urlscan.io logo urlscan.io
SecurityTrails logo

sum.in.ua Open in urlscan Pro
62.149.28.40  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://sum.in.ua/
Effective URL: https://sum.in.ua/
Submission: On January 23 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 4 countries across 15 domains to perform 71 HTTP transactions. The main IP is 62.149.28.40, located in Kyiv, Ukraine and belongs to COLOCALL Internet Data Center ColoCALL, SK. The main domain is sum.in.ua.
TLS certificate: Issued by R3 on December 4th 2023. Valid for: 3 months.
This is the only time sum.in.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

7    62.149.28.40 (Kyiv, Ukraine)

ASN15497 (COLOCALL Internet Data Center ColoCALL, SK)
PTR: vds77645-29.vds.colocall.com
sum.in.ua
18    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    104.18.2.81 (None, )

ASN13335 (CLOUDFLARENET, US)
r.i.ua
i.i.ua
6    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
9    2a00:1450:4001:82a::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
13    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
4    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
cm.g.doubleclick.net
4    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
4    185.89.210.180 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
2    172.217.18.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f6.1e100.net
ad.doubleclick.net
2    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net
www.googleadservices.com
1    141.101.90.98 (United States)

ASN13335 (CLOUDFLARENET, US)
portal.blau.de
1    2a00:1450:4001:81c::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
31 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
438 KB
12 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
cm.g.doubleclick.net — Cisco Umbrella Rank: 260
ad.doubleclick.net — Cisco Umbrella Rank: 163
103 KB
9 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 336
313 KB
7 sum.in.ua
sum.in.ua
123 KB
4 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 253
4 KB
4 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622
2 KB
3 gstatic.com
www.gstatic.com
fonts.gstatic.com
65 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 145
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 230
131 KB
2 i.ua
r.i.ua — Cisco Umbrella Rank: 267083
i.i.ua — Cisco Umbrella Rank: 799049
2 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
88 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
1 blau.de
portal.blau.de — Cisco Umbrella Rank: 291173
609 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
2 KB
0 hit.ua Failed
c.hit.ua Failed
71 15
Domain Requested by
18 pagead2.googlesyndication.com sum.in.ua
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
s0.2mdn.net
www.googletagservices.com
13 tpc.googlesyndication.com sum.in.ua
googleads.g.doubleclick.net
tpc.googlesyndication.com
pagead2.googlesyndication.com
s0.2mdn.net
9 s0.2mdn.net sum.in.ua
s0.2mdn.net
7 sum.in.ua 1 redirects sum.in.ua
6 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
4 ib.adnxs.com 3 redirects googleads.g.doubleclick.net
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
4 cm.g.doubleclick.net 3 redirects googleads.g.doubleclick.net
2 www.googleadservices.com
2 fonts.gstatic.com fonts.googleapis.com
2 ad.doubleclick.net sum.in.ua
2 www.googletagservices.com googleads.g.doubleclick.net
2 connect.facebook.net sum.in.ua
connect.facebook.net
1 www.google.com tpc.googlesyndication.com
1 portal.blau.de
1 www.gstatic.com googleads.g.doubleclick.net
1 fonts.googleapis.com googleads.g.doubleclick.net
1 i.i.ua sum.in.ua
1 r.i.ua 1 redirects
0 c.hit.ua Failed sum.in.ua
71 20

This site contains links to these domains. Also see Links.

Domain
u24.gov.ua
www.i.ua
hit.ua
Subject Issuer Validity Valid
sum.in.ua
R3		 2023-12-04 -
2024-03-03		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-11-01 -
2024-01-30		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
portal.blau.de
E1		 2023-12-08 -
2024-03-07		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh

This page contains 13 frames:

Primary Page: https://sum.in.ua/
Frame ID: 46A7282B4B864768C295609BEDE9F85D
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20190131/zrt_lookup_fy2021.html
Frame ID: 77EF5AA46854996E6FFB2DAA3958EEA6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2843374221922515&output=html&h=60&slotname=6868198912&adk=2662933849&adf=3601265129&pi=t.ma~as.6868198912&w=468&lmt=1706021325&url=https%3A%2F%2Fsum.in.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706021325444&bpp=123&bdt=123&idt=314&shv=r20240118&mjsv=m202401180101&ptt=5&saldr=sd&abxe=1&correlator=1627936276064&frm=20&pv=2&ga_vid=1177939790.1706021326&ga_sid=1706021326&ga_hid=876410311&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=457&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C95320868%2C95320889%2C95321626%2C95322162&oid=2&pvsid=3595978147274503&tmod=2038793299&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=342
Frame ID: 65A1E7E48A7263B8620B90B85F8E6939
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2843374221922515&output=html&adk=1812271804&adf=3025194257&lmt=1706021325&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x1080_l%7C356x1080_r&format=0x0&url=https%3A%2F%2Fsum.in.ua%2F&pra=7&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&aslmct=0.8&asamct=0.8&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706021325579&bpp=1&bdt=259&idt=219&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_slotnames=6868198912&nras=1&correlator=1627936276064&frm=20&pv=1&ga_vid=1177939790.1706021326&ga_sid=1706021326&ga_hid=876410311&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C95320868%2C95320889%2C95321626%2C95322162&oid=2&pvsid=3595978147274503&tmod=2038793299&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=229
Frame ID: 4F981E61A3FA0C74872E3BBF6D23D36E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQlL6EARiC8LqBAjAB&v=APEucNVzQ_dW-D7WGa3t1TxwX6k9pQ5mJdC6uK89IaRCtk6lvDMqHHX_PXvKWhEGGlnAPYoyyHvrsxdm1X6BkoDDxiSaTHeIwkiPrSgEJrXy6-gLwyni_UotY5yOTeeEF4dJ4YcelSsZe9gxyS6h9tNWAtL7E-B_3KES8eT5ixwy2nEwCqRtV48
Frame ID: F4FBBE3F7511EF2457205D2DE6352A9A
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Frame ID: B7A0EE2C0675AC03ADD704EF024F1B9B
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 9E4EB393F44E0CEFD84DD0CD85700EE0
Requests: 16 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7540801461928591360/320x050.html?e=69&leftOffset=0&topOffset=0&c=YiMVTb5lxa&t=1&renderingType=2&ev=01_250
Frame ID: 00421C0F17D28BA53A9D30380D7F8176
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: ABF63AF5FDE3520E72B26F477B0F293B
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js
Frame ID: 2709DDED7E9D92AC42425CF41631DEDC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B8191C8CFD7EA0E1B2934DCDA406063F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 82D38610ACE54F9E9C3CE8C1523FFBA4
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Frame ID: 2C20F0504F1BAA64234499DB9C55082A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Академічний тлумачний словник української мови

Page URL History Show full URLs

  1. http://sum.in.ua/ HTTP 308
    https://sum.in.ua/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • mootools.*\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Page Statistics

71
Requests

90 %
HTTPS

56 %
IPv6

15
Domains

20
Subdomains

19
IPs

4
Countries

1266 kB
Transfer

2983 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://sum.in.ua/ HTTP 308
    https://sum.in.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://r.i.ua/s?u122537&p268&n0.8365710081193602&c1&d24&w1600&h1200&r/sum.in.ua/ HTTP 302
  • https://i.i.ua/r/3_3_5.png
Request Chain 36
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGIzrdyTymWTdaI8NPSUR5U&google_cver=1
Request Chain 37
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Za-Rzl.LMDHrItPLH9g4lgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGIzrdyTymWTdaI8NPSUR5U&google_cver=1&google_hm=2
Request Chain 38
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEAzm9_i-KyXd9DVSQsRTiuY&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEAzm9_i-KyXd9DVSQsRTiuY%26google_cver%3D1
Request Chain 39
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIzMTk4ODU2OTQyMzAwNTg4
Request Chain 51
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CrKh5zdGvZcLtMv7Z1fAPssWmmALQwrKldavE3-mWEpfXjKjqQRABIJmQug5glYKggrAHoAGDrI2qKsgBCakCOWawFZ1Gsj6oAwHIA8sEqgS7AU_QJYDvidrpQixqajibBTwqjk_73ZI-4jRoBVW8D1vBN1KCQRSgjEKNFgQSaVwBtV_B-iN_BC9DYFc4heZOuYRfEOAAGndKsdm2pmSf6EFpQbUF7t9MSHUu36AsHLFcI4peZO8VeVF0XOLhyCoWlarfzxVQdAT25jVncV1wbatgWPLLYqJ-5ykKaFd6cuYLjKpe4vEwt19mZnabGsOM_kVH6s1K9NGsVhC_ZzmEcYZZIkH10-B2ovLLlE3ABPSJ8avRBIgFh9KB-02SBQQIBBgBkgUECAUYBKAGLoAHg-TdiQWoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBDzjwfSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WPes69jg84MDmgkpaHR0cHM6Ly9ub3ZhcG9zdC5jb20vcHJvbW8vdWstZGUvcHJvbW9fMTWACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItMjg0MzM3NDIyMTkyMjUxNRgA&sigh=UfbxeSa9lw8&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_aRb26bk_0AB44jQn-td-S33phZek0XGwz3XY8BDbGobwanSaJlYCQJT7q3siadrueZyb00xqGmiUDGOpq1dNL3XpfiN2kwOAURgB&template_id=5000&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22428320409782395561%22,%22debug_reporting%22:true,%22destination%22:%22https://novapost.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211362588163%22],%2222%22:[%22true%22],%224%22:[%2201-23%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222074336469012153057%22}&andc=true

