sumypost.com Open in urlscan Pro
2a00:7a60:0:10c0::1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://sumypost.com/
Submission: On May 04 via automatic, source certstream-suspicious (May 4th 2021, 9:01:53 am UTC)

Summary HTTP 159 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 27 IPs in 7 countries across 24 domains to perform 159 HTTP transactions. The main IP is 2a00:7a60:0:10c0::1, located in Ukraine and belongs to UKRAINE-AS, UA. The main domain is sumypost.com.
TLS certificate: Issued by R3 on March 5th 2021. Valid for: 3 months.

This is the only time sumypost.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
49	2a00:7a60:0:1... 2a00:7a60:0:10c0::1	200000 (UKRAINE-AS) (UKRAINE-AS)
2 5	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
2	62.149.0.249 62.149.0.249	15497 (COLOCALL ...) (COLOCALL Internet Data Center _ColoCALL_)
2	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	195.16.88.9 195.16.88.9	59939 (WIBO-AS) (WIBO-AS)
15	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
8	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	193.239.68.97 193.239.68.97	39468 (BIGMIR-IN...) (BIGMIR-INTERNET-AS)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
3	193.239.71.100 193.239.71.100	39468 (BIGMIR-IN...) (BIGMIR-INTERNET-AS)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
33	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c08::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
3	185.29.133.199 185.29.133.199	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	88.99.219.174 88.99.219.174	24940 (HETZNER-AS) (HETZNER-AS)
1	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1 4	144.76.104.53 144.76.104.53	24940 (HETZNER-AS) (HETZNER-AS)
1 2	104.111.239.217 104.111.239.217	16625 (AKAMAI-AS) (AKAMAI-AS)
2	88.99.69.161 88.99.69.161	24940 (HETZNER-AS) (HETZNER-AS)
1	2620:116:800d... 2620:116:800d:21:5a23:9c4e:e774:96c1	16509 (AMAZON-02) (AMAZON-02)
2 2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2 2	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2 2	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	217.182.200.19 217.182.200.19	16276 (OVH) (OVH)
159	27

49 2a00:7a60:0:10c0::1 (Ukraine)

ASN200000 (UKRAINE-AS, UA)

sumypost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 62.149.0.249 (Ukraine)

ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA)
PTR: get.mycounter.ua

get.mycounter.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.16.88.9 (Lithuania)

ASN59939 (WIBO-AS, LT)
PTR: sr47.hostlife.net

pm-image.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.239.68.97 (Ukraine)

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: c.bigmir.net

c.bigmir.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 193.239.71.100 (Ukraine)

ASN39468 (BIGMIR-INTERNET-AS, UA)

i.bigmir.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.133.199 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)

tags.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.99.219.174 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.174.219.99.88.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 144.76.104.53 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.53.104.76.144.clients.your-server.de

hal900022.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.239.217 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.99.69.161 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.161.69.99.88.clients.your-server.de

cdn.contentspread.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.115 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.182.200.19 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: gcm5.host.hit.gemius.pl

googlecm.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
49	sumypost.com sumypost.com	2 MB
44	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	586 KB
22	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	118 KB
7	google.com 2 redirects www.google.com adservice.google.com	2 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	209 KB
5	redintelligence.net 1 redirects hal9000.redintelligence.net hal900022.redintelligence.net	10 KB
5	googletagservices.com www.googletagservices.com	169 KB
4	mathtag.com tags.mathtag.com pixel.mathtag.com	3 KB
4	bigmir.net c.bigmir.net i.bigmir.net	1 KB
3	google.de adservice.google.de www.google.de	1 KB
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com	2 KB
2	pubmatic.com 2 redirects image6.pubmatic.com	2 KB
2	openx.net 2 redirects rtb.openx.net	765 B
2	rlcdn.com 2 redirects id.rlcdn.com	888 B
2	contentspread.net cdn.contentspread.net	37 KB
2	awin1.com 1 redirects www.awin1.com	1 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	mycounter.ua get.mycounter.ua	5 KB
1	gemius.pl 1 redirects googlecm.hit.gemius.pl	327 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com	457 B
1	quantserve.com cms.quantserve.com	463 B
1	googleapis.com fonts.googleapis.com	674 B
1	googleadservices.com partner.googleadservices.com	640 B
1	pm-image.com pm-image.com	12 KB
159	24

	Domain	Requested by
49	sumypost.com	sumypost.com
33	tpc.googlesyndication.com	googleads.g.doubleclick.net sumypost.com tpc.googlesyndication.com pagead2.googlesyndication.com
14	googleads.g.doubleclick.net	pagead2.googlesyndication.com sumypost.com googleads.g.doubleclick.net
11	pagead2.googlesyndication.com	sumypost.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
7	cm.g.doubleclick.net	googleads.g.doubleclick.net
5	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
5	www.google.com	2 redirects sumypost.com googleads.g.doubleclick.net
4	hal900022.redintelligence.net	1 redirects googleads.g.doubleclick.net hal900022.redintelligence.net
4	fonts.gstatic.com	fonts.googleapis.com
3	tags.mathtag.com	googleads.g.doubleclick.net tags.mathtag.com
3	i.bigmir.net	sumypost.com
2	ssum-sec.casalemedia.com	2 redirects
2	image6.pubmatic.com	2 redirects
2	rtb.openx.net	2 redirects
2	id.rlcdn.com	2 redirects
2	cdn.contentspread.net	hal900022.redintelligence.net
2	www.awin1.com	1 redirects googleads.g.doubleclick.net
2	www.google-analytics.com	sumypost.com www.google-analytics.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.gstatic.com	www.google.com googleads.g.doubleclick.net
2	get.mycounter.ua	sumypost.com
1	googlecm.hit.gemius.pl	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	pixel.mathtag.com	tags.mathtag.com
1	hal9000.redintelligence.net	sumypost.com
1	www.google.de	sumypost.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	c.bigmir.net	sumypost.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	pm-image.com	sumypost.com
159	33

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
t.me
sumbud.sumy.ua
www.sanatorij.com.ua
shostka.info
hlukhiv.info
romny24.info
05453.com.ua
educationchildrenmakarenko.sumypost.com
aquamarine.sumypost.com
www.bigmir.net
mycounter.ua
viber.com

Subject Issuer	Validity	Valid
sumypost.com R3	`2021-03-05` - `2021-06-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
get.mycounter.ua R3	`2021-03-20` - `2021-06-18`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
pm-image.com R3	`2021-03-22` - `2021-06-20`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
c.bigmir.net R3	`2021-04-02` - `2021-07-01`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
img.com.ua R3	`2021-05-03` - `2021-08-01`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.mathtag.com DigiCert SHA2 Secure Server CA	`2020-04-15` - `2022-04-22`	2 years	crt.sh
redintelligence.net R3	`2021-04-21` - `2021-07-20`	3 months	crt.sh
pixel.mathtag.com DigiCert SHA2 Secure Server CA	`2020-04-15` - `2021-07-15`	a year	crt.sh
www.awin1.com DigiCert Secure Site ECC CA-1	`2020-04-21` - `2021-07-21`	a year	crt.sh
contentspread.net R3	`2021-04-05` - `2021-07-04`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh

This page contains 20 frames:

Primary Page: https://sumypost.com/
Frame ID: 739CE4EF414340FB56ED71508CCD7F35
Requests: 74 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210429/r20190131/zrt_lookup.html
Frame ID: 1F9ECF2FBB7C68DA8023F8BCE6FD907B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9663262642527369&output=html&h=280&slotname=2706803759&adk=1686960007&adf=1637403657&pi=t.ma~as.2706803759&w=644&fwrn=4&fwrnh=100&lmt=1620118888&rafmt=1&psa=0&format=644x280&url=https%3A%2F%2Fsumypost.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620118888320&bpp=68&bdt=843&idt=312&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=7634100935257&frm=20&pv=2&ga_vid=2028455744.1620118889&ga_sid=1620118889&ga_hid=721507080&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=146&ady=331&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3458518872206284&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=3MlhYXtlOf&p=https%3A//sumypost.com&dtd=379
Frame ID: AAD11B6634E15B2642C911ECF70AF5E6
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9663262642527369&output=html&h=250&slotname=7596210885&adk=2477841802&adf=679629689&pi=t.ma~as.7596210885&w=312&fwrn=4&fwrnh=100&lmt=1620118888&rafmt=1&psa=0&format=312x250&url=https%3A%2F%2Fsumypost.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620118888716&bpp=1&bdt=1239&idt=2&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=644x280&correlator=7634100935257&frm=20&pv=1&ga_vid=2028455744.1620118889&ga_sid=1620118889&ga_hid=721507080&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=810&ady=3319&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3458518872206284&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=KR0U0xrE3H&p=https%3A//sumypost.com&dtd=15
Frame ID: C95E5115EA28894604A75A40EE723B41
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9663262642527369&output=html&h=250&slotname=7596210885&adk=2477841802&adf=3619793251&pi=t.ma~as.7596210885&w=312&fwrn=4&fwrnh=100&lmt=1620118888&rafmt=1&psa=0&format=312x250&url=https%3A%2F%2Fsumypost.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620118888737&bpp=2&bdt=1260&idt=2&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=644x280%2C312x250&correlator=7634100935257&frm=20&pv=1&ga_vid=2028455744.1620118889&ga_sid=1620118889&ga_hid=721507080&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1142&ady=3319&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3458518872206284&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1COJS06atC&p=https%3A//sumypost.com&dtd=45
Frame ID: 1BE56187E87EC21209CC08E7D3055558
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9663262642527369&output=html&h=280&slotname=7596210885&adk=2638584320&adf=3686550895&pi=t.ma~as.7596210885&w=644&fwrn=4&fwrnh=100&lmt=1620118888&rafmt=1&psa=0&format=644x280&url=https%3A%2F%2Fsumypost.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620118888395&bpp=4&bdt=918&idt=406&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=644x280%2C312x250%2C312x250&correlator=7634100935257&frm=20&pv=1&ga_vid=2028455744.1620118889&ga_sid=1620118889&ga_hid=721507080&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=146&ady=1231&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3458518872206284&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=3&fsb=1&xpc=YXIK2BdwuF&p=https%3A//sumypost.com&dtd=438
Frame ID: 6241B9776293BC7B9EA32B3CF8FE74CE
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9663262642527369&output=html&h=250&slotname=7596210885&adk=2477841802&adf=679629689&pi=t.ma~as.7596210885&w=312&fwrn=4&fwrnh=100&lmt=1620118888&rafmt=1&psa=0&format=312x250&url=https%3A%2F%2Fsumypost.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620118888716&bpp=1&bdt=1239&idt=2&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=644x280&correlator=7634100935257&frm=20&pv=1&ga_vid=2028455744.1620118889&ga_sid=1620118889&ga_hid=721507080&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=810&ady=3319&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3458518872206284&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=KR0U0xrE3H&p=https%3A//sumypost.com&dtd=15
Frame ID: AA1E268FA8D20599A52ABF48CB73D2EA
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9663262642527369&output=html&h=250&slotname=7596210885&adk=2477841802&adf=3619793251&pi=t.ma~as.7596210885&w=312&fwrn=4&fwrnh=100&lmt=1620118888&rafmt=1&psa=0&format=312x250&url=https%3A%2F%2Fsumypost.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620118888737&bpp=2&bdt=1260&idt=2&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=644x280%2C312x250&correlator=7634100935257&frm=20&pv=1&ga_vid=2028455744.1620118889&ga_sid=1620118889&ga_hid=721507080&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1142&ady=3319&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3458518872206284&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1COJS06atC&p=https%3A//sumypost.com&dtd=45
Frame ID: 45488B8E216412654C9B47ACC79B2500
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9663262642527369&output=html&adk=1812271804&adf=3025194257&lmt=1620118889&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsumypost.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620118889304&bpp=1&bdt=1827&idt=1&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd524de9565a73cab-2266843cc5c7008a%3AT%3D1620118888%3ART%3D1620118888%3AS%3DALNI_MYLZtTdDLs9bBmcd8G7odd_sDhQ3Q&prev_fmts=644x280%2C312x250%2C312x250%2C644x280&nras=1&correlator=7634100935257&frm=20&pv=1&ga_vid=2028455744.1620118889&ga_sid=1620118889&ga_hid=721507080&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3458518872206284&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&dtd=14
Frame ID: FF425EC9A69CC587647F39BBF99D563B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/index.html
Frame ID: D6E1AF6B99B57CD7E981E8A4D05C9643
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CbxSHaA2RYLHoNJCDlgTpxqA4y5mS8WHk4KKDhg6f1ZjP2hkQASDcr7ksYJUCoAGf59L5AsgBCakCsC-xhEwytD6oAwHIA0iqBMsBT9BC71Tvr_J1kO453tqHkrm1yvbwgFAwEcaF1CyoZX8jENlDmlgjKF3KHcV0fcqd0gnCZa0jxT63bA8-MwWCizKocy1yToU1YqkZYnQwXvOr6Yb_VEiKXAcf8Bwk60U0Y_jsDiDS7S7jG4SFIvXdtbnwpmlzKTdlVsGko7OE_zeBwabBee99Yw4Ix3ibU1Yb6iYoDl0L8_bBEXy2EChDo7uUpnRabCXrenfwGKPHfWa8X_OHgUH8sG7k2EAnyOpI3LmgujKwYr0WIWXABNfx7rWwA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfJmK2GAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBDHuAnSCAkIgOGAEBABGB-ACgHICwHYEw2yFxoKGAgAEhRwdWItOTY2MzI2MjY0MjUyNzM2OQ&sigh=C1aSM2-48-o&template_id=419
Frame ID: 68A480D02C3634AB069B0984EE91F3E1
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 5E1C118E4B4CE656D9B0767E7ACB1950
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WoE6FlxLfDckfFPcighdBxIW8EHvlo7fGH3q-u1F8Es.js
Frame ID: 6F53695190E18CE1D997A94FF063F009
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CKLIZag2RYO6GAsambeqil8ACz4eOm1zAhtmCxgLAjbcBEAEgAGCVAoIBF2NhLXB1Yi05NjYzMjYyNjQyNTI3MzY5yAEJqAMBqgS1AU_QVKM5dgmnBns8Ibv5fHxs4h5KhK13FX3zynbRj52f-kFTzzu-2hU5vOhehol5rUyZ9LNQw7FCRODS-55flBfY-bnEKYYUS0TZiZUwP8mGRaa7ld1CJ1vwo63cGgepTmzFXDSYGj7Dq7MX21M6h8EnI8TzgqKmQVMx84qaB3q0E5IF91g1FtCnxkBl5UpiDR9Kr91ZtEDsjyerdcp7GuH0DOdQLvlyU5DzTNG4eQSkWPelZzGABurHh7CNx7b5pwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwBshcYChYSFHB1Yi05NjYzMjYyNjQyNTI3MzY5&sigh=mMeUeplPBpk&tpd=AGWhJms1Kw8uWjZ93FSNXD4_0tKlI8kMVUiE_0EvLHCRconjnTXJ4pqDrgDWsfHUJCiMiJus_GmayETkGBvZy8gy7Lb-2fSdJQBgkX5o3cmM-wZsmDu7ajOvxPZn9GOVuAUV0mkLSEQ2t4XOnE7PucjqaNRmapH8tOx16vyJq6ioOzCjBIBGdCbau0bGdbwCGNIN90gGBxo2sYIxAfgncdiC9uDTGNxsCUBxYqLfmQMh45Aa-YKRW_egGu8nyVcM4RM7RT0ycA8n2YAUADOq7uOz1_SfJTae_I-xRrsMAH7vswWbNJYh_heqyvo29F8QWEZ2Vcesn8jrVMeIHcIu5OVYeKfnHWt3jvG1dup0ddEvxf_o0cLfcQ46K-5quPXoa8WdRWaRfd7zHsfTD0HMvZVoO95hmI1RAdv44Xy94TuQlvU8PrFY8Ziur-DJtBWB6G2ILtEz79SwWxJZE3sWSS7VmHrJkW18P8PCaMhG2Y9Ql7pjlm6JYEab1NbFRXc2eKPOjZGmnKQ3KbJuRsw8MIcw9Q7iuHu3tQHepVCoW51Ff9JQWcRoVwFKMvlYXHmy9HxFchDUayx6puZbgOdL6Kx0Krlcw3hIKdb-nrmc2V9WXH6pEusiJV25oye3McYWJ-t3qv1NA2Ie5p7ym7uaEHPAx3H4X-JlNDRt7E0YKYcA0XFTkcsn2CTs-7wquZUeTya8Bg0Znv-hAzrfAeaoqNhlpBVdF41sPTB2veuLH7U2f3bg6QLrYX7M-Xgr3GMWYj0o_Qx19_wBzTbHhJZFAdBKKCHlAQx7nVkAKCsiUd2vHEp336EtiymFRt-RVUbqaoJAOYHX1W4C7SueqTkMqEra-5xQtIMdoDEn7IEuIYhPjSUU1ULdijLSlnLjBnkPy-a5D9gQb7Ek6UoJIQk77V2KfBWtyFLZWX51ga9DFaRUV4JpLYwHRBwwKaXgVQjD_4ogSGjw9R9ACF38zBHmBiuyrgOx2hZlBfOD7FKAPSQOckFercgLIl8mQjV3XNPa7XRtm4WigYv4SnBR5Yp98FnvJ-sG1Ac
Frame ID: DDF06E0E282D21552545B36F2C01EB1B
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/index.html
Frame ID: 607029B6552E949B6B3E0F5DC730CF78
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CjChmag2RYLeMApeIlgTdhYW4CsuZkvFh5OCig4YOqbj4vrUaEAEg3K-5LGCVAqABn-fS-QLIAQmpArAvsYRMMrQ-qAMByANIqgTFAU_QJYw2lwE0pCRwmqvRqG5QVQRjDt7jmGCqRvtg-a4-jYDzWV0tmymmzSVm0cjoKYkGIBEr3liOADc2u_y3-rP-89JLeFrJnFs0Nf5OymX1ckAjyGGT1NnszswCG4NmOTP1PlreZ2uevD1wOBG8-L31j2jC_XxPuZxCK61ytSU8nI6bpkfd3gDC1-HNcp2TA6UPvEwxrlfO58mj9cZ_MK31tnrjMOI079dgGfUaQ2ek0xKreQXwyYTRRk99y0bwabV4VlfVwATX8e61sAOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHyZithgGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQssEE0ggJCIDhgBAQARgfgAoByAsB2BMNshcaChgIABIUcHViLTk2NjMyNjI2NDI1MjczNjk&sigh=ZQ_j_OZq0ak&template_id=419
Frame ID: 62C166273D9A5305C6E99671B0CE1384
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: B73E80DCACBEF78D8C759755F28799EB
Requests: 2 HTTP requests in this frame

