sumypost.com Open in urlscan Pro
2a00:7a60:0:10c0::1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://sumypost.com/
Submission: On September 01 via automatic, source certstream-suspicious (September 1st 2021, 8:11:51 am UTC)

Summary HTTP 155 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 30 IPs in 6 countries across 23 domains to perform 155 HTTP transactions. The main IP is 2a00:7a60:0:10c0::1, located in Ukraine and belongs to UKRAINE-AS, UA. The main domain is sumypost.com.
TLS certificate: Issued by R3 on July 3rd 2021. Valid for: 3 months.

This is the only time sumypost.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
51	2a00:7a60:0:1... 2a00:7a60:0:10c0::1	200000 (UKRAINE-AS) (UKRAINE-AS)
1 3	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	62.149.0.249 62.149.0.249	15497 (COLOCALL ...) (COLOCALL Internet Data Center ColoCALL)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	193.239.68.97 193.239.68.97	39468 (BIGMIR-IN...) (BIGMIR-INTERNET-AS)
1	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
3	193.239.71.100 193.239.71.100	39468 (BIGMIR-IN...) (BIGMIR-INTERNET-AS)
23	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
6	185.29.134.245 185.29.134.245	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2	138.201.84.245 138.201.84.245	24940 (HETZNER-AS) (HETZNER-AS)
2	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1	144.76.91.199 144.76.91.199	24940 (HETZNER-AS) (HETZNER-AS)
1	116.202.48.214 116.202.48.214	24940 (HETZNER-AS) (HETZNER-AS)
1 2	2620:116:800d... 2620:116:800d:21:51e4:db4b:4436:b305	16509 (AMAZON-02) (AMAZON-02)
1 1	63.32.201.39 63.32.201.39	16509 (AMAZON-02) (AMAZON-02)
1 13	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
2 2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
4 4	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
4 4	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
155	30

51 2a00:7a60:0:10c0::1 (Ukraine)

ASN200000 (UKRAINE-AS, UA)

sumypost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 62.149.0.249 (Ukraine)

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)
PTR: get.mycounter.ua

get.mycounter.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.239.68.97 (Ukraine)

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: c.bigmir.net

c.bigmir.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 193.239.71.100 (Ukraine)

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: rs.img.com.ua

i.bigmir.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.29.134.245 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)

tags.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 138.201.84.245 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.245.84.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 144.76.91.199 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.199.91.76.144.clients.your-server.de

hal900018.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 116.202.48.214 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.214.48.202.116.clients.your-server.de

hal900013.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:51e4:db4b:4436:b305 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.32.201.39 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-201-39.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.250.186.66 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.227.252.103 (Kansas City, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.190.78 (United Kingdom) 4 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.165 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.215.191 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
51	sumypost.com sumypost.com	2 MB
33	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	359 KB
26	doubleclick.net 1 redirects googleads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	101 KB
8	mathtag.com tags.mathtag.com pixel.mathtag.com	6 KB
7	google.com 1 redirects www.google.com adservice.google.com	2 KB
5	googletagservices.com www.googletagservices.com	175 KB
4	pubmatic.com 4 redirects image6.pubmatic.com	2 KB
4	openx.net 4 redirects rtb.openx.net	1 KB
4	redintelligence.net hal9000.redintelligence.net hal900018.redintelligence.net hal900013.redintelligence.net	8 KB
4	bigmir.net c.bigmir.net i.bigmir.net	1 KB
4	gstatic.com www.gstatic.com fonts.gstatic.com	415 KB
3	google.de adservice.google.de www.google.de	1 KB
2	addthis.com 2 redirects e.dlx.addthis.com	1 KB
2	casalemedia.com 1 redirects ssum-sec.casalemedia.com	2 KB
2	rubiconproject.com 2 redirects pixel.rubiconproject.com	921 B
2	rlcdn.com 2 redirects id.rlcdn.com	885 B
2	quantserve.com 1 redirects cms.quantserve.com	797 B
2	google-analytics.com www.google-analytics.com	19 KB
2	mycounter.ua get.mycounter.ua	5 KB
1	mookie1.com odr.mookie1.com	324 B
1	everesttech.net 1 redirects pixel.everesttech.net	375 B
1	googleapis.com fonts.googleapis.com	771 B
1	googleadservices.com partner.googleadservices.com	657 B
155	23

	Domain	Requested by
51	sumypost.com	sumypost.com
23	tpc.googlesyndication.com	googleads.g.doubleclick.net sumypost.com tpc.googlesyndication.com pagead2.googlesyndication.com
13	cm.g.doubleclick.net	1 redirects googleads.g.doubleclick.net
12	googleads.g.doubleclick.net	pagead2.googlesyndication.com sumypost.com googleads.g.doubleclick.net
10	pagead2.googlesyndication.com	sumypost.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
6	tags.mathtag.com	googleads.g.doubleclick.net tags.mathtag.com
5	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
5	www.google.com	1 redirects sumypost.com googleads.g.doubleclick.net tpc.googlesyndication.com
4	image6.pubmatic.com	4 redirects
4	rtb.openx.net	4 redirects
3	i.bigmir.net	sumypost.com
2	e.dlx.addthis.com	2 redirects
2	ssum-sec.casalemedia.com	1 redirects
2	pixel.rubiconproject.com	2 redirects
2	id.rlcdn.com	2 redirects
2	cms.quantserve.com	1 redirects googleads.g.doubleclick.net
2	pixel.mathtag.com	tags.mathtag.com
2	hal9000.redintelligence.net	sumypost.com
2	fonts.gstatic.com	fonts.googleapis.com
2	www.google-analytics.com	sumypost.com www.google-analytics.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.gstatic.com	www.google.com googleads.g.doubleclick.net
2	get.mycounter.ua	sumypost.com
1	odr.mookie1.com	googleads.g.doubleclick.net
1	pixel.everesttech.net	1 redirects
1	hal900013.redintelligence.net	hal9000.redintelligence.net
1	hal900018.redintelligence.net	hal9000.redintelligence.net
1	www.google.de	sumypost.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	c.bigmir.net	sumypost.com
155	33

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
t.me
sumbud.sumy.ua
www.sanatorij.com.ua
romny24.info
05453.com.ua
shostka.info
hlukhiv.info
educationchildrenmakarenko.sumypost.com
evrobazar.sumypost.com
www.bigmir.net
mycounter.ua

Subject Issuer	Validity	Valid
sumypost.com R3	`2021-07-03` - `2021-10-01`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
get.mycounter.ua R3	`2021-07-24` - `2021-10-22`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
c.bigmir.net R3	`2021-07-31` - `2021-10-29`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
img.com.ua R3	`2021-07-02` - `2021-09-30`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-16` - `2021-11-08`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.mathtag.com DigiCert SHA2 Secure Server CA	`2020-04-15` - `2022-04-22`	2 years	crt.sh
redintelligence.net R3	`2021-08-20` - `2021-11-18`	3 months	crt.sh
pixel.mathtag.com DigiCert SHA2 Secure Server CA	`2021-06-29` - `2022-07-07`	a year	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-22` - `2022-03-25`	a year	crt.sh

This page contains 19 frames:

Primary Page: https://sumypost.com/
Frame ID: 04EBF67142F88AFA823535E4B1607382
Requests: 75 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210830/r20190131/zrt_lookup.html
Frame ID: 2706D5C22D85EF00C483B559CB0191D8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9663262642527369&output=html&h=280&slotname=2706803759&adk=1686960007&adf=1637403657&pi=t.ma~as.2706803759&w=644&fwrn=4&fwrnh=100&lmt=1630483885&rafmt=1&psa=0&format=644x280&url=https%3A%2F%2Fsumypost.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630483885194&bpp=6&bdt=277&idt=112&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&abxe=1&correlator=8353453686495&frm=20&pv=2&ga_vid=18409832.1630483885&ga_sid=1630483885&ga_hid=2095080406&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=146&ady=331&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062297&oid=3&pvsid=1091668884418934&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=ES8IxVneum&p=https%3A//sumypost.com&dtd=131
Frame ID: DC63D1136172005BBA028ECDA0714296
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9663262642527369&output=html&h=280&slotname=7596210885&adk=2638584320&adf=1435561984&pi=t.ma~as.7596210885&w=644&fwrn=4&fwrnh=100&lmt=1630483885&rafmt=1&psa=0&format=644x280&url=https%3A%2F%2Fsumypost.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630483885203&bpp=1&bdt=286&idt=136&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&abxe=1&prev_fmts=644x280&correlator=8353453686495&frm=20&pv=1&ga_vid=18409832.1630483885&ga_sid=1630483885&ga_hid=2095080406&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=146&ady=1231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062297&oid=3&pvsid=1091668884418934&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ZBbbw94fkp&p=https%3A//sumypost.com&dtd=141
Frame ID: A2C9A5CD85F4C2586C6D95D0729A4519
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9663262642527369&output=html&h=250&slotname=7596210885&adk=2477841802&adf=679629689&pi=t.ma~as.7596210885&w=312&fwrn=4&fwrnh=100&lmt=1630483885&rafmt=1&psa=0&format=312x250&url=https%3A%2F%2Fsumypost.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630483885204&bpp=2&bdt=287&idt=146&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&abxe=1&prev_fmts=644x280%2C644x280&correlator=8353453686495&frm=20&pv=1&ga_vid=18409832.1630483885&ga_sid=1630483885&ga_hid=2095080406&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=810&ady=3285&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062297&oid=3&pvsid=1091668884418934&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=j3FV9gYK0q&p=https%3A//sumypost.com&dtd=149
Frame ID: AC00FBF39E637E223C02D65C2983CA90
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9663262642527369&output=html&h=250&slotname=7596210885&adk=2477841802&adf=3619793251&pi=t.ma~as.7596210885&w=312&fwrn=4&fwrnh=100&lmt=1630483885&rafmt=1&psa=0&format=312x250&url=https%3A%2F%2Fsumypost.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630483885206&bpp=1&bdt=288&idt=150&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&abxe=1&prev_fmts=644x280%2C644x280%2C312x250&correlator=8353453686495&frm=20&pv=1&ga_vid=18409832.1630483885&ga_sid=1630483885&ga_hid=2095080406&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1142&ady=3285&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062297&oid=3&pvsid=1091668884418934&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=B0AwJq9nZU&p=https%3A//sumypost.com&dtd=155
Frame ID: E952ACC5A5A3CAF47B28C202F6933FCA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9663262642527369&output=html&h=250&slotname=7596210885&adk=2477841802&adf=679629689&pi=t.ma~as.7596210885&w=312&fwrn=4&fwrnh=100&lmt=1630483885&rafmt=1&psa=0&format=312x250&url=https%3A%2F%2Fsumypost.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630483885204&bpp=2&bdt=287&idt=146&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&abxe=1&prev_fmts=644x280%2C644x280&correlator=8353453686495&frm=20&pv=1&ga_vid=18409832.1630483885&ga_sid=1630483885&ga_hid=2095080406&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=810&ady=3285&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062297&oid=3&pvsid=1091668884418934&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=j3FV9gYK0q&p=https%3A//sumypost.com&dtd=149
Frame ID: E932EFCAEF892537CB4C4E04C5A908E9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9663262642527369&output=html&h=250&slotname=7596210885&adk=2477841802&adf=3619793251&pi=t.ma~as.7596210885&w=312&fwrn=4&fwrnh=100&lmt=1630483885&rafmt=1&psa=0&format=312x250&url=https%3A%2F%2Fsumypost.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630483885206&bpp=1&bdt=288&idt=150&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&abxe=1&prev_fmts=644x280%2C644x280%2C312x250&correlator=8353453686495&frm=20&pv=1&ga_vid=18409832.1630483885&ga_sid=1630483885&ga_hid=2095080406&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1142&ady=3285&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062297&oid=3&pvsid=1091668884418934&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=B0AwJq9nZU&p=https%3A//sumypost.com&dtd=155
Frame ID: 28573B9E725513E42B3BE3B74309AC98
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9663262642527369&output=html&adk=1812271804&adf=3025194257&lmt=1630483885&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsumypost.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630483885536&bpp=1&bdt=619&idt=2&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&abxe=1&prev_fmts=644x280%2C644x280%2C312x250%2C312x250&nras=1&correlator=8353453686495&frm=20&pv=1&ga_vid=18409832.1630483885&ga_sid=1630483885&ga_hid=2095080406&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062297&oid=3&pvsid=1091668884418934&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&dtd=13
Frame ID: B7C40D95FC1233AE88CA228C852473BD
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2780012909176580331/index.html
Frame ID: 7BFFD39DD70A2C8932334CB04E10F3AD
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=C9azarTUvYeb4FaGLlQesw7VAtbr7jGDXruiK3g6J1v3fBRABINyvuSxglQKgAdeGs4cDyAEJqQI5Us9lG8yzPqgDAcgDSKoEswFP0CdzdZTEjOX-KNx4X7jSayQJLWs-wwIcxlmRii4JXLDGqv9WtCH9PCPK6KugGwEpfq7tIz3NYle04BYjDnVLTXty0nVvehCGmfqZZzYLdU3LdlKj6dc4PRlmE4MUOEfCKk7iLRlyO4eq3rVI456AV_6zhKloQpN8xX6Vg0UtguoQR1rSKWqlMom8aLwsiaCaUax6fhUWDkmjptHvkfu90wq7LkAV8ueQfjGYLKgwcPUhDsAExZi16fsBkgUECAQYAZIFBAgFGASgBi6AB5H5zHioB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4b2AcA8gcEEKaYB9IICQiA4YAQEAEYH4AKAcgLAdgTDdAVAYAXAbIXHAoaCAASFHB1Yi05NjYzMjYyNjQyNTI3MzY5GAA&sigh=0YmF8y3VJAk&template_id=419
Frame ID: B43F9E15CD8041E5A16C1871213CD39A
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 3AE3FE75169BCD7A75B46062FE9E42BA
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/3VBCxQMuFeflN3ldnXIT7YQtw8QPm-3IluxfpK8Vf0c.js
Frame ID: 01B7131F457DF8DAB949F2F4E30FDA65
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CMRkbrjUvYcb8CpjC7_UPiMad-AHPh46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTk2NjMyNjI2NDI1MjczNjnIAQmoAwGqBKcBT9AjvjhHH097uXcNO1ajZBVnHSJFmJgzh3jqim0qTVm6xmSEgZEL_C94nVj8UhlfiuuMxyXX0TgpQn29JQL_PciHY46YCULP01aY0H431EbVxV1C2X-dpZheeEoAF28ENMkqVgrJU-P6PDbkmrTsidiFH1ruOmDGju9g53v8zIoR747WcXWS7J3XT8MpaJsLyTbtt3DC4efk90iHoZityBL-2PCfRNaABpCl7O_hmIDO1wGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi05NjYzMjYyNjQyNTI3MzY5GAA&sigh=H97m_ATSU8A&tpd=AGWhJmvZNzznlL13DIR3-fLlZCTEgtEX5NetOZmpMfGJPbmaUrGJ0KfheVrA03hXKTJJmy6IRn2nXbJDmJgac32rzg4_wh5qSipjIJlUSMB5xFJKZyDA-pdjiav3Gc5bDTlmDiFzKGk3TazdXj-EqlrJYWOlh0GVbTdc8sUdV80hVQNNrNC31p77HSoTov3MkBAbEoZbLNceR3-hxtlYFbEWcENMqEAHKaTewAMm_YJQEShmeuOsszhnm9Ljg3Wg6oNjenZph1GESxPyNvY9mcxhiy3OKf3zy7_6TudRVxoFgcsUA4tGQrk7oSvw_YD2GGS5JFXvCic-bDMaZzkJmeKrIdweA1pUbvGf8SJkun9qGj25bBdya8jAi_569faOJzQujQMwJ-CbfFLt3fLKq-ALUn-H5wYpaP3lJo1-bjTpXEFgyhU5lhEStHn9yN-aPPzOHifJKVlQ4Tp3QzNe3Xc7g--PzVqLuQNFt8Cu8PJQMzVj0X4WXZ1xjnhGVLfCk7nLSkbgwMZE6qDH1QdTt6iZpAeRvbhJBNtKvoUEbIx03hxv5hn6xcbO9t-xw1tnrfngjVsX_IEPo7crucwO7bkAcRYadkIrlczBDW7h0jaTrYsvgtf4JgRmQJ8g6LUBuWlpI2T_Dl6FnPixq0xplwBLRZedzgAMHzQaERiN_fueHqy4kLoFSJ9cdjryt5fSYANRWOsaQW2W2pBpPrDa0nspEyuT7jzg2TnRvhxvn0cOxcaPNWHTKthh8DL5oSZohOxqv7lrRAlt-oPhebib7wXmqSgPv1L0PGECqtnhEZsfuJyJlOfCqbI21GUSVIEW5Ym1_MMapZEY6haFDVbls4xeXUQCLLlJEmAdQIXfaKAgltHnVb-aEkgvgvirk946ABlEhCzUT1ivhjsZZfmsUFmdQnRJXZS2PJ1bLNJ5t0yfsT_LSTqwPnZecOmrXY2tWOypTfCAJj--h6VQLIxr7GiU0zKatz-VUb3fvjAj3zyr4dtolKsmgaIlsxikb0fhjMQvRMTZqU5e5rtYnUvUU_Inm7RQGyHlCAI_5-yOCqtogf0BIwKm7qisGeGnfUnhkprvr1A
Frame ID: 1644761349F5C0B24D6E526811DC3DE4
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=C3_WIrjUvYYzzCpWT7_UPwteN2ArPh46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTk2NjMyNjI2NDI1MjczNjnIAQmoAwGqBKQBT9A_gnlVj_GyrZ7PqjzkSBLqIA7uBRXivE0W2VE_biNi2B4fYedoODgLV_z_nhI4GzJlnI3QNwl9NSSv9_ot27j8y4OXSXVXz-D971g0gYMJiXY5fOtAZhILDIvmrf6kspe8KE9CMBomEKrI490w9fUAUP6amnqjcxGQ_AMfrnPvds3DXQASuD9AP2L3TpcoB_ER2x6Mqa49Vhy8fe6ZejjpckKABpCl7O_hmIDO1wGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi05NjYzMjYyNjQyNTI3MzY5GAA&sigh=F4dDEiuizog&tpd=AGWhJmtE66v_KzgUfW_tKsntZenJmS6Ac6dvTPEOkSz9yYs7j1Y6ZAHzPKyiGhvyGMueozgXWByhcbhPyp-BEIT1ST2wvC8LmJSeNg28wRl-pGYGfkiLvjDyrJ43PYCMWjXniUcF_bSOmX_D9300uWEJRCIuvrLaOI1FFQQmZn8Wv_Byz8t7t-gs0Nn9aII1wuL3xnq8Z3fbO8r3rmfK1VhF2nmfek97ll07JpYPQX682_DXLESSPY8gBRfCDCXFV3FiLz9E7CNOjWQsbxp1ERAL42vckQ2i5wzBj-_ZZoLTK94dsC63yYL4awP4RkZqucaj-Yi6SgJo9GsatY8vvuJRL31mB1fh2GA-STVIWb8Tu99yMOhzOtQvUFM6irA0oFiyHOqgy7ypGeQUrWdW_q-Umjc7DgEho1NhbQyAOhnC_3lkNREcu_zy3L2jiGZLk6B74aQyjNZjShFjmVt_P2CGIqIztWPnUfx4wxrZEyC0GsCD9LqIGITFoXfYmlW7EnQfOcOMT4Ef-1_m5PVrGUQWqHMhT4PYU6ATQn6wHoyUk_55WDRK_dg_pSZWbeyAR3viTDILpQ4jJJE1ZJ3J-NekxDPDv3cejX87_nd2HYao4pq0T3F-ttmhgq1dFlHXi8Tdt7c9wN8BFOTIKNIrHd-t_wo51mCjY2hOjnbJED_LTRvliUrlLJel4p8N-fgLbAtdy4VEvMJMjvi2fXY0Xap9Qn9BJRS95pV7LUo96NypDxVhdX6xksIVsot6lHa7DSkogDU7S9HzmpHRxf46Dh67uhzJr42nSsfddtkVGvNuU9rPZZyJodtJjWptkFiYqHCDRt9iuH0U6TCeQ3yEuLq7X10hTD8RhOiI-4FJ2OxIvXF5onBHNL2hh8x3pZniF4Ca52Lfwk0xODCch7HLSEVkyWHwyYgyaJr50p6---6BnYASi1z1GlPTkdAppfm986ECKBcMpiOUu9wQtRqao0qZr0CkUd6YfQGpNpv9YfEc5DEGbstgAYvWRx6NA6Dohs2UOgr1nQ_GiSJtxH67Z1Xj0dw6dEQH1YvSuH4hlVi2phdEJEmWs8bgV8HhGahpw-qkfrXT
Frame ID: 98DD4A123F55B912A2BDC034AB3A8466
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5AC1A6C1E34CA70CCDBC6CE3D67B9128
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 12298DB3C3AF7A7E3D32C04AD5ADF502
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: AA5507CA31781CD067F94BC67B07A59E
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C3BC085652EAAD1D075D909A32E06620
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Новини Сум - The Sumy Post Новини | The Sumy Post Новини

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Page Statistics

155
Requests

98 %
HTTPS

49 %
IPv6

23
Domains

33
Subdomains

30
IPs

6
Countries

3110 kB
Transfer

4495 kB
Size

0
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/sumypost
Title:

Search URL Search Domain Scan URL

URL: https://www.instagram.com/the_sumy_post
Title:

Search URL Search Domain Scan URL

URL: https://t.me/sumypost
Title:

Search URL Search Domain Scan URL

URL: http://sumbud.sumy.ua/

Search URL Search Domain Scan URL

URL: http://www.sanatorij.com.ua/

Search URL Search Domain Scan URL

URL: https://romny24.info/pidryadnyka-yakyj-remontuvav-vilshansku-shkolu-pidozryuyut-u-prysvoyenni-180-tysyach-byudzhetnyh-koshtiv/
Title: Підрядника, який ремонтував Вільшанську школу, підозрюють у присвоєнні 180 тисяч бюджетних коштів (Ромни 24)

Search URL Search Domain Scan URL

URL: https://05453.com.ua/na-sumshhyni-sud-pokarav-svyashhenyka-upts-mp-za-rozpalyuvannya-religijnoyi-vorozhnechi/
Title: На Сумщині суд покарав священика УПЦ МП за розпалювання релігійної ворожнечі (05453 – Кролевець новини)

Search URL Search Domain Scan URL

URL: https://shostka.info/shostkanews/mynuloyi-doby-u-troh-zhyteliv-shostkynskogo-rajonu-vyyavyly-covid-19/
Title: Минулої доби у трьох жителів Шосткинського району виявили COVID-19 (Шостка.ИНФО)

Search URL Search Domain Scan URL

URL: https://shostka.info/shostkanews/shostkynskyj-tsentr-pto-vidznachaye-50-richnyj-yuvilej/
Title: Шосткинський центр ПТО відзначає 50-річний ювілей (Шостка.ИНФО)

Search URL Search Domain Scan URL

URL: https://romny24.info/u-romnah-tryrichna-divchynka-zachynylasya-v-budynku/
Title: У Ромнах трирічна дівчинка зачинилася в будинку (Ромни 24)

Search URL Search Domain Scan URL

URL: https://hlukhiv.info/u-gluhovi-zitknulys-shkilnyj-avtobus-ta-legkovyk/
Title: У Глухові зіткнулись шкільний автобус та легковик (Глухів.INFO)

Search URL Search Domain Scan URL

URL: https://romny24.info/pogoda-osin-zayavyt-pro-sebe-vzhe-z-pershyh-dniv-veresnya/
Title: Погода: осінь заявить про себе вже з перших днів вересня (Ромни 24)

Search URL Search Domain Scan URL

URL: https://hlukhiv.info/u-parku-shevchenko-na-gluhivchan-chekaye-syurpryz/
Title: У парку Шевченка на глухівчан чекає сюрприз (Глухів.INFO)

Search URL Search Domain Scan URL

URL: https://hlukhiv.info/na-sumshhyni-z-prodazhu-vyluchayut-molokovmisnu-produktsiyu-bez-nalezhnogo-markuvannya/
Title: На Сумщині з продажу вилучають молоковмісну продукцію без належного маркування (Глухів.INFO)

Search URL Search Domain Scan URL

URL: https://shostka.info/shostkanews/u-selyshhi-voronizh-vidbuvsya-turnir-z-mini-futbolu-v-yakomu-zmagalysya-komandy-yunakiv-ta-divchat-foto/
Title: У селищі Вороніж відбувся турнір з міні-футболу, в якому змагалися команди юнаків та дівчат + Фото (Шостка.ИНФО)

Search URL Search Domain Scan URL

URL: https://shostka.info/shostkanews/sumy-zaproshuyut-na-festyval-nich-mista/
Title: Суми запрошують на фестиваль “Ніч міста” (Шостка.ИНФО)

Search URL Search Domain Scan URL

URL: https://educationchildrenmakarenko.sumypost.com/
Title: Центр розвитку

Search URL Search Domain Scan URL

URL: https://evrobazar.sumypost.com/
Title: Торгово-развлекательный комплекс «Евробазар»

Search URL Search Domain Scan URL

URL: http://www.bigmir.net/
Title: bigmir)net

Search URL Search Domain Scan URL

URL: https://mycounter.ua/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 87

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 117

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPK9l9mcaOYxvtNh6uZo-Zplrj6RP-C0Q1VWKdeioHP9Z82wHeJ-jFGvpTGj2zaSvXCSuEIWdOtysqckWD_3AkmNN3jSr1I&google_gid=CAESECm5gJstYU3wB25dlO67usY&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVM4MXJ3QUFBS2tFQm5XdA&google_push=AYg5qPK9l9mcaOYxvtNh6uZo-Zplrj6RP-C0Q1VWKdeioHP9Z82wHeJ-jFGvpTGj2zaSvXCSuEIWdOtysqckWD_3AkmNN3jSr1I

Request Chain 118

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPLuiugYh6TYENjCMeaO0r7j4MZIjFLsqzHjBy9xP-qP-MfTssFNkXBfaYs7gWR79k_DzlOPr18io7BvQYsbsnjs2idFdMpU&google_gid=CAESEN5ODewkHEE6KECfkniUL9U&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCK_rvIkGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BWWc1cVBMdWl1Z1loNlRZRU5qQ01lYU8wcjdqNE1aSWpGTHNxekhqQnk5eFAtcVAtTWZUc3NGTmtYQmZhWXM3Z1dSNzlrX0R6bE9QcjE4aW83QnZRWXNic25qczJpZEZkTXBV HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwSHR2T3V6MFlaajdPNDZDZ09uSHdkMHpKZndQanNmQ2l1WTVEZW11eV83NA==&google_push