71 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
sum.in.ua/
Redirect Chain
  • http://sum.in.ua/
  • https://sum.in.ua/
13 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sum.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
62.149.28.40 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, SK),
Reverse DNS
vds77645-29.vds.colocall.com
Software
Caddy Apache/2.4.58 (Unix) / PHP/8.2.13
Resource Hash
2b796a0a8456dcd56b90f620696ce13d4ee97406285609624364472816873261

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000
cache-control
no-store, max-age=0, no-cache
content-type
text/html; charset=UTF-8
date
Tue, 23 Jan 2024 14:48:45 GMT
pragma
no-cache
server
Caddy Apache/2.4.58 (Unix)
x-powered-by
PHP/8.2.13

Redirect headers

Connection
close
Content-Length
0
Date
Tue, 23 Jan 2024 14:48:45 GMT
Location
https://sum.in.ua/
Server
Caddy
common.css
sum.in.ua/com/ 		14 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sum.in.ua/com/common.css
Requested by
Host: sum.in.ua
URL: https://sum.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
62.149.28.40 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, SK),
Reverse DNS
vds77645-29.vds.colocall.com
Software
Caddy, Apache/2.4.58 (Unix) /
Resource Hash
a7f6aed9a2e37888c99c97353c3b1997aec04b09d99d670ce1733f300469c774

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sum.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 14:48:45 GMT
last-modified
Mon, 04 Dec 2023 07:47:36 GMT
server
Caddy, Apache/2.4.58 (Unix)
etag
"36b7-60baa54e090e9"
content-type
text/css
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000
content-length
14007
computer.css
sum.in.ua/com/ 		424 B
472 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sum.in.ua/com/computer.css
Requested by
Host: sum.in.ua
URL: https://sum.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
62.149.28.40 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, SK),
Reverse DNS
vds77645-29.vds.colocall.com
Software
Caddy, Apache/2.4.58 (Unix) /
Resource Hash
18a41619ac0b9b7d25741313f55151cf18b28117735027d22ecdcd2b377c768f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sum.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 14:48:45 GMT
last-modified
Mon, 04 Dec 2023 07:47:36 GMT
server
Caddy, Apache/2.4.58 (Unix)
etag
"1a8-60baa54dae3c2"
content-type
text/css
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000
content-length
424
mootools.js
sum.in.ua/com/ 		92 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sum.in.ua/com/mootools.js
Requested by
Host: sum.in.ua
URL: https://sum.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
62.149.28.40 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, SK),
Reverse DNS
vds77645-29.vds.colocall.com
Software
Caddy, Apache/2.4.58 (Unix) /
Resource Hash
44fb20bc2899c2dcd9df5ff8cb4148c13eed1b9772cf3aea696f0120dea7e4c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sum.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 14:48:45 GMT
last-modified
Mon, 04 Dec 2023 07:47:35 GMT
server
Caddy, Apache/2.4.58 (Unix)
etag
"170eb-60baa54cf9916"
content-type
text/javascript
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000
content-length
94443
show_ads.js
pagead2.googlesyndication.com/pagead/ 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: sum.in.ua
URL: https://sum.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d4d7b5e70f9a2c43b58bb10a9e4a937b5ba052c125a961eb1705dfe415767b73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sum.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 14:48:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10641
x-xss-protection
0
server
cafe
etag
5139688713966290903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 23 Jan 2024 14:48:45 GMT
slava.webp
sum.in.ua/com/ 		650 B
767 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sum.in.ua/com/slava.webp
Requested by
Host: sum.in.ua
URL: https://sum.in.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
62.149.28.40 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, SK),
Reverse DNS
vds77645-29.vds.colocall.com
Software
Caddy, Apache/2.4.58 (Unix) /
Resource Hash
004c759f44070f0afa5f1470e317216b4e62060583560d4f639e4fd89f1105f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sum.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 14:48:45 GMT
last-modified
Tue, 05 Dec 2023 04:20:16 GMT
server
Caddy, Apache/2.4.58 (Unix)
accept-ranges
bytes
etag
"28a-60bbb8d3be523"
content-length
650
content-type
image/webp
sdk.js
connect.facebook.net/uk_UA/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/uk_UA/sdk.js
Requested by
Host: sum.in.ua
URL: https://sum.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0928c1fe3640a2dfc8c151d113b795a6cc548f67b99f0c21d830546a2c7bf796
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sum.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 23 Jan 2024 14:48:45 GMT
content-md5
+huZ3MOVqACDb8+1y3Mx+Q==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1685
x-fb-debug
qQdL7AdM6Tf2m2YDlmv2RwNaDoLcrBx9tJngbALngWF4klQXjq06zDOFSa5ygV5XWVSlMeV9ZJSjqhfHjzIqMg==
x-fb-content-md5
4c9e0b874414b501ea74da34a8dd9ad7
cross-origin-opener-policy
same-origin-allow-popups
etag
"1771ff149898eaa9340e3c1023626201"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Tue, 23 Jan 2024 15:03:01 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		147 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fc8178f1f9b26cd75c52c2a1d78d6125a80796d8e2df48a2a1ac8f2fcdf751ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sum.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 14:48:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51244
x-xss-protection
0
server
cafe
etag
7695095267410980389
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Tue, 23 Jan 2024 14:48:45 GMT
3_3_5.png
i.i.ua/r/
Redirect Chain
  • https://r.i.ua/s?u122537&p268&n0.8365710081193602&c1&d24&w1600&h1200&r/sum.in.ua/
  • https://i.i.ua/r/3_3_5.png
1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.i.ua/r/3_3_5.png
Requested by
Host: sum.in.ua
URL: https://sum.in.ua/
Protocol
H2
Server
104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
751b58768557641052d61a90aa30d9002923d445f033fbe8061d9f8d96256974

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sum.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 14:48:45 GMT
cf-cache-status
HIT
last-modified
Mon, 19 Mar 2007 13:53:49 GMT
server
cloudflare
age
958464
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
84a0d6e4aea64dbd-FRA
alt-svc
h3=":443"; ma=86400
content-length
1187
expires
Sat, 11 Jan 2025 12:34:21 GMT

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 14:48:45 GMT
cf-cache-status
DYNAMIC
server
cloudflare
p3p
policyref="http://i.i.ua/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
location
https://i.i.ua/r/3_3_5.png
cache-control
no-cache, must-revalidate
cf-ray
84a0d6e43e254dbd-FRA
alt-svc
h3=":443"; ma=86400
expires
0
hit
c.hit.ua/ 		0
0
rect.png
sum.in.ua/com/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sum.in.ua/com/rect.png
Requested by
Host: sum.in.ua
URL: https://sum.in.ua/com/computer.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
62.149.28.40 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, SK),
Reverse DNS
vds77645-29.vds.colocall.com
Software
Caddy, Apache/2.4.58 (Unix) /
Resource Hash
bd69b8d37ec80714b87dc05a1ad6e4c05f0f0a2bc27ca1f6c956b4950d1c2ada