Frame: https://hal900022.redintelligence.net/request_content.php?s=29481100074732902179199011584022&a=0824f05d
Frame ID: D023481A581986BE8BC997365776EA0F
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B7B517A5EF7057AEC2E8DEAC6E4B630C
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 8B2AEDD27D87A72EBF793432A7DBC5AC
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

159
Requests

99 %
HTTPS

47 %
IPv6

24
Domains

33
Subdomains

27
IPs

7
Countries

2808 kB
Transfer

4443 kB
Size

4
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/sumypost
Title:

Search URL Search Domain Scan URL

URL: https://www.instagram.com/the_sumy_post
Title:

Search URL Search Domain Scan URL

URL: https://t.me/sumypost
Title:

Search URL Search Domain Scan URL

URL: http://sumbud.sumy.ua/

Search URL Search Domain Scan URL

URL: http://www.sanatorij.com.ua/

Search URL Search Domain Scan URL

URL: https://shostka.info/shostkanews/vodopostachannya-ta-vodovidvedennya-v-shosttsi-zdorozhchaye-majzhe-vdvichi/
Title: Водопостачання та водовідведення в Шостці здорожчає майже вдвічі (Шостка.ИНФО)

Search URL Search Domain Scan URL

URL: https://hlukhiv.info/gluhivchanam-do-uvagy-u-putyvli-urochysto-vidznachat-svyato-chudotvornoyi-molchenskoyi-ikony-bozhoyi-materi/
Title: Глухівчанам до уваги: у Путивлі урочисто відзначать свято чудотворної Молченської ікони Божої Матері (Глухів.INFO)

Search URL Search Domain Scan URL

URL: https://romny24.info/uvaga-synoptyky-poperedzhayut-pro-poryvy-vitru-na-sumshhyni/
Title: Увага! Синоптики попереджають про пориви вітру на Сумщині (Ромни 24)

Search URL Search Domain Scan URL

URL: https://hlukhiv.info/za-yakymy-adresamy-zavtra-na-gluhivshhyni-bude-vidklyucheno-svitlo/
Title: За якими адресами завтра на Глухівщині буде відключено світло? (Глухів.INFO)

Search URL Search Domain Scan URL

URL: https://hlukhiv.info/v-gluhove-obnovlyayut-dorozhnuyu-razmetku/
Title: В Глухове обновляют дорожную разметку (Глухів.INFO)

Search URL Search Domain Scan URL

URL: https://05453.com.ua/vlada-trymaye-na-osobystomu-kontroli-rekonstruktsiyu-sportyvnogo-majdanchyka/
Title: Влада тримає на особистому контролі реконструкцію спортивного майданчика (05453 – Кролевець новини)

Search URL Search Domain Scan URL

URL: https://romny24.info/zhyteliv-sumshhyny-poperedzhayut-pro-nadzvychajnyj-riven-pozhezhnoyi-nebezpeky/
Title: Жителів Сумщини попереджають про надзвичайний рівень пожежної небезпеки та заморозки (Ромни 24)

Search URL Search Domain Scan URL

URL: https://shostka.info/shostkanews/shostkynska-gromada-hto-zavtra-bude-bez-svitla/
Title: Шосткинська громада: хто завтра буде без світла? (Шостка.ИНФО)

Search URL Search Domain Scan URL

URL: https://romny24.info/na-sumshhyni-60-novyh-vypadkiv-koronavirusu-i-4-smerti/
Title: На Сумщині 60 нових випадків коронавірусу і 4 смерті (Ромни 24)

Search URL Search Domain Scan URL

URL: https://05453.com.ua/na-krolevechchyni-synoptyky-prognozuyut-zamorozky/
Title: На Кролевеччині синоптики прогнозують заморозки (05453 – Кролевець новини)

Search URL Search Domain Scan URL

URL: https://romny24.info/u-vyhidni-dni-na-sumshhyni-bulo-vyyavleno-boyeprypasy-chasiv-drugoyi-svitovoyi-vijny/
Title: У вихідні дні на Сумщині було виявлено боєприпаси часів Другої світової війни (Ромни 24)

Search URL Search Domain Scan URL

URL: https://educationchildrenmakarenko.sumypost.com/
Title: Центр розвитку

Search URL Search Domain Scan URL

URL: https://aquamarine.sumypost.com/
Title: Агентство по туризму и трудоустройству за границей “Аквамарин”

Search URL Search Domain Scan URL

URL: http://www.bigmir.net/
Title: bigmir)net

Search URL Search Domain Scan URL

URL: https://mycounter.ua/

Search URL Search Domain Scan URL

URL: https://viber.com/sumy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 110

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 117

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 125

https://hal900022.redintelligence.net/request.php?zone=r9d3a58lo9uw&nw=20&renderingType=javascript&namespace=a17b142927&subid=&uid=d80dc6958fda3af4&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=1&gdpr_consent=BAAAAAAAAAAAAAAAAAluAA%2F%2F%2F%2F%2F%2F%2BABgCeAJ4Ang&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D7301410774164533775%26mt_id%3D8675609%26mt_adid%3D242876%26mt_sid%3D7324419%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D4aaa6091-0d6c-4101-a06a-9b161ae3edc8%26mt_cid%3D4aaa6091-0d6c-4101-a06a-9b161ae3edc8%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCYD0lag2RYO6GAsambeqil8ACz4eOm1zAhtmCxgLAjbcBEAEgAGCVAoIBF2NhLXB1Yi05NjYzMjYyNjQyNTI3MzY5yAEJqAMBqgS4AU_QVKM5dgmnBns8Ibv5fHxs4h5KhK13FX3zynbRj52f-kFTzzu-2hU5vOhehol5rUyZ9LNQw7FCRODS-55flBfY-bnEKYYUS0TZiZUwP8mGRaa7ld1CJ1vwo63cGgepTmzFXDSYGj7Dq7MX21M6h8EnI8TzgqKmQVMx84qaB3q0E5IF91g1FtCnxkBl5UpiDR9Kr91ZtEDsjyerdcp7GuH0DOcSLPTg_wBXS1wcMa98GFhVeiV72IKABurHh7CNx7b5pwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB%2526num%253D1%2526sig%253DAOD64_39BUCnxxk7CBoMd8VIW1WQXnB1wA%2526client%253Dca-pub-9663262642527369%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-9663262642527369%26output%3Dhtml%26h%3D250%26slotname%3D7596210885%26adk%3D2477841802%26adf%3D3619793251%26pi%3Dt.ma~as.7596210885%26w%3D312%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1620118888%26rafmt%3D1%26psa%3D0%26format%3D312x250%26url%3Dhttps%253A%252F%252Fsumypost.com%252F%26flash%3D0%26fwr%3D0%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdXQ..%26dt%3D1620118888737%26bpp%3D2%26bdt%3D1260%26idt%3D2%26shv%3Dr20210429%26cbv%3D%252Fr20190131%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D644x280%252C312x250%26correlator%3D7634100935257%26frm%3D20%26pv%3D1%26ga_vid%3D2028455744.1620118889%26ga_sid%3D1620118889%26ga_hid%3D721507080%26ga_fc%3D0%26u_tz%3D120%26u_his%3D2%26u_java%3D0%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_nplug%3D0%26u_nmime%3D0%26adx%3D1142%26ady%3D3319%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26oid%3D3%26pvsid%3D3458518872206284%26eae%3D0%26fc%3D640%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257ClEbr%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26ifi%3D4%26uci%3Da!4%26btvi%3D2%26fsb%3D1%26xpc%3D1COJS06atC%26p%3Dhttps%253A%2F%2Fsumypost.com%26dtd%3D45&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fsumypost.com&random=4015481284384&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900022.redintelligence.net/request.php?zone=r9d3a58lo9uw&nw=20&renderingType=javascript&namespace=a17b142927&subid=&uid=d80dc6958fda3af4&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=1&gdpr_consent=BAAAAAAAAAAAAAAAAAluAA%2F%2F%2F%2F%2F%2F%2BABgCeAJ4Ang&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D7301410774164533775%26mt_id%3D8675609%26mt_adid%3D242876%26mt_sid%3D7324419%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D4aaa6091-0d6c-4101-a06a-9b161ae3edc8%26mt_cid%3D4aaa6091-0d6c-4101-a06a-9b161ae3edc8%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCYD0lag2RYO6GAsambeqil8ACz4eOm1zAhtmCxgLAjbcBEAEgAGCVAoIBF2NhLXB1Yi05NjYzMjYyNjQyNTI3MzY5yAEJqAMBqgS4AU_QVKM5dgmnBns8Ibv5fHxs4h5KhK13FX3zynbRj52f-kFTzzu-2hU5vOhehol5rUyZ9LNQw7FCRODS-55flBfY-bnEKYYUS0TZiZUwP8mGRaa7ld1CJ1vwo63cGgepTmzFXDSYGj7Dq7MX21M6h8EnI8TzgqKmQVMx84qaB3q0E5IF91g1FtCnxkBl5UpiDR9Kr91ZtEDsjyerdcp7GuH0DOcSLPTg_wBXS1wcMa98GFhVeiV72IKABurHh7CNx7b5pwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB%2526num%253D1%2526sig%253DAOD64_39BUCnxxk7CBoMd8VIW1WQXnB1wA%2526client%253Dca-pub-9663262642527369%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-9663262642527369%26output%3Dhtml%26h%3D250%26slotname%3D7596210885%26adk%3D2477841802%26adf%3D3619793251%26pi%3Dt.ma~as.7596210885%26w%3D312%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1620118888%26rafmt%3D1%26psa%3D0%26format%3D312x250%26url%3Dhttps%253A%252F%252Fsumypost.com%252F%26flash%3D0%26fwr%3D0%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdXQ..%26dt%3D1620118888737%26bpp%3D2%26bdt%3D1260%26idt%3D2%26shv%3Dr20210429%26cbv%3D%252Fr20190131%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D644x280%252C312x250%26correlator%3D7634100935257%26frm%3D20%26pv%3D1%26ga_vid%3D2028455744.1620118889%26ga_sid%3D1620118889%26ga_hid%3D721507080%26ga_fc%3D0%26u_tz%3D120%26u_his%3D2%26u_java%3D0%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_nplug%3D0%26u_nmime%3D0%26adx%3D1142%26ady%3D3319%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26oid%3D3%26pvsid%3D3458518872206284%26eae%3D0%26fc%3D640%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257ClEbr%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26ifi%3D4%26uci%3Da!4%26btvi%3D2%26fsb%3D1%26xpc%3D1COJS06atC%26p%3Dhttps%253A%2F%2Fsumypost.com%26dtd%3D45&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fsumypost.com&random=4015481284384&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 130

https://www.awin1.com/cshow.php?s=2846681&v=14098&q=409715&r=296283&pref1=29481100074732902179199011584022&pv=0 HTTP 302
https://cdn.contentspread.net/24i/advertiser/3839/creativesup/kl_kis_300x250px.gif

Request Chain 135

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAQvitUJrltTIizaEwC80Jh22vN-jRJd-Zb3Dzn0fWH4wvh-lfp3EW-Lp_PbZY7Q6_-nVW-A1ejM0qLEYGyv7S_rsxnf3RZyclIPd&google_gid=CAESEE6Z2fso1EsoyS0IgtMbZEM&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCO2axIQGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BUXZpdFVKcmx0VElpemFFd0M4MEpoMjJ2Ti1qUkpkLVpiM0R6bjBmV0g0d3ZoLWxmcDNFVy1McF9QYlpZN1E2Xy1uVlctQTFlak0wcUxFWUd5djdTX3JzeG5mM1JaeWNsSVBk HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwWXM4NGQ2OGxUU0VyNEhCdkFSNTZGc3hfYzUxUW5ySFZjeWx5RjRLdkZPSQ==&google_push

Request Chain 136

https://rtb.openx.net/sync/dds?google_gid=CAESEN-XoSZrvUce_uwWkxUSyP8&google_cver=1&google_push=AQvitUImvalwO0KjN6XvF1YD_zD62V-GqEVnMvB8-r4RSG2C1qzrkNWUTCWHzF3Z7t9myB0pV4PwppYeTrgANnRPF97tpLQTPYwF HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEN-XoSZrvUce_uwWkxUSyP8&google_cver=1&google_push=AQvitUImvalwO0KjN6XvF1YD_zD62V-GqEVnMvB8-r4RSG2C1qzrkNWUTCWHzF3Z7t9myB0pV4PwppYeTrgANnRPF97tpLQTPYwF&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUImvalwO0KjN6XvF1YD_zD62V-GqEVnMvB8-r4RSG2C1qzrkNWUTCWHzF3Z7t9myB0pV4PwppYeTrgANnRPF97tpLQTPYwF&google_hm=kNq-BebFxp8HBnRZgCYniA==

Request Chain 137

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEBTa3ZH9Q0STAOQfCY76z5Q&google_cver=1&google_push=AQvitUIvFB-l_6GwfFvkEb1QJcobai4ELFO0eiLMB9zcOY4e3tl3m6uWdP2eruB7rtonWXAEkMtqy5K209HesxidUunA-DkLKeSD HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEBTa3ZH9Q0STAOQfCY76z5Q&google_cver=1&google_push=AQvitUIvFB-l_6GwfFvkEb1QJcobai4ELFO0eiLMB9zcOY4e3tl3m6uWdP2eruB7rtonWXAEkMtqy5K209HesxidUunA-DkLKeSD&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=TzKs-I-cS_6GDcfZ6yLLwQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUIvFB-l_6GwfFvkEb1QJcobai4ELFO0eiLMB9zcOY4e3tl3m6uWdP2eruB7rtonWXAEkMtqy5K209HesxidUunA-DkLKeSD

Request Chain 138

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIK6GZcVOLfTrcIlYMfe42E&google_cver=1&google_push=AQvitUIKf6qPZT2HMFkOoJO_gJANZ-R8paLsKUOeI8mtmHIH44nYgWS5ZHxZuGuxZvAxMoen4XZR3yPMmXx4s-MGGtrhUNsaSu-- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S085U1lKNFItUi0xWEU1&google_push=AQvitUIKf6qPZT2HMFkOoJO_gJANZ-R8paLsKUOeI8mtmHIH44nYgWS5ZHxZuGuxZvAxMoen4XZR3yPMmXx4s-MGGtrhUNsaSu--

Request Chain 139

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELacA8dmcOvVDzTumrN4KXk&google_cver=1&google_push=AQvitUJFtzTvBoUqSrKrRM4tlk3rjWSP31VqmC4WecjU6feTAgRVNMMWmScUzcrnb40mDtcen7CQqpQV_CbczvgR0no5Zybv2elj HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELacA8dmcOvVDzTumrN4KXk&google_cver=1&google_push=AQvitUJFtzTvBoUqSrKrRM4tlk3rjWSP31VqmC4WecjU6feTAgRVNMMWmScUzcrnb40mDtcen7CQqpQV_CbczvgR0no5Zybv2elj&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJENbUhoWVxGbJex8zQEsQAABE4AAAAB&google_gid=CAESELacA8dmcOvVDzTumrN4KXk&google_cver=1&google_push=AQvitUJFtzTvBoUqSrKrRM4tlk3rjWSP31VqmC4WecjU6feTAgRVNMMWmScUzcrnb40mDtcen7CQqpQV_CbczvgR0no5Zybv2elj

Request Chain 140

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEBPUuwCllhgjbuXUjecmKsY&google_cver=1&google_push=AQvitUJaTc-dOwQQWCrfQeiAnyCoDCNFufVX_KrEhTeiN9LfNU13ZrRKeAIzmbh7BCC3Mb4qeeSlwICBROXBjVdVjNTIDrcetzawQg HTTP 301
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUJaTc-dOwQQWCrfQeiAnyCoDCNFufVX_KrEhTeiN9LfNU13ZrRKeAIzmbh7BCC3Mb4qeeSlwICBROXBjVdVjNTIDrcetzawQg&google_hm=1acojboblrrreffnlxkvshnovsla