Request Chain 119

https://rtb.openx.net/sync/dds?google_gid=CAESEFn77AuVD6b120bSjCyan38&google_cver=1&google_push=AYg5qPK6wOkMYciKW4Y0XbMtn4x0Spv-KjBGUss8YVzYBKGLdkdQlBiuUQeSe18rCrTalx2Qms_e3dmBkkFxRCA5S1wvAfbE_Ak HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEFn77AuVD6b120bSjCyan38&google_cver=1&google_push=AYg5qPK6wOkMYciKW4Y0XbMtn4x0Spv-KjBGUss8YVzYBKGLdkdQlBiuUQeSe18rCrTalx2Qms_e3dmBkkFxRCA5S1wvAfbE_Ak&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPK6wOkMYciKW4Y0XbMtn4x0Spv-KjBGUss8YVzYBKGLdkdQlBiuUQeSe18rCrTalx2Qms_e3dmBkkFxRCA5S1wvAfbE_Ak&google_hm=-IsEgpl7wqkiCQKXN-tmRA==

Request Chain 120

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEAC46JuEe3l0RrHQ5a2h3gI&google_cver=1&google_push=AYg5qPJYwY3juDfjcEr_IMs2JYHiY3eLjujt1dmQhZ3XbjtoHR3wV8nmcUQp537rg7MjZqq236jYyYvokYZigv9_9tT8oFpaxLdn HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEAC46JuEe3l0RrHQ5a2h3gI&google_cver=1&google_push=AYg5qPJYwY3juDfjcEr_IMs2JYHiY3eLjujt1dmQhZ3XbjtoHR3wV8nmcUQp537rg7MjZqq236jYyYvokYZigv9_9tT8oFpaxLdn&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=VHmgYXbaQoCfZlIP3U7yaQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJYwY3juDfjcEr_IMs2JYHiY3eLjujt1dmQhZ3XbjtoHR3wV8nmcUQp537rg7MjZqq236jYyYvokYZigv9_9tT8oFpaxLdn

Request Chain 121

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEI2sYtvU3edjvgz81D93jpo&google_cver=1&google_push=AYg5qPIEp9ZWy8N9LsoL1jT0llGJy2uWPubjmvAh87WLUNOXMYGgEO2j-8dZPHGaq2YIKYENlXyep8XCLQs7JZldpw14mG3OxcI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1QxODBCRjUtMVctMTQySw==&google_push=AYg5qPIEp9ZWy8N9LsoL1jT0llGJy2uWPubjmvAh87WLUNOXMYGgEO2j-8dZPHGaq2YIKYENlXyep8XCLQs7JZldpw14mG3OxcI

Request Chain 122

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHl_C9sxiJm7fVvfxHfg3-0&google_cver=1&google_push=AYg5qPKlusbFdpN0DkcD36zpQLyLwiDyWpgR0SbK416NCLgI85RyV0skgoZj6DM2uAFl0Pivf1CTeiwhWKAMEzopx76Zl_bF8tM HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEHl_C9sxiJm7fVvfxHfg3-0&google_push=AYg5qPKlusbFdpN0DkcD36zpQLyLwiDyWpgR0SbK416NCLgI85RyV0skgoZj6DM2uAFl0Pivf1CTeiwhWKAMEzopx76Zl_bF8tM&s=184023&C=1

Request Chain 126

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEExgGQ3oAOoKhIdZkn83t9k&google_cver=1&google_push=AYg5qPJ3OdYpogb0Z1P3M3scp9ICOaM5Rk0C6jsfYNIIQkLirIDGGLtOPicOCSlzjhrLhxpEHyoJn1nA-B56CCrwOgsYQSx0YlCp HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPJ3OdYpogb0Z1P3M3scp9ICOaM5Rk0C6jsfYNIIQkLirIDGGLtOPicOCSlzjhrLhxpEHyoJn1nA-B56CCrwOgsYQSx0YlCp&google_hm=N7rrlYcgRoYhRW1JkrY_Ig HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPJ3OdYpogb0Z1P3M3scp9ICOaM5Rk0C6jsfYNIIQkLirIDGGLtOPicOCSlzjhrLhxpEHyoJn1nA-B56CCrwOgsYQSx0YlCp&google_hm=N7rrlYcgRoYhRW1JkrY_Ig&google_tc=

Request Chain 127

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJbjOnkMXpIEPdCftGiX-b261Wu6nUfCbajYoOwt6rkB3p0EE09aXjlPWNmL9b9pKUgjFNU4_KHXd6h-gpleBHJ2y1dXfjibA&google_gid=CAESEHAnEq7SuwLCXLwDf6Qu-K4&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJbjOnkMXpIEPdCftGiX-b261Wu6nUfCbajYoOwt6rkB3p0EE09aXjlPWNmL9b9pKUgjFNU4_KHXd6h-gpleBHJ2y1dXfjibA&google_gid=CAESEHAnEq7SuwLCXLwDf6Qu-K4&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA5MDEwODExMjcwMDAxNTUwNDY5ODEwMw%3D%3D&google_push=AYg5qPJbjOnkMXpIEPdCftGiX-b261Wu6nUfCbajYoOwt6rkB3p0EE09aXjlPWNmL9b9pKUgjFNU4_KHXd6h-gpleBHJ2y1dXfjibA

Request Chain 129

https://rtb.openx.net/sync/dds?google_gid=CAESEMx86u1rRbBnui2dx8Mnl9I&google_cver=1&google_push=AYg5qPJ5-8YtNr-jBxI9OdKWnXVVOFL73c2tCor3K2-ivxeuci1ggIkg_pz_JOGQwV-bF8txipg1e_3Eoda7a3P0EUjNhhzupSy1wQ HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEMx86u1rRbBnui2dx8Mnl9I&google_cver=1&google_push=AYg5qPJ5-8YtNr-jBxI9OdKWnXVVOFL73c2tCor3K2-ivxeuci1ggIkg_pz_JOGQwV-bF8txipg1e_3Eoda7a3P0EUjNhhzupSy1wQ&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJ5-8YtNr-jBxI9OdKWnXVVOFL73c2tCor3K2-ivxeuci1ggIkg_pz_JOGQwV-bF8txipg1e_3Eoda7a3P0EUjNhhzupSy1wQ&google_hm=-IsEgpl7wqkiCQKXN-tmRA==

Request Chain 130

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEA5rw8Dugtc1UgANmnSu3AY&google_cver=1&google_push=AYg5qPK-gV1KfvG4eHxKHtdMBydlxO4EfGNK36sddeF_vftvV9VnbWGXcJB8JYgogcfClmb0f4pVidZacnQ1VsoXScpuv7C3ExSNhQ HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEA5rw8Dugtc1UgANmnSu3AY&google_cver=1&google_push=AYg5qPK-gV1KfvG4eHxKHtdMBydlxO4EfGNK36sddeF_vftvV9VnbWGXcJB8JYgogcfClmb0f4pVidZacnQ1VsoXScpuv7C3ExSNhQ&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=GnsSM5OpTqWx3uSy01b2YA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPK-gV1KfvG4eHxKHtdMBydlxO4EfGNK36sddeF_vftvV9VnbWGXcJB8JYgogcfClmb0f4pVidZacnQ1VsoXScpuv7C3ExSNhQ

Request Chain 131

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOHk3vplKLiKFy6LuSK5uIQ&google_cver=1&google_push=AYg5qPIiWQFAm_GU6tXrMaqOtdRxjv7vrchzePL6bfv4bBhw3k20PH1yLNUB5OC3wUXA8U1aSxVLxWenhunzGgR37tRsz_I2PGne HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1QxODBCR0ctMUEtRlFVQg==&google_push=AYg5qPIiWQFAm_GU6tXrMaqOtdRxjv7vrchzePL6bfv4bBhw3k20PH1yLNUB5OC3wUXA8U1aSxVLxWenhunzGgR37tRsz_I2PGne

Request Chain 132

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELlhMEBqr-WXEabla8jtsJI&google_cver=1&google_push=AYg5qPIJ3jHTfyuJUfqieAbZeFPDz2C-jIKFY1QB56fr8qB1K-LDT-btxEkRbAr9nLUuUkxzrlzk4Kakreur7Km5f8N_X-CPZz0Arw HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESELlhMEBqr-WXEabla8jtsJI&google_push=AYg5qPIJ3jHTfyuJUfqieAbZeFPDz2C-jIKFY1QB56fr8qB1K-LDT-btxEkRbAr9nLUuUkxzrlzk4Kakreur7Km5f8N_X-CPZz0Arw&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS81r6nhTgX4x-NU3-VT8QAABIwAAAAB&google_push=AYg5qPIJ3jHTfyuJUfqieAbZeFPDz2C-jIKFY1QB56fr8qB1K-LDT-btxEkRbAr9nLUuUkxzrlzk4Kakreur7Km5f8N_X-CPZz0Arw&google_cver=1&google_gid=CAESELlhMEBqr-WXEabla8jtsJI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS81r6nhTgX4x-NU3-VT8QAABIwAAAAB&google_push=AYg5qPIJ3jHTfyuJUfqieAbZeFPDz2C-jIKFY1QB56fr8qB1K-LDT-btxEkRbAr9nLUuUkxzrlzk4Kakreur7Km5f8N_X-CPZz0Arw&google_cver=1&google_gid=CAESELlhMEBqr-WXEabla8jtsJI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS81r6nhTgX4x-NU3-VT8QAABIwAAAAB&google_push=AYg5qPIJ3jHTfyuJUfqieAbZeFPDz2C-jIKFY1QB56fr8qB1K-LDT-btxEkRbAr9nLUuUkxzrlzk4Kakreur7Km5f8N_X-CPZz0Arw&google_cver=1&google_gid=CAESELlhMEBqr-WXEabla8jtsJI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS81r6nhTgX4x-NU3-VT8QAABIwAAAAB&google_push=AYg5qPIJ3jHTfyuJUfqieAbZeFPDz2C-jIKFY1QB56fr8qB1K-LDT-btxEkRbAr9nLUuUkxzrlzk4Kakreur7Km5f8N_X-CPZz0Arw&google_cver=1&google_gid=CAESELlhMEBqr-WXEabla8jtsJI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS81r6nhTgX4x-NU3-VT8QAABIwAAAAB&google_push=AYg5qPIJ3jHTfyuJUfqieAbZeFPDz2C-jIKFY1QB56fr8qB1K-LDT-btxEkRbAr9nLUuUkxzrlzk4Kakreur7Km5f8N_X-CPZz0Arw&google_cver=1&google_gid=CAESELlhMEBqr-WXEabla8jtsJI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS81r6nhTgX4x-NU3-VT8QAABIwAAAAB&google_push=AYg5qPIJ3jHTfyuJUfqieAbZeFPDz2C-jIKFY1QB56fr8qB1K-LDT-btxEkRbAr9nLUuUkxzrlzk4Kakreur7Km5f8N_X-CPZz0Arw&google_cver=1&google_gid=CAESELlhMEBqr-WXEabla8jtsJI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS81r6nhTgX4x-NU3-VT8QAABIwAAAAB&google_push=AYg5qPIJ3jHTfyuJUfqieAbZeFPDz2C-jIKFY1QB56fr8qB1K-LDT-btxEkRbAr9nLUuUkxzrlzk4Kakreur7Km5f8N_X-CPZz0Arw&google_cver=1&google_gid=CAESELlhMEBqr-WXEabla8jtsJI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS81r6nhTgX4x-NU3-VT8QAABIwAAAAB&google_push=AYg5qPIJ3jHTfyuJUfqieAbZeFPDz2C-jIKFY1QB56fr8qB1K-LDT-btxEkRbAr9nLUuUkxzrlzk4Kakreur7Km5f8N_X-CPZz0Arw&google_cver=1&google_gid=CAESELlhMEBqr-WXEabla8jtsJI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS81r6nhTgX4x-NU3-VT8QAABIwAAAAB&google_push=AYg5qPIJ3jHTfyuJUfqieAbZeFPDz2C-jIKFY1QB56fr8qB1K-LDT-btxEkRbAr9nLUuUkxzrlzk4Kakreur7Km5f8N_X-CPZz0Arw&google_cver=1&google_gid=CAESELlhMEBqr-WXEabla8jtsJI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS81r6nhTgX4x-NU3-VT8QAABIwAAAAB&google_push=AYg5qPIJ3jHTfyuJUfqieAbZeFPDz2C-jIKFY1QB56fr8qB1K-LDT-btxEkRbAr9nLUuUkxzrlzk4Kakreur7Km5f8N_X-CPZz0Arw&google_cver=1&google_gid=CAESELlhMEBqr-WXEabla8jtsJI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS81r6nhTgX4x-NU3-VT8QAABIwAAAAB&google_push=AYg5qPIJ3jHTfyuJUfqieAbZeFPDz2C-jIKFY1QB56fr8qB1K-LDT-btxEkRbAr9nLUuUkxzrlzk4Kakreur7Km5f8N_X-CPZz0Arw&google_cver=1&google_gid=CAESELlhMEBqr-WXEabla8jtsJI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS81r6nhTgX4x-NU3-VT8QAABIwAAAAB&google_push=AYg5qPIJ3jHTfyuJUfqieAbZeFPDz2C-jIKFY1QB56fr8qB1K-LDT-btxEkRbAr9nLUuUkxzrlzk4Kakreur7Km5f8N_X-CPZz0Arw&google_cver=1&google_gid=CAESELlhMEBqr-WXEabla8jtsJI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS81r6nhTgX4x-NU3-VT8QAABIwAAAAB&google_push=AYg5qPIJ3jHTfyuJUfqieAbZeFPDz2C-jIKFY1QB56fr8qB1K-LDT-btxEkRbAr9nLUuUkxzrlzk4Kakreur7Km5f8N_X-CPZz0Arw&google_cver=1&google_gid=CAESELlhMEBqr-WXEabla8jtsJI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS81r6nhTgX4x-NU3-VT8QAABIwAAAAB&google_push=AYg5qPIJ3jHTfyuJUfqieAbZeFPDz2C-jIKFY1QB56fr8qB1K-LDT-btxEkRbAr9nLUuUkxzrlzk4Kakreur7Km5f8N_X-CPZz0Arw&google_cver=1&google_gid=CAESELlhMEBqr-WXEabla8jtsJI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS81r6nhTgX4x-NU3-VT8QAABIwAAAAB&google_push=AYg5qPIJ3jHTfyuJUfqieAbZeFPDz2C-jIKFY1QB56fr8qB1K-LDT-btxEkRbAr9nLUuUkxzrlzk4Kakreur7Km5f8N_X-CPZz0Arw&google_cver=1&google_gid=CAESELlhMEBqr-WXEabla8jtsJI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS81r6nhTgX4x-NU3-VT8QAABIwAAAAB&google_push=AYg5qPIJ3jHTfyuJUfqieAbZeFPDz2C-jIKFY1QB56fr8qB1K-LDT-btxEkRbAr9nLUuUkxzrlzk4Kakreur7Km5f8N_X-CPZz0Arw&google_cver=1&google_gid=CAESELlhMEBqr-WXEabla8jtsJI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS81r6nhTgX4x-NU3-VT8QAABIwAAAAB&google_push=AYg5qPIJ3jHTfyuJUfqieAbZeFPDz2C-jIKFY1QB56fr8qB1K-LDT-btxEkRbAr9nLUuUkxzrlzk4Kakreur7Km5f8N_X-CPZz0Arw&google_cver=1&google_gid=CAESELlhMEBqr-WXEabla8jtsJI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS81r6nhTgX4x-NU3-VT8QAABIwAAAAB&google_push=AYg5qPIJ3jHTfyuJUfqieAbZeFPDz2C-jIKFY1QB56fr8qB1K-LDT-btxEkRbAr9nLUuUkxzrlzk4Kakreur7Km5f8N_X-CPZz0Arw&google_cver=1&google_gid=CAESELlhMEBqr-WXEabla8jtsJI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS81r6nhTgX4x-NU3-VT8QAABIwAAAAB&google_push=AYg5qPIJ3jHTfyuJUfqieAbZeFPDz2C-jIKFY1QB56fr8qB1K-LDT-btxEkRbAr9nLUuUkxzrlzk4Kakreur7Km5f8N_X-CPZz0Arw&google_cver=1&google_gid=CAESELlhMEBqr-WXEabla8jtsJI

155 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
sumypost.com/ 109 KB
26 KB 201ms
109ms Document
text/html 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sumypost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 35a798ccd5769ffd1d12996c54656345d3f5ad5639f3f5b090442dee335684e4

Request headers

:method: GET
:authority: sumypost.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

server: nginx
date: Wed, 01 Sep 2021 08:11:24 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding,Cookie
wp-super-cache: Served supercache file from PHP
x-ray: p17866:0.080/wn688:0.050/wa688:D=57148
x-page-speed: on
cache-control: max-age=0, no-cache
content-encoding: gzip

GET
H2 200 style.min.css
sumypost.com/wp-content/themes/portal-base/css/ 74 KB
17 KB 50ms
48ms Stylesheet
text/css 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sumypost.com/wp-content/themes/portal-base/css/style.min.css?ver=1562154777
Requested by: Host: sumypost.com
URL: https://sumypost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: d85112d14c6fac3e461e6c2aafcf58316e996a380ad30215777cd8760521673b

Request headers

:path: /wp-content/themes/portal-base/css/style.min.css?ver=1562154777
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: sumypost.com
referer: https://sumypost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ray: p17866:0.012/wn688:0.000/
content-encoding: gzip
last-modified: Wed, 03 Jul 2019 11:52:57 GMT
server: nginx
etag: W/"5d1c9719-126d2"
content-type: text/css
cache-control: max-age=604800
date: Wed, 01 Sep 2021 08:11:24 GMT
expires: Wed, 08 Sep 2021 08:11:24 GMT

GET
H2 200 A.dashicons.min.css,qver=5.2.2.pagespeed.cf.Zfe6btZDbd.css
sumypost.com/wp-includes/css/ 46 KB
28 KB 67ms
65ms Stylesheet
text/css 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sumypost.com/wp-includes/css/A.dashicons.min.css,qver=5.2.2.pagespeed.cf.Zfe6btZDbd.css
Requested by: Host: sumypost.com
URL: https://sumypost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 828082977a5f96b0a62e0d58c7545ef1036b320bb2d9db72f94993170cb15c58

Request headers

:path: /wp-includes/css/A.dashicons.min.css,qver=5.2.2.pagespeed.cf.Zfe6btZDbd.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: sumypost.com
referer: https://sumypost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-page-speed: on
x-ray: p17866:0.012/p17866:0.001/wn688:0.000/
content-encoding: gzip
x-original-content-length: 47558
server: nginx
etag: W/"0"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
date: Wed, 01 Sep 2021 08:11:24 GMT
last-modified: Wed, 01 Sep 2021 07:11:59 GMT
accept-ranges: bytes
content-length: 28413
expires: Thu, 01 Sep 2022 07:11:59 GMT

GET
H2 200 A.theme-my-login.css,qver=6.4.10.pagespeed.cf.d-6qikEmxN.css
sumypost.com/wp-content/plugins/theme-my-login/ 3 KB
1 KB 66ms
64ms Stylesheet
text/css 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sumypost.com/wp-content/plugins/theme-my-login/A.theme-my-login.css,qver=6.4.10.pagespeed.cf.d-6qikEmxN.css
Requested by: Host: sumypost.com
URL: https://sumypost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: edfe76acca4890e0a8208bebc32efce37ad25ac68518fef50db520474294bcbf

Request headers

:path: /wp-content/plugins/theme-my-login/A.theme-my-login.css,qver=6.4.10.pagespeed.cf.d-6qikEmxN.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: sumypost.com
referer: https://sumypost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-page-speed: on
x-ray: p17866:0.012/p17866:0.000/wn688:0.000/
content-encoding: gzip
x-original-content-length: 3447
server: nginx
etag: W/"0"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
date: Wed, 01 Sep 2021 08:11:24 GMT
last-modified: Wed, 01 Sep 2021 07:11:59 GMT
accept-ranges: bytes
content-length: 917
expires: Thu, 01 Sep 2022 07:11:59 GMT

GET
H2 200 A.styles.css,qver=4.7.pagespeed.cf.NtrTkKmVrV.css
sumypost.com/wp-content/plugins/contact-form-7/includes/css/ 1 KB
889 B 67ms
65ms Stylesheet
text/css 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sumypost.com/wp-content/plugins/contact-form-7/includes/css/A.styles.css,qver=4.7.pagespeed.cf.NtrTkKmVrV.css
Requested by: Host: sumypost.com
URL: https://sumypost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 441783bfcddf048111ca318b61c3e1441c4e78c6803ec8ebd4d991d7163a54e0

Request headers

:path: /wp-content/plugins/contact-form-7/includes/css/A.styles.css,qver=4.7.pagespeed.cf.NtrTkKmVrV.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: sumypost.com
referer: https://sumypost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-page-speed: on
x-ray: p17866:0.012/p17866:0.000/wn688:0.000/
content-encoding: gzip
x-original-content-length: 1606
server: nginx
etag: W/"0"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
date: Wed, 01 Sep 2021 08:11:24 GMT
last-modified: Wed, 01 Sep 2021 07:17:58 GMT
accept-ranges: bytes
content-length: 595
expires: Thu, 01 Sep 2022 07:17:58 GMT

GET
H2 200 style.min.css
sumypost.com/wp-content/themes/pt-sumy/css/ 4 KB
2 KB 65ms
64ms Stylesheet
text/css 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sumypost.com/wp-content/themes/pt-sumy/css/style.min.css?ver=2.3
Requested by: Host: sumypost.com
URL: https://sumypost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: d21022fedae715e019b0827c3923e0a92f750b2ea36b249933632a921b1e8d2e

Request headers

:path: /wp-content/themes/pt-sumy/css/style.min.css?ver=2.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: sumypost.com
referer: https://sumypost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ray: p17866:0.012/wn688:0.000/
content-encoding: gzip
last-modified: Mon, 22 Apr 2019 07:06:25 GMT
server: nginx
etag: W/"5cbd67f1-f76"
content-type: text/css
cache-control: max-age=604800
date: Wed, 01 Sep 2021 08:11:24 GMT
expires: Wed, 08 Sep 2021 08:11:24 GMT

GET
H2 200 A.font-awesome.min.css,qver=5.2.2.pagespeed.cf.jBrWCt-D4j.css
sumypost.com/wp-content/themes/portal-base/css/ 30 KB
7 KB 66ms
64ms Stylesheet
text/css 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sumypost.com/wp-content/themes/portal-base/css/A.font-awesome.min.css,qver=5.2.2.pagespeed.cf.jBrWCt-D4j.css
Requested by: Host: sumypost.com
URL: https://sumypost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 68f11ecbc8e56ff531e130db65cf00ab6a81b1706cf2aa3eaffee237b8b8e9c9

Request headers

:path: /wp-content/themes/portal-base/css/A.font-awesome.min.css,qver=5.2.2.pagespeed.cf.jBrWCt-D4j.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: sumypost.com
referer: https://sumypost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-page-speed: on
x-ray: p17866:0.012/p17866:0.011/wn688:0.000/
content-encoding: gzip
x-original-content-length: 31000
server: nginx
etag: W/"0"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
date: Wed, 01 Sep 2021 08:11:24 GMT
last-modified: Wed, 01 Sep 2021 07:11:59 GMT
accept-ranges: bytes
content-length: 6823
expires: Thu, 01 Sep 2022 07:11:59 GMT

GET
H2 200 jquery.js,qver=1.12.4-wp.pagespeed.jm.gp20iU5FlU.js Show response
sumypost.com/wp-includes/js/jquery/ 95 KB
33 KB 66ms
64ms Script
application/javascript 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sumypost.com/wp-includes/js/jquery/jquery.js,qver=1.12.4-wp.pagespeed.jm.gp20iU5FlU.js
Requested by: Host: sumypost.com
URL: https://sumypost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: d08fdf960890b4f7662bad35400a8464627110622652b944445b4a4ab32c01cb

Request headers

:path: /wp-includes/js/jquery/jquery.js,qver=1.12.4-wp.pagespeed.jm.gp20iU5FlU.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: sumypost.com
referer: https://sumypost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-page-speed: on
x-ray: p17866:0.012/p17866:0.000/wn688:0.000/
content-encoding: gzip
x-original-content-length: 96873
server: nginx
etag: W/"0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
date: Wed, 01 Sep 2021 08:11:24 GMT
last-modified: Wed, 01 Sep 2021 07:17:58 GMT
accept-ranges: bytes
content-length: 33683
expires: Thu, 01 Sep 2022 07:17:58 GMT

GET
H2 200 wp-includes,_js,_jquery,_jquery-migrate.min.js,qver==1.4.1+wp-content,_themes,_portal-base,_js,_loadmore.min.js,qver==1.0+wp-content,_themes,_portal-base,_js,_return.min.js,qver==5.2.2+wp-content,_... Show response
sumypost.com/ 35 KB
12 KB 65ms
64ms Script
application/javascript 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sumypost.com/wp-includes,_js,_jquery,_jquery-migrate.min.js,qver==1.4.1+wp-content,_themes,_portal-base,_js,_loadmore.min.js,qver==1.0+wp-content,_themes,_portal-base,_js,_return.min.js,qver==5.2.2+wp-content,_themes,_portal-base,_js,_load_ajax.min.js,qver==5.2.2+wp-content,_themes,_portal-base,_js,_sticky-kit.min.js,qver==5.2.2+wp-content,_themes,_portal-base,_js,_jquery-ias.min.js,qver==1.0.pagespeed.jc.x5bImhIP3A.js
Requested by: Host: sumypost.com
URL: https://sumypost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 01c87d6dbb55518c114e983b3d4a8631072905893a45cffc9afd68db8b5fd180

Request headers

:path: /wp-includes,_js,_jquery,_jquery-migrate.min.js,qver==1.4.1+wp-content,_themes,_portal-base,_js,_loadmore.min.js,qver==1.0+wp-content,_themes,_portal-base,_js,_return.min.js,qver==5.2.2+wp-content,_themes,_portal-base,_js,_load_ajax.min.js,qver==5.2.2+wp-content,_themes,_portal-base,_js,_sticky-kit.min.js,qver==5.2.2+wp-content,_themes,_portal-base,_js,_jquery-ias.min.js,qver==1.0.pagespeed.jc.x5bImhIP3A.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: sumypost.com
referer: https://sumypost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-page-speed: on
date: Wed, 01 Sep 2021 08:11:24 GMT
content-encoding: gzip
x-original-content-length: 35137
server: nginx
etag: W/"0"
vary: Accept-Encoding
content-type: application/javascript
x-ray: p17866:0.012/
cache-control: max-age=31536000
last-modified: Wed, 01 Sep 2021 07:17:58 GMT
accept-ranges: bytes
content-length: 12135
expires: Thu, 01 Sep 2022 07:17:58 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
658 B 16ms
15ms Script
text/javascript 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?hl=uk&ver=5.2.2