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sum.in.ua/com/computer.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 14:48:45 GMT
last-modified
Mon, 04 Dec 2023 07:47:35 GMT
server
Caddy, Apache/2.4.58 (Unix)
accept-ranges
bytes
etag
"8e7-60baa54c80b76"
content-length
2279
content-type
image/png
sdk.js
connect.facebook.net/uk_UA/ 		298 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/uk_UA/sdk.js?hash=39bdedbd8a41a5969f13d2aaa001cdb3
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/uk_UA/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f7bfdaf49eb8764a6a79a47c2ddbc5399a7d2f859403a9f0a273bff988d7693a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://sum.in.ua/
Origin
https://sum.in.ua
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 23 Jan 2024 14:48:45 GMT
content-md5
nlQiVOmKWgKgWouS/s4s0A==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
87166
x-fb-debug
1Y598qiA31Ofa1FMAnbEorFr9Qb6+RUkP6V9R/FNsGKz0v0one9GfbOy4JZg+JapPnLcra8mNPAVu68FepV55Q==
x-fb-content-md5
ee5e37a915ca4861b8319e305f6824a1
cross-origin-opener-policy
same-origin-allow-popups
etag
"d3c3433cb53a01aed714f66142c2e4ee"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Wed, 22 Jan 2025 13:46:41 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/ 		403 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_with_ama_fy2021.js?client=pub-2843374221922515&plah=sum.in.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
34ad956dd63f1e65b73da067b2a3f64274e3a26b1cf2e4ad508c63139201f2c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sum.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 14:48:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
139807
x-xss-protection
0
server
cafe
etag
3510496415279611154
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 23 Jan 2024 14:48:45 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240118/r20190131/ Frame 77EF 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240118/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sum.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
78871
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4173
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jan 2024 16:54:14 GMT
etag
9219409622527106327
expires
Mon, 05 Feb 2024 16:54:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 65A1 		120 KB
45 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2843374221922515&output=html&h=60&slotname=6868198912&adk=2662933849&adf=3601265129&pi=t.ma~as.6868198912&w=468&lmt=1706021325&url=https%3A%2F%2Fsum.in.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706021325444&bpp=123&bdt=123&idt=314&shv=r20240118&mjsv=m202401180101&ptt=5&saldr=sd&abxe=1&correlator=1627936276064&frm=20&pv=2&ga_vid=1177939790.1706021326&ga_sid=1706021326&ga_hid=876410311&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=457&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C95320868%2C95320889%2C95321626%2C95322162&oid=2&pvsid=3595978147274503&tmod=2038793299&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=342
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_with_ama_fy2021.js?client=pub-2843374221922515&plah=sum.in.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fd977885474a4f6f9e0649a79de98c78663f341ab153cad09eb44524689d0ced
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sum.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
46187
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 23 Jan 2024 14:48:46 GMT
expires
Tue, 23 Jan 2024 14:48:46 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 4F98 		162 KB
48 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2843374221922515&output=html&adk=1812271804&adf=3025194257&lmt=1706021325&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x1080_l%7C356x1080_r&format=0x0&url=https%3A%2F%2Fsum.in.ua%2F&pra=7&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&aslmct=0.8&asamct=0.8&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706021325579&bpp=1&bdt=259&idt=219&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_slotnames=6868198912&nras=1&correlator=1627936276064&frm=20&pv=1&ga_vid=1177939790.1706021326&ga_sid=1706021326&ga_hid=876410311&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C95320868%2C95320889%2C95321626%2C95322162&oid=2&pvsid=3595978147274503&tmod=2038793299&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=229
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_with_ama_fy2021.js?client=pub-2843374221922515&plah=sum.in.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e80ac531fa6258340960260c045823661c8aa8ecdfb035d82d40aa199b385cb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sum.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
48725
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 23 Jan 2024 14:48:46 GMT
expires
Tue, 23 Jan 2024 14:48:46 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/ 		163 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_with_ama_fy2021.js?client=pub-2843374221922515&plah=sum.in.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5870b5d6cf1c0f8bd8eb33a6aaa3c5113afba69d2678c58627b802623f9be339
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sum.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 14:48:46 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56688
x-xss-protection
0
server
cafe
etag
10688680423305225193
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Jan 2024 14:48:46 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame F4FB 		624 B
246 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQlL6EARiC8LqBAjAB&v=APEucNVzQ_dW-D7WGa3t1TxwX6k9pQ5mJdC6uK89IaRCtk6lvDMqHHX_PXvKWhEGGlnAPYoyyHvrsxdm1X6BkoDDxiSaTHeIwkiPrSgEJrXy6-gLwyni_UotY5yOTeeEF4dJ4YcelSsZe9gxyS6h9tNWAtL7E-B_3KES8eT5ixwy2nEwCqRtV48
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2843374221922515&output=html&h=60&slotname=6868198912&adk=2662933849&adf=3601265129&pi=t.ma~as.6868198912&w=468&lmt=1706021325&url=https%3A%2F%2Fsum.in.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706021325444&bpp=123&bdt=123&idt=314&shv=r20240118&mjsv=m202401180101&ptt=5&saldr=sd&abxe=1&correlator=1627936276064&frm=20&pv=2&ga_vid=1177939790.1706021326&ga_sid=1706021326&ga_hid=876410311&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=457&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C95320868%2C95320889%2C95321626%2C95322162&oid=2&pvsid=3595978147274503&tmod=2038793299&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=342
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2843374221922515&output=html&h=60&slotname=6868198912&adk=2662933849&adf=3601265129&pi=t.ma~as.6868198912&w=468&lmt=1706021325&url=https%3A%2F%2Fsum.in.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706021325444&bpp=123&bdt=123&idt=314&shv=r20240118&mjsv=m202401180101&ptt=5&saldr=sd&abxe=1&correlator=1627936276064&frm=20&pv=2&ga_vid=1177939790.1706021326&ga_sid=1706021326&ga_hid=876410311&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=457&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C95320868%2C95320889%2C95321626%2C95322162&oid=2&pvsid=3595978147274503&tmod=2038793299&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=342
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 23 Jan 2024 14:48:46 GMT
expires
Tue, 23 Jan 2024 14:48:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame B7A0 		172 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: sum.in.ua
URL: https://sum.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 23:49:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
53982
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 23 Jan 2024 23:49:04 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/ Frame B7A0 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: sum.in.ua
URL: https://sum.in.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:37:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
72658
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3206
x-xss-protection
0
server
cafe
etag
12640889860211258669
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Feb 2024 18:37:48 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/ Frame B7A0 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite_fy2021.js
Requested by
Host: sum.in.ua
URL: https://sum.in.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 08:18:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
23388
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Feb 2024 08:18:58 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame B7A0 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: sum.in.ua
URL: https://sum.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 17:14:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
509638
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Jan 2025 17:14:48 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame B7A0 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2843374221922515&output=html&h=60&slotname=6868198912&adk=2662933849&adf=3601265129&pi=t.ma~as.6868198912&w=468&lmt=1706021325&url=https%3A%2F%2Fsum.in.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706021325444&bpp=123&bdt=123&idt=314&shv=r20240118&mjsv=m202401180101&ptt=5&saldr=sd&abxe=1&correlator=1627936276064&frm=20&pv=2&ga_vid=1177939790.1706021326&ga_sid=1706021326&ga_hid=876410311&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=457&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C95320868%2C95320889%2C95321626%2C95322162&oid=2&pvsid=3595978147274503&tmod=2038793299&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=342
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 08:19:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
23343
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Feb 2024 08:19:43 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame B7A0 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2843374221922515&output=html&h=60&slotname=6868198912&adk=2662933849&adf=3601265129&pi=t.ma~as.6868198912&w=468&lmt=1706021325&url=https%3A%2F%2Fsum.in.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706021325444&bpp=123&bdt=123&idt=314&shv=r20240118&mjsv=m202401180101&ptt=5&saldr=sd&abxe=1&correlator=1627936276064&frm=20&pv=2&ga_vid=1177939790.1706021326&ga_sid=1706021326&ga_hid=876410311&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=457&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C95320868%2C95320889%2C95321626%2C95322162&oid=2&pvsid=3595978147274503&tmod=2038793299&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=342
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:29:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
73169
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Feb 2024 18:29:17 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame B7A0 		206 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2843374221922515&output=html&h=60&slotname=6868198912&adk=2662933849&adf=3601265129&pi=t.ma~as.6868198912&w=468&lmt=1706021325&url=https%3A%2F%2Fsum.in.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706021325444&bpp=123&bdt=123&idt=314&shv=r20240118&mjsv=m202401180101&ptt=5&saldr=sd&abxe=1&correlator=1627936276064&frm=20&pv=2&ga_vid=1177939790.1706021326&ga_sid=1706021326&ga_hid=876410311&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=457&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C95320868%2C95320889%2C95321626%2C95322162&oid=2&pvsid=3595978147274503&tmod=2038793299&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=342
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 14:48:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66453