159 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
sumypost.com/ 107 KB
25 KB 306ms
115ms Document
text/html 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sumypost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: b68cfb96f2bed12acf01f82c07442739f55ccea9421beae3bff3b05dad930979

Request headers

:method: GET
:authority: sumypost.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: nginx
date: Tue, 04 May 2021 09:01:27 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding,Cookie
wp-super-cache: Served supercache file from PHP
x-ray: p15931:0.058/wn688:0.020/wal688:D=19794
x-page-speed: on
cache-control: max-age=0, no-cache
content-encoding: gzip

GET
H2 200 style.min.css
sumypost.com/wp-content/themes/portal-base/css/ 74 KB
17 KB 97ms
96ms Stylesheet
text/css 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sumypost.com/wp-content/themes/portal-base/css/style.min.css?ver=1562154777
Requested by: Host: sumypost.com
URL: https://sumypost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: d85112d14c6fac3e461e6c2aafcf58316e996a380ad30215777cd8760521673b

Request headers

:path: /wp-content/themes/portal-base/css/style.min.css?ver=1562154777
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: sumypost.com
referer: https://sumypost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ray: p15931:0.000/wn688:0.000/
content-encoding: gzip
last-modified: Wed, 03 Jul 2019 11:52:57 GMT
server: nginx
etag: W/"5d1c9719-126d2"
content-type: text/css
cache-control: max-age=604800
date: Tue, 04 May 2021 09:01:27 GMT
expires: Tue, 11 May 2021 09:01:27 GMT

GET
H2 200 A.dashicons.min.css,qver=5.2.2.pagespeed.cf.Zfe6btZDbd.css
sumypost.com/wp-includes/css/ 46 KB
28 KB 210ms
209ms Stylesheet
text/css 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sumypost.com/wp-includes/css/A.dashicons.min.css,qver=5.2.2.pagespeed.cf.Zfe6btZDbd.css
Requested by: Host: sumypost.com
URL: https://sumypost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 828082977a5f96b0a62e0d58c7545ef1036b320bb2d9db72f94993170cb15c58

Request headers

:path: /wp-includes/css/A.dashicons.min.css,qver=5.2.2.pagespeed.cf.Zfe6btZDbd.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: sumypost.com
referer: https://sumypost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-page-speed: on
x-ray: p15931:0.000/p15931:0.001/wn688:0.000/
content-encoding: gzip
x-original-content-length: 47558
server: nginx
etag: W/"0"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
date: Tue, 04 May 2021 09:01:27 GMT
last-modified: Tue, 04 May 2021 08:41:03 GMT
accept-ranges: bytes
content-length: 28413
expires: Wed, 04 May 2022 08:41:03 GMT

GET
H2 200 A.theme-my-login.css,qver=6.4.10.pagespeed.cf.d-6qikEmxN.css
sumypost.com/wp-content/plugins/theme-my-login/ 3 KB
1 KB 209ms
208ms Stylesheet
text/css 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sumypost.com/wp-content/plugins/theme-my-login/A.theme-my-login.css,qver=6.4.10.pagespeed.cf.d-6qikEmxN.css
Requested by: Host: sumypost.com
URL: https://sumypost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: edfe76acca4890e0a8208bebc32efce37ad25ac68518fef50db520474294bcbf

Request headers

:path: /wp-content/plugins/theme-my-login/A.theme-my-login.css,qver=6.4.10.pagespeed.cf.d-6qikEmxN.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: sumypost.com
referer: https://sumypost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-page-speed: on
x-ray: p15931:0.000/p15931:0.010/wn688:0.000/
content-encoding: gzip
x-original-content-length: 3447
server: nginx
etag: W/"0"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
date: Tue, 04 May 2021 09:01:27 GMT
last-modified: Tue, 04 May 2021 08:41:03 GMT
accept-ranges: bytes
content-length: 917
expires: Wed, 04 May 2022 08:41:03 GMT

GET
H2 200 A.styles.css,qver=4.7.pagespeed.cf.NtrTkKmVrV.css
sumypost.com/wp-content/plugins/contact-form-7/includes/css/ 1 KB
888 B 209ms
208ms Stylesheet
text/css 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sumypost.com/wp-content/plugins/contact-form-7/includes/css/A.styles.css,qver=4.7.pagespeed.cf.NtrTkKmVrV.css
Requested by: Host: sumypost.com
URL: https://sumypost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 441783bfcddf048111ca318b61c3e1441c4e78c6803ec8ebd4d991d7163a54e0

Request headers

:path: /wp-content/plugins/contact-form-7/includes/css/A.styles.css,qver=4.7.pagespeed.cf.NtrTkKmVrV.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: sumypost.com
referer: https://sumypost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-page-speed: on
x-ray: p15931:0.000/p15931:0.000/wn688:0.000/
content-encoding: gzip
x-original-content-length: 1606
server: nginx
etag: W/"0"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
date: Tue, 04 May 2021 09:01:27 GMT
last-modified: Tue, 04 May 2021 08:41:03 GMT
accept-ranges: bytes
content-length: 595
expires: Wed, 04 May 2022 08:41:03 GMT

GET
H2 200 style.min.css
sumypost.com/wp-content/themes/pt-sumy/css/ 4 KB
2 KB 209ms
208ms Stylesheet
text/css 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sumypost.com/wp-content/themes/pt-sumy/css/style.min.css?ver=2.3
Requested by: Host: sumypost.com
URL: https://sumypost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: d21022fedae715e019b0827c3923e0a92f750b2ea36b249933632a921b1e8d2e

Request headers

:path: /wp-content/themes/pt-sumy/css/style.min.css?ver=2.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: sumypost.com
referer: https://sumypost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ray: p15931:0.000/wn688:0.000/
content-encoding: gzip
last-modified: Mon, 22 Apr 2019 07:06:25 GMT
server: nginx
etag: W/"5cbd67f1-f76"
content-type: text/css
cache-control: max-age=604800
date: Tue, 04 May 2021 09:01:27 GMT
expires: Tue, 11 May 2021 09:01:27 GMT

GET
H2 200 A.font-awesome.min.css,qver=5.2.2.pagespeed.cf.jBrWCt-D4j.css
sumypost.com/wp-content/themes/portal-base/css/ 30 KB
7 KB 209ms
208ms Stylesheet
text/css 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sumypost.com/wp-content/themes/portal-base/css/A.font-awesome.min.css,qver=5.2.2.pagespeed.cf.jBrWCt-D4j.css
Requested by: Host: sumypost.com
URL: https://sumypost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 68f11ecbc8e56ff531e130db65cf00ab6a81b1706cf2aa3eaffee237b8b8e9c9

Request headers

:path: /wp-content/themes/portal-base/css/A.font-awesome.min.css,qver=5.2.2.pagespeed.cf.jBrWCt-D4j.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: sumypost.com
referer: https://sumypost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-page-speed: on
x-ray: p15931:0.010/p15931:0.000/wn688:0.000/
content-encoding: gzip
x-original-content-length: 31000
server: nginx
etag: W/"0"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
date: Tue, 04 May 2021 09:01:27 GMT
last-modified: Tue, 04 May 2021 08:41:03 GMT
accept-ranges: bytes
content-length: 6823
expires: Wed, 04 May 2022 08:41:03 GMT

GET
H2 200 jquery.js,qver=1.12.4-wp.pagespeed.jm.gp20iU5FlU.js Show response
sumypost.com/wp-includes/js/jquery/ 95 KB
33 KB 208ms
207ms Script
application/javascript 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sumypost.com/wp-includes/js/jquery/jquery.js,qver=1.12.4-wp.pagespeed.jm.gp20iU5FlU.js
Requested by: Host: sumypost.com
URL: https://sumypost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: d08fdf960890b4f7662bad35400a8464627110622652b944445b4a4ab32c01cb

Request headers

:path: /wp-includes/js/jquery/jquery.js,qver=1.12.4-wp.pagespeed.jm.gp20iU5FlU.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: sumypost.com
referer: https://sumypost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-page-speed: on
x-ray: p15931:0.000/p15931:0.000/wn688:0.000/
content-encoding: gzip
x-original-content-length: 96873
server: nginx
etag: W/"0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
date: Tue, 04 May 2021 09:01:27 GMT
last-modified: Tue, 04 May 2021 02:45:18 GMT
accept-ranges: bytes
content-length: 33683
expires: Wed, 04 May 2022 02:45:18 GMT

GET
H2 200 wp-includes,_js,_jquery,_jquery-migrate.min.js,qver==1.4.1+wp-content,_themes,_portal-base,_js,_loadmore.min.js,qver==1.0+wp-content,_themes,_portal-base,_js,_return.min.js,qver==5.2.2+wp-content,_... Show response
sumypost.com/ 35 KB
12 KB 208ms
207ms Script
application/javascript 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sumypost.com/wp-includes,_js,_jquery,_jquery-migrate.min.js,qver==1.4.1+wp-content,_themes,_portal-base,_js,_loadmore.min.js,qver==1.0+wp-content,_themes,_portal-base,_js,_return.min.js,qver==5.2.2+wp-content,_themes,_portal-base,_js,_load_ajax.min.js,qver==5.2.2+wp-content,_themes,_portal-base,_js,_sticky-kit.min.js,qver==5.2.2+wp-content,_themes,_portal-base,_js,_jquery-ias.min.js,qver==1.0.pagespeed.jc.x5bImhIP3A.js
Requested by: Host: sumypost.com
URL: https://sumypost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 01c87d6dbb55518c114e983b3d4a8631072905893a45cffc9afd68db8b5fd180

Request headers

:path: /wp-includes,_js,_jquery,_jquery-migrate.min.js,qver==1.4.1+wp-content,_themes,_portal-base,_js,_loadmore.min.js,qver==1.0+wp-content,_themes,_portal-base,_js,_return.min.js,qver==5.2.2+wp-content,_themes,_portal-base,_js,_load_ajax.min.js,qver==5.2.2+wp-content,_themes,_portal-base,_js,_sticky-kit.min.js,qver==5.2.2+wp-content,_themes,_portal-base,_js,_jquery-ias.min.js,qver==1.0.pagespeed.jc.x5bImhIP3A.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: sumypost.com
referer: https://sumypost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-page-speed: on
x-ray: p15931:0.010/p15931:0.000/wn688:0.000/
content-encoding: gzip
x-original-content-length: 35137
server: nginx
etag: W/"0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
date: Tue, 04 May 2021 09:01:27 GMT
last-modified: Tue, 04 May 2021 02:45:18 GMT
accept-ranges: bytes
content-length: 12135
expires: Wed, 04 May 2022 02:45:18 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
775 B 15ms
15ms Script
text/javascript 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?hl=uk&ver=5.2.2

Requested by

Host: sumypost.com
URL: https://sumypost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

39c6b27bf26876c9b27d32cd1741577dfc79b5545beb6b8616f3b9cea0f2b0e2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:01:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 558
x-xss-protection: 1; mode=block
expires: Tue, 04 May 2021 09:01:27 GMT

GET
H2 200 name_u.png
sumypost.com/wp-content/themes/pt-sumy/img/ 3 KB
3 KB 65ms
61ms Image
image/png 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sumypost.com/wp-content/themes/pt-sumy/img/name_u.png
Requested by: Host: sumypost.com
URL: https://sumypost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: b67c782b336105a0cf78c06d5ee73c1a14c38062d06ef3d31beeb5b9ea624024

Request headers

:path: /wp-content/themes/pt-sumy/img/name_u.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sumypost.com
referer: https://sumypost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ray: p15931:0.001/wn688:0.000/
last-modified: Mon, 22 Apr 2019 07:06:28 GMT
server: nginx
etag: "5cbd67f4-bb5"
content-type: image/png
cache-control: max-age=604800
date: Tue, 04 May 2021 09:01:28 GMT
accept-ranges: bytes
content-length: 2997
expires: Tue, 11 May 2021 09:01:28 GMT

GET
H2 200 1.JiBnMqyl6S.gif
sumypost.com/pagespeed_static/ 53 B
266 B 64ms
61ms Image
image/gif 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sumypost.com/pagespeed_static/1.JiBnMqyl6S.gif

Requested by

Host: sumypost.com
URL: https://sumypost.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),

Reverse DNS

Software

nginx /

Resource Hash

1eddc73cd37d151291adc510a4a547c4b0248b5bf7d368fcf4b73840a75b819a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /pagespeed_static/1.JiBnMqyl6S.gif
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sumypost.com
referer: https://sumypost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ray: p15931:0.001/wn688:0.000/
x-content-type-options: nosniff
last-modified: Tue, 04 May 2021 09:01:28 GMT
server: nginx
date: Tue, 04 May 2021 09:01:28 GMT
content-type: image/gif
cache-control: max-age=604800
etag: W/"0"
expires: Tue, 11 May 2021 09:01:28 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 132 KB
47 KB 48ms
24ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: sumypost.com
URL: https://sumypost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d931393ae1a1c0b3d4126858ea4a15442f1e094f07420283272902e1a878c0cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:01:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47791
x-xss-protection: 0
server: cafe
etag: 12720787893023158812
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 04 May 2021 09:01:28 GMT

GET
H2 200 forward-100.png
sumypost.com/wp-content/themes/portal-base/img/ 282 B
498 B 114ms
113ms Image
image/png 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sumypost.com/wp-content/themes/portal-base/img/forward-100.png
Requested by: Host: sumypost.com
URL: https://sumypost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 8cadae5225b49124780184bf43516e483ac517c05151c872fd9dd6bb5d459afd

Request headers

:path: /wp-content/themes/portal-base/img/forward-100.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sumypost.com
referer: https://sumypost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ray: p15931:0.000/wn688:0.000/
last-modified: Wed, 03 Jul 2019 11:52:57 GMT
server: nginx
etag: "5d1c9719-11a"
content-type: image/png
cache-control: max-age=604800
date: Tue, 04 May 2021 09:01:28 GMT
accept-ranges: bytes
content-length: 282
expires: Tue, 11 May 2021 09:01:28 GMT

GET
H/1.1 200
OK counter2.0.js Show response
get.mycounter.ua/ 4 KB
4 KB 145ms
44ms Script
application/javascript 62.149.0.249
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://get.mycounter.ua/counter2.0.js
Requested by: Host: sumypost.com
URL: https://sumypost.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.149.0.249 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: get.mycounter.ua
Software: nginx/1.14.2 /
Resource Hash: 266a3771ef39c4855333a8ff90d4a48d8c19f2ddb561ceb41a5a8ab4747304f8

Request headers

Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 09:01:28 GMT
Last-Modified: Mon, 11 Jan 2021 22:30:07 GMT
Server: nginx/1.14.2
ETag: "5ffcd16f-e45"
Content-Type: application/javascript
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3653
Expires: Tue, 04 May 2021 10:01:28 GMT

GET
H2 200 flexmenu.min.js Show response
sumypost.com/wp-content/themes/portal-base/js/ 2 KB
1 KB 61ms
58ms Script
application/javascript 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sumypost.com/wp-content/themes/portal-base/js/flexmenu.min.js
Requested by: Host: sumypost.com
URL: https://sumypost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 268d4ee9f8e316f07f185acd7b3ce896ae73437a8aceb8e516fad7c1b405e72b

Request headers

:path: /wp-content/themes/portal-base/js/flexmenu.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: sumypost.com
referer: https://sumypost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ray: p15931:0.000/wn688:0.000/
content-encoding: gzip
last-modified: Wed, 03 Jul 2019 11:52:57 GMT
server: nginx
etag: W/"5d1c9719-8dd"
content-type: application/javascript
cache-control: max-age=604800
date: Tue, 04 May 2021 09:01:28 GMT
expires: Tue, 11 May 2021 09:01:28 GMT

GET
H2 200 footer_sc.min.js Show response
sumypost.com/wp-content/themes/portal-base/js/ 2 KB
2 KB 64ms
60ms Script
application/javascript 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sumypost.com/wp-content/themes/portal-base/js/footer_sc.min.js?ver=1562154777
Requested by: Host: sumypost.com
URL: https://sumypost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 2fc4cc1bfc175be0c3a822a4fa2c3dfe2b83c900b80171deca4441ff5a5769a5

Request headers

:path: /wp-content/themes/portal-base/js/footer_sc.min.js?ver=1562154777
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: sumypost.com
referer: https://sumypost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ray: p15931:0.001/wn688:0.000/
last-modified: Wed, 03 Jul 2019 11:52:57 GMT
server: nginx
etag: "5d1c9719-620"
content-type: application/javascript
cache-control: max-age=604800
date: Tue, 04 May 2021 09:01:28 GMT
accept-ranges: bytes
content-length: 1568
expires: Tue, 11 May 2021 09:01:28 GMT