Requested by

Host: sumypost.com
URL: https://sumypost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5ade296987f827851d0d672ef8c154b733101b6b934b591947892c1020ab5855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 08:11:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 556
x-xss-protection: 1; mode=block
expires: Wed, 01 Sep 2021 08:11:24 GMT

GET
H2 200 name_u.png
sumypost.com/wp-content/themes/pt-sumy/img/ 3 KB
3 KB 40ms
38ms Image
image/png 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sumypost.com/wp-content/themes/pt-sumy/img/name_u.png
Requested by: Host: sumypost.com
URL: https://sumypost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: b67c782b336105a0cf78c06d5ee73c1a14c38062d06ef3d31beeb5b9ea624024

Request headers

:path: /wp-content/themes/pt-sumy/img/name_u.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sumypost.com
referer: https://sumypost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ray: p17866:0.000/wn688:0.000/
last-modified: Mon, 22 Apr 2019 07:06:28 GMT
server: nginx
etag: "5cbd67f4-bb5"
content-type: image/png
cache-control: max-age=604800
date: Wed, 01 Sep 2021 08:11:25 GMT
accept-ranges: bytes
content-length: 2997
expires: Wed, 08 Sep 2021 08:11:25 GMT

GET
H2 200 1.JiBnMqyl6S.gif
sumypost.com/pagespeed_static/ 53 B
266 B 38ms
36ms Image
image/gif 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sumypost.com/pagespeed_static/1.JiBnMqyl6S.gif

Requested by

Host: sumypost.com
URL: https://sumypost.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),

Reverse DNS

Software

nginx /

Resource Hash

1eddc73cd37d151291adc510a4a547c4b0248b5bf7d368fcf4b73840a75b819a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /pagespeed_static/1.JiBnMqyl6S.gif
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sumypost.com
referer: https://sumypost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ray: p17866:0.000/wn688:0.000/
x-content-type-options: nosniff
last-modified: Wed, 01 Sep 2021 08:11:25 GMT
server: nginx
date: Wed, 01 Sep 2021 08:11:25 GMT
content-type: image/gif
cache-control: max-age=604800
etag: W/"0"
expires: Wed, 08 Sep 2021 08:11:25 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 138 KB
49 KB 54ms
34ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: sumypost.com
URL: https://sumypost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3de5a9a5e834a368b912b4a2c8bd27e1c684fe8134f294c2bd6a058f48b0fd1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 08:11:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49572
x-xss-protection: 0
server: cafe
etag: 17791414395714013680
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 01 Sep 2021 08:11:25 GMT

GET
H2 200 sanatorium-sb-2m.gif
sumypost.com/media/ 173 KB
174 KB 42ms
40ms Image
image/gif 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sumypost.com/media/sanatorium-sb-2m.gif
Requested by: Host: sumypost.com
URL: https://sumypost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 999cde936420491d96d2213f62f5b14d7fd930102980566ba4c43abba331393f

Request headers

:path: /media/sanatorium-sb-2m.gif
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sumypost.com
referer: https://sumypost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ray: p17866:0.000/wn688:0.000/
last-modified: Fri, 30 Apr 2021 18:41:05 GMT
server: nginx
etag: "608c4f41-2b427"
content-type: image/gif
cache-control: max-age=604800
date: Wed, 01 Sep 2021 08:11:25 GMT
accept-ranges: bytes
content-length: 177191
expires: Wed, 08 Sep 2021 08:11:25 GMT

GET
H2 200 ua_312x180.jpg
sumypost.com/wp-content/themes/PortalTown/img/ 9 KB
9 KB 39ms
38ms Image
image/jpeg 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sumypost.com/wp-content/themes/PortalTown/img/ua_312x180.jpg
Requested by: Host: sumypost.com
URL: https://sumypost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: d179df34c1ba991ee5d52b240df6d74b9542da5c8c26c4964f9e4cfe0c1f43b8

Request headers

:path: /wp-content/themes/PortalTown/img/ua_312x180.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sumypost.com
referer: https://sumypost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ray: p17866:0.000/wn688:0.000/
last-modified: Sat, 09 Mar 2019 21:20:08 GMT
server: nginx
etag: "5c842e08-227f"
content-type: image/jpeg
cache-control: max-age=604800
date: Wed, 01 Sep 2021 08:11:25 GMT
accept-ranges: bytes
content-length: 8831
expires: Wed, 08 Sep 2021 08:11:25 GMT

GET
H2 200 forward-100.png
sumypost.com/wp-content/themes/portal-base/img/ 282 B
498 B 40ms
39ms Image
image/png 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sumypost.com/wp-content/themes/portal-base/img/forward-100.png
Requested by: Host: sumypost.com
URL: https://sumypost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 8cadae5225b49124780184bf43516e483ac517c05151c872fd9dd6bb5d459afd

Request headers

:path: /wp-content/themes/portal-base/img/forward-100.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sumypost.com
referer: https://sumypost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ray: p17866:0.000/wn688:0.000/
last-modified: Wed, 03 Jul 2019 11:52:57 GMT
server: nginx
etag: "5d1c9719-11a"
content-type: image/png
cache-control: max-age=604800
date: Wed, 01 Sep 2021 08:11:25 GMT
accept-ranges: bytes
content-length: 282
expires: Wed, 08 Sep 2021 08:11:25 GMT

GET
H/1.1 200
OK counter2.0.js Show response
get.mycounter.ua/ 4 KB
4 KB 158ms
47ms Script
application/javascript 62.149.0.249
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://get.mycounter.ua/counter2.0.js
Requested by: Host: sumypost.com
URL: https://sumypost.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.149.0.249 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS: get.mycounter.ua
Software: nginx/1.14.2 /
Resource Hash: 266a3771ef39c4855333a8ff90d4a48d8c19f2ddb561ceb41a5a8ab4747304f8

Request headers

Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 08:11:25 GMT
Last-Modified: Mon, 11 Jan 2021 22:30:07 GMT
Server: nginx/1.14.2
ETag: "5ffcd16f-e45"
Content-Type: application/javascript
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3653
Expires: Wed, 01 Sep 2021 09:11:25 GMT

GET
H2 200 flexmenu.min.js Show response
sumypost.com/wp-content/themes/portal-base/js/ 2 KB
1 KB 36ms
36ms Script
application/javascript 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sumypost.com/wp-content/themes/portal-base/js/flexmenu.min.js
Requested by: Host: sumypost.com
URL: https://sumypost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 268d4ee9f8e316f07f185acd7b3ce896ae73437a8aceb8e516fad7c1b405e72b

Request headers

:path: /wp-content/themes/portal-base/js/flexmenu.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: sumypost.com
referer: https://sumypost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ray: p17866:0.000/wn688:0.000/
content-encoding: gzip
last-modified: Wed, 03 Jul 2019 11:52:57 GMT
server: nginx
etag: W/"5d1c9719-8dd"
content-type: application/javascript
cache-control: max-age=604800
date: Wed, 01 Sep 2021 08:11:25 GMT
expires: Wed, 08 Sep 2021 08:11:25 GMT

GET
H2 200 footer_sc.min.js Show response
sumypost.com/wp-content/themes/portal-base/js/ 2 KB
2 KB 39ms
37ms Script
application/javascript 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sumypost.com/wp-content/themes/portal-base/js/footer_sc.min.js?ver=1562154777
Requested by: Host: sumypost.com
URL: https://sumypost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 2fc4cc1bfc175be0c3a822a4fa2c3dfe2b83c900b80171deca4441ff5a5769a5

Request headers

:path: /wp-content/themes/portal-base/js/footer_sc.min.js?ver=1562154777
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: sumypost.com
referer: https://sumypost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ray: p17866:0.000/wn688:0.000/
last-modified: Wed, 03 Jul 2019 11:52:57 GMT
server: nginx
etag: "5d1c9719-620"
content-type: application/javascript
cache-control: max-age=604800
date: Wed, 01 Sep 2021 08:11:25 GMT
accept-ranges: bytes
content-length: 1568
expires: Wed, 08 Sep 2021 08:11:25 GMT

GET
H2 200 jquery.form.min.js,qver=3.51.0-2014.06.20.pagespeed.jm.RVBOol6lkO.js Show response
sumypost.com/wp-content/plugins/contact-form-7/includes/js/ 15 KB
6 KB 42ms
40ms Script
application/javascript 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sumypost.com/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js,qver=3.51.0-2014.06.20.pagespeed.jm.RVBOol6lkO.js
Requested by: Host: sumypost.com
URL: https://sumypost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 8e46813172e9fa6ada136f50d2bea0b539e249f3e14b537447b61c43076dee74

Request headers

:path: /wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js,qver=3.51.0-2014.06.20.pagespeed.jm.RVBOol6lkO.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: sumypost.com
referer: https://sumypost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-page-speed: on
x-ray: p17866:0.000/p17866:0.001/wn688:0.000/
content-encoding: gzip
x-original-content-length: 15248
server: nginx
etag: W/"0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
date: Wed, 01 Sep 2021 08:11:25 GMT
last-modified: Tue, 31 Aug 2021 18:47:52 GMT
accept-ranges: bytes
content-length: 5657
expires: Wed, 31 Aug 2022 18:47:52 GMT

GET
H2 200 wp-content,_plugins,_contact-form-7,_includes,_js,_scripts.js,qver==4.7+wp-includes,_js,_wp-embed.min.js,qver==5.2.2.pagespeed.jc.dvJCbrEd1J.js Show response
sumypost.com/ 12 KB
4 KB 41ms
39ms Script
application/javascript 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sumypost.com/wp-content,_plugins,_contact-form-7,_includes,_js,_scripts.js,qver==4.7+wp-includes,_js,_wp-embed.min.js,qver==5.2.2.pagespeed.jc.dvJCbrEd1J.js
Requested by: Host: sumypost.com
URL: https://sumypost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: a7dff3d19d46ecb27a23dbb25eb379ad20b6107122a629613b299a3a9997700f

Request headers

:path: /wp-content,_plugins,_contact-form-7,_includes,_js,_scripts.js,qver==4.7+wp-includes,_js,_wp-embed.min.js,qver==5.2.2.pagespeed.jc.dvJCbrEd1J.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: sumypost.com
referer: https://sumypost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-page-speed: on
x-ray: p17866:0.000/p17866:0.000/wn688:0.000/
content-encoding: gzip
x-original-content-length: 15079
server: nginx
etag: W/"0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
date: Wed, 01 Sep 2021 08:11:25 GMT
last-modified: Tue, 31 Aug 2021 17:20:41 GMT
accept-ranges: bytes
content-length: 3873
expires: Wed, 31 Aug 2022 17:20:41 GMT

GET
H2 200 recaptcha__uk.js Show response
www.gstatic.com/recaptcha/releases/Q_rrUPkK1sXoHi4wbuDTgcQR/ 373 KB
373 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Q_rrUPkK1sXoHi4wbuDTgcQR/recaptcha__uk.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=uk&ver=5.2.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ff4b8009739c93c977ebd2d53c78d5685315763f0a5e3ff816439075163cfc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://sumypost.com
Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 00:45:34 GMT
x-content-type-options: nosniff
age: 545151
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 381676
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 04:03:35 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 26 Aug 2022 00:45:34 GMT

GET
H2 200 fontawesome-webfont.woff2
sumypost.com/wp-content/themes/portal-base/fonts/ 75 KB
76 KB 49ms
47ms Font
font/woff2 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sumypost.com/wp-content/themes/portal-base/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: sumypost.com
URL: https://sumypost.com/wp-content/themes/portal-base/css/A.font-awesome.min.css,qver=5.2.2.pagespeed.cf.jBrWCt-D4j.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

:path: /wp-content/themes/portal-base/fonts/fontawesome-webfont.woff2?v=4.7.0
pragma: no-cache
origin: https://sumypost.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: sumypost.com
referer: https://sumypost.com/wp-content/themes/portal-base/css/A.font-awesome.min.css,qver=5.2.2.pagespeed.cf.jBrWCt-D4j.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://sumypost.com
Referer: https://sumypost.com/wp-content/themes/portal-base/css/A.font-awesome.min.css,qver=5.2.2.pagespeed.cf.jBrWCt-D4j.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ray: p17866:0.000/wn688:0.000/
last-modified: Wed, 03 Jul 2019 11:52:57 GMT
server: nginx
etag: "5d1c9719-12d68"
content-type: font/woff2
cache-control: max-age=604800
date: Wed, 01 Sep 2021 08:11:25 GMT
accept-ranges: bytes
content-length: 77160
expires: Wed, 08 Sep 2021 08:11:25 GMT

GET
H2 200 roboto.woff
sumypost.com/wp-content/themes/portal-base/fonts/roboto/ 25 KB
26 KB 48ms
47ms Font
font/woff 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sumypost.com/wp-content/themes/portal-base/fonts/roboto/roboto.woff
Requested by: Host: sumypost.com
URL: https://sumypost.com/wp-content/themes/portal-base/css/style.min.css?ver=1562154777
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 230226211b6fa75f73a7257ef16ffa5904523b30e32e7aae949790ae288a4dc0

Request headers

:path: /wp-content/themes/portal-base/fonts/roboto/roboto.woff
pragma: no-cache
origin: https://sumypost.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: sumypost.com
referer: https://sumypost.com/wp-content/themes/portal-base/css/style.min.css?ver=1562154777
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://sumypost.com
Referer: https://sumypost.com/wp-content/themes/portal-base/css/style.min.css?ver=1562154777
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ray: p17866:0.000/wn688:0.000/
last-modified: Wed, 03 Jul 2019 11:52:57 GMT
server: nginx
etag: "5d1c9719-65f8"
content-type: font/woff
cache-control: max-age=604800
date: Wed, 01 Sep 2021 08:11:25 GMT
accept-ranges: bytes
content-length: 26104
expires: Wed, 08 Sep 2021 08:11:25 GMT

GET
H2 200 ptserif.woff2
sumypost.com/wp-content/themes/portal-base/fonts/ptserif/ 31 KB
31 KB 48ms
47ms Font
font/woff2 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sumypost.com/wp-content/themes/portal-base/fonts/ptserif/ptserif.woff2
Requested by: Host: sumypost.com
URL: https://sumypost.com/wp-content/themes/portal-base/css/style.min.css?ver=1562154777
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 91b3409ecfc085b8c41bda8854235cbbd2c67286f2a650f92f2ed0979914e23b

Request headers

:path: /wp-content/themes/portal-base/fonts/ptserif/ptserif.woff2
pragma: no-cache
origin: https://sumypost.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: sumypost.com
referer: https://sumypost.com/wp-content/themes/portal-base/css/style.min.css?ver=1562154777
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://sumypost.com
Referer: https://sumypost.com/wp-content/themes/portal-base/css/style.min.css?ver=1562154777
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ray: p17866:0.000/wn688:0.000/
last-modified: Wed, 03 Jul 2019 11:52:57 GMT
server: nginx
etag: "5d1c9719-7adc"
content-type: font/woff2
cache-control: max-age=604800
date: Wed, 01 Sep 2021 08:11:25 GMT
accept-ranges: bytes
content-length: 31452
expires: Wed, 08 Sep 2021 08:11:25 GMT

GET
H2 200 robotobold.woff
sumypost.com/wp-content/themes/portal-base/fonts/roboto/ 24 KB
24 KB 48ms
47ms Font
font/woff 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sumypost.com/wp-content/themes/portal-base/fonts/roboto/robotobold.woff
Requested by: Host: sumypost.com
URL: https://sumypost.com/wp-content/themes/portal-base/css/style.min.css?ver=1562154777
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: ebf244a66931bb750c0eed9f5d90f7708abdadc364bbef7df8a4049c0a26c2b4

Request headers

:path: /wp-content/themes/portal-base/fonts/roboto/robotobold.woff
pragma: no-cache
origin: https://sumypost.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: sumypost.com
referer: https://sumypost.com/wp-content/themes/portal-base/css/style.min.css?ver=1562154777
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://sumypost.com
Referer: https://sumypost.com/wp-content/themes/portal-base/css/style.min.css?ver=1562154777
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ray: p17866:0.000/wn688:0.000/
last-modified: Wed, 03 Jul 2019 11:52:57 GMT
server: nginx
etag: "5d1c9719-6094"
content-type: font/woff
cache-control: max-age=604800
date: Wed, 01 Sep 2021 08:11:25 GMT
accept-ranges: bytes
content-length: 24724
expires: Wed, 08 Sep 2021 08:11:25 GMT

GET
H2 200 m-cat-item.png
sumypost.com/wp-content/themes/portal-base/img/ 5 KB
6 KB 36ms
36ms Image
image/png 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sumypost.com/wp-content/themes/portal-base/img/m-cat-item.png
Requested by: Host: sumypost.com
URL: https://sumypost.com/wp-content/themes/portal-base/css/style.min.css?ver=1562154777
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 4f3e758eee93b746eb32f72127664b6bb6de1465f28eb6d32600ab2b3071c500

Request headers

:path: /wp-content/themes/portal-base/img/m-cat-item.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sumypost.com
referer: https://sumypost.com/wp-content/themes/portal-base/css/style.min.css?ver=1562154777
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/wp-content/themes/portal-base/css/style.min.css?ver=1562154777
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ray: p17866:0.001/wn688:0.000/
last-modified: Wed, 03 Jul 2019 11:52:57 GMT
server: nginx
etag: "5d1c9719-1598"
content-type: image/png
cache-control: max-age=604800
date: Wed, 01 Sep 2021 08:11:25 GMT
accept-ranges: bytes
content-length: 5528
expires: Wed, 08 Sep 2021 08:11:25 GMT

GET
H2 200 1-315x247.jpg
sumypost.com/wp-content/uploads/2021/09/ 11 KB
11 KB 37ms
37ms Image
image/jpeg 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sumypost.com/wp-content/uploads/2021/09/1-315x247.jpg
Requested by: Host: sumypost.com
URL: https://sumypost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: cd0f00b995a871f7f74a6db569389fddcc5f86d7262b3d87ae6db23ea4e10df2

Request headers

:path: /wp-content/uploads/2021/09/1-315x247.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sumypost.com
referer: https://sumypost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ray: p17866:0.000/wn688:0.000/
last-modified: Tue, 31 Aug 2021 16:59:28 GMT
server: nginx
etag: "612e5ff0-2b88"
content-type: image/jpeg
cache-control: max-age=604800
date: Wed, 01 Sep 2021 08:11:25 GMT
accept-ranges: bytes
content-length: 11144
expires: Wed, 08 Sep 2021 08:11:25 GMT

GET
H2 200 kurs-1-315x247.jpg
sumypost.com/wp-content/uploads/2021/08/ 15 KB
15 KB 37ms
37ms Image
image/jpeg 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sumypost.com/wp-content/uploads/2021/08/kurs-1-315x247.jpg
Requested by: Host: sumypost.com
URL: https://sumypost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 45d593abb885947835bb1470c323f26e716d3bc2c9862c5192680863c5013ffc

Request headers

:path: /wp-content/uploads/2021/08/kurs-1-315x247.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sumypost.com
referer: https://sumypost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ray: p17866:0.000/wn688:0.000/
last-modified: Wed, 25 Aug 2021 17:19:10 GMT
server: nginx
etag: "61267b8e-3b2e"
content-type: image/jpeg
cache-control: max-age=604800
date: Wed, 01 Sep 2021 08:11:25 GMT
accept-ranges: bytes
content-length: 15150
expires: Wed, 08 Sep 2021 08:11:25 GMT

GET
H2 200 photo_2021-03-12_09-54-42.jpg
sumypost.com/wp-content/uploads/2021/03/ 107 KB
108 KB 38ms
37ms Image
image/jpeg 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sumypost.com/wp-content/uploads/2021/03/photo_2021-03-12_09-54-42.jpg
Requested by: Host: sumypost.com
URL: https://sumypost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 7ecf284e717e15fb163e7c0bd1a0c014dfee68c084f86dbc6399db492e08af37

Request headers

:path: /wp-content/uploads/2021/03/photo_2021-03-12_09-54-42.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sumypost.com
referer: https://sumypost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ray: p17866:0.000/wn688:0.000/
last-modified: Fri, 12 Mar 2021 07:58:37 GMT
server: nginx
etag: "604b1f2d-1ad6f"
content-type: image/jpeg
cache-control: max-age=604800
date: Wed, 01 Sep 2021 08:11:25 GMT
accept-ranges: bytes
content-length: 109935
expires: Wed, 08 Sep 2021 08:11:25 GMT

GET
H2 200 96d119d7ab8174b5-315x247.jpg
sumypost.com/wp-content/uploads/2021/02/ 18 KB
18 KB 40ms
39ms Image
image/jpeg 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sumypost.com/wp-content/uploads/2021/02/96d119d7ab8174b5-315x247.jpg
Requested by: Host: sumypost.com
URL: https://sumypost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 85733c65ff54b0c6db912db3d892e2a1d35b21506d2894054fcdac6079e2faec

Request headers

:path: /wp-content/uploads/2021/02/96d119d7ab8174b5-315x247.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sumypost.com
referer: https://sumypost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ray: p17866:0.000/wn688:0.000/
last-modified: Sun, 28 Feb 2021 08:18:51 GMT
server: nginx
etag: "603b51eb-486a"
content-type: image/jpeg
cache-control: max-age=604800
date: Wed, 01 Sep 2021 08:11:25 GMT
accept-ranges: bytes
content-length: 18538
expires: Wed, 08 Sep 2021 08:11:25 GMT

GET
H2 200 20210901_093027-696x464-315x247.jpg
sumypost.com/wp-content/uploads/2021/09/ 15 KB
15 KB 40ms
40ms Image
image/jpeg 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sumypost.com/wp-content/uploads/2021/09/20210901_093027-696x464-315x247.jpg
Requested by: Host: sumypost.com
URL: https://sumypost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 9b620f4e62cb37fd952bc0520cd4cccf92aaf7833a96757b265c97f68ee32fe3

Request headers

:path: /wp-content/uploads/2021/09/20210901_093027-696x464-315x247.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sumypost.com
referer: https://sumypost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ray: p17866:0.000/wn688:0.000/
last-modified: Wed, 01 Sep 2021 06:54:13 GMT
server: nginx
etag: "612f2395-3c14"
content-type: image/jpeg
cache-control: max-age=604800
date: Wed, 01 Sep 2021 08:11:25 GMT
accept-ranges: bytes
content-length: 15380
expires: Wed, 08 Sep 2021 08:11:25 GMT

GET
H2 200 6D3A6658-315x247.jpg
sumypost.com/wp-content/uploads/2021/09/ 26 KB
26 KB 42ms
41ms Image
image/jpeg 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sumypost.com/wp-content/uploads/2021/09/6D3A6658-315x247.jpg
Requested by: Host: sumypost.com
URL: https://sumypost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: e7aab4597a408b3d42bc60d227ef975beb946a7ab44d2f1a4ab2156c3153e21a

Request headers

:path: /wp-content/uploads/2021/09/6D3A6658-315x247.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sumypost.com
referer: https://sumypost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ray: p17866:0.000/wn688:0.000/
last-modified: Wed, 01 Sep 2021 05:25:38 GMT
server: nginx
etag: "612f0ed2-677c"
content-type: image/jpeg
cache-control: max-age=604800
date: Wed, 01 Sep 2021 08:11:25 GMT
accept-ranges: bytes
content-length: 26492
expires: Wed, 08 Sep 2021 08:11:25 GMT

GET
H2 200 sud-2-1-315x247.jpg
sumypost.com/wp-content/uploads/2020/09/ 11 KB
11 KB 40ms
40ms Image
image/jpeg 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sumypost.com/wp-content/uploads/2020/09/sud-2-1-315x247.jpg
Requested by: Host: sumypost.com
URL: https://sumypost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: a9b2a92f59a0b0e17e3c8c2417f4ac06795ecbdc3975dcc3aa1f10735f36cde8

Request headers

:path: /wp-content/uploads/2020/09/sud-2-1-315x247.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sumypost.com
referer: https://sumypost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ray: p17866:0.000/wn688:0.000/
last-modified: Wed, 30 Sep 2020 15:18:18 GMT
server: nginx
etag: "5f74a1ba-2c71"
content-type: image/jpeg
cache-control: max-age=604800
date: Wed, 01 Sep 2021 08:11:25 GMT
accept-ranges: bytes
content-length: 11377
expires: Wed, 08 Sep 2021 08:11:25 GMT

GET
H2 200 1-52-312x190.jpg
sumypost.com/wp-content/uploads/2020/01/ 15 KB
16 KB 38ms
38ms Image
image/jpeg 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sumypost.com/wp-content/uploads/2020/01/1-52-312x190.jpg
Requested by: Host: sumypost.com
URL: https://sumypost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: a6ba6fba1112b7017688440cc23b9b440937c1b20a304206cb45b5ab9aecc253

Request headers

:path: /wp-content/uploads/2020/01/1-52-312x190.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sumypost.com
referer: https://sumypost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ray: p17866:0.000/wn688:0.000/
last-modified: Thu, 23 Jan 2020 14:39:10 GMT
server: nginx
etag: "5e29b00e-3d68"
content-type: image/jpeg
cache-control: max-age=604800
date: Wed, 01 Sep 2021 08:11:25 GMT
accept-ranges: bytes
content-length: 15720
expires: Wed, 08 Sep 2021 08:11:25 GMT

GET
H2 200 vystavka-sobak-161018.jpg
sumypost.com/wp-content/uploads/2019/08/ 766 KB
768 KB 41ms
40ms Image
image/jpeg 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sumypost.com/wp-content/uploads/2019/08/vystavka-sobak-161018.jpg
Requested by: Host: sumypost.com
URL: https://sumypost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: b01c57672a97af773365e6b21739358b8beb67b64e0dee8da14ee2da87af40e4

Request headers

:path: /wp-content/uploads/2019/08/vystavka-sobak-161018.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sumypost.com
referer: https://sumypost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ray: p17866:0.000/wn688:0.000/
last-modified: Fri, 30 Aug 2019 17:25:10 GMT
server: nginx
etag: "5d695bf6-bf871"
content-type: image/jpeg
cache-control: max-age=604800
date: Wed, 01 Sep 2021 08:11:25 GMT
accept-ranges: bytes
content-length: 784497
expires: Wed, 08 Sep 2021 08:11:25 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108310101/ 250 KB
93 KB 47ms
32ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108310101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9663262642527369&plah=sumypost.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

