUyTEtdMRwkP0MreuslYjSc-6abxyNhNpshVrPdzQFn2zSXtbv4f4GtU4jAxWsQVzHDoOMlECPTpbN2z5VHTXgL2wu_Yu-9ph-J9CiIM6zJzW-VEhFIYBg1DlItl8Vv5bIyL-GpMZbaEmZUWKligB4bh8zK9hYPWrsvGy04wcrcbvbdNEiBkNxmFSjmKkCGw17Y9zyI3VyNuwmg8qBv31Heyaa_JjGlXwMPnMjTHF8-RuZVE2F9u9ZSWstluujsmKSF9Vm9X2E2s7mmCYRgg2oRi1AXkVsfMAT44AfSO_AQrYp6DFXO0UIhkr78nJthABF0eBVqNX5q8sav0gZ7Ip5iUZuVeBs3fLIJzPG-a2gvbxioaJEY9lW-vrdPDZCIWNniNW9x_tdcvNvL7zrF1H4orkFGW7KgOZkK1MnsLLviz9b4OK3HXAdhBlcXWbcajD5g92ZJgo_Rs08UYVOspSKDlbO9QXkw6_DaFZ87nlhD6zW_4WTz7svVINEm_iTxw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://posthereads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Apr 2022 12:18:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

86 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
posthereads.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: cltq81mnrbcdvvs9u0k2mmn6p5
posthereads.com/	1969-12-31 23:59:59	Name: language Value: en
posthereads.com/	1969-12-31 23:59:59	Name: theme Value: xz-adapter
posthereads.com/	1970-01-20 03:46:49	Name: xzclf_cityid Value: 395
posthereads.com/	1969-12-31 23:59:59	Name: hits Value: %3BA1143025
posthereads.com/	1969-12-31 23:59:59	Name: xz_captcha_code Value: c5fe2add9097bbe4e93d1c96d03f4890
.posthereads.com/	1970-01-20 19:51:37	Name: _ga Value: GA1.2.646327275.1650025090
.posthereads.com/	1970-01-20 02:21:51	Name: _gid Value: GA1.2.1684305600.1650025090
.posthereads.com/	1970-01-20 02:20:25	Name: _gat_gtag_UA_164528275_2 Value: 1
posthereads.com/	1970-01-20 11:49:13	Name: __atuvc Value: 1%7C15
posthereads.com/	1970-01-20 02:20:26	Name: __atuvs Value: 62596282bc3cee8c000
.addthis.com/	1970-01-20 11:49:13	Name: uvc Value: 1%7C15
.posthereads.com/	1970-01-20 11:42:01	Name: __gads Value: ID=f1d65ad11149e9e7-22ca5bfe75cd0005:T=1650025088:RT=1650025088:S=ALNI_MZUN3mxyLP1l7yvfHTeU559nZk9lA
.addthis.com/	1970-01-20 11:49:13	Name: loc Value: MDAwMDBFVURFU0wyMjkyMTg2MTAwMzAwMDBDSA==
.doubleclick.net/	1970-01-20 11:42:01	Name: IDE Value: AHWqTUlYQmjVW4buml-g2dUYn_Yw7n4ugJi_cB-eWFTdGqL6Rx3iI1EL8Q9QhLKdQaI
.doubleclick.net/	1970-01-20 02:20:25	Name: test_cookie Value: CheckForPermission
.mathtag.com/	1970-01-20 11:06:01	Name: uuid Value: 242b6259-6282-4901-a748-c56233937930
endpoint1.collection.us2.sumologic.com/	1970-01-20 02:30:29	Name: AWSALBCORS Value: t8IqAW1/1s93eFuMAMiFub9MMGyAwE6Ih3/hK7qNYbbgIOoUQOmuzCHLRBvcN+UQ2DxS2Pdoy0y37DcRA9PtyzgJpuieXV7+/MtlooHkFF9rFq1PNCiInsSi3JGo