GET
H2 200 jquery.form.min.js,qver=3.51.0-2014.06.20.pagespeed.jm.RVBOol6lkO.js Show response
sumypost.com/wp-content/plugins/contact-form-7/includes/js/ 15 KB
6 KB 120ms
116ms Script
application/javascript 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sumypost.com/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js,qver=3.51.0-2014.06.20.pagespeed.jm.RVBOol6lkO.js
Requested by: Host: sumypost.com
URL: https://sumypost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 8e46813172e9fa6ada136f50d2bea0b539e249f3e14b537447b61c43076dee74

Request headers

:path: /wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js,qver=3.51.0-2014.06.20.pagespeed.jm.RVBOol6lkO.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: sumypost.com
referer: https://sumypost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-page-speed: on
x-ray: p15931:0.001/p15931:0.000/wn688:0.000/
content-encoding: gzip
x-original-content-length: 15248
server: nginx
etag: W/"0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
date: Tue, 04 May 2021 09:01:28 GMT
last-modified: Tue, 04 May 2021 05:10:04 GMT
accept-ranges: bytes
content-length: 5657
expires: Wed, 04 May 2022 05:10:04 GMT

GET
H2 200 wp-content,_plugins,_contact-form-7,_includes,_js,_scripts.js,qver==4.7+wp-includes,_js,_wp-embed.min.js,qver==5.2.2.pagespeed.jc.dvJCbrEd1J.js Show response
sumypost.com/ 12 KB
4 KB 66ms
62ms Script
application/javascript 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sumypost.com/wp-content,_plugins,_contact-form-7,_includes,_js,_scripts.js,qver==4.7+wp-includes,_js,_wp-embed.min.js,qver==5.2.2.pagespeed.jc.dvJCbrEd1J.js
Requested by: Host: sumypost.com
URL: https://sumypost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: a7dff3d19d46ecb27a23dbb25eb379ad20b6107122a629613b299a3a9997700f

Request headers

:path: /wp-content,_plugins,_contact-form-7,_includes,_js,_scripts.js,qver==4.7+wp-includes,_js,_wp-embed.min.js,qver==5.2.2.pagespeed.jc.dvJCbrEd1J.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: sumypost.com
referer: https://sumypost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-page-speed: on
x-ray: p15931:0.001/p15931:0.000/wn688:0.000/
content-encoding: gzip
x-original-content-length: 15079
server: nginx
etag: W/"0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
date: Tue, 04 May 2021 09:01:28 GMT
last-modified: Tue, 04 May 2021 05:17:26 GMT
accept-ranges: bytes
content-length: 3873
expires: Wed, 04 May 2022 05:17:26 GMT

GET
H2 200 recaptcha__uk.js Show response
www.gstatic.com/recaptcha/releases/9qx0v7NiOAe_XnW_ULNZm9e3/ 368 KB
135 KB 30ms
11ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/9qx0v7NiOAe_XnW_ULNZm9e3/recaptcha__uk.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=uk&ver=5.2.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

734507a7c6a1964d63ca6502f2310a8cad206f0f7c78100ed323dfee81d0bd71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://sumypost.com
Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 19:36:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48291
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 137723
x-xss-protection: 0
last-modified: Mon, 26 Apr 2021 04:03:12 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 03 May 2022 19:36:37 GMT

GET
H2 200 fontawesome-webfont.woff2
sumypost.com/wp-content/themes/portal-base/fonts/ 75 KB
76 KB 162ms
161ms Font
font/woff2 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sumypost.com/wp-content/themes/portal-base/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: sumypost.com
URL: https://sumypost.com/wp-content/themes/portal-base/css/A.font-awesome.min.css,qver=5.2.2.pagespeed.cf.jBrWCt-D4j.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

:path: /wp-content/themes/portal-base/fonts/fontawesome-webfont.woff2?v=4.7.0
pragma: no-cache
origin: https://sumypost.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: sumypost.com
referer: https://sumypost.com/wp-content/themes/portal-base/css/A.font-awesome.min.css,qver=5.2.2.pagespeed.cf.jBrWCt-D4j.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://sumypost.com
Referer: https://sumypost.com/wp-content/themes/portal-base/css/A.font-awesome.min.css,qver=5.2.2.pagespeed.cf.jBrWCt-D4j.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ray: p15931:0.001/wn688:0.000/
last-modified: Wed, 03 Jul 2019 11:52:57 GMT
server: nginx
etag: "5d1c9719-12d68"
content-type: font/woff2
cache-control: max-age=604800
date: Tue, 04 May 2021 09:01:28 GMT
accept-ranges: bytes
content-length: 77160
expires: Tue, 11 May 2021 09:01:28 GMT

GET
H2 200 roboto.woff
sumypost.com/wp-content/themes/portal-base/fonts/roboto/ 25 KB
26 KB 103ms
103ms Font
font/woff 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sumypost.com/wp-content/themes/portal-base/fonts/roboto/roboto.woff
Requested by: Host: sumypost.com
URL: https://sumypost.com/wp-content/themes/portal-base/css/style.min.css?ver=1562154777
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 230226211b6fa75f73a7257ef16ffa5904523b30e32e7aae949790ae288a4dc0

Request headers

:path: /wp-content/themes/portal-base/fonts/roboto/roboto.woff
pragma: no-cache
origin: https://sumypost.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: sumypost.com
referer: https://sumypost.com/wp-content/themes/portal-base/css/style.min.css?ver=1562154777
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://sumypost.com
Referer: https://sumypost.com/wp-content/themes/portal-base/css/style.min.css?ver=1562154777
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ray: p15931:0.001/wn688:0.000/
last-modified: Wed, 03 Jul 2019 11:52:57 GMT
server: nginx
etag: "5d1c9719-65f8"
content-type: font/woff
cache-control: max-age=604800
date: Tue, 04 May 2021 09:01:28 GMT
accept-ranges: bytes
content-length: 26104
expires: Tue, 11 May 2021 09:01:28 GMT

GET
H2 200 ptserif.woff2
sumypost.com/wp-content/themes/portal-base/fonts/ptserif/ 31 KB
31 KB 159ms
158ms Font
font/woff2 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sumypost.com/wp-content/themes/portal-base/fonts/ptserif/ptserif.woff2
Requested by: Host: sumypost.com
URL: https://sumypost.com/wp-content/themes/portal-base/css/style.min.css?ver=1562154777
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 91b3409ecfc085b8c41bda8854235cbbd2c67286f2a650f92f2ed0979914e23b

Request headers

:path: /wp-content/themes/portal-base/fonts/ptserif/ptserif.woff2
pragma: no-cache
origin: https://sumypost.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: sumypost.com
referer: https://sumypost.com/wp-content/themes/portal-base/css/style.min.css?ver=1562154777
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://sumypost.com
Referer: https://sumypost.com/wp-content/themes/portal-base/css/style.min.css?ver=1562154777
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ray: p15931:0.001/wn688:0.000/
last-modified: Wed, 03 Jul 2019 11:52:57 GMT
server: nginx
etag: "5d1c9719-7adc"
content-type: font/woff2
cache-control: max-age=604800
date: Tue, 04 May 2021 09:01:28 GMT
accept-ranges: bytes
content-length: 31452
expires: Tue, 11 May 2021 09:01:28 GMT

GET
H2 200 robotobold.woff
sumypost.com/wp-content/themes/portal-base/fonts/roboto/ 24 KB
24 KB 157ms
157ms Font
font/woff 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sumypost.com/wp-content/themes/portal-base/fonts/roboto/robotobold.woff
Requested by: Host: sumypost.com
URL: https://sumypost.com/wp-content/themes/portal-base/css/style.min.css?ver=1562154777
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: ebf244a66931bb750c0eed9f5d90f7708abdadc364bbef7df8a4049c0a26c2b4

Request headers

:path: /wp-content/themes/portal-base/fonts/roboto/robotobold.woff
pragma: no-cache
origin: https://sumypost.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: sumypost.com
referer: https://sumypost.com/wp-content/themes/portal-base/css/style.min.css?ver=1562154777
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://sumypost.com
Referer: https://sumypost.com/wp-content/themes/portal-base/css/style.min.css?ver=1562154777
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ray: p15931:0.000/wn688:0.000/
last-modified: Wed, 03 Jul 2019 11:52:57 GMT
server: nginx
etag: "5d1c9719-6094"
content-type: font/woff
cache-control: max-age=604800
date: Tue, 04 May 2021 09:01:28 GMT
accept-ranges: bytes
content-length: 24724
expires: Tue, 11 May 2021 09:01:28 GMT

GET
H/1.1 200
OK habar3-315x247.jpg
pm-image.com/sumypostcom/wp-content/uploads/2018/01/ 12 KB
12 KB 199ms
36ms Image
image/jpeg 195.16.88.9
WIBO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pm-image.com/sumypostcom/wp-content/uploads/2018/01/habar3-315x247.jpg
Requested by: Host: sumypost.com
URL: https://sumypost.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.16.88.9 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS: sr47.hostlife.net
Software: Apache/2 /
Resource Hash: b0678ccc3094a26b167cf82fd0b0d2fa62b2b59a435a4bf9b19a7febac3e01ec

Request headers

Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 09:01:28 GMT
Last-Modified: Thu, 02 May 2019 12:31:56 GMT
Server: Apache/2
ETag: "308c-587e6d1dd022b"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=100
Content-Length: 12428

GET
H2 200 182198526_3754103024712250_7566537216158217004_n-315x247.jpg
sumypost.com/wp-content/uploads/2021/05/ 18 KB
18 KB 185ms
185ms Image
image/jpeg 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sumypost.com/wp-content/uploads/2021/05/182198526_3754103024712250_7566537216158217004_n-315x247.jpg
Requested by: Host: sumypost.com
URL: https://sumypost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 407e890165b2142c21727e836edfde16f15bb88f568f1e47fd392c982d890d34

Request headers

:path: /wp-content/uploads/2021/05/182198526_3754103024712250_7566537216158217004_n-315x247.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sumypost.com
referer: https://sumypost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ray: p15931:0.000/wn688:0.000/
last-modified: Tue, 04 May 2021 08:34:21 GMT
server: nginx
etag: "6091070d-4742"
content-type: image/jpeg
cache-control: max-age=604800
date: Tue, 04 May 2021 09:01:28 GMT
accept-ranges: bytes
content-length: 18242
expires: Tue, 11 May 2021 09:01:28 GMT

GET
H2 200 IMG_20201110_091551_939-980x599-315x247.jpg
sumypost.com/wp-content/uploads/2021/05/ 15 KB
15 KB 184ms
183ms Image
image/jpeg 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sumypost.com/wp-content/uploads/2021/05/IMG_20201110_091551_939-980x599-315x247.jpg
Requested by: Host: sumypost.com
URL: https://sumypost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 30e90a20f65d85a41c4065fe4ee6ca85701d82ca30eb96b30e994c79e6fd74cb

Request headers

:path: /wp-content/uploads/2021/05/IMG_20201110_091551_939-980x599-315x247.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sumypost.com
referer: https://sumypost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ray: p15931:0.000/wn688:0.000/
last-modified: Sun, 02 May 2021 06:26:59 GMT
server: nginx
etag: "608e4633-3b53"
content-type: image/jpeg
cache-control: max-age=604800
date: Tue, 04 May 2021 09:01:28 GMT
accept-ranges: bytes
content-length: 15187
expires: Tue, 11 May 2021 09:01:28 GMT

GET
H2 200 e26c2dfce6d94f91-315x247.jpg
sumypost.com/wp-content/uploads/2021/04/ 16 KB
16 KB 190ms
190ms Image
image/jpeg 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sumypost.com/wp-content/uploads/2021/04/e26c2dfce6d94f91-315x247.jpg
Requested by: Host: sumypost.com
URL: https://sumypost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: cb8395cdd55a97aea2d5d34a5c453a5e098f7250c3846a42e5a1301c4b5514b5

Request headers

:path: /wp-content/uploads/2021/04/e26c2dfce6d94f91-315x247.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sumypost.com
referer: https://sumypost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ray: p15931:0.000/wn688:0.000/
last-modified: Wed, 28 Apr 2021 17:05:36 GMT
server: nginx
etag: "608995e0-3e1e"
content-type: image/jpeg
cache-control: max-age=604800
date: Tue, 04 May 2021 09:01:28 GMT
accept-ranges: bytes
content-length: 15902
expires: Tue, 11 May 2021 09:01:28 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210429/r20190131/ 223 KB
82 KB 41ms
27ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210429/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9663262642527369&plah=sumypost.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8efe3e24fbff7b370d1d24175f1de783017859e0fe80d2e0f08e22b8e1c0c08a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:01:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84200
x-xss-protection: 0
server: cafe
etag: 1635929098252524918
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 04 May 2021 09:01:28 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210429/r20190131/ Frame 1F9E 10 KB
5 KB 43ms
11ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210429/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210429/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sumypost.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sumypost.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 04 May 2021 02:53:05 GMT
expires: Tue, 18 May 2021 02:53:05 GMT
content-type: text/html; charset=UTF-8
etag: 10446291943670460780
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4644
x-xss-protection: 0
age: 22103
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 sanatorium-sb-2m.gif
sumypost.com/media/ 173 KB
173 KB 220ms
219ms Image
image/gif 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sumypost.com/media/sanatorium-sb-2m.gif
Requested by: Host: sumypost.com
URL: https://sumypost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 999cde936420491d96d2213f62f5b14d7fd930102980566ba4c43abba331393f

Request headers

:path: /media/sanatorium-sb-2m.gif
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sumypost.com
referer: https://sumypost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ray: p15931:0.010/wn688:0.000/
last-modified: Fri, 30 Apr 2021 18:41:05 GMT
server: nginx
etag: "608c4f41-2b427"
content-type: image/gif
cache-control: max-age=604800
date: Tue, 04 May 2021 09:01:28 GMT
accept-ranges: bytes
content-length: 177191
expires: Tue, 11 May 2021 09:01:28 GMT

GET
H2 200 ua_312x180.jpg
sumypost.com/wp-content/themes/PortalTown/img/ 9 KB
9 KB 212ms
212ms Image
image/jpeg 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sumypost.com/wp-content/themes/PortalTown/img/ua_312x180.jpg
Requested by: Host: sumypost.com
URL: https://sumypost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: d179df34c1ba991ee5d52b240df6d74b9542da5c8c26c4964f9e4cfe0c1f43b8

Request headers

:path: /wp-content/themes/PortalTown/img/ua_312x180.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sumypost.com
referer: https://sumypost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ray: p15931:0.000/wn688:0.000/
last-modified: Sat, 09 Mar 2019 21:20:08 GMT
server: nginx
etag: "5c842e08-227f"
content-type: image/jpeg
cache-control: max-age=604800
date: Tue, 04 May 2021 09:01:28 GMT
accept-ranges: bytes
content-length: 8831
expires: Tue, 11 May 2021 09:01:28 GMT

GET
H2 200 11cdb0c5719af9bf49259fab5eb14dd4_L.jpg
sumypost.com/wp-content/uploads/2021/03/ 209 KB
209 KB 200ms
200ms Image
image/jpeg 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sumypost.com/wp-content/uploads/2021/03/11cdb0c5719af9bf49259fab5eb14dd4_L.jpg
Requested by: Host: sumypost.com
URL: https://sumypost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 056cb6fb8f182c6525d8d683c754d037afbbec05336674466b55c088637893e8

Request headers

:path: /wp-content/uploads/2021/03/11cdb0c5719af9bf49259fab5eb14dd4_L.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sumypost.com
referer: https://sumypost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ray: p15931:0.000/wn688:0.000/
last-modified: Mon, 15 Mar 2021 08:38:59 GMT
server: nginx
etag: "604f1d23-343f0"
content-type: image/jpeg
cache-control: max-age=604800
date: Tue, 04 May 2021 09:01:28 GMT
accept-ranges: bytes
content-length: 214000
expires: Tue, 11 May 2021 09:01:28 GMT

GET
H2 200 m-cat-item.png
sumypost.com/wp-content/themes/portal-base/img/ 5 KB
6 KB 233ms
232ms Image
image/png 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sumypost.com/wp-content/themes/portal-base/img/m-cat-item.png
Requested by: Host: sumypost.com
URL: https://sumypost.com/wp-content/themes/portal-base/css/style.min.css?ver=1562154777
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 4f3e758eee93b746eb32f72127664b6bb6de1465f28eb6d32600ab2b3071c500

Request headers

:path: /wp-content/themes/portal-base/img/m-cat-item.png
pragma: no-cache
cookie: b=b
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sumypost.com
referer: https://sumypost.com/wp-content/themes/portal-base/css/style.min.css?ver=1562154777
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/wp-content/themes/portal-base/css/style.min.css?ver=1562154777
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ray: p15931:0.000/wn688:0.000/
last-modified: Wed, 03 Jul 2019 11:52:57 GMT
server: nginx
etag: "5d1c9719-1598"
content-type: image/png
cache-control: max-age=604800
date: Tue, 04 May 2021 09:01:28 GMT
accept-ranges: bytes
content-length: 5528
expires: Tue, 11 May 2021 09:01:28 GMT

GET
H2 200 photo_2021-03-12_09-54-42.jpg
sumypost.com/wp-content/uploads/2021/03/ 107 KB
108 KB 287ms
287ms Image
image/jpeg 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sumypost.com/wp-content/uploads/2021/03/photo_2021-03-12_09-54-42.jpg
Requested by: Host: sumypost.com
URL: https://sumypost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 7ecf284e717e15fb163e7c0bd1a0c014dfee68c084f86dbc6399db492e08af37