789f22b18f4888fd4abfde82c10d9436d2ba5f7aa1107b0203ba386c688493cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 08:11:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95226
x-xss-protection: 0
server: cafe
etag: 17201458395757084847
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 01 Sep 2021 08:11:25 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210830/r20190131/ Frame 2706 10 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210830/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210830/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sumypost.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://sumypost.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 31 Aug 2021 23:25:20 GMT
expires: Tue, 14 Sep 2021 23:25:20 GMT
content-type: text/html; charset=UTF-8
etag: 13836150016441684253
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4591
x-xss-protection: 0
age: 31565
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK / Show response
c.bigmir.net/ 133 B
424 B 247ms
58ms Script
application/x-javascript 193.239.68.97
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bigmir.net/?o1&v16935761&s16936220&t0&c1&n712212&w0&y0&d24&r1600
Requested by: Host: sumypost.com
URL: https://sumypost.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.239.68.97 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS: c.bigmir.net
Software: nginx /
Resource Hash: cb427c8501c783235f7698e3cb8d6d5387b89f5481a5cd049e2c6d6e33b21af1

Request headers

Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 08:11:25 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/x-javascript; charset=windows-1251
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Keep-Alive: timeout=5
Expires: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 202 B
657 B 927ms
65ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=sumypost.com&callback=_gfp_s_&client=ca-pub-9663262642527369

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108310101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9663262642527369&plah=sumypost.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

3d0428a6ace354cd2b85e081826ae5998db9a6e91d6fa4073083e4b881c7256c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 08:11:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 192
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 35ms
16ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=sumypost.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 01 Sep 2021 08:11:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 39ms
16ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=sumypost.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 01 Sep 2021 08:11:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DC63 85 KB
29 KB 596ms
596ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9663262642527369&output=html&h=280&slotname=2706803759&adk=1686960007&adf=1637403657&pi=t.ma~as.2706803759&w=644&fwrn=4&fwrnh=100&lmt=1630483885&rafmt=1&psa=0&format=644x280&url=https%3A%2F%2Fsumypost.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630483885194&bpp=6&bdt=277&idt=112&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&abxe=1&correlator=8353453686495&frm=20&pv=2&ga_vid=18409832.1630483885&ga_sid=1630483885&ga_hid=2095080406&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=146&ady=331&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062297&oid=3&pvsid=1091668884418934&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=ES8IxVneum&p=https%3A//sumypost.com&dtd=131

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f9425047096ffcaec01a3708c69683cda8632cae999868747259a4bc7c1e30cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9663262642527369&output=html&h=280&slotname=2706803759&adk=1686960007&adf=1637403657&pi=t.ma~as.2706803759&w=644&fwrn=4&fwrnh=100&lmt=1630483885&rafmt=1&psa=0&format=644x280&url=https%3A%2F%2Fsumypost.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630483885194&bpp=6&bdt=277&idt=112&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&abxe=1&correlator=8353453686495&frm=20&pv=2&ga_vid=18409832.1630483885&ga_sid=1630483885&ga_hid=2095080406&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=146&ady=331&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062297&oid=3&pvsid=1091668884418934&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=ES8IxVneum&p=https%3A//sumypost.com&dtd=131
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sumypost.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://sumypost.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 01 Sep 2021 08:11:25 GMT
server: cafe
content-length: 29410
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 01-Sep-2021 08:26:25 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 01 Sep 2021 08:11:25 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 36ms
15ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9973d4837254463d18af1f1fa3d201f5c46270b8516e1d1fa0886e14e1c39334

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 08:11:25 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630322975956640"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27566
x-xss-protection: 0
expires: Wed, 01 Sep 2021 08:11:25 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A2C9 134 KB
41 KB 516ms
516ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9663262642527369&output=html&h=280&slotname=7596210885&adk=2638584320&adf=1435561984&pi=t.ma~as.7596210885&w=644&fwrn=4&fwrnh=100&lmt=1630483885&rafmt=1&psa=0&format=644x280&url=https%3A%2F%2Fsumypost.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630483885203&bpp=1&bdt=286&idt=136&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&abxe=1&prev_fmts=644x280&correlator=8353453686495&frm=20&pv=1&ga_vid=18409832.1630483885&ga_sid=1630483885&ga_hid=2095080406&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=146&ady=1231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062297&oid=3&pvsid=1091668884418934&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ZBbbw94fkp&p=https%3A//sumypost.com&dtd=141

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84250e907a5c5a4166aa4840033f1f4dc55ea40787a477d5b5125395abff8a90

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2780012909176580331/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2780012909176580331/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKaDsuap3fICFaFF5QodrGENCA&gqi=rTUvYaa9FdnV7_UPx42biAM&layout=/sadbundle/%24csp%253Der3%24/2780012909176580331/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9663262642527369&output=html&h=280&slotname=7596210885&adk=2638584320&adf=1435561984&pi=t.ma~as.7596210885&w=644&fwrn=4&fwrnh=100&lmt=1630483885&rafmt=1&psa=0&format=644x280&url=https%3A%2F%2Fsumypost.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630483885203&bpp=1&bdt=286&idt=136&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&abxe=1&prev_fmts=644x280&correlator=8353453686495&frm=20&pv=1&ga_vid=18409832.1630483885&ga_sid=1630483885&ga_hid=2095080406&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=146&ady=1231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062297&oid=3&pvsid=1091668884418934&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ZBbbw94fkp&p=https%3A//sumypost.com&dtd=141
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sumypost.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://sumypost.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2780012909176580331/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2780012909176580331/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKaDsuap3fICFaFF5QodrGENCA&gqi=rTUvYaa9FdnV7_UPx42biAM&layout=/sadbundle/%24csp%253Der3%24/2780012909176580331/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 01 Sep 2021 08:11:25 GMT
server: cafe
content-length: 42368
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 01-Sep-2021 08:26:25 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 01 Sep 2021 08:11:25 GMT
cache-control: private

GET ads
googleads.g.doubleclick.net/pagead/ Frame AC00 0
0

GET ads
googleads.g.doubleclick.net/pagead/ Frame E952 0
0

GET
H/1.1 200
OK counter.php
get.mycounter.ua/ 745 B
968 B 62ms
61ms Image
image/png 62.149.0.249
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://get.mycounter.ua/counter.php?id=164155&w=https%3A//sumypost.com/&s=1600x1200x24&c=1&j=7&gmt=1&dst=1
Requested by: Host: sumypost.com
URL: https://sumypost.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.149.0.249 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS: get.mycounter.ua
Software: MyCounter TCP Server v.2.0.0 /
Resource Hash: 4d4bd42a3a5af9e0e1539e9046fc1bfd62720f2e9389ac40da5f4d1424f5578d

Request headers

Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 11:11:25 GMT
Server: MyCounter TCP Server v.2.0.0
Content-Type: image/png
Cache-control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 745
Expires: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: sumypost.com
URL: https://sumypost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 4765
date: Wed, 01 Sep 2021 06:52:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Wed, 01 Sep 2021 08:52:00 GMT

GET
H2 200 b59_top.gif
i.bigmir.net/cnt/samples/diagonal/ 65 B
237 B 741ms
62ms Image
image/gif 193.239.71.100
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.bigmir.net/cnt/samples/diagonal/b59_top.gif
Requested by: Host: sumypost.com
URL: https://sumypost.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS: rs.img.com.ua
Software: nginx /
Resource Hash: 3f62d2f95c3642606f92c38db573546731c3430e4d0fa101c0b2fdfd63695bb5

Request headers

Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 08:11:26 GMT
last-modified: Tue, 23 Jan 2007 13:14:28 GMT
server: nginx
etag: "45b60a34-41"
content-type: image/gif
cache-control: max-age=259200
accept-ranges: bytes
content-length: 65
expires: Sat, 04 Sep 2021 08:11:26 GMT

GET
H2 200 b59_center.gif
i.bigmir.net/cnt/samples/diagonal/ 78 B
249 B 741ms
62ms Image
image/gif 193.239.71.100
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.bigmir.net/cnt/samples/diagonal/b59_center.gif
Requested by: Host: sumypost.com
URL: https://sumypost.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS: rs.img.com.ua
Software: nginx /
Resource Hash: 278a038fd510240f76a0b812d57f7cd0ee7ba7ec252ab960cdf1997c02cf0523

Request headers

Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 08:11:26 GMT
last-modified: Tue, 23 Jan 2007 13:14:28 GMT
server: nginx
etag: "45b60a34-4e"
content-type: image/gif
cache-control: max-age=259200
accept-ranges: bytes
content-length: 78
expires: Sat, 04 Sep 2021 08:11:26 GMT

GET
H2 200 b59_bottom.gif
i.bigmir.net/cnt/samples/diagonal/ 66 B
237 B 741ms
62ms Image
image/gif 193.239.71.100
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.bigmir.net/cnt/samples/diagonal/b59_bottom.gif
Requested by: Host: sumypost.com
URL: https://sumypost.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS: rs.img.com.ua
Software: nginx /
Resource Hash: 35703cfab4436ea19ad920b66165c2df1f54b9efbb5682ae9b374a2efb5a0575

Request headers

Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 08:11:26 GMT
last-modified: Tue, 23 Jan 2007 13:14:28 GMT
server: nginx
etag: "45b60a34-42"
content-type: image/gif
cache-control: max-age=259200
accept-ranges: bytes
content-length: 66
expires: Sat, 04 Sep 2021 08:11:26 GMT

GET
H2 200 telegram.png
sumypost.com/wp-content/themes/portal-base/img/ 4 KB
5 KB 49ms
49ms Image
image/png 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sumypost.com/wp-content/themes/portal-base/img/telegram.png
Requested by: Host: sumypost.com
URL: https://sumypost.com/wp-content/themes/portal-base/css/style.min.css?ver=1562154777
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 4fc26497d5f5db568e1a2f6248088e258fdd2b7641aaf932c55cec97602bb245

Request headers

:path: /wp-content/themes/portal-base/img/telegram.png
pragma: no-cache
cookie: b=b; s=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sumypost.com
referer: https://sumypost.com/wp-content/themes/portal-base/css/style.min.css?ver=1562154777
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/wp-content/themes/portal-base/css/style.min.css?ver=1562154777
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ray: p17866:0.013/wn688:0.000/
last-modified: Wed, 03 Jul 2019 11:52:57 GMT
server: nginx
etag: "5d1c9719-1167"
content-type: image/png
cache-control: max-age=604800
date: Wed, 01 Sep 2021 08:11:25 GMT
accept-ranges: bytes
content-length: 4455
expires: Wed, 08 Sep 2021 08:11:25 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E932 27 KB
11 KB 686ms
686ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9663262642527369&output=html&h=250&slotname=7596210885&adk=2477841802&adf=679629689&pi=t.ma~as.7596210885&w=312&fwrn=4&fwrnh=100&lmt=1630483885&rafmt=1&psa=0&format=312x250&url=https%3A%2F%2Fsumypost.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630483885204&bpp=2&bdt=287&idt=146&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&abxe=1&prev_fmts=644x280%2C644x280&correlator=8353453686495&frm=20&pv=1&ga_vid=18409832.1630483885&ga_sid=1630483885&ga_hid=2095080406&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=810&ady=3285&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062297&oid=3&pvsid=1091668884418934&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=j3FV9gYK0q&p=https%3A//sumypost.com&dtd=149

Requested by

Host: sumypost.com
URL: https://sumypost.com/wp-includes/js/jquery/jquery.js,qver=1.12.4-wp.pagespeed.jm.gp20iU5FlU.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d16e495895c5b485f0b7b0a1d19cb4ef22394aca9d308af88c7be73a95f75a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9663262642527369&output=html&h=250&slotname=7596210885&adk=2477841802&adf=679629689&pi=t.ma~as.7596210885&w=312&fwrn=4&fwrnh=100&lmt=1630483885&rafmt=1&psa=0&format=312x250&url=https%3A%2F%2Fsumypost.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630483885204&bpp=2&bdt=287&idt=146&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&abxe=1&prev_fmts=644x280%2C644x280&correlator=8353453686495&frm=20&pv=1&ga_vid=18409832.1630483885&ga_sid=1630483885&ga_hid=2095080406&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=810&ady=3285&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062297&oid=3&pvsid=1091668884418934&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=j3FV9gYK0q&p=https%3A//sumypost.com&dtd=149
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sumypost.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://sumypost.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 01 Sep 2021 08:11:26 GMT
server: cafe
content-length: 11554
x-xss-protection: 0
set-cookie: IDE=AHWqTUkrUzeSjTTesCAlOc3-oKC3uzqJ8TKyPh8HKKBM2KFQkABk151MKNWTrkZv1DA; expires=Mon, 26-Sep-2022 08:11:26 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 01 Sep 2021 08:11:26 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2857 27 KB
11 KB 561ms
561ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9663262642527369&output=html&h=250&slotname=7596210885&adk=2477841802&adf=3619793251&pi=t.ma~as.7596210885&w=312&fwrn=4&fwrnh=100&lmt=1630483885&rafmt=1&psa=0&format=312x250&url=https%3A%2F%2Fsumypost.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630483885206&bpp=1&bdt=288&idt=150&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&abxe=1&prev_fmts=644x280%2C644x280%2C312x250&correlator=8353453686495&frm=20&pv=1&ga_vid=18409832.1630483885&ga_sid=1630483885&ga_hid=2095080406&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1142&ady=3285&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062297&oid=3&pvsid=1091668884418934&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=B0AwJq9nZU&p=https%3A//sumypost.com&dtd=155

Requested by

Host: sumypost.com
URL: https://sumypost.com/wp-includes/js/jquery/jquery.js,qver=1.12.4-wp.pagespeed.jm.gp20iU5FlU.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b0c757eeca8a04ace037aabb99efb8cad0807f4761c94c8dd2134ad61640cb36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9663262642527369&output=html&h=250&slotname=7596210885&adk=2477841802&adf=3619793251&pi=t.ma~as.7596210885&w=312&fwrn=4&fwrnh=100&lmt=1630483885&rafmt=1&psa=0&format=312x250&url=https%3A%2F%2Fsumypost.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630483885206&bpp=1&bdt=288&idt=150&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&abxe=1&prev_fmts=644x280%2C644x280%2C312x250&correlator=8353453686495&frm=20&pv=1&ga_vid=18409832.1630483885&ga_sid=1630483885&ga_hid=2095080406&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1142&ady=3285&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062297&oid=3&pvsid=1091668884418934&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=B0AwJq9nZU&p=https%3A//sumypost.com&dtd=155
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sumypost.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://sumypost.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 01 Sep 2021 08:11:26 GMT
server: cafe
content-length: 11592
x-xss-protection: 0
set-cookie: IDE=AHWqTUmgL6izv2qleOaVghQ94uO7roSf4jNCY1nJpedERoXmUow2IxS5M8NP8mzD86M; expires=Mon, 26-Sep-2022 08:11:26 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 01 Sep 2021 08:11:26 GMT
cache-control: private

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 31ms
17ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=sumypost.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 01 Sep 2021 08:11:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 29ms
15ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=sumypost.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 01 Sep 2021 08:11:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B7C4 0
20 B 17ms
16ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9663262642527369&output=html&adk=1812271804&adf=3025194257&lmt=1630483885&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsumypost.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630483885536&bpp=1&bdt=619&idt=2&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&abxe=1&prev_fmts=644x280%2C644x280%2C312x250%2C312x250&nras=1&correlator=8353453686495&frm=20&pv=1&ga_vid=18409832.1630483885&ga_sid=1630483885&ga_hid=2095080406&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062297&oid=3&pvsid=1091668884418934&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&dtd=13

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9663262642527369&output=html&adk=1812271804&adf=3025194257&lmt=1630483885&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsumypost.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630483885536&bpp=1&bdt=619&idt=2&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&abxe=1&prev_fmts=644x280%2C644x280%2C312x250%2C312x250&nras=1&correlator=8353453686495&frm=20&pv=1&ga_vid=18409832.1630483885&ga_sid=1630483885&ga_hid=2095080406&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062297&oid=3&pvsid=1091668884418934&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&dtd=13
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sumypost.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://sumypost.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 01 Sep 2021 08:11:26 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUkhElGRsDYIPVrWe48Skb0nZUGOciKUAB0TMGc5_4OLYZpp2uPVlfn_EKOr; expires=Mon, 26-Sep-2022 08:11:26 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 01 Sep 2021 08:11:26 GMT
cache-control: private

GET
H2 200 transparent.png
tpc.googlesyndication.com/pagead/images/ Frame A2C9 67 B
550 B 42ms
6ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/transparent.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9663262642527369&output=html&h=280&slotname=7596210885&adk=2638584320&adf=1435561984&pi=t.ma~as.7596210885&w=644&fwrn=4&fwrnh=100&lmt=1630483885&rafmt=1&psa=0&format=644x280&url=https%3A%2F%2Fsumypost.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630483885203&bpp=1&bdt=286&idt=136&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&abxe=1&prev_fmts=644x280&correlator=8353453686495&frm=20&pv=1&ga_vid=18409832.1630483885&ga_sid=1630483885&ga_hid=2095080406&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=146&ady=1231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062297&oid=3&pvsid=1091668884418934&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ZBbbw94fkp&p=https%3A//sumypost.com&dtd=141

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 31 Aug 2021 18:28:17 GMT
x-content-type-options: nosniff
server: cafe
age: 49389
etag: 2462972746714251406
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
expires: Wed, 01 Sep 2021 18:28:17 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame DC63 6 KB
771 B 29ms
28ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9663262642527369&output=html&h=280&slotname=2706803759&adk=1686960007&adf=1637403657&pi=t.ma~as.2706803759&w=644&fwrn=4&fwrnh=100&lmt=1630483885&rafmt=1&psa=0&format=644x280&url=https%3A%2F%2Fsumypost.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630483885194&bpp=6&bdt=277&idt=112&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&abxe=1&correlator=8353453686495&frm=20&pv=2&ga_vid=18409832.1630483885&ga_sid=1630483885&ga_hid=2095080406&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=146&ady=331&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062297&oid=3&pvsid=1091668884418934&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=ES8IxVneum&p=https%3A//sumypost.com&dtd=131

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 07:32:05 GMT
server: ESF
date: Wed, 01 Sep 2021 08:11:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 01 Sep 2021 08:11:26 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/ Frame DC63 1 KB
1010 B 6ms
6ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 08:08:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 165
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 830
x-xss-protection: 0
server: cafe
etag: 3558876194914413708
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Sep 2021 08:08:41 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210830/r20110914/ Frame DC63 18 KB
7 KB 24ms
6ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210830/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 08:11:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7645
x-xss-protection: 0
server: cafe
etag: 13200147268341533873
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Sep 2021 08:11:11 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/ Frame DC63 2 KB
1 KB 24ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 08:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 174
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Sep 2021 08:08:32 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DC63 122 KB
37 KB 46ms
31ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc737a01a72ef54ff0decd38e4ada36dad376930b764cabfad012682cdc262ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 08:11:26 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630322985459792"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37796
x-xss-protection: 0
expires: Wed, 01 Sep 2021 08:11:26 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/ Frame DC63 14 KB
6 KB 24ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 08:07:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 247
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6183
x-xss-protection: 0
server: cafe
etag: 901432759052127119
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Sep 2021 08:07:19 GMT

GET
H3-29 200 bf370751b3c301aa27eddd739f5e1f7e.js Show response
www.gstatic.com/mysidia/ Frame DC63 26 KB
11 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/bf370751b3c301aa27eddd739f5e1f7e.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e12ca129385ec88177c0fb34c59fd33dd1cd5d4f6531eb1b0b44cab8c3167ac6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 16:33:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 315503
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10800
x-xss-protection: 0
last-modified: Tue, 24 Aug 2021 06:33:32 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 26 Nov 2021 16:33:03 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 15ms
14ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=2095080406&t=pageview&_s=1&dl=https%3A%2F%2Fsumypost.com%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A1%D1%83%D0%BC%20-%20The%20Sumy%20Post%20%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%7C%20The%20Sumy%20Post%20%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEABAAAAAC~&jid=1390841339&gjid=1326891072&cid=18409832.1630483885&tid=UA-55063711-1&_gid=1067179103.1630483886&_r=1&_slc=1&z=1491325732

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 08:11:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sumypost.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame DC63 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2780012909176580331/ Frame 7BFF 81 KB
18 KB 9ms
8ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2780012909176580331/index.html

Requested by

Host: sumypost.com
URL: https://sumypost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b65b70b1212961ac35c7cd7e69efda8cb5f3943821f9e36731359ba4df2fa07

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/2780012909176580331/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Sat, 28 Aug 2021 13:41:16 GMT
expires: Sun, 28 Aug 2022 13:41:16 GMT
last-modified: Sun, 18 Jul 2021 19:56:08 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
content-length: 18505
age: 325810
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame B43F 0
0 17ms
17ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C9azarTUvYeb4FaGLlQesw7VAtbr7jGDXruiK3g6J1v3fBRABINyvuSxglQKgAdeGs4cDyAEJqQI5Us9lG8yzPqgDAcgDSKoEswFP0CdzdZTEjOX-KNx4X7jSayQJLWs-wwIcxlmRii4JXLDGqv9WtCH9PCPK6KugGwEpfq7tIz3NYle04BYjDnVLTXty0nVvehCGmfqZZzYLdU3LdlKj6dc4PRlmE4MUOEfCKk7iLRlyO4eq3rVI456AV_6zhKloQpN8xX6Vg0UtguoQR1rSKWqlMom8aLwsiaCaUax6fhUWDkmjptHvkfu90wq7LkAV8ueQfjGYLKgwcPUhDsAExZi16fsBkgUECAQYAZIFBAgFGASgBi6AB5H5zHioB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4b2AcA8gcEEKaYB9IICQiA4YAQEAEYH4AKAcgLAdgTDdAVAYAXAbIXHAoaCAASFHB1Yi05NjYzMjYyNjQyNTI3MzY5GAA&sigh=0YmF8y3VJAk&template_id=419

Requested by

Host: sumypost.com
URL: https://sumypost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9663262642527369&output=html&h=280&slotname=7596210885&adk=2638584320&adf=1435561984&pi=t.ma~as.7596210885&w=644&fwrn=4&fwrnh=100&lmt=1630483885&rafmt=1&psa=0&format=644x280&url=https%3A%2F%2Fsumypost.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630483885203&bpp=1&bdt=286&idt=136&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&abxe=1&prev_fmts=644x280&correlator=8353453686495&frm=20&pv=1&ga_vid=18409832.1630483885&ga_sid=1630483885&ga_hid=2095080406&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=146&ady=1231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062297&oid=3&pvsid=1091668884418934&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ZBbbw94fkp&p=https%3A//sumypost.com&dtd=141
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 01 Sep 2021 08:11:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210830/r20110914/ Frame B43F 18 KB
7 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210830/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 08:11:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7645
x-xss-protection: 0
server: cafe
etag: 13200147268341533873
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Sep 2021 08:11:11 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/ Frame B43F 2 KB
1 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 08:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 174
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Sep 2021 08:08:32 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B43F 122 KB
37 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc737a01a72ef54ff0decd38e4ada36dad376930b764cabfad012682cdc262ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 08:11:26 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630322985459792"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37796
x-xss-protection: 0
expires: Wed, 01 Sep 2021 08:11:26 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/ Frame B43F 14 KB
6 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 08:07:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 247
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6183
x-xss-protection: 0
server: cafe
etag: 901432759052127119
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Sep 2021 08:07:19 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame DC63 0
0 23ms
17ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CaubqrTUvYa_iFIPk7_UP-faV2AmQu4T9Y8uU8LjKDr_hHhABINyvuSxglQKgAcevnN0DyAEJqQIFOO1Bms2zPqgDAcgDywSqBKkBT9CbnEzBeRJODg2QGg94TsGTur857pU0Tje0n5JvmRf2mrEYy30PhvNqxhdHuvE4tT1XV9XFt4BDp4ey7vD_j83dSrnm5wto6TRB5Y3sL7IKsepxiRii3vg6mGDMKlOebldgrBogKSmPbKwfNV3yAwXlNSiAEAHDRqOJFaAuL_nYFHApGioPVWqI-2IA2_IWe_EkcsvoJ2IL_ZjL4HapUx0ieetRGLKqb8AE2JnZh8MCkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB6HQ4yKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4b2AcA8gcEEKnyC9IICQiA4YAQEAEYH4AKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi05NjYzMjYyNjQyNTI3MzY5GAA&sigh=IlscCoklbwI&template_id=484

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9663262642527369&output=html&h=280&slotname=2706803759&adk=1686960007&adf=1637403657&pi=t.ma~as.2706803759&w=644&fwrn=4&fwrnh=100&lmt=1630483885&rafmt=1&psa=0&format=644x280&url=https%3A%2F%2Fsumypost.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630483885194&bpp=6&bdt=277&idt=112&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&abxe=1&correlator=8353453686495&frm=20&pv=2&ga_vid=18409832.1630483885&ga_sid=1630483885&ga_hid=2095080406&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=146&ady=331&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062297&oid=3&pvsid=1091668884418934&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=ES8IxVneum&p=https%3A//sumypost.com&dtd=131
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 01 Sep 2021 08:11:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
86 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-55063711-1&cid=18409832.1630483885&jid=1390841339&gjid=1326891072&_gid=1067179103.1630483886&_u=IAhAAEAAAAAAAC~&z=1324676005

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 01 Sep 2021 08:11:26 GMT
content-type: text/plain
access-control-allow-origin: https://sumypost.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3AE3 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9663262642527369&output=html&h=280&slotname=7596210885&adk=2638584320&adf=1435561984&pi=t.ma~as.7596210885&w=644&fwrn=4&fwrnh=100&lmt=1630483885&rafmt=1&psa=0&format=644x280&url=https%3A%2F%2Fsumypost.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630483885203&bpp=1&bdt=286&idt=136&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&abxe=1&prev_fmts=644x280&correlator=8353453686495&frm=20&pv=1&ga_vid=18409832.1630483885&ga_sid=1630483885&ga_hid=2095080406&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=146&ady=1231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062297&oid=3&pvsid=1091668884418934&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ZBbbw94fkp&p=https%3A//sumypost.com&dtd=141
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkhElGRsDYIPVrWe48Skb0nZUGOciKUAB0TMGc5_4OLYZpp2uPVlfn_EKOr
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9663262642527369&output=html&h=280&slotname=7596210885&adk=2638584320&adf=1435561984&pi=t.ma~as.7596210885&w=644&fwrn=4&fwrnh=100&lmt=1630483885&rafmt=1&psa=0&format=644x280&url=https%3A%2F%2Fsumypost.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630483885203&bpp=1&bdt=286&idt=136&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&abxe=1&prev_fmts=644x280&correlator=8353453686495&frm=20&pv=1&ga_vid=18409832.1630483885&ga_sid=1630483885&ga_hid=2095080406&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=146&ady=1231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062297&oid=3&pvsid=1091668884418934&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ZBbbw94fkp&p=https%3A//sumypost.com&dtd=141

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 01 Sep 2021 07:57:38 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 828
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/7833109229940213301/ Frame DC63 2 KB
2 KB 7ms
6ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7833109229940213301/downsize_200k_v1?w=200&h=200