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1705495733332172"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 23 Jan 2024 14:48:46 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B7A0 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DKt50W9ByFEsbqehmJNaOqBTyutSbwtCr3StirVUVY46zUju90YnHhZZkjR-97rvwV-23yUb4AQipLZQCvf3__2xP_D9kn0mI82f2rPcdq_JV83-8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2843374221922515&output=html&h=60&slotname=6868198912&adk=2662933849&adf=3601265129&pi=t.ma~as.6868198912&w=468&lmt=1706021325&url=https%3A%2F%2Fsum.in.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706021325444&bpp=123&bdt=123&idt=314&shv=r20240118&mjsv=m202401180101&ptt=5&saldr=sd&abxe=1&correlator=1627936276064&frm=20&pv=2&ga_vid=1177939790.1706021326&ga_sid=1706021326&ga_hid=876410311&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=457&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759876%2C44759927%2C95320868%2C95320889%2C95321626%2C95322162&oid=2&pvsid=3595978147274503&tmod=2038793299&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=342
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 14:48:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/ Frame 9E4E 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_with_ama_fy2021.js?client=pub-2843374221922515&plah=sum.in.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sum.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
70287
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4173
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jan 2024 19:17:19 GMT
etag
9219409622527106327
expires
Mon, 05 Feb 2024 19:17:19 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame 9E4E 		14 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 23 Jan 2024 14:48:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 23 Jan 2024 14:21:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 23 Jan 2024 14:48:46 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 9E4E 		2 KB
875 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:29:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
73169
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Feb 2024 18:29:17 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/ Frame 9E4E 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 09:41:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
18412
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Feb 2024 09:41:54 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 9E4E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 08:19:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
23343
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Feb 2024 08:19:43 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 9E4E 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:29:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
73169
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Feb 2024 18:29:17 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 9E4E 		206 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 14:48:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66453
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1705495733332172"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 23 Jan 2024 14:48:46 GMT
4cee352c918c506f58256258d534a665.js
www.gstatic.com/mysidia/ Frame 9E4E 		37 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 17:10:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
509883
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15452
x-xss-protection
0
last-modified
Sat, 13 Jan 2024 00:04:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 16 Apr 2024 17:10:43 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/8409390172670196902/ Frame 9E4E 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/8409390172670196902/14763004658117789537?w=400&h=209&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2b8aa0018121b0c2ff653e3bb03331133333c18e33805a20279e3d95a93e193
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 15 Jan 2025 23:33:38 GMT
date
Tue, 16 Jan 2024 23:33:38 GMT
x-content-type-options
nosniff
age
573308
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17088
x-xss-protection
0
last-modified
Wed, 10 Jan 2024 16:11:51 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
truncated
/ Frame 9E4E 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 9E4E 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
rum
dsum-sec.casalemedia.com/ Frame F4FB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGIzrdyTymWTdaI8NPSUR5U&google_cver=1
43 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGIzrdyTymWTdaI8NPSUR5U&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQlL6EARiC8LqBAjAB&v=APEucNVzQ_dW-D7WGa3t1TxwX6k9pQ5mJdC6uK89IaRCtk6lvDMqHHX_PXvKWhEGGlnAPYoyyHvrsxdm1X6BkoDDxiSaTHeIwkiPrSgEJrXy6-gLwyni_UotY5yOTeeEF4dJ4YcelSsZe9gxyS6h9tNWAtL7E-B_3KES8eT5ixwy2nEwCqRtV48
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 14:48:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IOSlOYkWJJGTGUgu1PKs0ACsoLYcj%2F%2FJdWTcXSOmtJtA2azOxRYxC0KeKRnp8OvxaAgkm1Gh%2F4jNidiWSo5DxC4gOJhthQ96PrtLXKrqnut%2FJVUWsLMlB0bN%2Bk3dF4du62wYKesDpjlVvg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84a0d6eb385a9b80-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 14:48:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGIzrdyTymWTdaI8NPSUR5U&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame F4FB
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Za-Rzl.LMDHrItPLH9g4lgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGIzrdyTymWTdaI8NPSUR5U&google_cver=1&google_hm=2
43 B
771 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGIzrdyTymWTdaI8NPSUR5U&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQlL6EARiC8LqBAjAB&v=APEucNVzQ_dW-D7WGa3t1TxwX6k9pQ5mJdC6uK89IaRCtk6lvDMqHHX_PXvKWhEGGlnAPYoyyHvrsxdm1X6BkoDDxiSaTHeIwkiPrSgEJrXy6-gLwyni_UotY5yOTeeEF4dJ4YcelSsZe9gxyS6h9tNWAtL7E-B_3KES8eT5ixwy2nEwCqRtV48
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 14:48:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=96GjCLiWW8oD4YLnKlmySi86U7AqdMaHPTQ3l0CN8PMpX%2BoEtC9yAaBwREH%2Ble4Uc2j9p8dSpeRgO1VpLX%2BAupQdChwXNQ8v9msCIX%2BxQj%2FzNkT08itHSwrGond80KViBs0pzmHZjWyJmA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84a0d6ebb9ae18e3-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 14:48:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGIzrdyTymWTdaI8NPSUR5U&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame F4FB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEAzm9_i-KyXd9DVSQsRTiuY&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEAzm9_i-KyXd9DVSQsRTiuY%26google_cver%3D1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEAzm9_i-KyXd9DVSQsRTiuY%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQlL6EARiC8LqBAjAB&v=APEucNVzQ_dW-D7WGa3t1TxwX6k9pQ5mJdC6uK89IaRCtk6lvDMqHHX_PXvKWhEGGlnAPYoyyHvrsxdm1X6BkoDDxiSaTHeIwkiPrSgEJrXy6-gLwyni_UotY5yOTeeEF4dJ4YcelSsZe9gxyS6h9tNWAtL7E-B_3KES8eT5ixwy2nEwCqRtV48
Protocol
H2
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 14:48:46 GMT
an-x-request-uuid
2d0ba01f-aece-4121-9887-369e648935e9
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.131; 178.162.209.131; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 14:48:46 GMT
an-x-request-uuid
4742046b-7c90-4b83-8033-de690cc48a48
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEAzm9_i-KyXd9DVSQsRTiuY%26google_cver%3D1
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.131; 178.162.209.131; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F4FB
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIzMTk4ODU2OTQyMzAwNTg4
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIzMTk4ODU2OTQyMzAwNTg4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQlL6EARiC8LqBAjAB&v=APEucNVzQ_dW-D7WGa3t1TxwX6k9pQ5mJdC6uK89IaRCtk6lvDMqHHX_PXvKWhEGGlnAPYoyyHvrsxdm1X6BkoDDxiSaTHeIwkiPrSgEJrXy6-gLwyni_UotY5yOTeeEF4dJ4YcelSsZe9gxyS6h9tNWAtL7E-B_3KES8eT5ixwy2nEwCqRtV48
Protocol
H2
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 14:48:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 14:48:46 GMT
an-x-request-uuid
9bd6cc7a-e2ee-425e-b1db-a5b60e50f59b
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIzMTk4ODU2OTQyMzAwNTg4
x-proxy-origin
178.162.209.131; 178.162.209.131; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
320x050.html
s0.2mdn.net/sadbundle/7540801461928591360/ Frame 0042 		44 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7540801461928591360/320x050.html?e=69&leftOffset=0&topOffset=0&c=YiMVTb5lxa&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5eeb7260e23e4a593c8f7c9f823356d6229239917178f3d521d2b0c6dc096866
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 23 Jan 2024 14:48:46 GMT
expires
Wed, 22 Jan 2025 14:48:46 GMT
last-modified
Mon, 07 Feb 2022 09:04:17 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
truncated
/ Frame B7A0 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5fe9034500e3d85efef69e1fe5fb0f3113f78d3a9018c90c0f71a1c93c6f64c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
view
ad.doubleclick.net/pcs/ Frame B7A0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjstNZcE-y8VwkftBfTb7LQ8zR02FAKcHZYLqylacMlL7UWlP5OH2_mIzbQnquYuNU0zsSbO1mnjp-BqxDa8BNcaQeHeS7tkGU6z-RijVRsq7bvzVJ8d4hG0JZbBdEn1raGL4A2ZqdH7tSVVndkq9IbsxoySZ6GMfIGP3_rktsrDlVtm143M8P5ps3El4d66iQ4c-ZOq5CDZU4GNDAXnhY7g6OUQDS3n99H8dRpSQuejlPzuGIMHLXoejZd3g6X_OwM7fWAxqq-vY_-bdRZyh53WDIqBBjbpGyqeWJWSqnBn_kO_gaQXzEY4wClGoS3HaK7MEfZ1C5wHxR4f3UkKpZ4teEfWlquT2T7MlWjUSpSSXm-M6joPD26vIdFgLRKb1vWJLxR0DdrVNbQHCdz7uuL3C5Z15zTwWCrdvi4uGgv2JTTq1yedmja1iZPNydXLpSI_Eylrolaw53_t9WZ_e1nxh8eo6N2sBUYNaygtNpgNvzg2P64poDCAlmCcBefzkq3F17GEFdu6TP1Y716vp_R9AIgI9J_bHobtN2tkSd-NrujtWV8PL9O9_od0JA6bhPxQrClDIkhzExwxoM5Ku18sBE2fx0FUqvZqHtrqhguLWQlnD71pLdWTKxErAbbUQYt_Fh-OK6jmZmsHvvitRGkTw5XhdseLJiOUBm3vjpN6zIl57XolCwTaFX4v6YPJ5a24klbNJlKcTATlXwLYSCy254Sk07Z0nheGJFw4U8ICTQkaMDN6Nw5gKLcNWuGo77ytNXpVVmMuQPNMj8dRII0l9oyVlgSX9MsKjvZyYtZFtyu3dsmciklkznV_vTbHv6KC-1pjYfTMz4_se9hJPXBw3A8nnCLhtayLRnnAXeYzZK0gugdlHonShvy0FEpxepS8A2S60cHZ5V7PIemwPtSpX6wsk9zBmZ-B8m2dFA5_OKkftoHt794FFW1_HRW6cL14bInSKGwQDYM2PTJhRy-BlHGMAf3wlo4b0U9l1s_3iV7DDIlOed5qHG0qVuaiEe0tX63CtjzwmhMH8_ZXNu6GtmqvNEld2VVBDTckmRynHXMqgTziQgZL4I2644V1YXxexf9ZflOrhwYrnd1lZ3E_7miTSoTURgBCxEmlC2IYY3uw8trIyeYikVOlX-CunojeccKYl6eRgrSglhfIuk6Qc7Vs-U-5GXLewYaslOl67aP6oAnGEL6mzdV5H2F9BoJ5KiXnHT9I2Yb0iXAbLo6lkfdGZ06bZteoZQ6OpkL7sKA8&sai=AMfl-YRTSxGpLfJYzg02AvIU680m39ZfipT5h0wnKGV27IvoUCNASU63lp3duN3BeNjIhhdJr5-rVonIXZJZJ5hduWXUV2WQ79Qp87xwrDgb__57bp6reSZY8BfQ8hN2Eb121YFqwZg3KLNLXjvTSqeEsOxqNpk29D3fCQawDurI8MKi7EUv6cj_jen0A1jRz041cs41yOmSLAGETbpvPpCqFaE8x2ZodDtRgy4brbM4TseuS5yBgPrH1FUFeh8Sxu3CJ86IhNJtjssDOoUWwAUYhIhV9WntMj7HWpObC0S5-xxqqc4h3S_g6iN33WKZbFCPF_40DbgVxBCtW_g0oKA45nOhTDXuaqdjzajjQvuJcGlekF3hmb1X4fZ70a3JCCj74WGOPxjein5XNDjN481Q_BL-3pQj6n3wsxYCcjGf4XP8kAKQGyrhzpVzoIy8gqpBYSEmp1zJQxmt_fFKupLx7OrcidhVBOaDPKZT8niaxoygn0pSAXayiRm9XPekDNafh-wnPg&sig=Cg0ArKJSzER7j_U7gbRJEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9ibGF1LmRl&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=90&cbvp=1&cstd=80&cisv=r20240118.23223&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: sum.in.ua
URL: https://sum.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 23 Jan 2024 14:48:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame ABF6 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
509638
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 17 Jan 2024 17:14:48 GMT
expires
Thu, 16 Jan 2025 17:14:48 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame ABF6 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 13:23:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
5135
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 22 Jan 2025 13:23:11 GMT
truncated
/ Frame 9E4E 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2ee2cb707b2671da8e5181101eba99695a2c00a1d93799543c146e1c15b08f30