Request headers

:path: /wp-content/uploads/2021/03/photo_2021-03-12_09-54-42.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sumypost.com
referer: https://sumypost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ray: p15931:0.000/wn688:0.000/
last-modified: Fri, 12 Mar 2021 07:58:37 GMT
server: nginx
etag: "604b1f2d-1ad6f"
content-type: image/jpeg
cache-control: max-age=604800
date: Tue, 04 May 2021 09:01:28 GMT
accept-ranges: bytes
content-length: 109935
expires: Tue, 11 May 2021 09:01:28 GMT

GET
H2 200 1-52-312x190.jpg
sumypost.com/wp-content/uploads/2020/01/ 15 KB
16 KB 285ms
284ms Image
image/jpeg 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sumypost.com/wp-content/uploads/2020/01/1-52-312x190.jpg
Requested by: Host: sumypost.com
URL: https://sumypost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: a6ba6fba1112b7017688440cc23b9b440937c1b20a304206cb45b5ab9aecc253

Request headers

:path: /wp-content/uploads/2020/01/1-52-312x190.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sumypost.com
referer: https://sumypost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ray: p15931:0.000/wn688:0.000/
last-modified: Thu, 23 Jan 2020 14:39:10 GMT
server: nginx
etag: "5e29b00e-3d68"
content-type: image/jpeg
cache-control: max-age=604800
date: Tue, 04 May 2021 09:01:28 GMT
accept-ranges: bytes
content-length: 15720
expires: Tue, 11 May 2021 09:01:28 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 202 B
640 B 156ms
62ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=sumypost.com&callback=_gfp_s_&client=ca-pub-9663262642527369

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210429/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9663262642527369&plah=sumypost.com&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

1b23e8807bc0edea369325f915c9d5211d251600462b045e138a227071a6a1c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:01:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 192
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
799 B 41ms
16ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=sumypost.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 04 May 2021 09:01:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 43ms
20ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=sumypost.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 04 May 2021 09:01:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AAD1 74 KB
25 KB 629ms
626ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9663262642527369&output=html&h=280&slotname=2706803759&adk=1686960007&adf=1637403657&pi=t.ma~as.2706803759&w=644&fwrn=4&fwrnh=100&lmt=1620118888&rafmt=1&psa=0&format=644x280&url=https%3A%2F%2Fsumypost.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620118888320&bpp=68&bdt=843&idt=312&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=7634100935257&frm=20&pv=2&ga_vid=2028455744.1620118889&ga_sid=1620118889&ga_hid=721507080&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=146&ady=331&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3458518872206284&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=3MlhYXtlOf&p=https%3A//sumypost.com&dtd=379

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

29b1bccf6c758537a82e38ba5b9e1e064dce368076ec371cc1f477e9e1ea0f40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9663262642527369&output=html&h=280&slotname=2706803759&adk=1686960007&adf=1637403657&pi=t.ma~as.2706803759&w=644&fwrn=4&fwrnh=100&lmt=1620118888&rafmt=1&psa=0&format=644x280&url=https%3A%2F%2Fsumypost.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620118888320&bpp=68&bdt=843&idt=312&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=7634100935257&frm=20&pv=2&ga_vid=2028455744.1620118889&ga_sid=1620118889&ga_hid=721507080&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=146&ady=331&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3458518872206284&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=3MlhYXtlOf&p=https%3A//sumypost.com&dtd=379
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sumypost.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sumypost.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 04 May 2021 09:01:29 GMT
server: cafe
content-length: 24993
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 04-May-2021 09:16:28 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 04 May 2021 09:01:29 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 61ms
14ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94442ab42e60dd5c6c276c1777c56fc3f9dff44e999524ca6431af82a9bff9af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:01:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620056503243602"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28014
x-xss-protection: 0
expires: Tue, 04 May 2021 09:01:28 GMT

GET ads
googleads.g.doubleclick.net/pagead/ Frame C95E 0
0

GET ads
googleads.g.doubleclick.net/pagead/ Frame 1BE5 0
0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6241 118 KB
38 KB 618ms
617ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9663262642527369&output=html&h=280&slotname=7596210885&adk=2638584320&adf=3686550895&pi=t.ma~as.7596210885&w=644&fwrn=4&fwrnh=100&lmt=1620118888&rafmt=1&psa=0&format=644x280&url=https%3A%2F%2Fsumypost.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620118888395&bpp=4&bdt=918&idt=406&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=644x280%2C312x250%2C312x250&correlator=7634100935257&frm=20&pv=1&ga_vid=2028455744.1620118889&ga_sid=1620118889&ga_hid=721507080&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=146&ady=1231&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3458518872206284&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=3&fsb=1&xpc=YXIK2BdwuF&p=https%3A//sumypost.com&dtd=438

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28fb0fd49a226763f1de085ab6e81bc59d8f74e94a4e4bd712da5600dca3506e

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLG89ZbVr_ACFZCBhQodaSMIBw&gqi=aA2RYJP0M8mF9fgPraKCwAY&layout=/sadbundle/%24csp%253Der3%24/11575576717432054682/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9663262642527369&output=html&h=280&slotname=7596210885&adk=2638584320&adf=3686550895&pi=t.ma~as.7596210885&w=644&fwrn=4&fwrnh=100&lmt=1620118888&rafmt=1&psa=0&format=644x280&url=https%3A%2F%2Fsumypost.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620118888395&bpp=4&bdt=918&idt=406&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=644x280%2C312x250%2C312x250&correlator=7634100935257&frm=20&pv=1&ga_vid=2028455744.1620118889&ga_sid=1620118889&ga_hid=721507080&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=146&ady=1231&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3458518872206284&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=3&fsb=1&xpc=YXIK2BdwuF&p=https%3A//sumypost.com&dtd=438
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sumypost.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sumypost.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLG89ZbVr_ACFZCBhQodaSMIBw&gqi=aA2RYJP0M8mF9fgPraKCwAY&layout=/sadbundle/%24csp%253Der3%24/11575576717432054682/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 04 May 2021 09:01:29 GMT
server: cafe
content-length: 38300
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 04-May-2021 09:16:28 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 04 May 2021 09:01:29 GMT
cache-control: private

GET
H/1.1 200
OK / Show response
c.bigmir.net/ 133 B
424 B 323ms
84ms Script
application/x-javascript 193.239.68.97
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bigmir.net/?o1&v16935761&s16936220&t0&c1&n68677&w0&y0&d24&r1600
Requested by: Host: sumypost.com
URL: https://sumypost.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.239.68.97 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS: c.bigmir.net
Software: nginx /
Resource Hash: d284077f47e9d30edbdf7caa8b229ac10c08150562c4be18909b5b92d6c772fe

Request headers

Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Tue, 04 May 2021 09:01:29 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/x-javascript; charset=windows-1251
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Keep-Alive: timeout=5
Expires: 0

GET
H/1.1 200
OK counter.php
get.mycounter.ua/ 765 B
988 B 63ms
62ms Image
image/png 62.149.0.249
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://get.mycounter.ua/counter.php?id=164155&w=https%3A//sumypost.com/&s=1600x1200x24&c=1&j=7&gmt=1&dst=1
Requested by: Host: sumypost.com
URL: https://sumypost.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.149.0.249 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: get.mycounter.ua
Software: MyCounter TCP Server v.2.0.0 /
Resource Hash: 991dbd5b6ac97b00a785c28887be53b4370ffb7a195f32b815a70cbdf5543f6a

Request headers

Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 12:01:29 GMT
Server: MyCounter TCP Server v.2.0.0
Content-Type: image/png
Cache-control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 765
Expires: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: sumypost.com
URL: https://sumypost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 4854
date: Tue, 04 May 2021 07:40:35 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Tue, 04 May 2021 09:40:35 GMT

GET
H2 200 b59_top.gif
i.bigmir.net/cnt/samples/diagonal/ 65 B
237 B 879ms
68ms Image
image/gif 193.239.71.100
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.bigmir.net/cnt/samples/diagonal/b59_top.gif
Requested by: Host: sumypost.com
URL: https://sumypost.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 3f62d2f95c3642606f92c38db573546731c3430e4d0fa101c0b2fdfd63695bb5

Request headers

Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:01:30 GMT
last-modified: Tue, 23 Jan 2007 13:14:28 GMT
server: nginx
etag: "45b60a34-41"
content-type: image/gif
cache-control: max-age=259200
accept-ranges: bytes
content-length: 65
expires: Fri, 07 May 2021 09:01:30 GMT

GET
H2 200 b59_center.gif
i.bigmir.net/cnt/samples/diagonal/ 78 B
249 B 878ms
69ms Image
image/gif 193.239.71.100
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.bigmir.net/cnt/samples/diagonal/b59_center.gif
Requested by: Host: sumypost.com
URL: https://sumypost.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 278a038fd510240f76a0b812d57f7cd0ee7ba7ec252ab960cdf1997c02cf0523

Request headers

Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:01:30 GMT
last-modified: Tue, 23 Jan 2007 13:14:28 GMT
server: nginx
etag: "45b60a34-4e"
content-type: image/gif
cache-control: max-age=259200
accept-ranges: bytes
content-length: 78
expires: Fri, 07 May 2021 09:01:30 GMT

GET
H2 200 b59_bottom.gif
i.bigmir.net/cnt/samples/diagonal/ 66 B
237 B 877ms
69ms Image
image/gif 193.239.71.100
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.bigmir.net/cnt/samples/diagonal/b59_bottom.gif
Requested by: Host: sumypost.com
URL: https://sumypost.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 35703cfab4436ea19ad920b66165c2df1f54b9efbb5682ae9b374a2efb5a0575

Request headers

Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:01:30 GMT
last-modified: Tue, 23 Jan 2007 13:14:28 GMT
server: nginx
etag: "45b60a34-42"
content-type: image/gif
cache-control: max-age=259200
accept-ranges: bytes
content-length: 66
expires: Fri, 07 May 2021 09:01:30 GMT

GET
H2 200 viber_new.png
sumypost.com/wp-content/themes/portal-base/img/ 7 KB
7 KB 233ms
229ms Image
image/png 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sumypost.com/wp-content/themes/portal-base/img/viber_new.png
Requested by: Host: sumypost.com
URL: https://sumypost.com/wp-content/themes/portal-base/css/style.min.css?ver=1562154777
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 4576f04bf8fb6939c33c742d6fa0add87f69badbc5947a022d60514813fa92b2

Request headers

:path: /wp-content/themes/portal-base/img/viber_new.png
pragma: no-cache
cookie: b=b; __gads=ID=d524de9565a73cab-2266843cc5c7008a:T=1620118888:RT=1620118888:S=ALNI_MYLZtTdDLs9bBmcd8G7odd_sDhQ3Q; s=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sumypost.com
referer: https://sumypost.com/wp-content/themes/portal-base/css/style.min.css?ver=1562154777
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/wp-content/themes/portal-base/css/style.min.css?ver=1562154777
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ray: p15931:0.000/wn688:0.000/
last-modified: Wed, 03 Jul 2019 11:52:57 GMT
server: nginx
etag: "5d1c9719-1a50"
content-type: image/png
cache-control: max-age=604800
date: Tue, 04 May 2021 09:01:29 GMT
accept-ranges: bytes
content-length: 6736
expires: Tue, 11 May 2021 09:01:29 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AA1E 122 KB
40 KB 541ms
526ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9663262642527369&output=html&h=250&slotname=7596210885&adk=2477841802&adf=679629689&pi=t.ma~as.7596210885&w=312&fwrn=4&fwrnh=100&lmt=1620118888&rafmt=1&psa=0&format=312x250&url=https%3A%2F%2Fsumypost.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620118888716&bpp=1&bdt=1239&idt=2&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=644x280&correlator=7634100935257&frm=20&pv=1&ga_vid=2028455744.1620118889&ga_sid=1620118889&ga_hid=721507080&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=810&ady=3319&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3458518872206284&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=KR0U0xrE3H&p=https%3A//sumypost.com&dtd=15

Requested by

Host: sumypost.com
URL: https://sumypost.com/wp-includes/js/jquery/jquery.js,qver=1.12.4-wp.pagespeed.jm.gp20iU5FlU.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bd2a55446b7da7fc6b49d8d5a013bec4ce7294d4bcbacd618aff7854232985db

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLfpvJfVr_ACFReEhQod3UIBpw&gqi=ag2RYL-6AZaylgS-i5nYCw&layout=/sadbundle/%24csp%253Der3%24/11575576717432054682/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9663262642527369&output=html&h=250&slotname=7596210885&adk=2477841802&adf=679629689&pi=t.ma~as.7596210885&w=312&fwrn=4&fwrnh=100&lmt=1620118888&rafmt=1&psa=0&format=312x250&url=https%3A%2F%2Fsumypost.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620118888716&bpp=1&bdt=1239&idt=2&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=644x280&correlator=7634100935257&frm=20&pv=1&ga_vid=2028455744.1620118889&ga_sid=1620118889&ga_hid=721507080&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=810&ady=3319&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3458518872206284&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=KR0U0xrE3H&p=https%3A//sumypost.com&dtd=15
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sumypost.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sumypost.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLfpvJfVr_ACFReEhQod3UIBpw&gqi=ag2RYL-6AZaylgS-i5nYCw&layout=/sadbundle/%24csp%253Der3%24/11575576717432054682/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 04 May 2021 09:01:30 GMT
server: cafe
content-length: 40802
x-xss-protection: 0
set-cookie: IDE=AHWqTUm8XtrrJfdZNwESGRBho34dPJPBhcJFuWWGVpz2VqD9UO4LeJC_j8gaSCg1v2E; expires=Sun, 29-May-2022 09:01:30 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 04 May 2021 09:01:30 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4548 17 KB
8 KB 606ms
591ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9663262642527369&output=html&h=250&slotname=7596210885&adk=2477841802&adf=3619793251&pi=t.ma~as.7596210885&w=312&fwrn=4&fwrnh=100&lmt=1620118888&rafmt=1&psa=0&format=312x250&url=https%3A%2F%2Fsumypost.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620118888737&bpp=2&bdt=1260&idt=2&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=644x280%2C312x250&correlator=7634100935257&frm=20&pv=1&ga_vid=2028455744.1620118889&ga_sid=1620118889&ga_hid=721507080&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1142&ady=3319&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3458518872206284&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1COJS06atC&p=https%3A//sumypost.com&dtd=45

Requested by

Host: sumypost.com
URL: https://sumypost.com/wp-includes/js/jquery/jquery.js,qver=1.12.4-wp.pagespeed.jm.gp20iU5FlU.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9bce1ee2df74787fb7017a6a86cc0fa1a90a1301b465763d31ae517d3b07e323

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9663262642527369&output=html&h=250&slotname=7596210885&adk=2477841802&adf=3619793251&pi=t.ma~as.7596210885&w=312&fwrn=4&fwrnh=100&lmt=1620118888&rafmt=1&psa=0&format=312x250&url=https%3A%2F%2Fsumypost.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620118888737&bpp=2&bdt=1260&idt=2&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=644x280%2C312x250&correlator=7634100935257&frm=20&pv=1&ga_vid=2028455744.1620118889&ga_sid=1620118889&ga_hid=721507080&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1142&ady=3319&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3458518872206284&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1COJS06atC&p=https%3A//sumypost.com&dtd=45
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sumypost.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sumypost.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 04 May 2021 09:01:30 GMT
server: cafe
content-length: 7759
x-xss-protection: 0
set-cookie: IDE=AHWqTUkueIjoJOQYQoipOyYWP5DHt9iA8sPyCF-Pu0DYtBKlA_01w1ACZ8CVXMpzjtc; expires=Sun, 29-May-2022 09:01:30 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 04 May 2021 09:01:30 GMT
cache-control: private

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 30ms
16ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=sumypost.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 04 May 2021 09:01:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 32ms
18ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=sumypost.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 04 May 2021 09:01:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FF42 0
20 B 37ms
23ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9663262642527369&output=html&adk=1812271804&adf=3025194257&lmt=1620118889&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsumypost.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620118889304&bpp=1&bdt=1827&idt=1&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd524de9565a73cab-2266843cc5c7008a%3AT%3D1620118888%3ART%3D1620118888%3AS%3DALNI_MYLZtTdDLs9bBmcd8G7odd_sDhQ3Q&prev_fmts=644x280%2C312x250%2C312x250%2C644x280&nras=1&correlator=7634100935257&frm=20&pv=1&ga_vid=2028455744.1620118889&ga_sid=1620118889&ga_hid=721507080&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3458518872206284&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&dtd=14

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9663262642527369&output=html&adk=1812271804&adf=3025194257&lmt=1620118889&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsumypost.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620118889304&bpp=1&bdt=1827&idt=1&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd524de9565a73cab-2266843cc5c7008a%3AT%3D1620118888%3ART%3D1620118888%3AS%3DALNI_MYLZtTdDLs9bBmcd8G7odd_sDhQ3Q&prev_fmts=644x280%2C312x250%2C312x250%2C644x280&nras=1&correlator=7634100935257&frm=20&pv=1&ga_vid=2028455744.1620118889&ga_sid=1620118889&ga_hid=721507080&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3458518872206284&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&dtd=14
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sumypost.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sumypost.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 04 May 2021 09:01:30 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure IDE=AHWqTUkqJKQ-moWim8K2I9nYM3ajnlTJTZVAhhl_arYrz9_y6e1J9kMKyhmh1dlJ; expires=Sun, 29-May-2022 09:01:30 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 04 May 2021 09:01:30 GMT
cache-control: private