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3aee3000e488f52ce882f5d920a732ec7ca99e21c229dac93050cd4bdb66af69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 22:01:02 GMT
x-content-type-options: nosniff
age: 295824
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2521
x-xss-protection: 0
last-modified: Mon, 13 Jan 2020 08:12:28 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Aug 2022 22:01:02 GMT

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/5773881844308305359/ Frame DC63 23 KB
23 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5773881844308305359/downsize_200k_v1?w=600&h=314

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98f4c164e0fab0d19e96a2485ccd17aad40c5419b56ca4da18d2da8ca94ca98d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 08:09:21 GMT
x-content-type-options: nosniff
age: 345725
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23683
x-xss-protection: 0
last-modified: Fri, 20 Aug 2021 08:05:02 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Aug 2022 08:09:21 GMT

GET
DATA 200
OK truncated
/ Frame DC63 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 804ee71e54762c10c5e5fe96a6be600358696a1fd1b5fc63edf3cf7afad391ec

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame DC63 15 KB
16 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 07:18:45 GMT
x-content-type-options: nosniff
age: 435161
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Aug 2022 07:18:45 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame DC63 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 16:32:47 GMT
x-content-type-options: nosniff
age: 315519
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Aug 2022 16:32:47 GMT

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 17ms
16ms Image
image/gif 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-55063711-1&cid=18409832.1630483885&jid=1390841339&_u=IAhAAEAAAAAAAC~&z=1699302601

Requested by

Host: sumypost.com
URL: https://sumypost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 08:11:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 18ms
18ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-55063711-1&cid=18409832.1630483885&jid=1390841339&_u=IAhAAEAAAAAAAC~&z=1699302601

Requested by

Host: sumypost.com
URL: https://sumypost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 08:11:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame B43F 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e71cfe677facfddffe82e94a45b0f2d3087d9fc2d73348a384ce0113da90d80

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 7BFF 16 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2780012909176580331/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 14:07:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65057
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 01 Sep 2021 14:07:09 GMT

GET
H2 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 7BFF 26 KB
10 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2780012909176580331/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 20:35:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41757
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 01 Sep 2021 20:35:29 GMT

GET
H2 200 3VBCxQMuFeflN3ldnXIT7YQtw8QPm-3IluxfpK8Vf0c.js Show response
pagead2.googlesyndication.com/bg/ Frame 01B7 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3VBCxQMuFeflN3ldnXIT7YQtw8QPm-3IluxfpK8Vf0c.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd5042c5032e15e7e537795d9d7213ed842dc3c40f9bedc896ec5fa4af157f47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 07:31:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2402
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13381
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 08:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Sep 2022 07:31:24 GMT

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3AE3
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
177 B

38ms
38ms

Document
text/html

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 01 Sep 2021 08:11:26 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Wed, 01-Sep-2021 09:11:26 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 01 Sep 2021 08:11:26 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 01 Sep 2021 08:11:26 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 3VBCxQMuFeflN3ldnXIT7YQtw8QPm-3IluxfpK8Vf0c.js Show response
pagead2.googlesyndication.com/bg/ Frame 7BFF 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3VBCxQMuFeflN3ldnXIT7YQtw8QPm-3IluxfpK8Vf0c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd5042c5032e15e7e537795d9d7213ed842dc3c40f9bedc896ec5fa4af157f47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 07:31:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2402
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13381
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 08:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Sep 2022 07:31:24 GMT

GET
H3-29 200 cta.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2780012909176580331/ Frame 7BFF 995 B
1021 B 8ms
7ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2780012909176580331/cta.png

Requested by

Host: sumypost.com
URL: https://sumypost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fba995d7e711d269f3ecf5933a6522b7a47060a01180494f7f31ea2a45942838

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 401260
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 995
x-xss-protection: 0
last-modified: Sun, 18 Jul 2021 19:56:08 GMT
server: sffe
date: Fri, 27 Aug 2021 16:43:46 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Aug 2022 16:43:46 GMT

GET
H3-29 200 text-1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2780012909176580331/ Frame 7BFF 12 KB
12 KB 9ms
9ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2780012909176580331/text-1.png

Requested by

Host: sumypost.com
URL: https://sumypost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f112cd7be7bb55857662ec56172772d6993b50291d6cf0a9baabd8de061e40b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 312755
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12434
x-xss-protection: 0
last-modified: Sun, 18 Jul 2021 19:56:08 GMT
server: sffe
date: Sat, 28 Aug 2021 17:18:51 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Aug 2022 17:18:51 GMT

GET
H3-29 200 produkte.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2780012909176580331/ Frame 7BFF 9 KB
9 KB 9ms
8ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2780012909176580331/produkte.png

Requested by

Host: sumypost.com
URL: https://sumypost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ea8680dd9e136d710fea4196a4f575a9d05c7cb2d3af64db70ebcb6d1cd0608

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 428726
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8863
x-xss-protection: 0
last-modified: Sun, 18 Jul 2021 19:56:08 GMT
server: sffe
date: Fri, 27 Aug 2021 09:06:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Aug 2022 09:06:00 GMT

GET
H3-29 200 bg.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2780012909176580331/ Frame 7BFF 28 KB
28 KB 11ms
10ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2780012909176580331/bg.jpg

Requested by

Host: sumypost.com
URL: https://sumypost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ad6909a6f063ffadeaf4b9758b769bc0cc2586f3cbe3c7bed97e4312c7d1799

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 61065
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28768
x-xss-protection: 0
last-modified: Sun, 18 Jul 2021 19:56:08 GMT
server: sffe
date: Tue, 31 Aug 2021 15:13:41 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 Aug 2022 15:13:41 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1644 0
0 18ms
18ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CMRkbrjUvYcb8CpjC7_UPiMad-AHPh46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTk2NjMyNjI2NDI1MjczNjnIAQmoAwGqBKcBT9AjvjhHH097uXcNO1ajZBVnHSJFmJgzh3jqim0qTVm6xmSEgZEL_C94nVj8UhlfiuuMxyXX0TgpQn29JQL_PciHY46YCULP01aY0H431EbVxV1C2X-dpZheeEoAF28ENMkqVgrJU-P6PDbkmrTsidiFH1ruOmDGju9g53v8zIoR747WcXWS7J3XT8MpaJsLyTbtt3DC4efk90iHoZityBL-2PCfRNaABpCl7O_hmIDO1wGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi05NjYzMjYyNjQyNTI3MzY5GAA&sigh=H97m_ATSU8A&tpd=AGWhJmvZNzznlL13DIR3-fLlZCTEgtEX5NetOZmpMfGJPbmaUrGJ0KfheVrA03hXKTJJmy6IRn2nXbJDmJgac32rzg4_wh5qSipjIJlUSMB5xFJKZyDA-pdjiav3Gc5bDTlmDiFzKGk3TazdXj-EqlrJYWOlh0GVbTdc8sUdV80hVQNNrNC31p77HSoTov3MkBAbEoZbLNceR3-hxtlYFbEWcENMqEAHKaTewAMm_YJQEShmeuOsszhnm9Ljg3Wg6oNjenZph1GESxPyNvY9mcxhiy3OKf3zy7_6TudRVxoFgcsUA4tGQrk7oSvw_YD2GGS5JFXvCic-bDMaZzkJmeKrIdweA1pUbvGf8SJkun9qGj25bBdya8jAi_569faOJzQujQMwJ-CbfFLt3fLKq-ALUn-H5wYpaP3lJo1-bjTpXEFgyhU5lhEStHn9yN-aPPzOHifJKVlQ4Tp3QzNe3Xc7g--PzVqLuQNFt8Cu8PJQMzVj0X4WXZ1xjnhGVLfCk7nLSkbgwMZE6qDH1QdTt6iZpAeRvbhJBNtKvoUEbIx03hxv5hn6xcbO9t-xw1tnrfngjVsX_IEPo7crucwO7bkAcRYadkIrlczBDW7h0jaTrYsvgtf4JgRmQJ8g6LUBuWlpI2T_Dl6FnPixq0xplwBLRZedzgAMHzQaERiN_fueHqy4kLoFSJ9cdjryt5fSYANRWOsaQW2W2pBpPrDa0nspEyuT7jzg2TnRvhxvn0cOxcaPNWHTKthh8DL5oSZohOxqv7lrRAlt-oPhebib7wXmqSgPv1L0PGECqtnhEZsfuJyJlOfCqbI21GUSVIEW5Ym1_MMapZEY6haFDVbls4xeXUQCLLlJEmAdQIXfaKAgltHnVb-aEkgvgvirk946ABlEhCzUT1ivhjsZZfmsUFmdQnRJXZS2PJ1bLNJ5t0yfsT_LSTqwPnZecOmrXY2tWOypTfCAJj--h6VQLIxr7GiU0zKatz-VUb3fvjAj3zyr4dtolKsmgaIlsxikb0fhjMQvRMTZqU5e5rtYnUvUU_Inm7RQGyHlCAI_5-yOCqtogf0BIwKm7qisGeGnfUnhkprvr1A

Requested by

Host: sumypost.com
URL: https://sumypost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9663262642527369&output=html&h=250&slotname=7596210885&adk=2477841802&adf=3619793251&pi=t.ma~as.7596210885&w=312&fwrn=4&fwrnh=100&lmt=1630483885&rafmt=1&psa=0&format=312x250&url=https%3A%2F%2Fsumypost.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630483885206&bpp=1&bdt=288&idt=150&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&abxe=1&prev_fmts=644x280%2C644x280%2C312x250&correlator=8353453686495&frm=20&pv=1&ga_vid=18409832.1630483885&ga_sid=1630483885&ga_hid=2095080406&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1142&ady=3285&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062297&oid=3&pvsid=1091668884418934&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=B0AwJq9nZU&p=https%3A//sumypost.com&dtd=155
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 01 Sep 2021 08:11:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK js Show response
tags.mathtag.com/notify/ Frame 1644 2 KB
2 KB 209ms
83ms Script
application/x-javascript 185.29.134.245
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTWpSbFpUWTFZakF0TkRoallTMWxZVFEzTFRBd01EQXRNREF3TURBd01EQXdNREF3LzYxOTMwMDY1OTE2MTM4MjU5MTYvNjYyMjMyNi80NTYyMzA2LzQvVk5HUC1tNkRnUUNLVVAyci1zajItWmRBNEc4WnZzb0hNX1poWEg4TTF0by8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC82MTkzMDA2NTkxNjEzODI1OTE2L3pyaC8wLzIyMS80Mi85OTkvNjYvMmEwMTo0Zjg6MTkyOjovMC4wMDAvMTYzMDQ4Mzg4Ni8xNjMwNDk2NDg2LzQvcHViLTk2NjMyNjI2NDI1MjczNjkv/zc7Ld12IubXu2hOj_VrhI71NU9Y&nodeid=1627&group=eu&auctionid=6193006591613825916&shardkey=6193006591613825916&sid=4562306&cid=6622326&bp=a_bgiccg&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.133.164&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDW4ErjUvYcb8CpjC7_UPiMad-AHPh46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTk2NjMyNjI2NDI1MjczNjnIAQmoAwGqBKoBT9AjvjhHH097uXcNO1ajZBVnHSJFmJgzh3jqim0qTVm6xmSEgZEL_C94nVj8UhlfiuuMxyXX0TgpQn29JQL_PciHY46YCULP01aY0H431EbVxV1C2X-dpZheeEoAF28ENMkqVgrJU-P6PDbkmrTsidiFH1ruOmDGju9g53v8zIoR747WcXWS7J3XT8MpaJsLyTbtt3CA4-p2W9gjphUJgLkmmF9vWcKVF-6ABpCl7O_hmIDO1wGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0rEGk78FKuyoDOmpvQCE07NLsrww%26client%3Dca-pub-9663262642527369%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9663262642527369&output=html&h=250&slotname=7596210885&adk=2477841802&adf=3619793251&pi=t.ma~as.7596210885&w=312&fwrn=4&fwrnh=100&lmt=1630483885&rafmt=1&psa=0&format=312x250&url=https%3A%2F%2Fsumypost.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630483885206&bpp=1&bdt=288&idt=150&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&abxe=1&prev_fmts=644x280%2C644x280%2C312x250&correlator=8353453686495&frm=20&pv=1&ga_vid=18409832.1630483885&ga_sid=1630483885&ga_hid=2095080406&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1142&ady=3285&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062297&oid=3&pvsid=1091668884418934&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=B0AwJq9nZU&p=https%3A//sumypost.com&dtd=155
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.204.0 /
Resource Hash: 3a5b681839a8ae8c14be05dd98f273a9f9abc5cec69cc008da69e486146a2c09

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 08:11:26 GMT
Content-Encoding: gzip
x-mm-bid-request-time: 1630483886
Last-Modified: Wed, 01 Sep 2021 08:11:26 GMT
Server: MMBD/3.204.0
x-mm-latency: 29 (12)
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
x-mm-dbg: Count
Cache-Control: no-cache
x-mm-host: cdg-router-x85, zrh-bidder-x138
Connection: close
Content-Type: application/x-javascript; charset=UTF-8
Expires: Wed, 01 Sep 2021 08:11:25 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/ Frame 1644 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9663262642527369&output=html&h=250&slotname=7596210885&adk=2477841802&adf=3619793251&pi=t.ma~as.7596210885&w=312&fwrn=4&fwrnh=100&lmt=1630483885&rafmt=1&psa=0&format=312x250&url=https%3A%2F%2Fsumypost.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630483885206&bpp=1&bdt=288&idt=150&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&abxe=1&prev_fmts=644x280%2C644x280%2C312x250&correlator=8353453686495&frm=20&pv=1&ga_vid=18409832.1630483885&ga_sid=1630483885&ga_hid=2095080406&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1142&ady=3285&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062297&oid=3&pvsid=1091668884418934&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=B0AwJq9nZU&p=https%3A//sumypost.com&dtd=155

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 08:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 174
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Sep 2021 08:08:32 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1644 122 KB
37 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc737a01a72ef54ff0decd38e4ada36dad376930b764cabfad012682cdc262ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 08:11:26 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630322985459792"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37796
x-xss-protection: 0
expires: Wed, 01 Sep 2021 08:11:26 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/ Frame 1644 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 08:07:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 247
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6183
x-xss-protection: 0
server: cafe
etag: 901432759052127119
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Sep 2021 08:07:19 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 1644 0
0 14ms
13ms Image
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSA98Zk6ukPb0F-EBGsPFy4bwGB5TQYiyd978BHavrN0buAgFNLtu4aHpuqLJLMqRvxiVpSwtwxOLYd3GbcDh09kH8ufw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9663262642527369&output=html&h=250&slotname=7596210885&adk=2477841802&adf=3619793251&pi=t.ma~as.7596210885&w=312&fwrn=4&fwrnh=100&lmt=1630483885&rafmt=1&psa=0&format=312x250&url=https%3A%2F%2Fsumypost.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630483885206&bpp=1&bdt=288&idt=150&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&abxe=1&prev_fmts=644x280%2C644x280%2C312x250&correlator=8353453686495&frm=20&pv=1&ga_vid=18409832.1630483885&ga_sid=1630483885&ga_hid=2095080406&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1142&ady=3285&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062297&oid=3&pvsid=1091668884418934&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=B0AwJq9nZU&p=https%3A//sumypost.com&dtd=155
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 98DD 0
0 18ms
17ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C3_WIrjUvYYzzCpWT7_UPwteN2ArPh46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTk2NjMyNjI2NDI1MjczNjnIAQmoAwGqBKQBT9A_gnlVj_GyrZ7PqjzkSBLqIA7uBRXivE0W2VE_biNi2B4fYedoODgLV_z_nhI4GzJlnI3QNwl9NSSv9_ot27j8y4OXSXVXz-D971g0gYMJiXY5fOtAZhILDIvmrf6kspe8KE9CMBomEKrI490w9fUAUP6amnqjcxGQ_AMfrnPvds3DXQASuD9AP2L3TpcoB_ER2x6Mqa49Vhy8fe6ZejjpckKABpCl7O_hmIDO1wGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi05NjYzMjYyNjQyNTI3MzY5GAA&sigh=F4dDEiuizog&tpd=AGWhJmtE66v_KzgUfW_tKsntZenJmS6Ac6dvTPEOkSz9yYs7j1Y6ZAHzPKyiGhvyGMueozgXWByhcbhPyp-BEIT1ST2wvC8LmJSeNg28wRl-pGYGfkiLvjDyrJ43PYCMWjXniUcF_bSOmX_D9300uWEJRCIuvrLaOI1FFQQmZn8Wv_Byz8t7t-gs0Nn9aII1wuL3xnq8Z3fbO8r3rmfK1VhF2nmfek97ll07JpYPQX682_DXLESSPY8gBRfCDCXFV3FiLz9E7CNOjWQsbxp1ERAL42vckQ2i5wzBj-_ZZoLTK94dsC63yYL4awP4RkZqucaj-Yi6SgJo9GsatY8vvuJRL31mB1fh2GA-STVIWb8Tu99yMOhzOtQvUFM6irA0oFiyHOqgy7ypGeQUrWdW_q-Umjc7DgEho1NhbQyAOhnC_3lkNREcu_zy3L2jiGZLk6B74aQyjNZjShFjmVt_P2CGIqIztWPnUfx4wxrZEyC0GsCD9LqIGITFoXfYmlW7EnQfOcOMT4Ef-1_m5PVrGUQWqHMhT4PYU6ATQn6wHoyUk_55WDRK_dg_pSZWbeyAR3viTDILpQ4jJJE1ZJ3J-NekxDPDv3cejX87_nd2HYao4pq0T3F-ttmhgq1dFlHXi8Tdt7c9wN8BFOTIKNIrHd-t_wo51mCjY2hOjnbJED_LTRvliUrlLJel4p8N-fgLbAtdy4VEvMJMjvi2fXY0Xap9Qn9BJRS95pV7LUo96NypDxVhdX6xksIVsot6lHa7DSkogDU7S9HzmpHRxf46Dh67uhzJr42nSsfddtkVGvNuU9rPZZyJodtJjWptkFiYqHCDRt9iuH0U6TCeQ3yEuLq7X10hTD8RhOiI-4FJ2OxIvXF5onBHNL2hh8x3pZniF4Ca52Lfwk0xODCch7HLSEVkyWHwyYgyaJr50p6---6BnYASi1z1GlPTkdAppfm986ECKBcMpiOUu9wQtRqao0qZr0CkUd6YfQGpNpv9YfEc5DEGbstgAYvWRx6NA6Dohs2UOgr1nQ_GiSJtxH67Z1Xj0dw6dEQH1YvSuH4hlVi2phdEJEmWs8bgV8HhGahpw-qkfrXT

Requested by

Host: sumypost.com
URL: https://sumypost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9663262642527369&output=html&h=250&slotname=7596210885&adk=2477841802&adf=679629689&pi=t.ma~as.7596210885&w=312&fwrn=4&fwrnh=100&lmt=1630483885&rafmt=1&psa=0&format=312x250&url=https%3A%2F%2Fsumypost.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630483885204&bpp=2&bdt=287&idt=146&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&abxe=1&prev_fmts=644x280%2C644x280&correlator=8353453686495&frm=20&pv=1&ga_vid=18409832.1630483885&ga_sid=1630483885&ga_hid=2095080406&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=810&ady=3285&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062297&oid=3&pvsid=1091668884418934&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=j3FV9gYK0q&p=https%3A//sumypost.com&dtd=149
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 01 Sep 2021 08:11:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK js Show response
tags.mathtag.com/notify/ Frame 98DD 2 KB
2 KB 170ms
58ms Script
application/x-javascript 185.29.134.245
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTXpnNE1HWmlaV010TVRZNE5TMWtaVEE0TFRBd01EQXRNREF3TURBd01EQXdNREF3LzYxOTMwMDY1ODgzOTI0MTM3MDAvNjYyMjMyNi80NTYyMzA2LzQvVk5HUC1tNkRnUUNLVVAyci1zajItUTM0RWY0ZmxwMFlsYU1sNXA1ZFF0OC8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC82MTkzMDA2NTg4MzkyNDEzNzAwL2Ftcy8wLzIyMS80Mi85OTkvMzIyLzJhMDE6NGY4OjE5Mjo6LzAuMDAwLzE2MzA0ODM4ODYvMTYzMDQ5NjQ4Ni80L3B1Yi05NjYzMjYyNjQyNTI3MzY5Lw/h2ifgo4sudSJCXZs98clE55X51g&nodeid=1604&group=eu&auctionid=6193006588392413700&shardkey=6193006588392413700&sid=4562306&cid=6622326&bp=a_bgiccg&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.60&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgGECrjUvYYzzCpWT7_UPwteN2ArPh46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTk2NjMyNjI2NDI1MjczNjnIAQmoAwGqBKcBT9A_gnlVj_GyrZ7PqjzkSBLqIA7uBRXivE0W2VE_biNi2B4fYedoODgLV_z_nhI4GzJlnI3QNwl9NSSv9_ot27j8y4OXSXVXz-D971g0gYMJiXY5fOtAZhILDIvmrf6kspe8KE9CMBomEKrI490w9fUAUP6amnqjcxGQ_AMfrnPvds3DXQASuD9AP2L3TpcoB_FT2RMeBT6ZUZEYNUVBOpcZb1aFIAmABpCl7O_hmIDO1wGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1_89OaXPFu7YdDRET8N_3NOpdVJg%26client%3Dca-pub-9663262642527369%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9663262642527369&output=html&h=250&slotname=7596210885&adk=2477841802&adf=679629689&pi=t.ma~as.7596210885&w=312&fwrn=4&fwrnh=100&lmt=1630483885&rafmt=1&psa=0&format=312x250&url=https%3A%2F%2Fsumypost.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630483885204&bpp=2&bdt=287&idt=146&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&abxe=1&prev_fmts=644x280%2C644x280&correlator=8353453686495&frm=20&pv=1&ga_vid=18409832.1630483885&ga_sid=1630483885&ga_hid=2095080406&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=810&ady=3285&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062297&oid=3&pvsid=1091668884418934&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=j3FV9gYK0q&p=https%3A//sumypost.com&dtd=149
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.204.0 /
Resource Hash: d2b7ca1b0a04b545951a1e251b7b82b423738c7ca357a1c5b7e173ec2b835062

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 08:11:26 GMT
Content-Encoding: gzip
x-mm-bid-request-time: 1630483886
Last-Modified: Wed, 01 Sep 2021 08:11:26 GMT
Server: MMBD/3.204.0
x-mm-latency: 2 (2)
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
x-mm-dbg: Count
Cache-Control: no-cache
x-mm-host: cdg-router-x90, cdg-bidder-x131
Connection: close
Content-Type: application/x-javascript; charset=UTF-8
Expires: Wed, 01 Sep 2021 08:11:25 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/ Frame 98DD 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9663262642527369&output=html&h=250&slotname=7596210885&adk=2477841802&adf=679629689&pi=t.ma~as.7596210885&w=312&fwrn=4&fwrnh=100&lmt=1630483885&rafmt=1&psa=0&format=312x250&url=https%3A%2F%2Fsumypost.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630483885204&bpp=2&bdt=287&idt=146&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&abxe=1&prev_fmts=644x280%2C644x280&correlator=8353453686495&frm=20&pv=1&ga_vid=18409832.1630483885&ga_sid=1630483885&ga_hid=2095080406&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=810&ady=3285&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062297&oid=3&pvsid=1091668884418934&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=j3FV9gYK0q&p=https%3A//sumypost.com&dtd=149

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 08:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 174
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Sep 2021 08:08:32 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 98DD 122 KB
37 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9663262642527369&output=html&h=250&slotname=7596210885&adk=2477841802&adf=679629689&pi=t.ma~as.7596210885&w=312&fwrn=4&fwrnh=100&lmt=1630483885&rafmt=1&psa=0&format=312x250&url=https%3A%2F%2Fsumypost.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630483885204&bpp=2&bdt=287&idt=146&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&abxe=1&prev_fmts=644x280%2C644x280&correlator=8353453686495&frm=20&pv=1&ga_vid=18409832.1630483885&ga_sid=1630483885&ga_hid=2095080406&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=810&ady=3285&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062297&oid=3&pvsid=1091668884418934&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=j3FV9gYK0q&p=https%3A//sumypost.com&dtd=149

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc737a01a72ef54ff0decd38e4ada36dad376930b764cabfad012682cdc262ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 08:11:26 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630322985459792"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37796
x-xss-protection: 0
expires: Wed, 01 Sep 2021 08:11:26 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/ Frame 98DD 14 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9663262642527369&output=html&h=250&slotname=7596210885&adk=2477841802&adf=679629689&pi=t.ma~as.7596210885&w=312&fwrn=4&fwrnh=100&lmt=1630483885&rafmt=1&psa=0&format=312x250&url=https%3A%2F%2Fsumypost.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630483885204&bpp=2&bdt=287&idt=146&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&abxe=1&prev_fmts=644x280%2C644x280&correlator=8353453686495&frm=20&pv=1&ga_vid=18409832.1630483885&ga_sid=1630483885&ga_hid=2095080406&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=810&ady=3285&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062297&oid=3&pvsid=1091668884418934&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=j3FV9gYK0q&p=https%3A//sumypost.com&dtd=149

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 08:07:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 247
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6183
x-xss-protection: 0
server: cafe
etag: 901432759052127119
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Sep 2021 08:07:19 GMT

GET
H/1.1 200
OK 01qrvgnrrbds Show response
hal9000.redintelligence.net/zone/ Frame 1644 10 KB
3 KB 168ms
55ms Script
text/html 138.201.84.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/01qrvgnrrbds?subid=&gdpr=1&gdpr_consent=li&rnd=6193006591613825916&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D6193006591613825916%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D70d1612f-35ae-4901-9061-35cc9c14db34%26mt_cid%3D70d1612f-35ae-4901-9061-35cc9c14db34%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCDW4ErjUvYcb8CpjC7_UPiMad-AHPh46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTk2NjMyNjI2NDI1MjczNjnIAQmoAwGqBKoBT9AjvjhHH097uXcNO1ajZBVnHSJFmJgzh3jqim0qTVm6xmSEgZEL_C94nVj8UhlfiuuMxyXX0TgpQn29JQL_PciHY46YCULP01aY0H431EbVxV1C2X-dpZheeEoAF28ENMkqVgrJU-P6PDbkmrTsidiFH1ruOmDGju9g53v8zIoR747WcXWS7J3XT8MpaJsLyTbtt3CA4-p2W9gjphUJgLkmmF9vWcKVF-6ABpCl7O_hmIDO1wGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0rEGk78FKuyoDOmpvQCE07NLsrww%2526client%253Dca-pub-9663262642527369%2526adurl%253D%26redirect%3D
Requested by: Host: sumypost.com
URL: https://sumypost.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.245.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 57f40f794a2dbae477d317e0f57cb6691f0018f70ff0b2fbd40b3fd226b7794c