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 0042 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7540801461928591360/320x050.html?e=69&leftOffset=0&topOffset=0&c=YiMVTb5lxa&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7540801461928591360/320x050.html?e=69&leftOffset=0&topOffset=0&c=YiMVTb5lxa&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 04:12:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38173
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 24 Jan 2024 04:12:33 GMT
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 0042 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7540801461928591360/320x050.html?e=69&leftOffset=0&topOffset=0&c=YiMVTb5lxa&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7540801461928591360/320x050.html?e=69&leftOffset=0&topOffset=0&c=YiMVTb5lxa&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 14:48:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 23 Jan 2024 14:48:46 GMT
view
ad.doubleclick.net/pcs/ Frame B7A0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjstNZcE-y8VwkftBfTb7LQ8zR02FAKcHZYLqylacMlL7UWlP5OH2_mIzbQnquYuNU0zsSbO1mnjp-BqxDa8BNcaQeHeS7tkGU6z-RijVRsq7bvzVJ8d4hG0JZbBdEn1raGL4A2ZqdH7tSVVndkq9IbsxoySZ6GMfIGP3_rktsrDlVtm143M8P5ps3El4d66iQ4c-ZOq5CDZU4GNDAXnhY7g6OUQDS3n99H8dRpSQuejlPzuGIMHLXoejZd3g6X_OwM7fWAxqq-vY_-bdRZyh53WDIqBBjbpGyqeWJWSqnBn_kO_gaQXzEY4wClGoS3HaK7MEfZ1C5wHxR4f3UkKpZ4teEfWlquT2T7MlWjUSpSSXm-M6joPD26vIdFgLRKb1vWJLxR0DdrVNbQHCdz7uuL3C5Z15zTwWCrdvi4uGgv2JTTq1yedmja1iZPNydXLpSI_Eylrolaw53_t9WZ_e1nxh8eo6N2sBUYNaygtNpgNvzg2P64poDCAlmCcBefzkq3F17GEFdu6TP1Y716vp_R9AIgI9J_bHobtN2tkSd-NrujtWV8PL9O9_od0JA6bhPxQrClDIkhzExwxoM5Ku18sBE2fx0FUqvZqHtrqhguLWQlnD71pLdWTKxErAbbUQYt_Fh-OK6jmZmsHvvitRGkTw5XhdseLJiOUBm3vjpN6zIl57XolCwTaFX4v6YPJ5a24klbNJlKcTATlXwLYSCy254Sk07Z0nheGJFw4U8ICTQkaMDN6Nw5gKLcNWuGo77ytNXpVVmMuQPNMj8dRII0l9oyVlgSX9MsKjvZyYtZFtyu3dsmciklkznV_vTbHv6KC-1pjYfTMz4_se9hJPXBw3A8nnCLhtayLRnnAXeYzZK0gugdlHonShvy0FEpxepS8A2S60cHZ5V7PIemwPtSpX6wsk9zBmZ-B8m2dFA5_OKkftoHt794FFW1_HRW6cL14bInSKGwQDYM2PTJhRy-BlHGMAf3wlo4b0U9l1s_3iV7DDIlOed5qHG0qVuaiEe0tX63CtjzwmhMH8_ZXNu6GtmqvNEld2VVBDTckmRynHXMqgTziQgZL4I2644V1YXxexf9ZflOrhwYrnd1lZ3E_7miTSoTURgBCxEmlC2IYY3uw8trIyeYikVOlX-CunojeccKYl6eRgrSglhfIuk6Qc7Vs-U-5GXLewYaslOl67aP6oAnGEL6mzdV5H2F9BoJ5KiXnHT9I2Yb0iXAbLo6lkfdGZ06bZteoZQ6OpkL7sKA8&sai=AMfl-YRTSxGpLfJYzg02AvIU680m39ZfipT5h0wnKGV27IvoUCNASU63lp3duN3BeNjIhhdJr5-rVonIXZJZJ5hduWXUV2WQ79Qp87xwrDgb__57bp6reSZY8BfQ8hN2Eb121YFqwZg3KLNLXjvTSqeEsOxqNpk29D3fCQawDurI8MKi7EUv6cj_jen0A1jRz041cs41yOmSLAGETbpvPpCqFaE8x2ZodDtRgy4brbM4TseuS5yBgPrH1FUFeh8Sxu3CJ86IhNJtjssDOoUWwAUYhIhV9WntMj7HWpObC0S5-xxqqc4h3S_g6iN33WKZbFCPF_40DbgVxBCtW_g0oKA45nOhTDXuaqdjzajjQvuJcGlekF3hmb1X4fZ70a3JCCj74WGOPxjein5XNDjN481Q_BL-3pQj6n3wsxYCcjGf4XP8kAKQGyrhzpVzoIy8gqpBYSEmp1zJQxmt_fFKupLx7OrcidhVBOaDPKZT8niaxoygn0pSAXayiRm9XPekDNafh-wnPg&sig=Cg0ArKJSzER7j_U7gbRJEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9ibGF1LmRl&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=232&vt=11&dtpt=142&dett=3&cstd=80&cisv=r20240118.23223&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: sum.in.ua
URL: https://sum.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 14:48:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 23 Jan 2024 14:48:46 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 9E4E 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 00:19:37 GMT
x-content-type-options
nosniff
age
52149
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jan 2025 00:19:37 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjYUvaYr.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 9E4E 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjYUvaYr.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5825c88b68a498c8b3d8d34f0090a625f063a366c8f3cbebf51e7657623fb13b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 02:30:24 GMT
x-content-type-options
nosniff
age
44302
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15352
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:34:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jan 2025 02:30:24 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 9E4E
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CrKh5zdGvZcLtMv7Z1fAPssWmmALQwrKldavE3-mWEpfXjKjqQRABIJmQug5glYKggrAHoAGDrI2qKsgBCakCOWawFZ1Gsj6oAwHIA8sEqgS7AU_QJYDvidrpQixqajibBTwqjk_73ZI-4jR...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22428320409782395561%22,%22debug_reporting%22:true,%22destination%22:%22https://novapost.com%22,%22event_report_window%22:%2...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22428320409782395561%22,%22debug_reporting%22:true,%22destination%22:%22https://novapost.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211362588163%22],%2222%22:[%22true%22],%224%22:[%2201-23%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222074336469012153057%22}&andc=true
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 14:48:46 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"428320409782395561","debug_reporting":true,"destination":"https://novapost.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11362588163"],"22":["true"],"4":["01-23"],"6":["true"]},"priority":"500","source_event_id":"2074336469012153057"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 23 Jan 2024 14:48:46 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 23 Jan 2024 14:48:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"428320409782395561","debug_reporting":true,"destination":"https://novapost.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11362588163"],"22":["true"],"4":["01-23"],"6":["true"]},"priority":"500","source_event_id":"2074336469012153057"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240118&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_with_ama_fy2021.js?client=pub-2843374221922515&plah=sum.in.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6ecb250f9f9a4055cbbb32e710c034c8368fd1b680515b3728261b0615052104
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sum.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 14:48:46 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12158
x-xss-protection
0
i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js
pagead2.googlesyndication.com/bg/ Frame 2709 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js
Requested by
Host: sum.in.ua
URL: https://sum.in.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8bf23b82d939bb7f3d64650989894b9e00534789e8e782a07069005d8bed094c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 02:17:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
563503
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19704
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 16 Jan 2025 02:17:03 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22428320409782395561%22,%22debug_reporting%22:true,%22destination%22:%22https://novapost.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211362588163%22],%2222%22:[%22true%22],%224%22:[%2201-23%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222074336469012153057%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 23 Jan 2024 14:48:46 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
CodeProLCW05-Regular.woff
s0.2mdn.net/creatives/assets/2560291/ Frame 0042 		52 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/2560291/CodeProLCW05-Regular.woff
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65ec5e0481c4ceacde8c5e8fab9d5305fc68496b8c75d7d58fb0e91feaf7f598
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/7540801461928591360/320x050.html?e=69&leftOffset=0&topOffset=0&c=YiMVTb5lxa&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 14:48:45 GMT
x-content-type-options
nosniff
age
1
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52901
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 12:12:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 23 Jan 2024 15:03:45 GMT
CodeProBoldLCW05-Regular.woff
s0.2mdn.net/creatives/assets/2560291/ Frame 0042 		48 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/2560291/CodeProBoldLCW05-Regular.woff
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92426eb5437b357b9046670556ba89baa8384edcc8734f56b813745bdb9e1cc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/7540801461928591360/320x050.html?e=69&leftOffset=0&topOffset=0&c=YiMVTb5lxa&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 14:34:15 GMT
x-content-type-options
nosniff
age
871
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49198
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 12:11:57 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 23 Jan 2024 14:49:15 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 0042 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f4bb350380f28be7f93b62542f5e2950c62595b490f4f3af266c1729feaa9bb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 14:48:46 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5793
x-xss-protection
0
60005582_20240117240815745_STANDARD_320x050_LOOK-01.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 0042 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20240117240815745_STANDARD_320x050_LOOK-01.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9f8e5eb74c80162f2083d5d14fa97f61cdd1199634d2e63297703076185854e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7540801461928591360/320x050.html?e=69&leftOffset=0&topOffset=0&c=YiMVTb5lxa&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:29:25 GMT