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
adservice.google.com
adservice.google.de
cat.nl.eu.criteo.com
contextual.media.net
creative.mathads.com
csm.eu.criteo.net
endpoint1.collection.us2.sumologic.com
googleads.g.doubleclick.net
m.addthis.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.mathtag.com
posthereads.com
rtb.fr.eu.criteo.com
rtb.nl.eu.criteo.com
s7.addthis.com
static.criteo.net
stats.g.doubleclick.net
tags.mathtag.com
tpc.googlesyndication.com
v1.addthisedge.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
z.moatads.com
s7.addthis.com
103.229.205.242
104.79.88.164
104.92.107.192
142.250.186.34
178.250.0.162
178.250.2.148
184.87.212.24
23.35.236.122
23.35.237.151
2a00:1450:4001:800::2002
2a00:1450:4001:800::2004
2a00:1450:4001:803::2001
2a00:1450:4001:808::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2002
2a00:1450:4001:813::2002
2a00:1450:4001:828::2008
2a00:1450:4001:82b::2002
2a00:1450:400c:c06::9d
2a02:2638:1::2
2a02:2638:1::3
2a02:2638:1::4
2a02:2638::2
2a06:98c1:3120::7
35.163.38.109
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0888fcfb96eff1ee2234b38e769e40c8dca5d4a0687bcfefcdfcbcff870ff84c
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
101d2adecdc84a8dddd428b3de2cc7a12373eda82eb2057893960437dc55a1d6
130a5fa56f0a924d6591fa0fd6ff4ec5d7fa3bdb50c78d930fa2c8d18a1b18a7
1656d0e986200d7a28676d8e6541b4569ade3865d44ed85ebef0756888988371
190a891aee6ff9d2d3c8ec5cd03145bca740323dc91ea244068c146d1b5bc8cb
19a26d6046c4fcfe9e3efbc1fb7532f424c6b0b7590b9e193788e30bce8b9836
1aabda7a5e03a52ed97bb7eef6cb1dbd2eef845661300939a2ea352eb4be6510
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
239ac3ed5c44f0c0b2a4e78ffc754bc4f0556bd44c4101419070c01452794b65
24612240341fe3731d90ea999a0de8936e2b12ce905554cee90da76e121167c2
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
340b20f9ff6d073c2fea911631d8a6e13af185d983cbe842ddca27df91d0f295
3690fab6a83ebfb70e985d520716053a2baaee486792a7e859165692b7d97fa7
48469a54f85cf6269498fca1d7d927358742f7c571ef2bcf82216f4591aacaa4
4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6703627cd92e90e4b0894800d0c61091d02555fe97f262df06f848f2744ee25e
6808c7f1192e091f9e9b4e15e28fa2a8904117ba54c11e51fc8eb9d179733e1c
6939d70996ad2fea432e773da036b6ca2df4b5ab45f12dccc9cb4d3f0c737220
6a5a94d0b2fb606a853bc24347234da9e31ecca4a6e35841c6a2443833fdfc30
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cd2b852c67a7514c6b4478b921311b8758d5c86a1b149218c6ab9a3b0a4c078
6fbfe70e8294d43297c811344e8e3de570d4cb32b9b5f551b33b450bf097fe19
708369fe8dc1fd8fce92d3a7078852bb50ba4ba1a1884b1358c3bf03e1670d50
731ed94e90189b62da3e5cab10ff3e74cb2600fdbe739c00b8e47dce884ca0b7
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
81474d629ff38713700880af4700fb90d0a67eaed337b90667012564240c7487
83eb40809c99952b0c3cf9c31a3f4ddeadb4e0147948ed3a25d6cb82b7a83339
8508a067cc41ee28dfd3b405253ac46898bf281bf378b4e282c9fc721b9386d2
8631a5ceb37e514859108c0bd129fbe05a68a8e9b74141387e7a02cbec53e595
8831ec3cf53ec3dbe59ee7ca4876ebdba40d596667db6b8a50a423c2daf11e7b
89e308bd100f78d849e073c50ebfee188753e68461b1871a3abdcd08c2c2e8f6
8a18c6cf371902cb4f0ba1e085daba40066bf6f2711280201578e08d231142b8
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8aeb826e41ea23d6857e84402f827aeff1f0c1dc203dddff93bd5d12fdcfb49d
8c28d41a0b87fc627ba9526dbdc4e997178cbcf675ef1957135cd3aa1438e53b
8eb9e2b352509e84dd54890cec75f6429660d1d5a2dd88422297611adaa4ab57
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
91cbbd4894616f50d26f8cb6ecfd64afb7306c07724221ec6c576d17b60ff615
9cb409cc0a4baba7b7ddcf3c7a2bd175c4593267ebe783bb2f98d143e80bf09b
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a85bc2c67ff78e33fe0ec5b95451ad2262c9a0dc6a46e1f5439564c2f0e5f946
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b198da136a2b24d4b9a62a7399267ccdf74ec14c30e95b5c049e06c98d7f05e8
b93e8c5557db84830db42ef2d4a5fdcc88a8f895f6fa2953758ed53229bb1dc1
c69dd4280a00a3000e33dc1e666a01ac230c6eee57900dd38601a7163de3ab37
dcb0dc2971cfb012f07b5eea6c6a63243f72e131324f4871d0a9faa704ae78c9
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0556b60fe6e263a7215f86c07aef35947054e5a317a2386d28d223fc3560530
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
fab744b4d3af481417084ece049be0ce196a646abd6204bdba5602e093635e2f
fdaeb32f2f2b026d74b2e820d614241b2354687e456819ece14659f8d8511dc0

posthereads.com Open in urlscan Pro 2a06:98c1:3120::7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

107 Requests

99 %HTTPS

60 %IPv6

18 Domains

27 Subdomains

26 IPs

6 Countries

1834 kBTransfer

3247 kBSize

18 Cookies

2 Outgoing links

Redirected requests

107 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

posthereads.com Open in urlscan Pro
2a06:98c1:3120::7 Public Scan

Screenshot
Live screenshot

Full Image

107
Requests

99 %
HTTPS

60 %
IPv6

18
Domains

27
Subdomains

26
IPs

6
Countries

1834 kB
Transfer

3247 kB
Size

18
Cookies

107 HTTP transactions
4 data transactions