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 08:11:27 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3248
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ck-confirm
tags.mathtag.com/ Frame 1644 49 B
330 B 213ms
93ms Image
image/gif 185.29.134.245
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/ck-confirm?bid_id=6193006591613825916&node_id=1627&exch_id=4
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTWpSbFpUWTFZakF0TkRoallTMWxZVFEzTFRBd01EQXRNREF3TURBd01EQXdNREF3LzYxOTMwMDY1OTE2MTM4MjU5MTYvNjYyMjMyNi80NTYyMzA2LzQvVk5HUC1tNkRnUUNLVVAyci1zajItWmRBNEc4WnZzb0hNX1poWEg4TTF0by8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC82MTkzMDA2NTkxNjEzODI1OTE2L3pyaC8wLzIyMS80Mi85OTkvNjYvMmEwMTo0Zjg6MTkyOjovMC4wMDAvMTYzMDQ4Mzg4Ni8xNjMwNDk2NDg2LzQvcHViLTk2NjMyNjI2NDI1MjczNjkv/zc7Ld12IubXu2hOj_VrhI71NU9Y&nodeid=1627&group=eu&auctionid=6193006591613825916&shardkey=6193006591613825916&sid=4562306&cid=6622326&bp=a_bgiccg&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.133.164&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDW4ErjUvYcb8CpjC7_UPiMad-AHPh46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTk2NjMyNjI2NDI1MjczNjnIAQmoAwGqBKoBT9AjvjhHH097uXcNO1ajZBVnHSJFmJgzh3jqim0qTVm6xmSEgZEL_C94nVj8UhlfiuuMxyXX0TgpQn29JQL_PciHY46YCULP01aY0H431EbVxV1C2X-dpZheeEoAF28ENMkqVgrJU-P6PDbkmrTsidiFH1ruOmDGju9g53v8zIoR747WcXWS7J3XT8MpaJsLyTbtt3CA4-p2W9gjphUJgLkmmF9vWcKVF-6ABpCl7O_hmIDO1wGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0rEGk78FKuyoDOmpvQCE07NLsrww%26client%3Dca-pub-9663262642527369%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.204.0 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 08:11:27 GMT
Server: MMBD/3.204.0
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: cdg-router-x52, zrh-bidder-x138
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Wed, 01 Sep 2021 08:11:26 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame 1644 43 B
360 B 210ms
85ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=6193006591613825916&v3=651871&v4=4562306&v5=6622326&mt_nsync=1&no_attr=1
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTWpSbFpUWTFZakF0TkRoallTMWxZVFEzTFRBd01EQXRNREF3TURBd01EQXdNREF3LzYxOTMwMDY1OTE2MTM4MjU5MTYvNjYyMjMyNi80NTYyMzA2LzQvVk5HUC1tNkRnUUNLVVAyci1zajItWmRBNEc4WnZzb0hNX1poWEg4TTF0by8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC82MTkzMDA2NTkxNjEzODI1OTE2L3pyaC8wLzIyMS80Mi85OTkvNjYvMmEwMTo0Zjg6MTkyOjovMC4wMDAvMTYzMDQ4Mzg4Ni8xNjMwNDk2NDg2LzQvcHViLTk2NjMyNjI2NDI1MjczNjkv/zc7Ld12IubXu2hOj_VrhI71NU9Y&nodeid=1627&group=eu&auctionid=6193006591613825916&shardkey=6193006591613825916&sid=4562306&cid=6622326&bp=a_bgiccg&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.133.164&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDW4ErjUvYcb8CpjC7_UPiMad-AHPh46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTk2NjMyNjI2NDI1MjczNjnIAQmoAwGqBKoBT9AjvjhHH097uXcNO1ajZBVnHSJFmJgzh3jqim0qTVm6xmSEgZEL_C94nVj8UhlfiuuMxyXX0TgpQn29JQL_PciHY46YCULP01aY0H431EbVxV1C2X-dpZheeEoAF28ENMkqVgrJU-P6PDbkmrTsidiFH1ruOmDGju9g53v8zIoR747WcXWS7J3XT8MpaJsLyTbtt3CA4-p2W9gjphUJgLkmmF9vWcKVF-6ABpCl7O_hmIDO1wGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0rEGk78FKuyoDOmpvQCE07NLsrww%26client%3Dca-pub-9663262642527369%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 3865 cc0e612 master cdg-pixel-x26 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 08:11:27 GMT
Server: MT3 3865 cc0e612 master cdg-pixel-x26
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 01 Sep 2021 08:11:26 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame 1644 49 B
330 B 216ms
93ms Image
image/gif 185.29.134.245
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=6193006591613825916&st=4562306&time=1630483886&nodeid=1627
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTWpSbFpUWTFZakF0TkRoallTMWxZVFEzTFRBd01EQXRNREF3TURBd01EQXdNREF3LzYxOTMwMDY1OTE2MTM4MjU5MTYvNjYyMjMyNi80NTYyMzA2LzQvVk5HUC1tNkRnUUNLVVAyci1zajItWmRBNEc4WnZzb0hNX1poWEg4TTF0by8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC82MTkzMDA2NTkxNjEzODI1OTE2L3pyaC8wLzIyMS80Mi85OTkvNjYvMmEwMTo0Zjg6MTkyOjovMC4wMDAvMTYzMDQ4Mzg4Ni8xNjMwNDk2NDg2LzQvcHViLTk2NjMyNjI2NDI1MjczNjkv/zc7Ld12IubXu2hOj_VrhI71NU9Y&nodeid=1627&group=eu&auctionid=6193006591613825916&shardkey=6193006591613825916&sid=4562306&cid=6622326&bp=a_bgiccg&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.133.164&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDW4ErjUvYcb8CpjC7_UPiMad-AHPh46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTk2NjMyNjI2NDI1MjczNjnIAQmoAwGqBKoBT9AjvjhHH097uXcNO1ajZBVnHSJFmJgzh3jqim0qTVm6xmSEgZEL_C94nVj8UhlfiuuMxyXX0TgpQn29JQL_PciHY46YCULP01aY0H431EbVxV1C2X-dpZheeEoAF28ENMkqVgrJU-P6PDbkmrTsidiFH1ruOmDGju9g53v8zIoR747WcXWS7J3XT8MpaJsLyTbtt3CA4-p2W9gjphUJgLkmmF9vWcKVF-6ABpCl7O_hmIDO1wGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0rEGk78FKuyoDOmpvQCE07NLsrww%26client%3Dca-pub-9663262642527369%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.204.0 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 08:11:27 GMT
Server: MMBD/3.204.0
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: cdg-router-x95, zrh-bidder-x138
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Wed, 01 Sep 2021 08:11:26 GMT

GET
H/1.1 200
OK 01qrvgnrrbds Show response
hal9000.redintelligence.net/zone/ Frame 98DD 10 KB
3 KB 151ms
51ms Script
text/html 138.201.84.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/01qrvgnrrbds?subid=&gdpr=1&gdpr_consent=li&rnd=6193006588392413700&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D6193006588392413700%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D4811612f-35ae-4001-8af5-889ea3332f65%26mt_cid%3D4811612f-35ae-4001-8af5-889ea3332f65%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCgGECrjUvYYzzCpWT7_UPwteN2ArPh46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTk2NjMyNjI2NDI1MjczNjnIAQmoAwGqBKcBT9A_gnlVj_GyrZ7PqjzkSBLqIA7uBRXivE0W2VE_biNi2B4fYedoODgLV_z_nhI4GzJlnI3QNwl9NSSv9_ot27j8y4OXSXVXz-D971g0gYMJiXY5fOtAZhILDIvmrf6kspe8KE9CMBomEKrI490w9fUAUP6amnqjcxGQ_AMfrnPvds3DXQASuD9AP2L3TpcoB_FT2RMeBT6ZUZEYNUVBOpcZb1aFIAmABpCl7O_hmIDO1wGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1_89OaXPFu7YdDRET8N_3NOpdVJg%2526client%253Dca-pub-9663262642527369%2526adurl%253D%26redirect%3D
Requested by: Host: sumypost.com
URL: https://sumypost.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.245.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 91ec054c8ecd2fa1429f62221598a26f3cf2ee4308f76fa48cd352a9cf9d03fc

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 08:11:27 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3247
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ck-confirm
tags.mathtag.com/ Frame 98DD 49 B
330 B 135ms
61ms Image
image/gif 185.29.134.245
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/ck-confirm?bid_id=6193006588392413700&node_id=1604&exch_id=4
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTXpnNE1HWmlaV010TVRZNE5TMWtaVEE0TFRBd01EQXRNREF3TURBd01EQXdNREF3LzYxOTMwMDY1ODgzOTI0MTM3MDAvNjYyMjMyNi80NTYyMzA2LzQvVk5HUC1tNkRnUUNLVVAyci1zajItUTM0RWY0ZmxwMFlsYU1sNXA1ZFF0OC8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC82MTkzMDA2NTg4MzkyNDEzNzAwL2Ftcy8wLzIyMS80Mi85OTkvMzIyLzJhMDE6NGY4OjE5Mjo6LzAuMDAwLzE2MzA0ODM4ODYvMTYzMDQ5NjQ4Ni80L3B1Yi05NjYzMjYyNjQyNTI3MzY5Lw/h2ifgo4sudSJCXZs98clE55X51g&nodeid=1604&group=eu&auctionid=6193006588392413700&shardkey=6193006588392413700&sid=4562306&cid=6622326&bp=a_bgiccg&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.60&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgGECrjUvYYzzCpWT7_UPwteN2ArPh46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTk2NjMyNjI2NDI1MjczNjnIAQmoAwGqBKcBT9A_gnlVj_GyrZ7PqjzkSBLqIA7uBRXivE0W2VE_biNi2B4fYedoODgLV_z_nhI4GzJlnI3QNwl9NSSv9_ot27j8y4OXSXVXz-D971g0gYMJiXY5fOtAZhILDIvmrf6kspe8KE9CMBomEKrI490w9fUAUP6amnqjcxGQ_AMfrnPvds3DXQASuD9AP2L3TpcoB_FT2RMeBT6ZUZEYNUVBOpcZb1aFIAmABpCl7O_hmIDO1wGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1_89OaXPFu7YdDRET8N_3NOpdVJg%26client%3Dca-pub-9663262642527369%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.204.0 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 08:11:27 GMT
Server: MMBD/3.204.0
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: cdg-router-x51, cdg-bidder-x131
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Wed, 01 Sep 2021 08:11:26 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame 98DD 43 B
360 B 206ms
80ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=6193006588392413700&v3=651871&v4=4562306&v5=6622326&mt_nsync=1&no_attr=1
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTXpnNE1HWmlaV010TVRZNE5TMWtaVEE0TFRBd01EQXRNREF3TURBd01EQXdNREF3LzYxOTMwMDY1ODgzOTI0MTM3MDAvNjYyMjMyNi80NTYyMzA2LzQvVk5HUC1tNkRnUUNLVVAyci1zajItUTM0RWY0ZmxwMFlsYU1sNXA1ZFF0OC8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC82MTkzMDA2NTg4MzkyNDEzNzAwL2Ftcy8wLzIyMS80Mi85OTkvMzIyLzJhMDE6NGY4OjE5Mjo6LzAuMDAwLzE2MzA0ODM4ODYvMTYzMDQ5NjQ4Ni80L3B1Yi05NjYzMjYyNjQyNTI3MzY5Lw/h2ifgo4sudSJCXZs98clE55X51g&nodeid=1604&group=eu&auctionid=6193006588392413700&shardkey=6193006588392413700&sid=4562306&cid=6622326&bp=a_bgiccg&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.60&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgGECrjUvYYzzCpWT7_UPwteN2ArPh46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTk2NjMyNjI2NDI1MjczNjnIAQmoAwGqBKcBT9A_gnlVj_GyrZ7PqjzkSBLqIA7uBRXivE0W2VE_biNi2B4fYedoODgLV_z_nhI4GzJlnI3QNwl9NSSv9_ot27j8y4OXSXVXz-D971g0gYMJiXY5fOtAZhILDIvmrf6kspe8KE9CMBomEKrI490w9fUAUP6amnqjcxGQ_AMfrnPvds3DXQASuD9AP2L3TpcoB_FT2RMeBT6ZUZEYNUVBOpcZb1aFIAmABpCl7O_hmIDO1wGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1_89OaXPFu7YdDRET8N_3NOpdVJg%26client%3Dca-pub-9663262642527369%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 3865 cc0e612 master cdg-pixel-x27 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 08:11:27 GMT
Server: MT3 3865 cc0e612 master cdg-pixel-x27
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 01 Sep 2021 08:11:26 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame 98DD 49 B
330 B 176ms
61ms Image
image/gif 185.29.134.245
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=6193006588392413700&st=4562306&time=1630483886&nodeid=1604
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTXpnNE1HWmlaV010TVRZNE5TMWtaVEE0TFRBd01EQXRNREF3TURBd01EQXdNREF3LzYxOTMwMDY1ODgzOTI0MTM3MDAvNjYyMjMyNi80NTYyMzA2LzQvVk5HUC1tNkRnUUNLVVAyci1zajItUTM0RWY0ZmxwMFlsYU1sNXA1ZFF0OC8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC82MTkzMDA2NTg4MzkyNDEzNzAwL2Ftcy8wLzIyMS80Mi85OTkvMzIyLzJhMDE6NGY4OjE5Mjo6LzAuMDAwLzE2MzA0ODM4ODYvMTYzMDQ5NjQ4Ni80L3B1Yi05NjYzMjYyNjQyNTI3MzY5Lw/h2ifgo4sudSJCXZs98clE55X51g&nodeid=1604&group=eu&auctionid=6193006588392413700&shardkey=6193006588392413700&sid=4562306&cid=6622326&bp=a_bgiccg&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.60&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgGECrjUvYYzzCpWT7_UPwteN2ArPh46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTk2NjMyNjI2NDI1MjczNjnIAQmoAwGqBKcBT9A_gnlVj_GyrZ7PqjzkSBLqIA7uBRXivE0W2VE_biNi2B4fYedoODgLV_z_nhI4GzJlnI3QNwl9NSSv9_ot27j8y4OXSXVXz-D971g0gYMJiXY5fOtAZhILDIvmrf6kspe8KE9CMBomEKrI490w9fUAUP6amnqjcxGQ_AMfrnPvds3DXQASuD9AP2L3TpcoB_FT2RMeBT6ZUZEYNUVBOpcZb1aFIAmABpCl7O_hmIDO1wGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1_89OaXPFu7YdDRET8N_3NOpdVJg%26client%3Dca-pub-9663262642527369%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.204.0 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 08:11:27 GMT
Server: MMBD/3.204.0
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: cdg-router-x39, cdg-bidder-x131
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Wed, 01 Sep 2021 08:11:26 GMT

GET
H/1.1 200
OK request.php Show response
hal900018.redintelligence.net/ Frame 1644 0
394 B 233ms
122ms Script
application/x-javascript 144.76.91.199
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900018.redintelligence.net/request.php?zone=01qrvgnrrbds&nw=20&renderingType=javascript&namespace=e732e17d23&subid=&uid=91c8df8049e7823b&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D6193006591613825916%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D70d1612f-35ae-4901-9061-35cc9c14db34%26mt_cid%3D70d1612f-35ae-4901-9061-35cc9c14db34%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCDW4ErjUvYcb8CpjC7_UPiMad-AHPh46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTk2NjMyNjI2NDI1MjczNjnIAQmoAwGqBKoBT9AjvjhHH097uXcNO1ajZBVnHSJFmJgzh3jqim0qTVm6xmSEgZEL_C94nVj8UhlfiuuMxyXX0TgpQn29JQL_PciHY46YCULP01aY0H431EbVxV1C2X-dpZheeEoAF28ENMkqVgrJU-P6PDbkmrTsidiFH1ruOmDGju9g53v8zIoR747WcXWS7J3XT8MpaJsLyTbtt3CA4-p2W9gjphUJgLkmmF9vWcKVF-6ABpCl7O_hmIDO1wGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0rEGk78FKuyoDOmpvQCE07NLsrww%2526client%253Dca-pub-9663262642527369%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-9663262642527369%26output%3Dhtml%26h%3D250%26slotname%3D7596210885%26adk%3D2477841802%26adf%3D3619793251%26pi%3Dt.ma~as.7596210885%26w%3D312%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1630483885%26rafmt%3D1%26psa%3D0%26format%3D312x250%26url%3Dhttps%253A%252F%252Fsumypost.com%252F%26flash%3D0%26fwr%3D0%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..%26dt%3D1630483885206%26bpp%3D1%26bdt%3D288%26idt%3D150%26shv%3Dr20210830%26mjsv%3Dm202108310101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D644x280%252C644x280%252C312x250%26correlator%3D8353453686495%26frm%3D20%26pv%3D1%26ga_vid%3D18409832.1630483885%26ga_sid%3D1630483885%26ga_hid%3D2095080406%26ga_fc%3D0%26u_tz%3D120%26u_his%3D2%26u_java%3D0%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_nplug%3D0%26u_nmime%3D0%26adx%3D1142%26ady%3D3285%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44747621%252C31062297%26oid%3D3%26pvsid%3D1091668884418934%26eae%3D0%26fc%3D640%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257ClEbr%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26ifi%3D4%26uci%3Da!4%26btvi%3D3%26fsb%3D1%26xpc%3DB0AwJq9nZU%26p%3Dhttps%253A%2F%2Fsumypost.com%26dtd%3D155&ancestorOrigins=null&random=6976059972277&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/01qrvgnrrbds?subid=&gdpr=1&gdpr_consent=li&rnd=6193006591613825916&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D6193006591613825916%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D70d1612f-35ae-4901-9061-35cc9c14db34%26mt_cid%3D70d1612f-35ae-4901-9061-35cc9c14db34%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCDW4ErjUvYcb8CpjC7_UPiMad-AHPh46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTk2NjMyNjI2NDI1MjczNjnIAQmoAwGqBKoBT9AjvjhHH097uXcNO1ajZBVnHSJFmJgzh3jqim0qTVm6xmSEgZEL_C94nVj8UhlfiuuMxyXX0TgpQn29JQL_PciHY46YCULP01aY0H431EbVxV1C2X-dpZheeEoAF28ENMkqVgrJU-P6PDbkmrTsidiFH1ruOmDGju9g53v8zIoR747WcXWS7J3XT8MpaJsLyTbtt3CA4-p2W9gjphUJgLkmmF9vWcKVF-6ABpCl7O_hmIDO1wGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0rEGk78FKuyoDOmpvQCE07NLsrww%2526client%253Dca-pub-9663262642527369%2526adurl%253D%26redirect%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.199.91.76.144.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 08:11:27 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 88672200047087700951393011704018
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 0
Expires: Wed, 01 Sep 2021 09:11:27 +0200

GET
H/1.1 200
OK request.php Show response
hal900013.redintelligence.net/ Frame 98DD 0
394 B 206ms
106ms Script
application/x-javascript 116.202.48.214
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900013.redintelligence.net/request.php?zone=01qrvgnrrbds&nw=20&renderingType=javascript&namespace=2da16721b9&subid=&uid=7df4276e3261d262&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D6193006588392413700%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D4811612f-35ae-4001-8af5-889ea3332f65%26mt_cid%3D4811612f-35ae-4001-8af5-889ea3332f65%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCgGECrjUvYYzzCpWT7_UPwteN2ArPh46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTk2NjMyNjI2NDI1MjczNjnIAQmoAwGqBKcBT9A_gnlVj_GyrZ7PqjzkSBLqIA7uBRXivE0W2VE_biNi2B4fYedoODgLV_z_nhI4GzJlnI3QNwl9NSSv9_ot27j8y4OXSXVXz-D971g0gYMJiXY5fOtAZhILDIvmrf6kspe8KE9CMBomEKrI490w9fUAUP6amnqjcxGQ_AMfrnPvds3DXQASuD9AP2L3TpcoB_FT2RMeBT6ZUZEYNUVBOpcZb1aFIAmABpCl7O_hmIDO1wGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1_89OaXPFu7YdDRET8N_3NOpdVJg%2526client%253Dca-pub-9663262642527369%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-9663262642527369%26output%3Dhtml%26h%3D250%26slotname%3D7596210885%26adk%3D2477841802%26adf%3D679629689%26pi%3Dt.ma~as.7596210885%26w%3D312%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1630483885%26rafmt%3D1%26psa%3D0%26format%3D312x250%26url%3Dhttps%253A%252F%252Fsumypost.com%252F%26flash%3D0%26fwr%3D0%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..%26dt%3D1630483885204%26bpp%3D2%26bdt%3D287%26idt%3D146%26shv%3Dr20210830%26mjsv%3Dm202108310101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D644x280%252C644x280%26correlator%3D8353453686495%26frm%3D20%26pv%3D1%26ga_vid%3D18409832.1630483885%26ga_sid%3D1630483885%26ga_hid%3D2095080406%26ga_fc%3D0%26u_tz%3D120%26u_his%3D2%26u_java%3D0%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_nplug%3D0%26u_nmime%3D0%26adx%3D810%26ady%3D3285%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44747621%252C31062297%26oid%3D3%26pvsid%3D1091668884418934%26eae%3D0%26fc%3D640%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257ClEbr%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26ifi%3D3%26uci%3Da!3%26btvi%3D2%26fsb%3D1%26xpc%3Dj3FV9gYK0q%26p%3Dhttps%253A%2F%2Fsumypost.com%26dtd%3D149&ancestorOrigins=null&random=6880482415994&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/01qrvgnrrbds?subid=&gdpr=1&gdpr_consent=li&rnd=6193006588392413700&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D6193006588392413700%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D4811612f-35ae-4001-8af5-889ea3332f65%26mt_cid%3D4811612f-35ae-4001-8af5-889ea3332f65%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCgGECrjUvYYzzCpWT7_UPwteN2ArPh46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTk2NjMyNjI2NDI1MjczNjnIAQmoAwGqBKcBT9A_gnlVj_GyrZ7PqjzkSBLqIA7uBRXivE0W2VE_biNi2B4fYedoODgLV_z_nhI4GzJlnI3QNwl9NSSv9_ot27j8y4OXSXVXz-D971g0gYMJiXY5fOtAZhILDIvmrf6kspe8KE9CMBomEKrI490w9fUAUP6amnqjcxGQ_AMfrnPvds3DXQASuD9AP2L3TpcoB_FT2RMeBT6ZUZEYNUVBOpcZb1aFIAmABpCl7O_hmIDO1wGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1_89OaXPFu7YdDRET8N_3NOpdVJg%2526client%253Dca-pub-9663262642527369%2526adurl%253D%26redirect%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.48.214 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.214.48.202.116.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 08:11:27 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 75667000051773700951393011704013
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 0
Expires: Wed, 01 Sep 2021 09:11:27 +0200

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 5AC1 1 KB
864 B 6ms
5ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 31 Aug 2021 12:12:35 GMT
expires: Wed, 01 Sep 2021 12:12:35 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 71932
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 1644 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f1816b09e7405cba04eeda2a906a9f92f2758e29c612e5f6ac64515a831c0e3f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame 5AC1 35 B
463 B 31ms
8ms Image
image/gif 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBlyQDKjBV8Dw8l_1FOYJgY&google_cver=1&google_push=AYg5qPJsHMoVAuBYg3ph9rdcZQMGPEMe-quxI8iHa4njaJG56qhyMsG8nrSUpTs_Xrn8q0yvaebVKt-TA3NRSGkzszQ8k4ZoDEVa

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 08:11:27 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 5AC1
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPK9l9mcaOYxvtNh6uZo-Zplrj6RP-C0Q1VWKde...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVM4MXJ3QUFBS2tFQm5XdA&google_push=AYg5qPK9l9mcaOYxvtNh6uZo-Zplrj6RP-C0Q1VWKdeioHP9Z82wHeJ-jFGvpTGj2zaSvXCSuEIWdOtysqckWD_3AkmNN3jSr1I

170 B
188 B

61ms
52ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVM4MXJ3QUFBS2tFQm5XdA&google_push=AYg5qPK9l9mcaOYxvtNh6uZo-Zplrj6RP-C0Q1VWKdeioHP9Z82wHeJ-jFGvpTGj2zaSvXCSuEIWdOtysqckWD_3AkmNN3jSr1I

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 08:11:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVM4MXJ3QUFBS2tFQm5XdA&google_push=AYg5qPK9l9mcaOYxvtNh6uZo-Zplrj6RP-C0Q1VWKdeioHP9Z82wHeJ-jFGvpTGj2zaSvXCSuEIWdOtysqckWD_3AkmNN3jSr1I
Date: Wed, 01 Sep 2021 08:11:27 GMT
Server: Apache
Connection: keep-alive
Content-Length: 390
Content-Type: text/html; charset=iso-8859-1

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 5AC1
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPLuiugYh6TYENjCMeaO0r7j4MZIjFLsqzHjBy9xP-qP-MfTssFNkXBfaYs7gWR79k_DzlOPr18io7BvQYsbsnjs2idFdMpU&google_gid=CAESEN5ODewkHEE6KECfkniUL9U&goo...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCK_rvIkGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BWWc1cVBMdWl1Z1loNlRZRU5qQ01lYU8wcjdqNE1aSWpGTHNxekhqQnk5eFAtcVAtTWZUc3NGTmtYQmZhWXM3Z1dSNzlrX0R6bE9QcjE4aW83QnZRWX...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwSHR2T3V6MFlaajdPNDZDZ09uSHdkMHpKZndQanNmQ2l1WTVEZW11eV83NA==&google_push

170 B
188 B

61ms
52ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwSHR2T3V6MFlaajdPNDZDZ09uSHdkMHpKZndQanNmQ2l1WTVEZW11eV83NA==&google_push

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 08:11:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 01 Sep 2021 08:11:27 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwSHR2T3V6MFlaajdPNDZDZ09uSHdkMHpKZndQanNmQ2l1WTVEZW11eV83NA==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 5AC1
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEFn77AuVD6b120bSjCyan38&google_cver=1&google_push=AYg5qPK6wOkMYciKW4Y0XbMtn4x0Spv-KjBGUss8YVzYBKGLdkdQlBiuUQeSe18rCrTalx2Qms_e3dmBkkFxRCA5S1wvAfbE_Ak
https://rtb.openx.net/sync/dds?google_gid=CAESEFn77AuVD6b120bSjCyan38&google_cver=1&google_push=AYg5qPK6wOkMYciKW4Y0XbMtn4x0Spv-KjBGUss8YVzYBKGLdkdQlBiuUQeSe18rCrTalx2Qms_e3dmBkkFxRCA5S1wvAfbE_Ak&o...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPK6wOkMYciKW4Y0XbMtn4x0Spv-KjBGUss8YVzYBKGLdkdQlBiuUQeSe18rCrTalx2Qms_e3dmBkkFxRCA5S1wvAfbE_Ak&google_hm=-IsEgpl7wqkiCQKXN-tmRA==

170 B
188 B

59ms
58ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPK6wOkMYciKW4Y0XbMtn4x0Spv-KjBGUss8YVzYBKGLdkdQlBiuUQeSe18rCrTalx2Qms_e3dmBkkFxRCA5S1wvAfbE_Ak&google_hm=-IsEgpl7wqkiCQKXN-tmRA==

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 08:11:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Sep 2021 08:11:27 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPK6wOkMYciKW4Y0XbMtn4x0Spv-KjBGUss8YVzYBKGLdkdQlBiuUQeSe18rCrTalx2Qms_e3dmBkkFxRCA5S1wvAfbE_Ak&google_hm=-IsEgpl7wqkiCQKXN-tmRA==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-request-id: ermmfcth66eu1jrrdnn93o0h4liu676e

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 5AC1
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=VHmgYXbaQoCfZlIP3U7yaQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

52ms
52ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=VHmgYXbaQoCfZlIP3U7yaQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJYwY3juDfjcEr_IMs2JYHiY3eLjujt1dmQhZ3XbjtoHR3wV8nmcUQp537rg7MjZqq236jYyYvokYZigv9_9tT8oFpaxLdn

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 08:11:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=VHmgYXbaQoCfZlIP3U7yaQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJYwY3juDfjcEr_IMs2JYHiY3eLjujt1dmQhZ3XbjtoHR3wV8nmcUQp537rg7MjZqq236jYyYvokYZigv9_9tT8oFpaxLdn
date: Wed, 01 Sep 2021 08:11:27 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 5AC1
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEI2sYtvU3edjvgz81D93jpo&google_cver=1&google_push=AYg5qPIEp9ZWy8N9LsoL1jT0llGJy2uWPubjmvAh87WLUNOXMYGgEO2j-8dZPHGaq2YIKYENlXy...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1QxODBCRjUtMVctMTQySw==&google_push=AYg5qPIEp9ZWy8N9LsoL1jT0llGJy2uWPubjmvAh87WLUNOXMYGgEO2j-8dZPHGaq2YIKYENlXyep8XCLQs7JZldpw14mG3OxcI

170 B
188 B

62ms
53ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1QxODBCRjUtMVctMTQySw==&google_push=AYg5qPIEp9ZWy8N9LsoL1jT0llGJy2uWPubjmvAh87WLUNOXMYGgEO2j-8dZPHGaq2YIKYENlXyep8XCLQs7JZldpw14mG3OxcI

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 08:11:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1QxODBCRjUtMVctMTQySw==&google_push=AYg5qPIEp9ZWy8N9LsoL1jT0llGJy2uWPubjmvAh87WLUNOXMYGgEO2j-8dZPHGaq2YIKYENlXyep8XCLQs7JZldpw14mG3OxcI
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Expires: 0

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 5AC1
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHl_C9sxiJm7fVvfxHfg3-0&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEHl_C9sxiJm7fVvfxHfg3-0&google_push=AY...