x-content-type-options
nosniff
age
80361
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1496
x-xss-protection
0
last-modified
Wed, 17 Jan 2024 08:08:15 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 23 Jan 2024 16:29:25 GMT
60005582_20210507060843268_Asset_Transparent.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 0042 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20210507060843268_Asset_Transparent.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f741883eafc84067b80014e53fbfab2505aca4f7cf767b17404a291fffb79d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7540801461928591360/320x050.html?e=69&leftOffset=0&topOffset=0&c=YiMVTb5lxa&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:56:31 GMT
x-content-type-options
nosniff
age
78735
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2040
x-xss-protection
0
last-modified
Fri, 07 May 2021 13:08:43 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 23 Jan 2024 16:56:31 GMT
60005582_20240117241017327_PlayStation-5-Disc-Slim.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 0042 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20240117241017327_PlayStation-5-Disc-Slim.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
854e670e94938c00e9ff31de94af4226efd1f0bd8251bfc410a116e5c289436c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7540801461928591360/320x050.html?e=69&leftOffset=0&topOffset=0&c=YiMVTb5lxa&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 19:47:08 GMT
x-content-type-options
nosniff
age
68498
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77442
x-xss-protection
0
last-modified
Wed, 17 Jan 2024 08:10:17 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 23 Jan 2024 19:47:08 GMT
postview.gif
portal.blau.de/nws/img/ Frame 0042 		43 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_DSP_TRA_HAV_34114_PV&mediacode=31229319_4307561_383708768_154734705_PO2005A20240118&ref=31229319_4307561_383708768_154734705_PO2005A20240118
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.101.90.98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 14:48:46 GMT
Via
1.1 varnish-live-2-1
CF-Cache-Status
HIT
Age
4696594
X-Cache
MISS
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection
keep-alive
Content-Length
43
Last-Modified
Thu, 09 Nov 2023 15:03:02 GMT
Server
cloudflare
Etag
"2b-609b98009f580"
Vary
Accept-Encoding
Content-Type
image/gif
X-Varnish
323271526
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
CF-RAY
84a0d6ed48d265bc-FRA
Expires
Wed, 22 Jan 2025 14:48:46 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame ABF6 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BwxQXzdGvZabPMt2B1fAP78Cd4AQAAAAAOAHgBAI&bg=!9Pel97jNAAa8BdJLnAU7ADQBe5WfONIquUEPKSFBSQD7wcYxsznXLbz98DI_rOiGQyhT2Co_D7I2gmhn2n_iNn6we5HFAgAAALFSAAAAA2gBBwoAdXQjqtQsgohbYL04a1GHdaOm64im2B0A_BbXmR9zC7WHs5Z7S6B5SrqaLNA-4ujPtXgAaTolfvSp15bnIkquV-WXGnVOL7w2KQYd4BatmFvGtza6fMJA5Md38_SwPwJdRtIcWAiRugekm99n3lmtjKxAkScrEJkDB0wJnOGgda8ptFDgFvxXiaYanJuYNX4RZtBBANSC-PjcYrCe0p1VdgDe8scZ731bZYdZX-iLOvP3BfSF8QOvI1k1BgjOIkXTq6MxVcrskYlcMprr0_G8fb-CmsyFoc0Nm9FqYk6a31ksxNwk6E6qYm5aAGjUJQyCwXXavxRyr0IVsAjCcuybrHa30RBcmA_Ntiiwjc6DD2eUD-bfdP6UHSn-TJ0vkIJT5XX-wCTKnDR-EArN5ieIKz9kYXmywZructX0FCzPJ12fY5F3lC-GFNlw7-kyv4GsZdfgHLq_7IPJL_q6Rn5FKtS6TTqb2yFt8Y9NSu1vkGGeJYAbjo8KQX5FsaNVBataMyRQm2HuykSVsKtq4zSGYB4GTxYSoZldjCG6qOnp6pRPomBxgqWjOhU78Yzw0Zuknrz18JxewSdNtnKCyloaMNX5q3yCATlSai5o5UKgUEtGo_7Py79nOsOWMkyW0c9UBRpQ6GALY2r_pvePqmAPiikMaR3Wl8Yvs7a1ht9lkfyY-p5_nHpHIJh2VAf7jAmpGEyVKaNnIwsccmgwME98PLwi4zEQz9WBy7PJs6cpwfI9iiNu-1m6gXfkJzAVXRLSpghGDvuISkoW00R6xXji10m3bcVEBRgmvxAAqv1MopNBx8FvMXzuGTiCO7qOBmisEy9h8MZNjhPMgsTq2snx9qgSJrLYOpZc5_Z3DRbp0v6tk0aDxf9SKlRuLo3ziuKkjP-0ouTWPgY73FynGDLKL9g3Ujd_4wNu6sa-hGB6hISB5Eq1_HRasxWGpuni_1G_ZnTxlD1e5uwbdGN8f4ivqkEeSSXFAvhauNYtItJn8b_v_5-QupZNvp_l5GOt1wNCsw6tDVEz7pwtgM_NXAM1Bp6zL_gR530trEoHPueHXjO13-7bKuT26CsW3CUkwOL_O9QLDBYyrpSt9J6aDBDheIVJS_wc5NFRrRdI2cw9xN1xf_Z9JFNSA0sYrHIz3wpgsWy1AHQnzLgQVKm957VRHMte6aqjiERNyEHdKybkncc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 14:48:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_with_ama_fy2021.js?client=pub-2843374221922515&plah=sum.in.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sum.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 14:48:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 23 Jan 2024 14:48:46 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B819 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sum.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
23343
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 23 Jan 2024 08:19:43 GMT
expires
Wed, 22 Jan 2025 08:19:43 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 82D3 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1d08ec2e66470de04132279d0bdc9bb597b86b89c13b1c2b399040dcf4b0fa2b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-707ee0bhHYLvHLWk8ifAdg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sum.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-707ee0bhHYLvHLWk8ifAdg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 23 Jan 2024 14:48:46 GMT
expires
Tue, 23 Jan 2024 14:48:46 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 0042 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 14:48:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 23 Jan 2024 14:48:46 GMT
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame B819 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 13:23:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
5135
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 22 Jan 2025 13:23:11 GMT
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame 2C20 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 13:23:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
5135
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 22 Jan 2025 13:23:11 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 82D3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240118&jk=3595978147274503&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame B819 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?_vsftg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 14:48:47 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240118&jk=3595978147274503&bg=!xsWlxYrNAAa8BdJLnAU7ADQBe5WfOEwTzOm9c9UO2KX0lH6SwalEWU0wbJtT7wn09JFoSSAJQQD4ym2IahLJj58PzqopAgAAAIpSAAAAAmgBBwoAm2oTSMEpyJ9gk69JDORthrK6Dv7vbNPEP3GVRSqTPsxZ6x5XCt3tPehjgReUnaV8utqQga6mMMu9OoKvZ-VpCHVGJJ-WmvVYmEQZkNO3dncUcJImOeAyh7goF9Eg8IrQrwVOWWAmS0nZyXZ--H2h5VvBohPBIIVdxCp3LtAk0D_wuVVUdHha2sIpZzJ1WQWGRdl0wy-LmMicJN9qmQLAiOb5366_qTlqvVXJJuBmSb1LBiJ3ddE4r-PSWmE_U_xZzWipDvvpL-nTPSMeCLivBlwNzc_izrgy91cpQ9yo5l4iNN-HobyP60zNNtO2wXQTEKlZw0wtD9LchQCIKg2jp_dc7sU5Q4o11s4h0PyX_iHS41bPcrCwbIyLhfjuCfxFhscxY6Dh0D4De9w0cyXis5ygq58AsVr6rBPgrinzJe57F6DMogl3WhvnsQAlczOWgWyvJ3i06DsAV-zbp0BrBUxVP3asoUIy2LDbrOjFD7mpyEWU6vu9968Sb8GdNpj-O7ixZ9N95VKfnOycKj_oIFyOYm1pjA5mZ9QChc5n9auGPu8RiJhP5Tgd3sf6LCuoT8eDIHstsbUqkaibyBVV1Z3syp1IvzW-5pHC7FE0YO8p2swv7ZZDnu03C5yc0CyOc-jpSNPEYr7-4mBVyQFTRkAacetDuZ7ffhzJVt0DsyHRO5b0cGcd3Sa1dNekHGfymgol-00HL40hj3rEmhzj3_b66oXLCffQecBQ7KBZublMDzJnEDaJ2yWZckL02BEhVRTvYeDFuKt2OX1naIWZYCSFgilluvtyC0vdhW78o4iX0ayR0mFOqEil42ezCfUaGC4neOP-lAVmyrYa7w93zhBmM6OldFYeVry7MtmkJzU0dQfTt61gKD82i8mzb40TNABMmCwvp1ZkOzzAdM9pGwpcWICmNWGBNcz510LcV5yq8TmRm-4XaQFqYX-JhfP5H5OS49DR0iVzNciWWGg_fY2A8jwcq1ZHJeiH5Dj2maVuYX1yTPq2XuWUGVMVq62gd75Rn_wYPnjHuzRRfzaVrPYtbMPqfpOWgTbO8If548mJzwEf_dO_IPqFoVjfJZLTU8UeznqzDyXyTvjPiiKG-EttKs9JkkHiWMMV0Vz-TilnhY2BKhkGGE4pY1Sza7U
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sum.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame B7A0 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssxYU8uMMYFw1fXUHDTELY9vK0tXlijkO88GVq2g2xycipuEUtXz4Z85Gh8nY9J2HKp3aL_Bwoz0w3qJjTLE2Xej9ESAdeh8SU6ce5FJuHyBMKiPogtZ6q_Nd8ar88EGCnH3PYhPrCwY14u4HMnRanERU8N&sai=AMfl-YS5jgT2Bn_QPalOY_9bgY-s_WbQkYqufB7ox06J7Ld4yAgNEyUZ01I3ozwqkzxQ8D0PeZCH_9DlPdslHbZCjZZv7qr7Ao46tJJYrQP7tz4RRe0b-psTff9MA79SZw3kuuiB1rm_XBfPe8_o2m54&sig=Cg0ArKJSzJZC8tgrBfx_EAE&cid=CAQSTgAvHhf_ot7in2bN0sXyv8otWlUkpQxK0TTP1_lf4gKfRE63Dfjo-mY7yx9JgkkiS2_ecxnl_gD9pp_B1Ed_DQP5GdKIQVhokrvzqXecWBgB&id=lidar2&mcvt=1000&p=0,0,50,320&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240117&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2662933849&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1706021326449&rpt=260&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 14:48:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 9E4E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsswfp8gyUFpxB0lYuOMhHF-6lsZyCqX4NgABKAn3frpTeEqvTgWj7Ke_EklCr_qWS_sjru-QFvuZjz4iKQSuSoJJDa2-74Z3I25no1wGNZaxpNAXV0RfgTfSJuNpAuMYOBh7kYAlLN3yXu0ko_59xJ4Um03gtzBqDfoV5y-ZPJoQyYyzpE9O1E&sai=AMfl-YQ7okEk9QdYr79sLCYpN0gVyqPrbxQd8pVlG3sPIb_T4XThHT7vpigMtpsO5JiS2yoXbgRAFDW8-MjiK8-uZQaK-bvhKXQ-L7Xbe-UQeqPQyAy7x-4B_mVG8fbUyjH7OY4K4fsOJL_ObV6eEFtF&sig=Cg0ArKJSzITF1hWtTTfMEAE&cid=CAQSTgAvHhf_aRb26bk_0AB44jQn-td-S33phZek0XGwz3XY8BDbGobwanSaJlYCQJT7q3siadrueZyb00xqGmiUDGOpq1dNL3XpfiN2kwOAURgB&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=92,771,1000,1112,1112&tos=92,679,229,112,0&v=20240117&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1706021326487&rpt=272&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 14:48:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
c.hit.ua
URL
http://c.hit.ua/hit?i=80114&g=0&x=3&s=1&c=1&t=-60&w=1600&h=1200&d=24&0.08953952997848358&r=&u=https%3A//sum.in.ua/