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 39ms
15ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=721507080&t=pageview&_s=1&dl=https%3A%2F%2Fsumypost.com%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A1%D1%83%D0%BC%20-%20The%20Sumy%20Post%20%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%7C%20The%20Sumy%20Post%20%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEABAAAAAC~&jid=1061721180&gjid=1532123177&cid=2028455744.1620118889&tid=UA-55063711-1&_gid=1947835658.1620118890&_r=1&_slc=1&z=1922791051

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 04 May 2021 09:01:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sumypost.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame AAD1 3 KB
674 B 20ms
20ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9663262642527369&output=html&h=280&slotname=2706803759&adk=1686960007&adf=1637403657&pi=t.ma~as.2706803759&w=644&fwrn=4&fwrnh=100&lmt=1620118888&rafmt=1&psa=0&format=644x280&url=https%3A%2F%2Fsumypost.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620118888320&bpp=68&bdt=843&idt=312&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=7634100935257&frm=20&pv=2&ga_vid=2028455744.1620118889&ga_sid=1620118889&ga_hid=721507080&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=146&ady=331&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3458518872206284&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=3MlhYXtlOf&p=https%3A//sumypost.com&dtd=379

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 04 May 2021 07:16:04 GMT
server: ESF
date: Tue, 04 May 2021 09:01:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 04 May 2021 09:01:30 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/ Frame AAD1 1 KB
988 B 74ms
11ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:01:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 May 2021 09:01:23 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210429/r20110914/ Frame AAD1 17 KB
7 KB 74ms
12ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210429/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6b44de504fe9504ea2636b637f8fb3f2be8d29674c427654bdf78bceff624435

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 08:58:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 168
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7028
x-xss-protection: 0
server: cafe
etag: 16788430792231894627
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 May 2021 08:58:42 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/ Frame AAD1 2 KB
1 KB 64ms
24ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:00:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 May 2021 09:00:17 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AAD1 116 KB
35 KB 65ms
31ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bdaa38f52441bf7af0793fbf059e5598ffd9d18fa264b14bd55f6b3655fcc958

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:01:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620056514301796"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36023
x-xss-protection: 0
expires: Tue, 04 May 2021 09:01:30 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/ Frame AAD1 13 KB
6 KB 47ms
10ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:01:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5604
x-xss-protection: 0
server: cafe
etag: 2846967340006788112
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 May 2021 09:01:14 GMT

GET
H2 200 95e6c1f88e21b7366c50a3f905bff199.js Show response
www.gstatic.com/mysidia/ Frame AAD1 25 KB
10 KB 26ms
20ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/95e6c1f88e21b7366c50a3f905bff199.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

173fd00f452c8209f6cebea57cb9a5ab26ab6802ede684468faff558efffd53e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 14:10:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 27 Apr 2021 21:04:36 GMT
server: sffe
age: 154282
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10548
x-xss-protection: 0
expires: Sat, 31 Jul 2021 14:10:08 GMT

GET
H2 200 transparent.png
tpc.googlesyndication.com/pagead/images/ Frame 6241 67 B
196 B 64ms
25ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/transparent.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9663262642527369&output=html&h=280&slotname=7596210885&adk=2638584320&adf=3686550895&pi=t.ma~as.7596210885&w=644&fwrn=4&fwrnh=100&lmt=1620118888&rafmt=1&psa=0&format=644x280&url=https%3A%2F%2Fsumypost.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620118888395&bpp=4&bdt=918&idt=406&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=644x280%2C312x250%2C312x250&correlator=7634100935257&frm=20&pv=1&ga_vid=2028455744.1620118889&ga_sid=1620118889&ga_hid=721507080&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=146&ady=1231&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3458518872206284&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=3&fsb=1&xpc=YXIK2BdwuF&p=https%3A//sumypost.com&dtd=438

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 04 May 2021 01:32:03 GMT
x-content-type-options: nosniff
server: cafe
age: 26967
etag: 2462972746714251406
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
expires: Wed, 05 May 2021 01:32:03 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/12551950111040694866/ Frame AAD1 9 KB
10 KB 53ms
26ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12551950111040694866/downsize_200k_v1?w=400&h=209

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

473681f8a3838c51c275a4a05671e8b01b1c7cc0f1476d6e675997e7c4626c0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 23:42:28 GMT
x-content-type-options: nosniff
age: 379142
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9638
x-xss-protection: 0
last-modified: Mon, 26 Oct 2020 09:31:46 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Apr 2022 23:42:28 GMT

GET
DATA 200
OK truncated
/ Frame AAD1 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame AAD1 0
0 87ms
74ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CvorZaA2RYOe1LMWM-wbfrYeQBoz_qNdhybyu8LcM-KvisdQaEAEg3K-5LGCVAqABs-i0kwPIAQmpAtZLWuYxppQ-qAMByAPLBKoExAFP0DeeScNAHVwwf04yU2BlIZdhBi3mwoRRQxgBiyV29L193bdPH-FArspZ_K8Fn4RPn64gQoL_M-uUkk6XOSK-_VelsQ6q1SvhKjcK8kb6fG0VO6pAZYIgdTsxqueOo5z7G5zLXwJMQ7zxyZxrt5d54gXXK8YcDQBrk4StqdOXkCl6h5yBU6kafpVTT9rnxb_FqaNaZbYXvOubv5NpOzOuoFMMS80EAu5QNKdbPbtxnJxWMKCoyEfqAEGWFOfMGXgTGOiIwASh9bjb_AKSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHtZfLbKgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBDNzRPSCAkIgOGAEBABGB-ACgHICwG4E4gn2BMMiBQB0BUBgBcBshcaChgIABIUcHViLTk2NjMyNjI2NDI1MjczNjk&sigh=bt-814gz3tA&template_id=5000

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9663262642527369&output=html&h=280&slotname=2706803759&adk=1686960007&adf=1637403657&pi=t.ma~as.2706803759&w=644&fwrn=4&fwrnh=100&lmt=1620118888&rafmt=1&psa=0&format=644x280&url=https%3A%2F%2Fsumypost.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620118888320&bpp=68&bdt=843&idt=312&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=7634100935257&frm=20&pv=2&ga_vid=2028455744.1620118889&ga_sid=1620118889&ga_hid=721507080&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=146&ady=331&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3458518872206284&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=3MlhYXtlOf&p=https%3A//sumypost.com&dtd=379
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 04 May 2021 09:01:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
444 B 92ms
26ms XHR
text/plain 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-55063711-1&cid=2028455744.1620118889&jid=1061721180&gjid=1532123177&_gid=1947835658.1620118890&_u=IAhAAEAAAAAAAC~&z=620292481

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 04 May 2021 09:01:30 GMT
content-type: text/plain
access-control-allow-origin: https://sumypost.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/ Frame D6E1 62 KB
16 KB 66ms
29ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/index.html

Requested by

Host: sumypost.com
URL: https://sumypost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d74faf3dba15909820c656f6c8a266891f47becd215f5d1d43b1855577e76584

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/11575576717432054682/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Sun, 02 May 2021 06:16:58 GMT
expires: Mon, 02 May 2022 06:16:58 GMT
last-modified: Tue, 06 Apr 2021 13:27:08 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
content-length: 16673
age: 182672
cache-control: public, max-age=31536000
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 68A4 0
0 70ms
42ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CbxSHaA2RYLHoNJCDlgTpxqA4y5mS8WHk4KKDhg6f1ZjP2hkQASDcr7ksYJUCoAGf59L5AsgBCakCsC-xhEwytD6oAwHIA0iqBMsBT9BC71Tvr_J1kO453tqHkrm1yvbwgFAwEcaF1CyoZX8jENlDmlgjKF3KHcV0fcqd0gnCZa0jxT63bA8-MwWCizKocy1yToU1YqkZYnQwXvOr6Yb_VEiKXAcf8Bwk60U0Y_jsDiDS7S7jG4SFIvXdtbnwpmlzKTdlVsGko7OE_zeBwabBee99Yw4Ix3ibU1Yb6iYoDl0L8_bBEXy2EChDo7uUpnRabCXrenfwGKPHfWa8X_OHgUH8sG7k2EAnyOpI3LmgujKwYr0WIWXABNfx7rWwA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfJmK2GAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBDHuAnSCAkIgOGAEBABGB-ACgHICwHYEw2yFxoKGAgAEhRwdWItOTY2MzI2MjY0MjUyNzM2OQ&sigh=C1aSM2-48-o&template_id=419

Requested by

Host: sumypost.com
URL: https://sumypost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9663262642527369&output=html&h=280&slotname=7596210885&adk=2638584320&adf=3686550895&pi=t.ma~as.7596210885&w=644&fwrn=4&fwrnh=100&lmt=1620118888&rafmt=1&psa=0&format=644x280&url=https%3A%2F%2Fsumypost.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620118888395&bpp=4&bdt=918&idt=406&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=644x280%2C312x250%2C312x250&correlator=7634100935257&frm=20&pv=1&ga_vid=2028455744.1620118889&ga_sid=1620118889&ga_hid=721507080&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=146&ady=1231&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3458518872206284&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=3&fsb=1&xpc=YXIK2BdwuF&p=https%3A//sumypost.com&dtd=438
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 04 May 2021 09:01:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 04 May 2021 09:01:30 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210429/r20110914/ Frame 68A4 17 KB
7 KB 41ms
24ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210429/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6b44de504fe9504ea2636b637f8fb3f2be8d29674c427654bdf78bceff624435

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 08:58:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 168
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7028
x-xss-protection: 0
server: cafe
etag: 16788430792231894627
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 May 2021 08:58:42 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/ Frame 68A4 2 KB
1 KB 42ms
25ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:00:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 May 2021 09:00:17 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 68A4 116 KB
35 KB 43ms
26ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bdaa38f52441bf7af0793fbf059e5598ffd9d18fa264b14bd55f6b3655fcc958

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:01:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620056514301796"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36023
x-xss-protection: 0
expires: Tue, 04 May 2021 09:01:30 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/ Frame 68A4 13 KB
6 KB 38ms
23ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:01:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5604
x-xss-protection: 0
server: cafe
etag: 2846967340006788112
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 May 2021 09:01:14 GMT

GET
DATA 200
OK truncated
/ Frame AAD1 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef14d630ab1e5bb9b4a5fa9fca09abf749c3dbd4301405fd85b5a2629840b066

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 20ms
19ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-55063711-1&cid=2028455744.1620118889&jid=1061721180&_u=IAhAAEAAAAAAAC~&z=1713124915

Requested by

Host: sumypost.com
URL: https://sumypost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 09:01:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
505 B 49ms
24ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-55063711-1&cid=2028455744.1620118889&jid=1061721180&_u=IAhAAEAAAAAAAC~&z=1713124915

Requested by

Host: sumypost.com
URL: https://sumypost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 09:01:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame AAD1 21 KB
21 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 01:32:02 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
age: 458968
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
expires: Fri, 29 Apr 2022 01:32:02 GMT

GET
H3-29 200 4UabrENHsxJlGDuGo1OIlLU94Yt3CwZ-Pw.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame AAD1 11 KB
11 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94Yt3CwZ-Pw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e00db7d3373fb5fd2fa2c7f5f7de6a4e90423ee5068404ba02913f6f781150a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 10:31:29 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:26 GMT
server: sffe
age: 426601
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10892
x-xss-protection: 0
expires: Fri, 29 Apr 2022 10:31:29 GMT

GET
H3-29 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame AAD1 21 KB
21 KB 13ms
12ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 01:31:31 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
age: 458999
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
expires: Fri, 29 Apr 2022 01:31:31 GMT

GET
H3-29 200 4UaGrENHsxJlGDuGo1OIlL3Kwp5MKg.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame AAD1 11 KB
11 KB 12ms
11ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Kwp5MKg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4c2550b07d12bba335752254860f12b44388f449397b9e6e85a8e3f9ed7a6df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 15:44:01 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
age: 407849
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10928
x-xss-protection: 0
expires: Fri, 29 Apr 2022 15:44:01 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5E1C 143 B
163 B 39ms
13ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9663262642527369&output=html&h=280&slotname=7596210885&adk=2638584320&adf=3686550895&pi=t.ma~as.7596210885&w=644&fwrn=4&fwrnh=100&lmt=1620118888&rafmt=1&psa=0&format=644x280&url=https%3A%2F%2Fsumypost.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620118888395&bpp=4&bdt=918&idt=406&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=644x280%2C312x250%2C312x250&correlator=7634100935257&frm=20&pv=1&ga_vid=2028455744.1620118889&ga_sid=1620118889&ga_hid=721507080&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=146&ady=1231&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3458518872206284&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=3&fsb=1&xpc=YXIK2BdwuF&p=https%3A//sumypost.com&dtd=438
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkueIjoJOQYQoipOyYWP5DHt9iA8sPyCF-Pu0DYtBKlA_01w1ACZ8CVXMpzjtc; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9663262642527369&output=html&h=280&slotname=7596210885&adk=2638584320&adf=3686550895&pi=t.ma~as.7596210885&w=644&fwrn=4&fwrnh=100&lmt=1620118888&rafmt=1&psa=0&format=644x280&url=https%3A%2F%2Fsumypost.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620118888395&bpp=4&bdt=918&idt=406&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=644x280%2C312x250%2C312x250&correlator=7634100935257&frm=20&pv=1&ga_vid=2028455744.1620118889&ga_sid=1620118889&ga_hid=721507080&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=146&ady=1231&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3458518872206284&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=3&fsb=1&xpc=YXIK2BdwuF&p=https%3A//sumypost.com&dtd=438

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 04 May 2021 08:29:19 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1932
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 68A4 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd44729be14dd0f8fa9be974e1a164fd6b8b69eba047056e369b84e6a6d46c97

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 transparent.png
tpc.googlesyndication.com/pagead/images/ Frame AA1E 67 B
91 B 10ms
9ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/transparent.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9663262642527369&output=html&h=250&slotname=7596210885&adk=2477841802&adf=679629689&pi=t.ma~as.7596210885&w=312&fwrn=4&fwrnh=100&lmt=1620118888&rafmt=1&psa=0&format=312x250&url=https%3A%2F%2Fsumypost.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620118888716&bpp=1&bdt=1239&idt=2&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=644x280&correlator=7634100935257&frm=20&pv=1&ga_vid=2028455744.1620118889&ga_sid=1620118889&ga_hid=721507080&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=810&ady=3319&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3458518872206284&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=KR0U0xrE3H&p=https%3A//sumypost.com&dtd=15

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 04 May 2021 01:32:03 GMT
x-content-type-options: nosniff
server: cafe
age: 26968
etag: 2462972746714251406
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
expires: Wed, 05 May 2021 01:32:03 GMT

GET
H2 200 WoE6FlxLfDckfFPcighdBxIW8EHvlo7fGH3q-u1F8Es.js Show response
pagead2.googlesyndication.com/bg/ Frame 6F53 14 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WoE6FlxLfDckfFPcighdBxIW8EHvlo7fGH3q-u1F8Es.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a813a165c4b7c37247c53dc8a085d071216f041ef968edf187deafaed45f04b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 08:11:30 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 28 Apr 2021 12:48:00 GMT
server: sffe
age: 3001
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5711
x-xss-protection: 0
expires: Wed, 04 May 2022 08:11:30 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame DDF0 0
0 46ms
44ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CKLIZag2RYO6GAsambeqil8ACz4eOm1zAhtmCxgLAjbcBEAEgAGCVAoIBF2NhLXB1Yi05NjYzMjYyNjQyNTI3MzY5yAEJqAMBqgS1AU_QVKM5dgmnBns8Ibv5fHxs4h5KhK13FX3zynbRj52f-kFTzzu-2hU5vOhehol5rUyZ9LNQw7FCRODS-55flBfY-bnEKYYUS0TZiZUwP8mGRaa7ld1CJ1vwo63cGgepTmzFXDSYGj7Dq7MX21M6h8EnI8TzgqKmQVMx84qaB3q0E5IF91g1FtCnxkBl5UpiDR9Kr91ZtEDsjyerdcp7GuH0DOdQLvlyU5DzTNG4eQSkWPelZzGABurHh7CNx7b5pwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwBshcYChYSFHB1Yi05NjYzMjYyNjQyNTI3MzY5&sigh=mMeUeplPBpk&tpd=AGWhJms1Kw8uWjZ93FSNXD4_0tKlI8kMVUiE_0EvLHCRconjnTXJ4pqDrgDWsfHUJCiMiJus_GmayETkGBvZy8gy7Lb-2fSdJQBgkX5o3cmM-wZsmDu7ajOvxPZn9GOVuAUV0mkLSEQ2t4XOnE7PucjqaNRmapH8tOx16vyJq6ioOzCjBIBGdCbau0bGdbwCGNIN90gGBxo2sYIxAfgncdiC9uDTGNxsCUBxYqLfmQMh45Aa-YKRW_egGu8nyVcM4RM7RT0ycA8n2YAUADOq7uOz1_SfJTae_I-xRrsMAH7vswWbNJYh_heqyvo29F8QWEZ2Vcesn8jrVMeIHcIu5OVYeKfnHWt3jvG1dup0ddEvxf_o0cLfcQ46K-5quPXoa8WdRWaRfd7zHsfTD0HMvZVoO95hmI1RAdv44Xy94TuQlvU8PrFY8Ziur-DJtBWB6G2ILtEz79SwWxJZE3sWSS7VmHrJkW18P8PCaMhG2Y9Ql7pjlm6JYEab1NbFRXc2eKPOjZGmnKQ3KbJuRsw8MIcw9Q7iuHu3tQHepVCoW51Ff9JQWcRoVwFKMvlYXHmy9HxFchDUayx6puZbgOdL6Kx0Krlcw3hIKdb-nrmc2V9WXH6pEusiJV25oye3McYWJ-t3qv1NA2Ie5p7ym7uaEHPAx3H4X-JlNDRt7E0YKYcA0XFTkcsn2CTs-7wquZUeTya8Bg0Znv-hAzrfAeaoqNhlpBVdF41sPTB2veuLH7U2f3bg6QLrYX7M-Xgr3GMWYj0o_Qx19_wBzTbHhJZFAdBKKCHlAQx7nVkAKCsiUd2vHEp336EtiymFRt-RVUbqaoJAOYHX1W4C7SueqTkMqEra-5xQtIMdoDEn7IEuIYhPjSUU1ULdijLSlnLjBnkPy-a5D9gQb7Ek6UoJIQk77V2KfBWtyFLZWX51ga9DFaRUV4JpLYwHRBwwKaXgVQjD_4ogSGjw9R9ACF38zBHmBiuyrgOx2hZlBfOD7FKAPSQOckFercgLIl8mQjV3XNPa7XRtm4WigYv4SnBR5Yp98FnvJ-sG1Ac