43 B
750 B

100ms
99ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEHl_C9sxiJm7fVvfxHfg3-0&google_push=AYg5qPKlusbFdpN0DkcD36zpQLyLwiDyWpgR0SbK416NCLgI85RyV0skgoZj6DM2uAFl0Pivf1CTeiwhWKAMEzopx76Zl_bF8tM&s=184023&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 08:11:27 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 01 Sep 2021 08:11:27 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 08:11:27 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEHl_C9sxiJm7fVvfxHfg3-0&google_push=AYg5qPKlusbFdpN0DkcD36zpQLyLwiDyWpgR0SbK416NCLgI85RyV0skgoZj6DM2uAFl0Pivf1CTeiwhWKAMEzopx76Zl_bF8tM&s=184023&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 511
Expires: Wed, 01 Sep 2021 08:11:27 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 5AC1 0
253 B 157ms
53ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KjxjaheMbcsOLi5PMuISN7fCOOs0sQq6DZSc7CIcqF1ByX6fv9sJ5-Phc6HZFDYxDIh8SH

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 08:11:27 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 1229 1 KB
749 B 6ms
6ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9663262642527369&output=html&h=250&slotname=7596210885&adk=2477841802&adf=679629689&pi=t.ma~as.7596210885&w=312&fwrn=4&fwrnh=100&lmt=1630483885&rafmt=1&psa=0&format=312x250&url=https%3A%2F%2Fsumypost.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630483885204&bpp=2&bdt=287&idt=146&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&abxe=1&prev_fmts=644x280%2C644x280&correlator=8353453686495&frm=20&pv=1&ga_vid=18409832.1630483885&ga_sid=1630483885&ga_hid=2095080406&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=810&ady=3285&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062297&oid=3&pvsid=1091668884418934&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=j3FV9gYK0q&p=https%3A//sumypost.com&dtd=149

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 31 Aug 2021 12:12:35 GMT
expires: Wed, 01 Sep 2021 12:12:35 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 71932
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 98DD 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4fdcad2fa8323e46a5e7b11b83558b9a9e81b1fa1dd3852335082fe321aa27e5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 1229
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEExgGQ3oAOoKhIdZkn83t9k&google_cver=1&google_push=AYg5qPJ3OdYpogb0Z1P3M3scp9ICOaM5Rk0C6jsfYNIIQkLirIDGGLtOPi...
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPJ3OdYpogb0Z1P3M3scp9ICOaM5Rk0C6jsfYNIIQkLirIDGGLtOPicOCSlzjhrLhxpEHyoJn1nA-B56CCrwOgsYQSx0YlCp&google_hm=N7rrlY...
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPJ3OdYpogb0Z1P3M3scp9ICOaM5Rk0C6jsfYNIIQkLirIDGGLtOPicOCSlzjhrLhxpEHyoJn1nA-B56CCrwOgsYQSx0YlCp&google_hm=N7rrlY...

170 B
188 B

105ms
53ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPJ3OdYpogb0Z1P3M3scp9ICOaM5Rk0C6jsfYNIIQkLirIDGGLtOPicOCSlzjhrLhxpEHyoJn1nA-B56CCrwOgsYQSx0YlCp&google_hm=N7rrlYcgRoYhRW1JkrY_Ig&google_tc=

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 08:11:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Sep 2021 08:11:27 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPJ3OdYpogb0Z1P3M3scp9ICOaM5Rk0C6jsfYNIIQkLirIDGGLtOPicOCSlzjhrLhxpEHyoJn1nA-B56CCrwOgsYQSx0YlCp&google_hm=N7rrlYcgRoYhRW1JkrY_Ig&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 437
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 1229
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJbjOnk...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJbjOnk...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA5MDEwODExMjcwMDAxNTUwNDY5ODEwMw%3D%3D&google_push=AYg5qPJbjOnkMXpIEPdCftGiX-b261Wu6nUfCbajYoOwt6rkB3p0EE09aXjlPWNmL9b9pK...

170 B
188 B

53ms
53ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA5MDEwODExMjcwMDAxNTUwNDY5ODEwMw%3D%3D&google_push=AYg5qPJbjOnkMXpIEPdCftGiX-b261Wu6nUfCbajYoOwt6rkB3p0EE09aXjlPWNmL9b9pKUgjFNU4_KHXd6h-gpleBHJ2y1dXfjibA

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 08:11:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA5MDEwODExMjcwMDAxNTUwNDY5ODEwMw%3D%3D&google_push=AYg5qPJbjOnkMXpIEPdCftGiX-b261Wu6nUfCbajYoOwt6rkB3p0EE09aXjlPWNmL9b9pKUgjFNU4_KHXd6h-gpleBHJ2y1dXfjibA
pragma: no-cache
date: Wed, 01 Sep 2021 08:11:27 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Wed, 01 Sep 2021 08:11:27 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 1229 43 B
324 B 164ms
59ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEB1gHxU3t8X-zMU4FUii28k&google_push=AYg5qPJriGRWyBOXUxemkNDJmA_bWteeuQNKE7rjRGlVgt0XfD_wyCG3S11hyq9RSsdncjTkFn-DuJ9tzS3A1y00YXfVZABueYDyKg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9663262642527369&output=html&h=250&slotname=7596210885&adk=2477841802&adf=679629689&pi=t.ma~as.7596210885&w=312&fwrn=4&fwrnh=100&lmt=1630483885&rafmt=1&psa=0&format=312x250&url=https%3A%2F%2Fsumypost.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630483885204&bpp=2&bdt=287&idt=146&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&abxe=1&prev_fmts=644x280%2C644x280&correlator=8353453686495&frm=20&pv=1&ga_vid=18409832.1630483885&ga_sid=1630483885&ga_hid=2095080406&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=810&ady=3285&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062297&oid=3&pvsid=1091668884418934&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=j3FV9gYK0q&p=https%3A//sumypost.com&dtd=149
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 08:11:27 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 1229
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEMx86u1rRbBnui2dx8Mnl9I&google_cver=1&google_push=AYg5qPJ5-8YtNr-jBxI9OdKWnXVVOFL73c2tCor3K2-ivxeuci1ggIkg_pz_JOGQwV-bF8txipg1e_3Eoda7a3P0EUjNhhzupSy1wQ
https://rtb.openx.net/sync/dds?google_gid=CAESEMx86u1rRbBnui2dx8Mnl9I&google_cver=1&google_push=AYg5qPJ5-8YtNr-jBxI9OdKWnXVVOFL73c2tCor3K2-ivxeuci1ggIkg_pz_JOGQwV-bF8txipg1e_3Eoda7a3P0EUjNhhzupSy1w...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJ5-8YtNr-jBxI9OdKWnXVVOFL73c2tCor3K2-ivxeuci1ggIkg_pz_JOGQwV-bF8txipg1e_3Eoda7a3P0EUjNhhzupSy1wQ&google_hm=-IsEgpl7wqkiCQKXN-tmRA==

170 B
188 B

60ms
59ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJ5-8YtNr-jBxI9OdKWnXVVOFL73c2tCor3K2-ivxeuci1ggIkg_pz_JOGQwV-bF8txipg1e_3Eoda7a3P0EUjNhhzupSy1wQ&google_hm=-IsEgpl7wqkiCQKXN-tmRA==

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 08:11:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Sep 2021 08:11:26 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJ5-8YtNr-jBxI9OdKWnXVVOFL73c2tCor3K2-ivxeuci1ggIkg_pz_JOGQwV-bF8txipg1e_3Eoda7a3P0EUjNhhzupSy1wQ&google_hm=-IsEgpl7wqkiCQKXN-tmRA==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-request-id: a2v5p5ho47dqut77nqu8a1v3t4vbeeev

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 1229
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=GnsSM5OpTqWx3uSy01b2YA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

52ms
52ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=GnsSM5OpTqWx3uSy01b2YA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPK-gV1KfvG4eHxKHtdMBydlxO4EfGNK36sddeF_vftvV9VnbWGXcJB8JYgogcfClmb0f4pVidZacnQ1VsoXScpuv7C3ExSNhQ

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 08:11:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=GnsSM5OpTqWx3uSy01b2YA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPK-gV1KfvG4eHxKHtdMBydlxO4EfGNK36sddeF_vftvV9VnbWGXcJB8JYgogcfClmb0f4pVidZacnQ1VsoXScpuv7C3ExSNhQ
date: Wed, 01 Sep 2021 08:11:25 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 1229
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOHk3vplKLiKFy6LuSK5uIQ&google_cver=1&google_push=AYg5qPIiWQFAm_GU6tXrMaqOtdRxjv7vrchzePL6bfv4bBhw3k20PH1yLNUB5OC3wUXA8U1aSxV...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1QxODBCR0ctMUEtRlFVQg==&google_push=AYg5qPIiWQFAm_GU6tXrMaqOtdRxjv7vrchzePL6bfv4bBhw3k20PH1yLNUB5OC3wUXA8U1aSxVLxWenhunzGgR37tRsz_I2PGne

170 B
188 B

59ms
58ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1QxODBCR0ctMUEtRlFVQg==&google_push=AYg5qPIiWQFAm_GU6tXrMaqOtdRxjv7vrchzePL6bfv4bBhw3k20PH1yLNUB5OC3wUXA8U1aSxVLxWenhunzGgR37tRsz_I2PGne

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 08:11:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1QxODBCR0ctMUEtRlFVQg==&google_push=AYg5qPIiWQFAm_GU6tXrMaqOtdRxjv7vrchzePL6bfv4bBhw3k20PH1yLNUB5OC3wUXA8U1aSxVLxWenhunzGgR37tRsz_I2PGne
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 1229
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELlhMEBqr-WXEabla8jtsJI&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESELlhMEBqr-WXEabla8jtsJI&google_push=AY...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS81r6nhTgX4x-NU3-VT8QAABIwAAAAB&google_push=AYg5qPIJ3jHTfyuJUfqieAbZeFPDz2C-jIKFY1QB56fr8qB1K-LDT-btxEkRbAr9nLUuUkxzrlzk4Kakreur7Km5f8...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS81r6nhTgX4x-NU3-VT8QAABIwAAAAB&google_push=AYg5qPIJ3jHTfyuJUfqieAbZeFPDz2C-jIKFY1QB56fr8qB1K-LDT-btxEkRbAr9nLUuUkxzrlzk4Kakreur7Km5f8...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS81r6nhTgX4x-NU3-VT8QAABIwAAAAB&google_push=AYg5qPIJ3jHTfyuJUfqieAbZeFPDz2C-jIKFY1QB56fr8qB1K-LDT-btxEkRbAr9nLUuUkxzrlzk4Kakreur7Km5f8...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS81r6nhTgX4x-NU3-VT8QAABIwAAAAB&google_push=AYg5qPIJ3jHTfyuJUfqieAbZeFPDz2C-jIKFY1QB56fr8qB1K-LDT-btxEkRbAr9nLUuUkxzrlzk4Kakreur7Km5f8...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS81r6nhTgX4x-NU3-VT8QAABIwAAAAB&google_push=AYg5qPIJ3jHTfyuJUfqieAbZeFPDz2C-jIKFY1QB56fr8qB1K-LDT-btxEkRbAr9nLUuUkxzrlzk4Kakreur7Km5f8...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS81r6nhTgX4x-NU3-VT8QAABIwAAAAB&google_push=AYg5qPIJ3jHTfyuJUfqieAbZeFPDz2C-jIKFY1QB56fr8qB1K-LDT-btxEkRbAr9nLUuUkxzrlzk4Kakreur7Km5f8...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS81r6nhTgX4x-NU3-VT8QAABIwAAAAB&google_push=AYg5qPIJ3jHTfyuJUfqieAbZeFPDz2C-jIKFY1QB56fr8qB1K-LDT-btxEkRbAr9nLUuUkxzrlzk4Kakreur7Km5f8...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS81r6nhTgX4x-NU3-VT8QAABIwAAAAB&google_push=AYg5qPIJ3jHTfyuJUfqieAbZeFPDz2C-jIKFY1QB56fr8qB1K-LDT-btxEkRbAr9nLUuUkxzrlzk4Kakreur7Km5f8...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS81r6nhTgX4x-NU3-VT8QAABIwAAAAB&google_push=AYg5qPIJ3jHTfyuJUfqieAbZeFPDz2C-jIKFY1QB56fr8qB1K-LDT-btxEkRbAr9nLUuUkxzrlzk4Kakreur7Km5f8...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS81r6nhTgX4x-NU3-VT8QAABIwAAAAB&google_push=AYg5qPIJ3jHTfyuJUfqieAbZeFPDz2C-jIKFY1QB56fr8qB1K-LDT-btxEkRbAr9nLUuUkxzrlzk4Kakreur7Km5f8...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS81r6nhTgX4x-NU3-VT8QAABIwAAAAB&google_push=AYg5qPIJ3jHTfyuJUfqieAbZeFPDz2C-jIKFY1QB56fr8qB1K-LDT-btxEkRbAr9nLUuUkxzrlzk4Kakreur7Km5f8...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS81r6nhTgX4x-NU3-VT8QAABIwAAAAB&google_push=AYg5qPIJ3jHTfyuJUfqieAbZeFPDz2C-jIKFY1QB56fr8qB1K-LDT-btxEkRbAr9nLUuUkxzrlzk4Kakreur7Km5f8...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS81r6nhTgX4x-NU3-VT8QAABIwAAAAB&google_push=AYg5qPIJ3jHTfyuJUfqieAbZeFPDz2C-jIKFY1QB56fr8qB1K-LDT-btxEkRbAr9nLUuUkxzrlzk4Kakreur7Km5f8...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS81r6nhTgX4x-NU3-VT8QAABIwAAAAB&google_push=AYg5qPIJ3jHTfyuJUfqieAbZeFPDz2C-jIKFY1QB56fr8qB1K-LDT-btxEkRbAr9nLUuUkxzrlzk4Kakreur7Km5f8...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS81r6nhTgX4x-NU3-VT8QAABIwAAAAB&google_push=AYg5qPIJ3jHTfyuJUfqieAbZeFPDz2C-jIKFY1QB56fr8qB1K-LDT-btxEkRbAr9nLUuUkxzrlzk4Kakreur7Km5f8...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS81r6nhTgX4x-NU3-VT8QAABIwAAAAB&google_push=AYg5qPIJ3jHTfyuJUfqieAbZeFPDz2C-jIKFY1QB56fr8qB1K-LDT-btxEkRbAr9nLUuUkxzrlzk4Kakreur7Km5f8...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS81r6nhTgX4x-NU3-VT8QAABIwAAAAB&google_push=AYg5qPIJ3jHTfyuJUfqieAbZeFPDz2C-jIKFY1QB56fr8qB1K-LDT-btxEkRbAr9nLUuUkxzrlzk4Kakreur7Km5f8...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS81r6nhTgX4x-NU3-VT8QAABIwAAAAB&google_push=AYg5qPIJ3jHTfyuJUfqieAbZeFPDz2C-jIKFY1QB56fr8qB1K-LDT-btxEkRbAr9nLUuUkxzrlzk4Kakreur7Km5f8...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS81r6nhTgX4x-NU3-VT8QAABIwAAAAB&google_push=AYg5qPIJ3jHTfyuJUfqieAbZeFPDz2C-jIKFY1QB56fr8qB1K-LDT-btxEkRbAr9nLUuUkxzrlzk4Kakreur7Km5f8...

0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 1229 0
40 B 105ms
53ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KT3nwd5Tgu6qP_ppK3X1LwYGJgJ_9420Ud2WV96jMIB9iIzVGzAl2OeWG5vaJelh6pLl37

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9663262642527369&output=html&h=250&slotname=7596210885&adk=2477841802&adf=679629689&pi=t.ma~as.7596210885&w=312&fwrn=4&fwrnh=100&lmt=1630483885&rafmt=1&psa=0&format=312x250&url=https%3A%2F%2Fsumypost.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630483885204&bpp=2&bdt=287&idt=146&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&abxe=1&prev_fmts=644x280%2C644x280&correlator=8353453686495&frm=20&pv=1&ga_vid=18409832.1630483885&ga_sid=1630483885&ga_hid=2095080406&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=810&ady=3285&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062297&oid=3&pvsid=1091668884418934&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=j3FV9gYK0q&p=https%3A//sumypost.com&dtd=149

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 08:11:27 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 34ms
20ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210830&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

253796c0a2689439d0457dbbd52a259be4557582cfbc4a9b9adbc0d1b132419f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 01 Sep 2021 08:11:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8492
x-xss-protection: 0

GET
H2 200 bc4eec75461e4233a30d6b37f3b3dbe1_L-1-315x247.jpg
sumypost.com/wp-content/uploads/2021/08/ 26 KB
26 KB 73ms
73ms Image
image/jpeg 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sumypost.com/wp-content/uploads/2021/08/bc4eec75461e4233a30d6b37f3b3dbe1_L-1-315x247.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: c02c089b7ac0339629836537f62c7ac2de11d58599f7c1b223d5b5af8a27712f

Request headers

:path: /wp-content/uploads/2021/08/bc4eec75461e4233a30d6b37f3b3dbe1_L-1-315x247.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sumypost.com
referer: https://sumypost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ray: p17866:0.001/wn688:0.000/
last-modified: Tue, 31 Aug 2021 16:00:29 GMT
server: nginx
etag: "612e521d-67b9"
content-type: image/jpeg
cache-control: max-age=604800
date: Wed, 01 Sep 2021 08:11:27 GMT
accept-ranges: bytes
content-length: 26553
expires: Wed, 08 Sep 2021 08:11:27 GMT

GET
H2 200 5f3988ed97d1ec64-315x247.jpg
sumypost.com/wp-content/uploads/2021/08/ 20 KB
20 KB 73ms
72ms Image
image/jpeg 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sumypost.com/wp-content/uploads/2021/08/5f3988ed97d1ec64-315x247.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 13f951f6a68aaedb935b01a0b23c0518a00b8b3d2cd60f9336e6bcb51fc161b9

Request headers

:path: /wp-content/uploads/2021/08/5f3988ed97d1ec64-315x247.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sumypost.com
referer: https://sumypost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ray: p17866:0.001/wn688:0.000/
last-modified: Tue, 31 Aug 2021 14:51:41 GMT
server: nginx
etag: "612e41fd-4f5f"
content-type: image/jpeg
cache-control: max-age=604800
date: Wed, 01 Sep 2021 08:11:27 GMT
accept-ranges: bytes
content-length: 20319
expires: Wed, 08 Sep 2021 08:11:27 GMT

GET
H2 200 Screenshot_146-315x247.jpg
sumypost.com/wp-content/uploads/2021/08/ 24 KB
24 KB 108ms
108ms Image
image/jpeg 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sumypost.com/wp-content/uploads/2021/08/Screenshot_146-315x247.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 5586cf0230df93ee50a4839deac21d41d3d1bcf79f8e024c6b67fa8cfb37d098

Request headers

:path: /wp-content/uploads/2021/08/Screenshot_146-315x247.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sumypost.com
referer: https://sumypost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ray: p17866:0.001/wn688:0.000/
last-modified: Tue, 31 Aug 2021 14:31:48 GMT
server: nginx
etag: "612e3d54-5fa6"
content-type: image/jpeg
cache-control: max-age=604800
date: Wed, 01 Sep 2021 08:11:27 GMT
accept-ranges: bytes
content-length: 24486
expires: Wed, 08 Sep 2021 08:11:27 GMT

GET
H2 200 1-1-312x380.jpeg
sumypost.com/wp-content/uploads/2021/08/ 36 KB
36 KB 108ms
108ms Image
image/jpeg 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sumypost.com/wp-content/uploads/2021/08/1-1-312x380.jpeg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: c324a5e80df78d2ec9159f41c8c08ae386d08f12a94e85f53252e67e2c5de017

Request headers

:path: /wp-content/uploads/2021/08/1-1-312x380.jpeg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sumypost.com
referer: https://sumypost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ray: p17866:0.002/wn688:0.000/
last-modified: Tue, 24 Aug 2021 12:36:26 GMT
server: nginx
etag: "6124e7ca-8fea"
content-type: image/jpeg
cache-control: max-age=604800
date: Wed, 01 Sep 2021 08:11:27 GMT
accept-ranges: bytes
content-length: 36842
expires: Wed, 08 Sep 2021 08:11:27 GMT

GET
H2 200 241001107_1914609618700555_4423086907953530718_n-315x247.jpg
sumypost.com/wp-content/uploads/2021/08/ 24 KB
24 KB 143ms
142ms Image
image/jpeg 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sumypost.com/wp-content/uploads/2021/08/241001107_1914609618700555_4423086907953530718_n-315x247.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: f2e83b55abb5eda61b91c8526bb3d317a203da83b8510c9689f577ff502bff2c

Request headers

:path: /wp-content/uploads/2021/08/241001107_1914609618700555_4423086907953530718_n-315x247.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sumypost.com
referer: https://sumypost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ray: p17866:0.002/wn688:0.000/
last-modified: Tue, 31 Aug 2021 14:59:45 GMT
server: nginx
etag: "612e43e1-5f59"
content-type: image/jpeg
cache-control: max-age=604800
date: Wed, 01 Sep 2021 08:11:27 GMT
accept-ranges: bytes
content-length: 24409
expires: Wed, 08 Sep 2021 08:11:27 GMT

GET
H2 200 240881688_4091769657612250_7933297701549812396_n-315x247.jpg
sumypost.com/wp-content/uploads/2021/08/ 14 KB
14 KB 143ms
142ms Image
image/jpeg 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sumypost.com/wp-content/uploads/2021/08/240881688_4091769657612250_7933297701549812396_n-315x247.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 378c8c33a52f4c75f5e86e885d718178af1559aee40e0aa92a8bc471b5f0e6ac

Request headers

:path: /wp-content/uploads/2021/08/240881688_4091769657612250_7933297701549812396_n-315x247.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sumypost.com
referer: https://sumypost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ray: p17866:0.001/wn688:0.000/
last-modified: Tue, 31 Aug 2021 13:36:57 GMT
server: nginx
etag: "612e3079-3763"
content-type: image/jpeg
cache-control: max-age=604800
date: Wed, 01 Sep 2021 08:11:27 GMT
accept-ranges: bytes
content-length: 14179
expires: Wed, 08 Sep 2021 08:11:27 GMT

GET
H2 200 g_l-315x247.jpeg
sumypost.com/wp-content/uploads/2021/08/ 15 KB
16 KB 69ms
65ms Image
image/jpeg 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sumypost.com/wp-content/uploads/2021/08/g_l-315x247.jpeg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: badbda07b3991f3e11f960492a35653b44f4f730e6570f52f61a150e9ef6e3e7

Request headers

:path: /wp-content/uploads/2021/08/g_l-315x247.jpeg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sumypost.com
referer: https://sumypost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ray: p17866:0.003/wn688:0.000/
last-modified: Tue, 31 Aug 2021 15:41:42 GMT
server: nginx
etag: "612e4db6-3df2"
content-type: image/jpeg
cache-control: max-age=604800
date: Wed, 01 Sep 2021 08:11:27 GMT
accept-ranges: bytes
content-length: 15858
expires: Wed, 08 Sep 2021 08:11:27 GMT

GET
H2 200 12-7-315x247.jpg
sumypost.com/wp-content/uploads/2021/08/ 14 KB
14 KB 37ms
36ms Image
image/jpeg 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sumypost.com/wp-content/uploads/2021/08/12-7-315x247.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 7670b9ee1d40fde306fd60229a11c7c2ad47ac9bfa8b38b987bc5b3d4b3dae37

Request headers

:path: /wp-content/uploads/2021/08/12-7-315x247.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sumypost.com
referer: https://sumypost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ray: p17866:0.000/wn688:0.000/
last-modified: Tue, 31 Aug 2021 16:04:27 GMT
server: nginx
etag: "612e530b-36bb"
content-type: image/jpeg
cache-control: max-age=604800
date: Wed, 01 Sep 2021 08:11:27 GMT
accept-ranges: bytes
content-length: 14011
expires: Wed, 08 Sep 2021 08:11:27 GMT