Verdicts & Comments Add Verdict or Comment

266 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 function| $pick function| $try function| IFrame function| Elements function| Cookie object| MooTools function| typeOf function| instanceOf function| Type function| Hash function| Native function| $A function| $arguments function| $chk function| $clear function| $defined function| $each function| $empty function| $extend function| $H function| $merge function| $lambda function| $mixin function| $random function| $splat function| $time function| $type function| $unlink object| Browser function| $constructor function| $family function| $exec function| DOMEvent function| Class function| Chain function| Events function| Options object| Slick number| uniqueNumber function| $ function| getDocument function| getWindow object| Selectors function| $$ function| addListener function| removeListener function| retrieve function| store function| eliminate function| addEvent function| removeEvent function| addEvents function| removeEvents function| fireEvent function| cloneEvents function| getSize function| getScroll function| getScrollSize function| getPosition function| getCoordinates function| getHeight function| getWidth function| getScrollTop function| getScrollLeft function| getScrollHeight function| getScrollWidth function| getTop function| getLeft function| Fx function| Swiff object| google_ad_client object| google_ad_slot object| google_ad_width object| google_ad_height object| google_js_reporting_queue number| google_srt object| google_ad_block object| google_ad_channel object| google_ad_format object| google_ad_host object| google_ad_host_channel object| google_ad_host_tier_id object| google_ad_layout object| google_ad_layout_key object| google_ad_output object| google_ad_region object| google_ad_section object| google_ad_type object| google_ad_unit_key object| google_ad_dom_fingerprint object| google_ad_semantic_area object| google_placement_id object| google_daaos_ts object| google_erank object| google_adtest object| google_allow_expandable_ads object| google_alternate_ad_url object| google_alternate_color object| google_apsail object| google_captcha_token object| google_city object| google_color_bg object| google_color_border object| google_color_line object| google_color_link object| google_color_text object| google_color_url object| google_container_id object| google_content_recommendation_ad_positions object| google_content_recommendation_columns_num object| google_content_recommendation_rows_num object| google_content_recommendation_ui_type object| google_content_recommendation_use_square_imgs object| google_contents object| google_country object| google_cpm object| google_ctr_threshold object| google_cust_age object| google_cust_ch object| google_cust_criteria object| google_cust_gender object| google_cust_id object| google_cust_interests object| google_cust_job object| google_cust_l object| google_cust_lh object| google_cust_u_url object| google_disable_video_autoplay object| google_enable_content_recommendations object| google_enable_ose object| google_encoding object| google_font_face object| google_font_size object| google_frame_id object| google_full_width_responsive_allowed object| efwr object| google_full_width_responsive object| gfwroh object| gfwrow object| gfwroml object| gfwromr object| gfwroz object| gfwrnh object| gfwrnwer object| gfwrnher object| google_gl object| google_hints object| google_image_size object| google_kw object| google_kw_type object| google_language object| google_loeid object| google_max_num_ads object| google_max_radlink_len object| google_max_responsive_height object| google_ml_rank object| google_mtl object| google_native_ad_template object| google_native_settings_key object| google_num_radlinks object| google_num_radlinks_per_unit object| google_override_format object| google_page_url object| google_pgb_reactive object| google_pucrd object| google_referrer_url object| google_region object| google_resizing_allowed object| google_resizing_height object| google_resizing_width object| rpe object| google_responsive_formats object| google_responsive_auto_format object| armr object| google_rl_dest_url object| google_rl_filtering object| google_rl_mode object| google_rt object| google_safe object| google_safe_for_responsive_override object| google_video_play_muted object| google_source_type object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_tag_origin object| google_tag_partner object| google_targeting object| google_tfs object| google_video_doc_id object| google_video_product_type object| google_webgl_support object| google_package object| google_debug_params object| dash object| google_restrict_data_processing object| google_ad_public_floor object| google_ad_private_floor object| google_traffic_source object| easpi object| asptt object| asro object| seiel object| asla object| asaa object| sedf object| sefa object| sugawps object| slcwct object| sacwct object| slmct object| samct object| google_shadow_mode object| google_privacy_treatments object| google_xz object| adsbygoogle object| tips object| cache number| cho string| lword string| basew number| hidden function| sugClick function| showMenu function| request function| getSel string| iS object| iD string| iT string| iH number| iI object| Cd string| Cr string| Cp object| FB object| __buffer object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| google_llp object| googletag object| GoogleGcLKhOms object| google_image_requests