Requested by

Host: sumypost.com
URL: https://sumypost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9663262642527369&output=html&h=250&slotname=7596210885&adk=2477841802&adf=3619793251&pi=t.ma~as.7596210885&w=312&fwrn=4&fwrnh=100&lmt=1620118888&rafmt=1&psa=0&format=312x250&url=https%3A%2F%2Fsumypost.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620118888737&bpp=2&bdt=1260&idt=2&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=644x280%2C312x250&correlator=7634100935257&frm=20&pv=1&ga_vid=2028455744.1620118889&ga_sid=1620118889&ga_hid=721507080&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1142&ady=3319&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3458518872206284&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1COJS06atC&p=https%3A//sumypost.com&dtd=45
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 04 May 2021 09:01:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK js Show response
tags.mathtag.com/notify/ Frame DDF0 2 KB
2 KB 944ms
81ms Script
application/x-javascript 185.29.133.199
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTkdJMk5tTTJNVEl0TldObFpTMWtOVFJsTFRBd01EQXRNREF3TURBd01EQXdNREF3LzczMDE0MTA3NzQxNjQ1MzM3NzUvODY3NTYwOS83MzI0NDE5LzQvbnhKcjRHc0E4eXVlckNjb19VWVFmeXg4WnJHcU9lMi1QaVdwOXhzeWxLay8xLzQvMC8wLzE1MTI1ODYvMC8yNDI4NzYvODYzMTgyLzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvMzgzODgxNzQ2NTIzNDUxMTU2L3pyaC8wLzE5MS80NS85OTkvNjYvMmEwMTo0Zjg6MTkyOjovMC4wMDAvMTYyMDExODg5MC8xNjIwMTMxNDkwLzQvcHViLTk2NjMyNjI2NDI1MjczNjkv/ctVHpJGvXo568JsTovX_bfh4Gz0&nodeid=2635&group=eu&auctionid=7301410774164533775&sid=7324419&cid=8675609&bp=a_agffcb&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.25&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYD0lag2RYO6GAsambeqil8ACz4eOm1zAhtmCxgLAjbcBEAEgAGCVAoIBF2NhLXB1Yi05NjYzMjYyNjQyNTI3MzY5yAEJqAMBqgS4AU_QVKM5dgmnBns8Ibv5fHxs4h5KhK13FX3zynbRj52f-kFTzzu-2hU5vOhehol5rUyZ9LNQw7FCRODS-55flBfY-bnEKYYUS0TZiZUwP8mGRaa7ld1CJ1vwo63cGgepTmzFXDSYGj7Dq7MX21M6h8EnI8TzgqKmQVMx84qaB3q0E5IF91g1FtCnxkBl5UpiDR9Kr91ZtEDsjyerdcp7GuH0DOcSLPTg_wBXS1wcMa98GFhVeiV72IKABurHh7CNx7b5pwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB%26num%3D1%26sig%3DAOD64_39BUCnxxk7CBoMd8VIW1WQXnB1wA%26client%3Dca-pub-9663262642527369%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9663262642527369&output=html&h=250&slotname=7596210885&adk=2477841802&adf=3619793251&pi=t.ma~as.7596210885&w=312&fwrn=4&fwrnh=100&lmt=1620118888&rafmt=1&psa=0&format=312x250&url=https%3A%2F%2Fsumypost.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620118888737&bpp=2&bdt=1260&idt=2&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=644x280%2C312x250&correlator=7634100935257&frm=20&pv=1&ga_vid=2028455744.1620118889&ga_sid=1620118889&ga_hid=721507080&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1142&ady=3319&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3458518872206284&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1COJS06atC&p=https%3A//sumypost.com&dtd=45
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.133.199 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.197.0 /
Resource Hash: 04d470dc2e9679f841039cb7c8ca471cee2bea57a9cee8a79184ed0240d7b5cf

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 09:01:35 GMT
Content-Encoding: gzip
x-mm-bid-request-time: 1620118890
Last-Modified: Tue, 04 May 2021 09:01:30 GMT
Server: MMBD/3.197.0
x-mm-latency: 3 (1)
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
x-mm-dbg: Count
Cache-Control: no-cache
x-mm-host: zrh-router-x82, zrh-bidder-x149
Connection: close
Content-Type: application/x-javascript; charset=UTF-8
Expires: Tue, 04 May 2021 09:01:34 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/ Frame DDF0 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9663262642527369&output=html&h=250&slotname=7596210885&adk=2477841802&adf=3619793251&pi=t.ma~as.7596210885&w=312&fwrn=4&fwrnh=100&lmt=1620118888&rafmt=1&psa=0&format=312x250&url=https%3A%2F%2Fsumypost.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620118888737&bpp=2&bdt=1260&idt=2&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=644x280%2C312x250&correlator=7634100935257&frm=20&pv=1&ga_vid=2028455744.1620118889&ga_sid=1620118889&ga_hid=721507080&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1142&ady=3319&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3458518872206284&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1COJS06atC&p=https%3A//sumypost.com&dtd=45

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:00:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 May 2021 09:00:17 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DDF0 116 KB
35 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9663262642527369&output=html&h=250&slotname=7596210885&adk=2477841802&adf=3619793251&pi=t.ma~as.7596210885&w=312&fwrn=4&fwrnh=100&lmt=1620118888&rafmt=1&psa=0&format=312x250&url=https%3A%2F%2Fsumypost.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620118888737&bpp=2&bdt=1260&idt=2&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=644x280%2C312x250&correlator=7634100935257&frm=20&pv=1&ga_vid=2028455744.1620118889&ga_sid=1620118889&ga_hid=721507080&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1142&ady=3319&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3458518872206284&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1COJS06atC&p=https%3A//sumypost.com&dtd=45

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bdaa38f52441bf7af0793fbf059e5598ffd9d18fa264b14bd55f6b3655fcc958

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:01:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620056514301796"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36023
x-xss-protection: 0
expires: Tue, 04 May 2021 09:01:31 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/ Frame DDF0 13 KB
5 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9663262642527369&output=html&h=250&slotname=7596210885&adk=2477841802&adf=3619793251&pi=t.ma~as.7596210885&w=312&fwrn=4&fwrnh=100&lmt=1620118888&rafmt=1&psa=0&format=312x250&url=https%3A%2F%2Fsumypost.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620118888737&bpp=2&bdt=1260&idt=2&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=644x280%2C312x250&correlator=7634100935257&frm=20&pv=1&ga_vid=2028455744.1620118889&ga_sid=1620118889&ga_hid=721507080&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1142&ady=3319&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3458518872206284&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1COJS06atC&p=https%3A//sumypost.com&dtd=45

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:01:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5604
x-xss-protection: 0
server: cafe
etag: 2846967340006788112
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 May 2021 09:01:14 GMT

GET
H3-29 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame D6E1 16 KB
6 KB 22ms
11ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 17:09:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57126
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 04 May 2021 17:09:25 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame D6E1 22 KB
9 KB 20ms
7ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 23:11:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35430
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8867
x-xss-protection: 0
server: cafe
etag: 18043545750443934562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 04 May 2021 23:11:01 GMT

GET
H3-29 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/ Frame 6070 62 KB
16 KB 12ms
11ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/index.html

Requested by

Host: sumypost.com
URL: https://sumypost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d74faf3dba15909820c656f6c8a266891f47becd215f5d1d43b1855577e76584

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/11575576717432054682/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Sun, 02 May 2021 06:16:58 GMT
expires: Mon, 02 May 2022 06:16:58 GMT
last-modified: Tue, 06 Apr 2021 13:27:08 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
content-length: 16673
age: 182673
cache-control: public, max-age=31536000
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 62C1 0
0 55ms
55ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CjChmag2RYLeMApeIlgTdhYW4CsuZkvFh5OCig4YOqbj4vrUaEAEg3K-5LGCVAqABn-fS-QLIAQmpArAvsYRMMrQ-qAMByANIqgTFAU_QJYw2lwE0pCRwmqvRqG5QVQRjDt7jmGCqRvtg-a4-jYDzWV0tmymmzSVm0cjoKYkGIBEr3liOADc2u_y3-rP-89JLeFrJnFs0Nf5OymX1ckAjyGGT1NnszswCG4NmOTP1PlreZ2uevD1wOBG8-L31j2jC_XxPuZxCK61ytSU8nI6bpkfd3gDC1-HNcp2TA6UPvEwxrlfO58mj9cZ_MK31tnrjMOI079dgGfUaQ2ek0xKreQXwyYTRRk99y0bwabV4VlfVwATX8e61sAOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHyZithgGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQssEE0ggJCIDhgBAQARgfgAoByAsB2BMNshcaChgIABIUcHViLTk2NjMyNjI2NDI1MjczNjk&sigh=ZQ_j_OZq0ak&template_id=419

Requested by

Host: sumypost.com
URL: https://sumypost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9663262642527369&output=html&h=250&slotname=7596210885&adk=2477841802&adf=679629689&pi=t.ma~as.7596210885&w=312&fwrn=4&fwrnh=100&lmt=1620118888&rafmt=1&psa=0&format=312x250&url=https%3A%2F%2Fsumypost.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620118888716&bpp=1&bdt=1239&idt=2&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=644x280&correlator=7634100935257&frm=20&pv=1&ga_vid=2028455744.1620118889&ga_sid=1620118889&ga_hid=721507080&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=810&ady=3319&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3458518872206284&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=KR0U0xrE3H&p=https%3A//sumypost.com&dtd=15
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 04 May 2021 09:01:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210429/r20110914/ Frame 62C1 17 KB
7 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210429/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6b44de504fe9504ea2636b637f8fb3f2be8d29674c427654bdf78bceff624435

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 08:58:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 169
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7028
x-xss-protection: 0
server: cafe
etag: 16788430792231894627
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 May 2021 08:58:42 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/ Frame 62C1 2 KB
1 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:00:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 May 2021 09:00:17 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 62C1 116 KB
35 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bdaa38f52441bf7af0793fbf059e5598ffd9d18fa264b14bd55f6b3655fcc958

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:01:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620056514301796"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36023
x-xss-protection: 0
expires: Tue, 04 May 2021 09:01:31 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/ Frame 62C1 13 KB
5 KB 18ms
13ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:01:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5604
x-xss-protection: 0
server: cafe
etag: 2846967340006788112
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 May 2021 09:01:14 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 62C1 0
0 51ms
15ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS6KZrDQgKrHLINwaKHjd9YyR3KMd8wbta23yuomMh2SWEx7f77pe2Gv1od0IkUgzfAEoi93CHQK8NTaqMwWKFjnce-_g
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9663262642527369&output=html&h=250&slotname=7596210885&adk=2477841802&adf=679629689&pi=t.ma~as.7596210885&w=312&fwrn=4&fwrnh=100&lmt=1620118888&rafmt=1&psa=0&format=312x250&url=https%3A%2F%2Fsumypost.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620118888716&bpp=1&bdt=1239&idt=2&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=644x280&correlator=7634100935257&frm=20&pv=1&ga_vid=2028455744.1620118889&ga_sid=1620118889&ga_hid=721507080&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=810&ady=3319&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3458518872206284&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=KR0U0xrE3H&p=https%3A//sumypost.com&dtd=15
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 WoE6FlxLfDckfFPcighdBxIW8EHvlo7fGH3q-u1F8Es.js Show response
pagead2.googlesyndication.com/bg/ Frame D6E1 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WoE6FlxLfDckfFPcighdBxIW8EHvlo7fGH3q-u1F8Es.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a813a165c4b7c37247c53dc8a085d071216f041ef968edf187deafaed45f04b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 08:11:30 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 28 Apr 2021 12:48:00 GMT
server: sffe
age: 3001
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5711
x-xss-protection: 0
expires: Wed, 04 May 2022 08:11:30 GMT

GET
H3-29 200 cta_DE.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/ Frame D6E1 8 KB
8 KB 7ms
7ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/cta_DE.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6c90a9b3443352d72701940c7d481187437570b43156c994ce6a7f90c67eb9e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 557435
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8540
x-xss-protection: 0
last-modified: Tue, 06 Apr 2021 13:27:08 GMT
server: sffe
date: Tue, 27 Apr 2021 22:10:56 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Apr 2022 22:10:56 GMT

GET
H3-29 200 fechas_vertical_DE.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/ Frame D6E1 14 KB
14 KB 7ms
7ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/fechas_vertical_DE.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90e5243c11607e4a858e3edbfcb8f3401bd0cb682c48c1c10b023b9d5e38e7eb

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 182710
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13906
x-xss-protection: 0
last-modified: Tue, 06 Apr 2021 13:27:08 GMT
server: sffe
date: Sun, 02 May 2021 06:16:21 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 May 2022 06:16:21 GMT

GET
H3-29 200 experiencia_vertical_DE.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/ Frame D6E1 15 KB
15 KB 11ms
11ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/experiencia_vertical_DE.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e60a3d9e5e60abd14d62324a850de1bd9e7e99d3f2153daf6dd1637cb35b2e67

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 387672
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15206
x-xss-protection: 0
last-modified: Tue, 06 Apr 2021 13:27:08 GMT
server: sffe
date: Thu, 29 Apr 2021 21:20:19 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Apr 2022 21:20:19 GMT

GET
H3-29 200 summercamp_vertical_DE.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/ Frame D6E1 16 KB
16 KB 12ms
12ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/summercamp_vertical_DE.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd3c21db58383e67406558a08962488ed59dc0de0301fc3ee15665b0a7bd71e7

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 557435
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16162
x-xss-protection: 0
last-modified: Tue, 06 Apr 2021 13:27:08 GMT
server: sffe
date: Tue, 27 Apr 2021 22:10:56 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Apr 2022 22:10:56 GMT

GET
H3-29 200 fondo300x250_1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/ Frame D6E1 94 KB
94 KB 14ms
13ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/fondo300x250_1.jpg

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1661c6d01207f8e58d4babdc4f2352b965ef741777cddbb0319745fcf75ad933

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 557435
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 96133
x-xss-protection: 0
last-modified: Tue, 06 Apr 2021 13:27:08 GMT
server: sffe
date: Tue, 27 Apr 2021 22:10:56 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Apr 2022 22:10:56 GMT

GET
DATA 200
OK truncated
/ Frame D6E1 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B73E 143 B
163 B 9ms
8ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9663262642527369&output=html&h=250&slotname=7596210885&adk=2477841802&adf=679629689&pi=t.ma~as.7596210885&w=312&fwrn=4&fwrnh=100&lmt=1620118888&rafmt=1&psa=0&format=312x250&url=https%3A%2F%2Fsumypost.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620118888716&bpp=1&bdt=1239&idt=2&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=644x280&correlator=7634100935257&frm=20&pv=1&ga_vid=2028455744.1620118889&ga_sid=1620118889&ga_hid=721507080&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=810&ady=3319&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3458518872206284&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=KR0U0xrE3H&p=https%3A//sumypost.com&dtd=15
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkueIjoJOQYQoipOyYWP5DHt9iA8sPyCF-Pu0DYtBKlA_01w1ACZ8CVXMpzjtc; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9663262642527369&output=html&h=250&slotname=7596210885&adk=2477841802&adf=679629689&pi=t.ma~as.7596210885&w=312&fwrn=4&fwrnh=100&lmt=1620118888&rafmt=1&psa=0&format=312x250&url=https%3A%2F%2Fsumypost.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620118888716&bpp=1&bdt=1239&idt=2&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=644x280&correlator=7634100935257&frm=20&pv=1&ga_vid=2028455744.1620118889&ga_sid=1620118889&ga_hid=721507080&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=810&ady=3319&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3458518872206284&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=KR0U0xrE3H&p=https%3A//sumypost.com&dtd=15