GET
H2 200 photo_2021-03-03_12-20-45-1.jpg
sumypost.com/wp-content/uploads/2021/03/ 85 KB
86 KB 37ms
37ms Image
image/jpeg 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sumypost.com/wp-content/uploads/2021/03/photo_2021-03-03_12-20-45-1.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 9221cec7c481944705c959106c1f1ca527693c076209b5070c99338f465a291f

Request headers

:path: /wp-content/uploads/2021/03/photo_2021-03-03_12-20-45-1.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sumypost.com
referer: https://sumypost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ray: p17866:0.000/wn688:0.000/
last-modified: Wed, 03 Mar 2021 10:29:01 GMT
server: nginx
etag: "603f64ed-15582"
content-type: image/jpeg
cache-control: max-age=604800
date: Wed, 01 Sep 2021 08:11:27 GMT
accept-ranges: bytes
content-length: 87426
expires: Wed, 08 Sep 2021 08:11:27 GMT

GET
H2 200 IMG_20210831_200012_530-315x247.jpg
sumypost.com/wp-content/uploads/2021/08/ 20 KB
21 KB 43ms
37ms Image
image/jpeg 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sumypost.com/wp-content/uploads/2021/08/IMG_20210831_200012_530-315x247.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 1f2064f98485eccac485df65c1b25688ef0e4854921da860fae630894d2b4f54

Request headers

:path: /wp-content/uploads/2021/08/IMG_20210831_200012_530-315x247.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sumypost.com
referer: https://sumypost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ray: p17866:0.001/wn688:0.000/
last-modified: Tue, 31 Aug 2021 17:02:39 GMT
server: nginx
etag: "612e60af-5117"
content-type: image/jpeg
cache-control: max-age=604800
date: Wed, 01 Sep 2021 08:11:27 GMT
accept-ranges: bytes
content-length: 20759
expires: Wed, 08 Sep 2021 08:11:27 GMT

GET
H2 200 agriculture-1867212_960_720-315x247.jpg
sumypost.com/wp-content/uploads/2021/08/ 21 KB
21 KB 41ms
38ms Image
image/jpeg 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sumypost.com/wp-content/uploads/2021/08/agriculture-1867212_960_720-315x247.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: d50e91e37f1b1ca27612a88fdb3da0e588ad8d9e777588b854bbcded28b72802

Request headers

:path: /wp-content/uploads/2021/08/agriculture-1867212_960_720-315x247.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sumypost.com
referer: https://sumypost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ray: p17866:0.001/wn688:0.000/
last-modified: Tue, 31 Aug 2021 15:26:39 GMT
server: nginx
etag: "612e4a2f-526d"
content-type: image/jpeg
cache-control: max-age=604800
date: Wed, 01 Sep 2021 08:11:27 GMT
accept-ranges: bytes
content-length: 21101
expires: Wed, 08 Sep 2021 08:11:27 GMT

GET
H2 200 240879772_4727156703985633_2056409613503806713_n-315x247.jpg
sumypost.com/wp-content/uploads/2021/08/ 26 KB
26 KB 41ms
38ms Image
image/jpeg 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sumypost.com/wp-content/uploads/2021/08/240879772_4727156703985633_2056409613503806713_n-315x247.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 1a1e3ff838bf9ee385110c1e84cdecb0cdb873601736ec9aa30d901dec9dafc1

Request headers

:path: /wp-content/uploads/2021/08/240879772_4727156703985633_2056409613503806713_n-315x247.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sumypost.com
referer: https://sumypost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ray: p17866:0.001/wn688:0.000/
last-modified: Tue, 31 Aug 2021 13:38:51 GMT
server: nginx
etag: "612e30eb-6642"
content-type: image/jpeg
cache-control: max-age=604800
date: Wed, 01 Sep 2021 08:11:27 GMT
accept-ranges: bytes
content-length: 26178
expires: Wed, 08 Sep 2021 08:11:27 GMT

GET
H2 200 01.jpg
sumypost.com/wp-content/uploads/2019/07/ 45 KB
45 KB 41ms
39ms Image
image/jpeg 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sumypost.com/wp-content/uploads/2019/07/01.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 7764025674ca6855094c3801171697066c09ce371428720c1152b6f3e5c8b40f

Request headers

:path: /wp-content/uploads/2019/07/01.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sumypost.com
referer: https://sumypost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ray: p17866:0.001/wn688:0.000/
last-modified: Tue, 23 Jul 2019 09:29:30 GMT
server: nginx
etag: "5d36d37a-b450"
content-type: image/jpeg
cache-control: max-age=604800
date: Wed, 01 Sep 2021 08:11:27 GMT
accept-ranges: bytes
content-length: 46160
expires: Wed, 08 Sep 2021 08:11:27 GMT

GET
H2 200 albina_1-2.gif
sumypost.com/media/ 58 KB
58 KB 41ms
39ms Image
image/gif 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sumypost.com/media/albina_1-2.gif
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 2657d0bf4b86971f440373ccc4a541a16886ffd4596a8f28ab10abc072e470fd

Request headers

:path: /media/albina_1-2.gif
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sumypost.com
referer: https://sumypost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ray: p17866:0.001/wn688:0.000/
last-modified: Thu, 29 Jul 2021 19:35:10 GMT
server: nginx
etag: "610302ee-e808"
content-type: image/gif
cache-control: max-age=604800
date: Wed, 01 Sep 2021 08:11:27 GMT
accept-ranges: bytes
content-length: 59400
expires: Wed, 08 Sep 2021 08:11:27 GMT

GET
H2 200 240652430_4566990619999906_1345173523718074578_n-1-315x247.jpg
sumypost.com/wp-content/uploads/2021/08/ 15 KB
15 KB 38ms
37ms Image
image/jpeg 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sumypost.com/wp-content/uploads/2021/08/240652430_4566990619999906_1345173523718074578_n-1-315x247.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 9d0f886d6f367accafdaeffdb09a322b04b7e05d062ab89b64d3ae58a532b38d

Request headers

:path: /wp-content/uploads/2021/08/240652430_4566990619999906_1345173523718074578_n-1-315x247.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sumypost.com
referer: https://sumypost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ray: p17866:0.001/wn688:0.000/
last-modified: Tue, 31 Aug 2021 15:50:48 GMT
server: nginx
etag: "612e4fd8-3b32"
content-type: image/jpeg
cache-control: max-age=604800
date: Wed, 01 Sep 2021 08:11:27 GMT
accept-ranges: bytes
content-length: 15154
expires: Wed, 08 Sep 2021 08:11:27 GMT

GET
H2 200 sumbud_banner2_478_100.jpg
sumypost.com/media/ 55 KB
55 KB 40ms
36ms Image
image/jpeg 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sumypost.com/media/sumbud_banner2_478_100.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: b7ae06b0bd88fd9b8e74350b431f4321263f35e017b9b463ab8c60eb9563e520

Request headers

:path: /media/sumbud_banner2_478_100.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sumypost.com
referer: https://sumypost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ray: p17866:0.000/wn688:0.000/
last-modified: Tue, 06 Nov 2018 19:44:01 GMT
server: nginx
etag: "5be1ef01-dc13"
content-type: image/jpeg
cache-control: max-age=604800
date: Wed, 01 Sep 2021 08:11:27 GMT
accept-ranges: bytes
content-length: 56339
expires: Wed, 08 Sep 2021 08:11:27 GMT

GET
H2 200 svitlo-2-315x247.jpg
sumypost.com/wp-content/uploads/2021/06/ 5 KB
5 KB 38ms
37ms Image
image/jpeg 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sumypost.com/wp-content/uploads/2021/06/svitlo-2-315x247.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 3758833d355b0d5d8ef49adbfa8a18a359ec29d8a38763804851a66ffc7af19f

Request headers

:path: /wp-content/uploads/2021/06/svitlo-2-315x247.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sumypost.com
referer: https://sumypost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ray: p17866:0.000/wn688:0.000/
last-modified: Thu, 24 Jun 2021 21:28:16 GMT
server: nginx
etag: "60d4f8f0-145f"
content-type: image/jpeg
cache-control: max-age=604800
date: Wed, 01 Sep 2021 08:11:27 GMT
accept-ranges: bytes
content-length: 5215
expires: Wed, 08 Sep 2021 08:11:27 GMT

GET
H2 200 1-2-312x380.jpeg
sumypost.com/wp-content/uploads/2021/08/ 28 KB
28 KB 38ms
36ms Image
image/jpeg 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sumypost.com/wp-content/uploads/2021/08/1-2-312x380.jpeg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 090257387f5e34794321d36e9a6e3d2bec25f995ab78f41ee9d1d9da0f7aca41

Request headers

:path: /wp-content/uploads/2021/08/1-2-312x380.jpeg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sumypost.com
referer: https://sumypost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ray: p17866:0.000/wn688:0.000/
last-modified: Tue, 24 Aug 2021 12:37:52 GMT
server: nginx
etag: "6124e820-709e"
content-type: image/jpeg
cache-control: max-age=604800
date: Wed, 01 Sep 2021 08:11:27 GMT
accept-ranges: bytes
content-length: 28830
expires: Wed, 08 Sep 2021 08:11:27 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 08:11:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Wed, 01 Sep 2021 08:11:27 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DC63 42 B
64 B 30ms
30ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvgoTRJCVbWdO8hr_FU2j6TTMDAc8PPyvS5g1JCeAVVP9Nb0XiGY9dIo3y7e4E5YShaMXO5yN_IFB-tD8bIKoVieHlPtm9JAsllWUgrqldEBltVLqcXSFwatUc7Dw&sai=AMfl-YQEnLK_V13B6D5IVgmQkc0DTjr9YUsBbL5Fz7b0OeHSGZYwefe2CUI-HADrpV73r-13KL8RaP5ttyUx&sig=Cg0ArKJSzOKb--_kjqIsEAE&id=lidar2&mcvt=1000&p=331,146,611,790&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210830&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1686960007&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1630483885327&rpt=1161&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 08:11:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame AA55 12 KB
5 KB 11ms
6ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sumypost.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://sumypost.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Wed, 01 Sep 2021 07:38:06 GMT
expires: Thu, 01 Sep 2022 07:38:06 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2001
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C3BC 783 B
768 B 18ms
15ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8a423f9314cff745d3ec295b44aceaa547edf1fd686173b3a64aed93796b8494

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Yw1NS2pqEs8IAVi6XETXTw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sumypost.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://sumypost.com/

Response headers

expires: Wed, 01 Sep 2021 08:11:27 GMT
date: Wed, 01 Sep 2021 08:11:27 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-Yw1NS2pqEs8IAVi6XETXTw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 3VBCxQMuFeflN3ldnXIT7YQtw8QPm-3IluxfpK8Vf0c.js Show response
pagead2.googlesyndication.com/bg/ Frame AA55 35 KB
13 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3VBCxQMuFeflN3ldnXIT7YQtw8QPm-3IluxfpK8Vf0c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd5042c5032e15e7e537795d9d7213ed842dc3c40f9bedc896ec5fa4af157f47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 07:31:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2403
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13381
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 08:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Sep 2022 07:31:24 GMT

GET
H3-29 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 94ms
93ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gda_r20210830&jk=1091668884418934&bg=!DA-lD0vNAAZOkH6FTpA7ACkAdvg8WlcrCjbBbNkUbW3ax1CZuCv1pQuJ3uVpXgdaMMLpjpUwyA_4NgIAAAClUgAAAA5oAQcKAKXKLK455phDEnkbEgpVAR8XduBf10rX9HCzjxVtVqtIVLN7PFqBvEASQiY3QuslV6Zr6PwMaMYPX4HE-YivnUxHnZKEPFUOcHWNmGu0kuh72ozV6xmgtLcOwcxNbwI6NT7ENCMLAwOz4W6xQWJJ9FptnXKKyTxfCIi9g64gDEuLJaBcKaOpUqbGjmPBm76cbXn7XI-CSo7K4ZGxRgm8foTnQqIWr3iZAm6bRWnjWl8Ib7yUEoPJonhTgNDn4iBvsFuss7tCKNwkiiqV2qAgpZ3gTFYOL1eo2ljjX0QGAAv3mHL1WToLrJquJLdXXKrrGnIF6maJoj_q64qTYb-rrRE5LDkj5Ogoii8wHjwVedtftY6CLAqyIKAa4X2ptGPvG80IA0au2dl5YPv-xlzOlvTuafc_rOZWRhcHmOXKIp3pF_s43QljjS1Qeq6mIxrwja0ku-ceBSvVa3-YoEBc7E-e9HQdS3a_GT_6y-wLdPuwVkcTNrpf45NQlOPtGI4OfGhsgp8mugSSkYFyYew0MufvldnM055sJDyO3CQDtG5WlIRZFrSca3HZG3VIuF7pEd_sojp1q5R35mb2O9Ei80m0OpGGGmgq6ZaVNVmNq5g5ypLDKwp3gKrhedLc_M5qwBUoz65A5z_AApYx2cK0W7Ztt5cQOyc9iG26Ef44ffLPxnLjnkW8F7at9yh6l3KVIdu8XlmMKpncaLKwz1t_OtKFdLUMl3eYZLs-qjP0zxXvUKqblawZAb24Tjdgz0z69-5xZ6hV_CTv5AXFAnjeLwEHNKOkC08AZN165ZwJj6xYm6967d1Ohaddfe57MEKT2h8qwPv-ZQ-loDcmSaicGNlsbwxzf7_9aEH_djSd6LwZUmlP3KlwgxjOYjn_DgNyNSRvvFhDhwLd2ZSmmuRI64UlAcNQxHy8owHPGasCa3lMsZZZL-nfFT7Vu_ttBPNVDCjNZJ1-ZIKWfWUg4cHUPIj-pL2C0qHlMDMbF5VVhM6wfdNVAUgW-E1XiiYoWT4beMRJaV81F4Lr1NYMq-hbc9DKZHMAk0Ij
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9663262642527369&output=html&h=250&slotname=7596210885&adk=2477841802&adf=679629689&pi=t.ma~as.7596210885&w=312&fwrn=4&fwrnh=100&lmt=1630483885&rafmt=1&psa=0&format=312x250&url=https%3A%2F%2Fsumypost.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630483885204&bpp=2&bdt=287&idt=146&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&abxe=1&prev_fmts=644x280%2C644x280&correlator=8353453686495&frm=20&pv=1&ga_vid=18409832.1630483885&ga_sid=1630483885&ga_hid=2095080406&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=810&ady=3285&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062297&oid=3&pvsid=1091668884418934&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=j3FV9gYK0q&p=https%3A//sumypost.com&dtd=149

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9663262642527369&output=html&h=250&slotname=7596210885&adk=2477841802&adf=3619793251&pi=t.ma~as.7596210885&w=312&fwrn=4&fwrnh=100&lmt=1630483885&rafmt=1&psa=0&format=312x250&url=https%3A%2F%2Fsumypost.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630483885206&bpp=1&bdt=288&idt=150&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&abxe=1&prev_fmts=644x280%2C644x280%2C312x250&correlator=8353453686495&frm=20&pv=1&ga_vid=18409832.1630483885&ga_sid=1630483885&ga_hid=2095080406&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1142&ady=3285&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062297&oid=3&pvsid=1091668884418934&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=B0AwJq9nZU&p=https%3A//sumypost.com&dtd=155

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS81r6nhTgX4x-NU3-VT8QAABIwAAAAB&google_push=AYg5qPIJ3jHTfyuJUfqieAbZeFPDz2C-jIKFY1QB56fr8qB1K-LDT-btxEkRbAr9nLUuUkxzrlzk4Kakreur7Km5f8N_X-CPZz0Arw&google_cver=1&google_gid=CAESELlhMEBqr-WXEabla8jtsJI

Verdicts & Comments Add Verdict or Comment

138 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	(Line 1) Message: JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
c.bigmir.net
cm.g.doubleclick.net
cms.quantserve.com
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
get.mycounter.ua
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal900013.redintelligence.net
hal900018.redintelligence.net
i.bigmir.net
id.rlcdn.com
image6.pubmatic.com
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.everesttech.net
pixel.mathtag.com
pixel.rubiconproject.com
rtb.openx.net
ssum-sec.casalemedia.com
stats.g.doubleclick.net
sumypost.com
tags.mathtag.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.gstatic.com
cm.g.doubleclick.net
googleads.g.doubleclick.net
104.111.215.191
116.202.48.214
138.201.84.245
142.250.185.226
142.250.186.66
144.76.91.199
185.29.134.245
185.64.190.78
193.239.68.97
193.239.71.100
2.18.233.201
2.18.234.21
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1450:4001:800::2004
2a00:1450:4001:808::2001
2a00:1450:4001:809::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:811::2004
2a00:1450:4001:813::200a
2a00:1450:4001:827::200e
2a00:1450:4001:828::2002
2a00:1450:4001:828::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::2003
2a00:1450:4001:831::2003
2a00:1450:400c:c06::9a
2a00:7a60:0:10c0::1
34.98.67.61
35.227.252.103
35.244.174.68
62.149.0.249
63.32.201.39
69.173.144.165
01c87d6dbb55518c114e983b3d4a8631072905893a45cffc9afd68db8b5fd180
090257387f5e34794321d36e9a6e3d2bec25f995ab78f41ee9d1d9da0f7aca41
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5
13f951f6a68aaedb935b01a0b23c0518a00b8b3d2cd60f9336e6bcb51fc161b9
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a1e3ff838bf9ee385110c1e84cdecb0cdb873601736ec9aa30d901dec9dafc1
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1e71cfe677facfddffe82e94a45b0f2d3087d9fc2d73348a384ce0113da90d80
1eddc73cd37d151291adc510a4a547c4b0248b5bf7d368fcf4b73840a75b819a
1f2064f98485eccac485df65c1b25688ef0e4854921da860fae630894d2b4f54
230226211b6fa75f73a7257ef16ffa5904523b30e32e7aae949790ae288a4dc0
253796c0a2689439d0457dbbd52a259be4557582cfbc4a9b9adbc0d1b132419f
2657d0bf4b86971f440373ccc4a541a16886ffd4596a8f28ab10abc072e470fd
266a3771ef39c4855333a8ff90d4a48d8c19f2ddb561ceb41a5a8ab4747304f8
268d4ee9f8e316f07f185acd7b3ce896ae73437a8aceb8e516fad7c1b405e72b
278a038fd510240f76a0b812d57f7cd0ee7ba7ec252ab960cdf1997c02cf0523
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2ea8680dd9e136d710fea4196a4f575a9d05c7cb2d3af64db70ebcb6d1cd0608
2fc4cc1bfc175be0c3a822a4fa2c3dfe2b83c900b80171deca4441ff5a5769a5
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
35703cfab4436ea19ad920b66165c2df1f54b9efbb5682ae9b374a2efb5a0575
35a798ccd5769ffd1d12996c54656345d3f5ad5639f3f5b090442dee335684e4
3758833d355b0d5d8ef49adbfa8a18a359ec29d8a38763804851a66ffc7af19f
378c8c33a52f4c75f5e86e885d718178af1559aee40e0aa92a8bc471b5f0e6ac
3a5b681839a8ae8c14be05dd98f273a9f9abc5cec69cc008da69e486146a2c09
3aee3000e488f52ce882f5d920a732ec7ca99e21c229dac93050cd4bdb66af69
3d0428a6ace354cd2b85e081826ae5998db9a6e91d6fa4073083e4b881c7256c
3de5a9a5e834a368b912b4a2c8bd27e1c684fe8134f294c2bd6a058f48b0fd1a
3f112cd7be7bb55857662ec56172772d6993b50291d6cf0a9baabd8de061e40b
3f62d2f95c3642606f92c38db573546731c3430e4d0fa101c0b2fdfd63695bb5
441783bfcddf048111ca318b61c3e1441c4e78c6803ec8ebd4d991d7163a54e0
45d593abb885947835bb1470c323f26e716d3bc2c9862c5192680863c5013ffc
47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5
4d4bd42a3a5af9e0e1539e9046fc1bfd62720f2e9389ac40da5f4d1424f5578d
4f3e758eee93b746eb32f72127664b6bb6de1465f28eb6d32600ab2b3071c500
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
4fc26497d5f5db568e1a2f6248088e258fdd2b7641aaf932c55cec97602bb245
4fdcad2fa8323e46a5e7b11b83558b9a9e81b1fa1dd3852335082fe321aa27e5
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
5586cf0230df93ee50a4839deac21d41d3d1bcf79f8e024c6b67fa8cfb37d098
57f40f794a2dbae477d317e0f57cb6691f0018f70ff0b2fbd40b3fd226b7794c
5ade296987f827851d0d672ef8c154b733101b6b934b591947892c1020ab5855
5b65b70b1212961ac35c7cd7e69efda8cb5f3943821f9e36731359ba4df2fa07
5d16e495895c5b485f0b7b0a1d19cb4ef22394aca9d308af88c7be73a95f75a4
5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
68f11ecbc8e56ff531e130db65cf00ab6a81b1706cf2aa3eaffee237b8b8e9c9
6ad6909a6f063ffadeaf4b9758b769bc0cc2586f3cbe3c7bed97e4312c7d1799
7670b9ee1d40fde306fd60229a11c7c2ad47ac9bfa8b38b987bc5b3d4b3dae37
7764025674ca6855094c3801171697066c09ce371428720c1152b6f3e5c8b40f
789f22b18f4888fd4abfde82c10d9436d2ba5f7aa1107b0203ba386c688493cd
7ecf284e717e15fb163e7c0bd1a0c014dfee68c084f86dbc6399db492e08af37
7ff4b8009739c93c977ebd2d53c78d5685315763f0a5e3ff816439075163cfc5
804ee71e54762c10c5e5fe96a6be600358696a1fd1b5fc63edf3cf7afad391ec
828082977a5f96b0a62e0d58c7545ef1036b320bb2d9db72f94993170cb15c58
84250e907a5c5a4166aa4840033f1f4dc55ea40787a477d5b5125395abff8a90
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85733c65ff54b0c6db912db3d892e2a1d35b21506d2894054fcdac6079e2faec
8a423f9314cff745d3ec295b44aceaa547edf1fd686173b3a64aed93796b8494
8cadae5225b49124780184bf43516e483ac517c05151c872fd9dd6bb5d459afd
8e46813172e9fa6ada136f50d2bea0b539e249f3e14b537447b61c43076dee74
91b3409ecfc085b8c41bda8854235cbbd2c67286f2a650f92f2ed0979914e23b
91ec054c8ecd2fa1429f62221598a26f3cf2ee4308f76fa48cd352a9cf9d03fc
9221cec7c481944705c959106c1f1ca527693c076209b5070c99338f465a291f
98f4c164e0fab0d19e96a2485ccd17aad40c5419b56ca4da18d2da8ca94ca98d
9973d4837254463d18af1f1fa3d201f5c46270b8516e1d1fa0886e14e1c39334
999cde936420491d96d2213f62f5b14d7fd930102980566ba4c43abba331393f
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b620f4e62cb37fd952bc0520cd4cccf92aaf7833a96757b265c97f68ee32fe3
9d0f886d6f367accafdaeffdb09a322b04b7e05d062ab89b64d3ae58a532b38d
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a6ba6fba1112b7017688440cc23b9b440937c1b20a304206cb45b5ab9aecc253
a7dff3d19d46ecb27a23dbb25eb379ad20b6107122a629613b299a3a9997700f
a9b2a92f59a0b0e17e3c8c2417f4ac06795ecbdc3975dcc3aa1f10735f36cde8
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b01c57672a97af773365e6b21739358b8beb67b64e0dee8da14ee2da87af40e4
b0c757eeca8a04ace037aabb99efb8cad0807f4761c94c8dd2134ad61640cb36
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b67c782b336105a0cf78c06d5ee73c1a14c38062d06ef3d31beeb5b9ea624024
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b7ae06b0bd88fd9b8e74350b431f4321263f35e017b9b463ab8c60eb9563e520
badbda07b3991f3e11f960492a35653b44f4f730e6570f52f61a150e9ef6e3e7
bc737a01a72ef54ff0decd38e4ada36dad376930b764cabfad012682cdc262ae
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
c02c089b7ac0339629836537f62c7ac2de11d58599f7c1b223d5b5af8a27712f
c324a5e80df78d2ec9159f41c8c08ae386d08f12a94e85f53252e67e2c5de017
cb427c8501c783235f7698e3cb8d6d5387b89f5481a5cd049e2c6d6e33b21af1
cd0f00b995a871f7f74a6db569389fddcc5f86d7262b3d87ae6db23ea4e10df2
d08fdf960890b4f7662bad35400a8464627110622652b944445b4a4ab32c01cb
d179df34c1ba991ee5d52b240df6d74b9542da5c8c26c4964f9e4cfe0c1f43b8
d21022fedae715e019b0827c3923e0a92f750b2ea36b249933632a921b1e8d2e
d2b7ca1b0a04b545951a1e251b7b82b423738c7ca357a1c5b7e173ec2b835062
d50e91e37f1b1ca27612a88fdb3da0e588ad8d9e777588b854bbcded28b72802
d85112d14c6fac3e461e6c2aafcf58316e996a380ad30215777cd8760521673b
dd5042c5032e15e7e537795d9d7213ed842dc3c40f9bedc896ec5fa4af157f47
e12ca129385ec88177c0fb34c59fd33dd1cd5d4f6531eb1b0b44cab8c3167ac6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7aab4597a408b3d42bc60d227ef975beb946a7ab44d2f1a4ab2156c3153e21a
ebf244a66931bb750c0eed9f5d90f7708abdadc364bbef7df8a4049c0a26c2b4
edfe76acca4890e0a8208bebc32efce37ad25ac68518fef50db520474294bcbf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1816b09e7405cba04eeda2a906a9f92f2758e29c612e5f6ac64515a831c0e3f
f2e83b55abb5eda61b91c8526bb3d317a203da83b8510c9689f577ff502bff2c
f9425047096ffcaec01a3708c69683cda8632cae999868747259a4bc7c1e30cc
fba995d7e711d269f3ecf5933a6522b7a47060a01180494f7f31ea2a45942838
fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

sumypost.com Open in urlscan Pro 2a00:7a60:0:10c0::1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

155 Requests

98 %HTTPS

49 %IPv6

23 Domains

33 Subdomains

30 IPs

6 Countries

3110 kBTransfer

4495 kBSize

0 Cookies

20 Outgoing links

Redirected requests

155 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

sumypost.com Open in urlscan Pro
2a00:7a60:0:10c0::1 Public Scan

Screenshot
Live screenshot

Full Image

155
Requests

98 %
HTTPS

49 %
IPv6

23
Domains

33
Subdomains

30
IPs

6
Countries

3110 kB
Transfer

4495 kB
Size

0
Cookies

155 HTTP transactions
5 data transactions