14 Cookies

Domain/Path Name / Value
sum.in.ua/ Name: b
Value: b
.i.ua/ Name: __cf_bm
Value: 3lDhzYfGfMHtAR0bRzT3D8S.g_UaittEELu5roeCyNE-1706021325-1-AW7gxwsdurWnnCIe3RBNn41CgUnDnGIhhOMEFgDC7om9MkMouc/KId8gVy93KMFAkox3o2jelhOC9k3CuqisF0Y=
.doubleclick.net/ Name: IDE
Value: AHWqTUm1lId2GrxR2aM33L47UFZhjjGr1nTHcMzRaHP15MQqWw64csIER_Bv0Mcz
.sum.in.ua/ Name: __gads
Value: ID=6bf9975beab9b580:T=1706021325:RT=1706021325:S=ALNI_MY5k3fPkCSNs-EWd-NsZ4LnGI-qTA
.sum.in.ua/ Name: __gpi
Value: UID=00000d47e236bc4b:T=1706021325:RT=1706021325:S=ALNI_MYCwGb6excU8QNhYROMnPQCGN76WA
.casalemedia.com/ Name: CMID
Value: Za-Rzl.LMDHrItPLH9g4lgAA
.casalemedia.com/ Name: CMPS
Value: 5276
.casalemedia.com/ Name: CMPRO
Value: 5276
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: XANDR_PANID
Value: eVOphyrSmsLcL7e5U5BFGZArT3P-VC38_geAK9WckF26UtblAflyLzM9v2sXYSq71sX-dRT5M3f_QU0FttiWrRlTtl-iuBCT5MYHACSh3EA.
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2C%yuvP$v!]tbPl1M>e)ZlrFUfJ+tGXxoP@RbsaZUT/W:$Ml9AI'^k>j857YvoS`vv(/J3If)y3KL9D3I?+g!zHJM
.adnxs.com/ Name: uuid2
Value: 3654337234993152537
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.googleadservices.com/ Name: ar_debug
Value: 1

4 Console Messages

Source Level URL
Text
security warning URL: https://sum.in.ua/
Message:
Mixed Content: The page at 'https://sum.in.ua/' was loaded over HTTPS, but requested an insecure element 'http://r.i.ua/s?u122537&p268&n0.8365710081193602&c1&d24&w1600&h1200&r/sum.in.ua/'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
javascript warning URL: https://sum.in.ua/(Line 277)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://c.hit.ua/hit?i=80114&g=0&x=3&s=1&c=1&t=-60&w=1600&h=1200&d=24&0.08953952997848358&r=&u=https%3A//sum.in.ua/, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security error URL: https://sum.in.ua/(Line 277)
Message:
Mixed Content: The page at 'https://sum.in.ua/' was loaded over HTTPS, but requested an insecure script 'http://c.hit.ua/hit?i=80114&g=0&x=3&s=1&c=1&t=-60&w=1600&h=1200&d=24&0.08953952997848358&r=&u=https%3A//sum.in.ua/'. This request has been blocked; the content must be served over HTTPS.
javascript warning URL: https://sum.in.ua/(Line 277)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://c.hit.ua/hit?i=80114&g=0&x=3&s=1&c=1&t=-60&w=1600&h=1200&d=24&0.08953952997848358&r=&u=https%3A//sum.in.ua/, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
c.hit.ua
cm.g.doubleclick.net
connect.facebook.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.i.ua
ib.adnxs.com
pagead2.googlesyndication.com
portal.blau.de
r.i.ua
s0.2mdn.net
sum.in.ua
tpc.googlesyndication.com
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
c.hit.ua
104.18.2.81
104.18.36.155
141.101.90.98
142.250.185.66
172.217.16.130
172.217.18.102
185.89.210.180
2a00:1450:4001:810::2002
2a00:1450:4001:813::200a
2a00:1450:4001:81c::2004
2a00:1450:4001:827::2002
2a00:1450:4001:828::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2006
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2003
2a03:2880:f084:105:face:b00c:0:3
62.149.28.40
004c759f44070f0afa5f1470e317216b4e62060583560d4f639e4fd89f1105f6
0928c1fe3640a2dfc8c151d113b795a6cc548f67b99f0c21d830546a2c7bf796
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
18a41619ac0b9b7d25741313f55151cf18b28117735027d22ecdcd2b377c768f
1d08ec2e66470de04132279d0bdc9bb597b86b89c13b1c2b399040dcf4b0fa2b
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
2b796a0a8456dcd56b90f620696ce13d4ee97406285609624364472816873261
2ee2cb707b2671da8e5181101eba99695a2c00a1d93799543c146e1c15b08f30
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
34ad956dd63f1e65b73da067b2a3f64274e3a26b1cf2e4ad508c63139201f2c6
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
44fb20bc2899c2dcd9df5ff8cb4148c13eed1b9772cf3aea696f0120dea7e4c0
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5825c88b68a498c8b3d8d34f0090a625f063a366c8f3cbebf51e7657623fb13b
5870b5d6cf1c0f8bd8eb33a6aaa3c5113afba69d2678c58627b802623f9be339
5eeb7260e23e4a593c8f7c9f823356d6229239917178f3d521d2b0c6dc096866
5fe9034500e3d85efef69e1fe5fb0f3113f78d3a9018c90c0f71a1c93c6f64c1
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
65ec5e0481c4ceacde8c5e8fab9d5305fc68496b8c75d7d58fb0e91feaf7f598
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
6ecb250f9f9a4055cbbb32e710c034c8368fd1b680515b3728261b0615052104
6f741883eafc84067b80014e53fbfab2505aca4f7cf767b17404a291fffb79d4
751b58768557641052d61a90aa30d9002923d445f033fbe8061d9f8d96256974
854e670e94938c00e9ff31de94af4226efd1f0bd8251bfc410a116e5c289436c
8bf23b82d939bb7f3d64650989894b9e00534789e8e782a07069005d8bed094c
92426eb5437b357b9046670556ba89baa8384edcc8734f56b813745bdb9e1cc6
9f8e5eb74c80162f2083d5d14fa97f61cdd1199634d2e63297703076185854e3
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a2b8aa0018121b0c2ff653e3bb03331133333c18e33805a20279e3d95a93e193
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a7f6aed9a2e37888c99c97353c3b1997aec04b09d99d670ce1733f300469c774
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bd69b8d37ec80714b87dc05a1ad6e4c05f0f0a2bc27ca1f6c956b4950d1c2ada
d4d7b5e70f9a2c43b58bb10a9e4a937b5ba052c125a961eb1705dfe415767b73
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839
e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c
e80ac531fa6258340960260c045823661c8aa8ecdfb035d82d40aa199b385cb3
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
f4bb350380f28be7f93b62542f5e2950c62595b490f4f3af266c1729feaa9bb9
f7bfdaf49eb8764a6a79a47c2ddbc5399a7d2f859403a9f0a273bff988d7693a
fc8178f1f9b26cd75c52c2a1d78d6125a80796d8e2df48a2a1ac8f2fcdf751ae
fd977885474a4f6f9e0649a79de98c78663f341ab153cad09eb44524689d0ced