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 04 May 2021 08:29:19 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1933
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 6070 16 KB
6 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 17:09:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57127
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 04 May 2021 17:09:25 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 6070 22 KB
9 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 23:11:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35431
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8867
x-xss-protection: 0
server: cafe
etag: 18043545750443934562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 04 May 2021 23:11:01 GMT

POST
H3-29 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame 62C1 0
20 B 53ms
39ms Other
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLfpvJfVr_ACFReEhQod3UIBpw&gqi=ag2RYL-6AZaylgS-i5nYCw&layout=/sadbundle/%24csp%253Der3%24/11575576717432054682/index.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Tue, 04 May 2021 09:01:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5E1C
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

44ms
42ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkueIjoJOQYQoipOyYWP5DHt9iA8sPyCF-Pu0DYtBKlA_01w1ACZ8CVXMpzjtc; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 04 May 2021 09:01:32 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Tue, 04-May-2021 10:01:32 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 04 May 2021 09:01:32 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 04 May 2021 09:01:32 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 62C1 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9dc50cbbaa80bae4734be5dbb8cf6a3bbd4a760448a1ebff2d8cf91e6689217e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame AAD1 42 B
64 B 43ms
42ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssYAVeOORXG0-rLDFF1LNzNIOjNWwT7ehZHIFmhDBW9yIz9dC1mpLg91dSSHCv-KiFVGNz_1rt1oNEBJcCKCtY7Hi1d7G_gX8zCLD9iOtwdPYzgOV6rdIv2VAvK8Q&sai=AMfl-YRBMeaWEPgFg8zt34f8NWdjheFhiY45MBKhYeU8eK0VgJ2QEfzASGFjaxqcCFwIN9wPt9wnfFZ7Vnm7&sig=Cg0ArKJSzBvHvPK3QUeNEAE&id=lidar2&mcvt=1203&p=331,146,611,790&mtos=1203,1203,1203,1203,1203&tos=1203,0,0,0,0&v=20210503&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1686960007&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1620118888707&dlt=1297&rpt=232&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 09:01:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK r9d3a58lo9uw Show response
hal9000.redintelligence.net/zone/ Frame DDF0 11 KB
3 KB 507ms
50ms Script
text/html 88.99.219.174
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/r9d3a58lo9uw?subid=&gdpr=1&gdpr_consent=BAAAAAAAAAAAAAAAAAluAA%2F%2F%2F%2F%2F%2F%2BABgCeAJ4Ang&rnd=7301410774164533775&extVar[]=DOUBLEBORDER:1&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D7301410774164533775%26mt_id%3D8675609%26mt_adid%3D242876%26mt_sid%3D7324419%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D4aaa6091-0d6c-4101-a06a-9b161ae3edc8%26mt_cid%3D4aaa6091-0d6c-4101-a06a-9b161ae3edc8%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCYD0lag2RYO6GAsambeqil8ACz4eOm1zAhtmCxgLAjbcBEAEgAGCVAoIBF2NhLXB1Yi05NjYzMjYyNjQyNTI3MzY5yAEJqAMBqgS4AU_QVKM5dgmnBns8Ibv5fHxs4h5KhK13FX3zynbRj52f-kFTzzu-2hU5vOhehol5rUyZ9LNQw7FCRODS-55flBfY-bnEKYYUS0TZiZUwP8mGRaa7ld1CJ1vwo63cGgepTmzFXDSYGj7Dq7MX21M6h8EnI8TzgqKmQVMx84qaB3q0E5IF91g1FtCnxkBl5UpiDR9Kr91ZtEDsjyerdcp7GuH0DOcSLPTg_wBXS1wcMa98GFhVeiV72IKABurHh7CNx7b5pwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB%2526num%253D1%2526sig%253DAOD64_39BUCnxxk7CBoMd8VIW1WQXnB1wA%2526client%253Dca-pub-9663262642527369%2526adurl%253D%26redirect%3D
Requested by: Host: sumypost.com
URL: https://sumypost.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.174.219.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 000c1cc4f1a196dee4a13fe7a485f4ba6f161e56cd2c10605010daf689b054cc

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 09:01:32 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3359
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ck-confirm
tags.mathtag.com/ Frame DDF0 49 B
330 B 219ms
75ms Image
image/gif 185.29.133.199
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/ck-confirm?bid_id=7301410774164533775&node_id=2635&exch_id=4
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTkdJMk5tTTJNVEl0TldObFpTMWtOVFJsTFRBd01EQXRNREF3TURBd01EQXdNREF3LzczMDE0MTA3NzQxNjQ1MzM3NzUvODY3NTYwOS83MzI0NDE5LzQvbnhKcjRHc0E4eXVlckNjb19VWVFmeXg4WnJHcU9lMi1QaVdwOXhzeWxLay8xLzQvMC8wLzE1MTI1ODYvMC8yNDI4NzYvODYzMTgyLzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvMzgzODgxNzQ2NTIzNDUxMTU2L3pyaC8wLzE5MS80NS85OTkvNjYvMmEwMTo0Zjg6MTkyOjovMC4wMDAvMTYyMDExODg5MC8xNjIwMTMxNDkwLzQvcHViLTk2NjMyNjI2NDI1MjczNjkv/ctVHpJGvXo568JsTovX_bfh4Gz0&nodeid=2635&group=eu&auctionid=7301410774164533775&sid=7324419&cid=8675609&bp=a_agffcb&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.25&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYD0lag2RYO6GAsambeqil8ACz4eOm1zAhtmCxgLAjbcBEAEgAGCVAoIBF2NhLXB1Yi05NjYzMjYyNjQyNTI3MzY5yAEJqAMBqgS4AU_QVKM5dgmnBns8Ibv5fHxs4h5KhK13FX3zynbRj52f-kFTzzu-2hU5vOhehol5rUyZ9LNQw7FCRODS-55flBfY-bnEKYYUS0TZiZUwP8mGRaa7ld1CJ1vwo63cGgepTmzFXDSYGj7Dq7MX21M6h8EnI8TzgqKmQVMx84qaB3q0E5IF91g1FtCnxkBl5UpiDR9Kr91ZtEDsjyerdcp7GuH0DOcSLPTg_wBXS1wcMa98GFhVeiV72IKABurHh7CNx7b5pwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB%26num%3D1%26sig%3DAOD64_39BUCnxxk7CBoMd8VIW1WQXnB1wA%26client%3Dca-pub-9663262642527369%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.133.199 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.197.0 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 09:01:35 GMT
Server: MMBD/3.197.0
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x41, zrh-bidder-x149
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Tue, 04 May 2021 09:01:34 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame DDF0 43 B
360 B 514ms
72ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=7301410774164533775&v3=863182&v4=7324419&v5=8675609&mt_nsync=1&no_attr=1
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTkdJMk5tTTJNVEl0TldObFpTMWtOVFJsTFRBd01EQXRNREF3TURBd01EQXdNREF3LzczMDE0MTA3NzQxNjQ1MzM3NzUvODY3NTYwOS83MzI0NDE5LzQvbnhKcjRHc0E4eXVlckNjb19VWVFmeXg4WnJHcU9lMi1QaVdwOXhzeWxLay8xLzQvMC8wLzE1MTI1ODYvMC8yNDI4NzYvODYzMTgyLzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvMzgzODgxNzQ2NTIzNDUxMTU2L3pyaC8wLzE5MS80NS85OTkvNjYvMmEwMTo0Zjg6MTkyOjovMC4wMDAvMTYyMDExODg5MC8xNjIwMTMxNDkwLzQvcHViLTk2NjMyNjI2NDI1MjczNjkv/ctVHpJGvXo568JsTovX_bfh4Gz0&nodeid=2635&group=eu&auctionid=7301410774164533775&sid=7324419&cid=8675609&bp=a_agffcb&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.25&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYD0lag2RYO6GAsambeqil8ACz4eOm1zAhtmCxgLAjbcBEAEgAGCVAoIBF2NhLXB1Yi05NjYzMjYyNjQyNTI3MzY5yAEJqAMBqgS4AU_QVKM5dgmnBns8Ibv5fHxs4h5KhK13FX3zynbRj52f-kFTzzu-2hU5vOhehol5rUyZ9LNQw7FCRODS-55flBfY-bnEKYYUS0TZiZUwP8mGRaa7ld1CJ1vwo63cGgepTmzFXDSYGj7Dq7MX21M6h8EnI8TzgqKmQVMx84qaB3q0E5IF91g1FtCnxkBl5UpiDR9Kr91ZtEDsjyerdcp7GuH0DOcSLPTg_wBXS1wcMa98GFhVeiV72IKABurHh7CNx7b5pwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB%26num%3D1%26sig%3DAOD64_39BUCnxxk7CBoMd8VIW1WQXnB1wA%26client%3Dca-pub-9663262642527369%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 3709 11aaa92 master zrh-pixel-x12 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 09:01:32 GMT
Server: MT3 3709 11aaa92 master zrh-pixel-x12
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 04 May 2021 09:01:35 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame DDF0 49 B
330 B 229ms
80ms Image
image/gif 185.29.133.199
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=7301410774164533775&st=7324419&time=1620118892&nodeid=2635
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTkdJMk5tTTJNVEl0TldObFpTMWtOVFJsTFRBd01EQXRNREF3TURBd01EQXdNREF3LzczMDE0MTA3NzQxNjQ1MzM3NzUvODY3NTYwOS83MzI0NDE5LzQvbnhKcjRHc0E4eXVlckNjb19VWVFmeXg4WnJHcU9lMi1QaVdwOXhzeWxLay8xLzQvMC8wLzE1MTI1ODYvMC8yNDI4NzYvODYzMTgyLzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvMzgzODgxNzQ2NTIzNDUxMTU2L3pyaC8wLzE5MS80NS85OTkvNjYvMmEwMTo0Zjg6MTkyOjovMC4wMDAvMTYyMDExODg5MC8xNjIwMTMxNDkwLzQvcHViLTk2NjMyNjI2NDI1MjczNjkv/ctVHpJGvXo568JsTovX_bfh4Gz0&nodeid=2635&group=eu&auctionid=7301410774164533775&sid=7324419&cid=8675609&bp=a_agffcb&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.25&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYD0lag2RYO6GAsambeqil8ACz4eOm1zAhtmCxgLAjbcBEAEgAGCVAoIBF2NhLXB1Yi05NjYzMjYyNjQyNTI3MzY5yAEJqAMBqgS4AU_QVKM5dgmnBns8Ibv5fHxs4h5KhK13FX3zynbRj52f-kFTzzu-2hU5vOhehol5rUyZ9LNQw7FCRODS-55flBfY-bnEKYYUS0TZiZUwP8mGRaa7ld1CJ1vwo63cGgepTmzFXDSYGj7Dq7MX21M6h8EnI8TzgqKmQVMx84qaB3q0E5IF91g1FtCnxkBl5UpiDR9Kr91ZtEDsjyerdcp7GuH0DOcSLPTg_wBXS1wcMa98GFhVeiV72IKABurHh7CNx7b5pwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB%26num%3D1%26sig%3DAOD64_39BUCnxxk7CBoMd8VIW1WQXnB1wA%26client%3Dca-pub-9663262642527369%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.133.199 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.197.0 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 09:01:36 GMT
Server: MMBD/3.197.0
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x77, zrh-bidder-x149
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Tue, 04 May 2021 09:01:35 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B73E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

58ms
40ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkueIjoJOQYQoipOyYWP5DHt9iA8sPyCF-Pu0DYtBKlA_01w1ACZ8CVXMpzjtc; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 04 May 2021 09:01:32 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Tue, 04-May-2021 10:01:32 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 04 May 2021 09:01:32 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 04 May 2021 09:01:32 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 WoE6FlxLfDckfFPcighdBxIW8EHvlo7fGH3q-u1F8Es.js Show response
pagead2.googlesyndication.com/bg/ Frame 6070 14 KB
6 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WoE6FlxLfDckfFPcighdBxIW8EHvlo7fGH3q-u1F8Es.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a813a165c4b7c37247c53dc8a085d071216f041ef968edf187deafaed45f04b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 08:11:30 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 28 Apr 2021 12:48:00 GMT
server: sffe
age: 3002
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5711
x-xss-protection: 0
expires: Wed, 04 May 2022 08:11:30 GMT

GET
H3-29 200 cta_DE.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/ Frame 6070 8 KB
8 KB 10ms
10ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/cta_DE.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6c90a9b3443352d72701940c7d481187437570b43156c994ce6a7f90c67eb9e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 557436
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8540
x-xss-protection: 0
last-modified: Tue, 06 Apr 2021 13:27:08 GMT
server: sffe
date: Tue, 27 Apr 2021 22:10:56 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Apr 2022 22:10:56 GMT

GET
H3-29 200 fechas_vertical_DE.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/ Frame 6070 14 KB
14 KB 11ms
9ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/fechas_vertical_DE.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90e5243c11607e4a858e3edbfcb8f3401bd0cb682c48c1c10b023b9d5e38e7eb

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 182711
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13906
x-xss-protection: 0
last-modified: Tue, 06 Apr 2021 13:27:08 GMT
server: sffe
date: Sun, 02 May 2021 06:16:21 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 May 2022 06:16:21 GMT

GET
H3-29 200 experiencia_vertical_DE.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/ Frame 6070 15 KB
15 KB 11ms
9ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/experiencia_vertical_DE.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e60a3d9e5e60abd14d62324a850de1bd9e7e99d3f2153daf6dd1637cb35b2e67

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 387673
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15206
x-xss-protection: 0
last-modified: Tue, 06 Apr 2021 13:27:08 GMT
server: sffe
date: Thu, 29 Apr 2021 21:20:19 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Apr 2022 21:20:19 GMT

GET
H3-29 200 summercamp_vertical_DE.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/ Frame 6070 16 KB
16 KB 16ms
14ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/summercamp_vertical_DE.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd3c21db58383e67406558a08962488ed59dc0de0301fc3ee15665b0a7bd71e7

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 557436
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16162
x-xss-protection: 0
last-modified: Tue, 06 Apr 2021 13:27:08 GMT
server: sffe
date: Tue, 27 Apr 2021 22:10:56 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Apr 2022 22:10:56 GMT

GET
H3-29 200 fondo300x250_1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/ Frame 6070 94 KB
94 KB 15ms
15ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/fondo300x250_1.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1661c6d01207f8e58d4babdc4f2352b965ef741777cddbb0319745fcf75ad933

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 557436
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 96133
x-xss-protection: 0
last-modified: Tue, 06 Apr 2021 13:27:08 GMT
server: sffe
date: Tue, 27 Apr 2021 22:10:56 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Apr 2022 22:10:56 GMT

GET
DATA 200
OK truncated
/ Frame 6070 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1

200
OK

request.php Show response
hal900022.redintelligence.net/ Frame DDF0
Redirect Chain

https://hal900022.redintelligence.net/request.php?zone=r9d3a58lo9uw&nw=20&renderingType=javascript&namespace=a17b142927&subid=&uid=d80dc6958fda3af4&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900022.redintelligence.net/request.php?zone=r9d3a58lo9uw&nw=20&renderingType=javascript&namespace=a17b142927&subid=&uid=d80dc6958fda3af4&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

2 KB
1 KB

213ms
118ms

Script
application/x-javascript

144.76.104.53
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900022.redintelligence.net/request.php?zone=r9d3a58lo9uw&nw=20&renderingType=javascript&namespace=a17b142927&subid=&uid=d80dc6958fda3af4&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=1&gdpr_consent=BAAAAAAAAAAAAAAAAAluAA%2F%2F%2F%2F%2F%2F%2BABgCeAJ4Ang&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D7301410774164533775%26mt_id%3D8675609%26mt_adid%3D242876%26mt_sid%3D7324419%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D4aaa6091-0d6c-4101-a06a-9b161ae3edc8%26mt_cid%3D4aaa6091-0d6c-4101-a06a-9b161ae3edc8%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCYD0lag2RYO6GAsambeqil8ACz4eOm1zAhtmCxgLAjbcBEAEgAGCVAoIBF2NhLXB1Yi05NjYzMjYyNjQyNTI3MzY5yAEJqAMBqgS4AU_QVKM5dgmnBns8Ibv5fHxs4h5KhK13FX3zynbRj52f-kFTzzu-2hU5vOhehol5rUyZ9LNQw7FCRODS-55flBfY-bnEKYYUS0TZiZUwP8mGRaa7ld1CJ1vwo63cGgepTmzFXDSYGj7Dq7MX21M6h8EnI8TzgqKmQVMx84qaB3q0E5IF91g1FtCnxkBl5UpiDR9Kr91ZtEDsjyerdcp7GuH0DOcSLPTg_wBXS1wcMa98GFhVeiV72IKABurHh7CNx7b5pwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB%2526num%253D1%2526sig%253DAOD64_39BUCnxxk7CBoMd8VIW1WQXnB1wA%2526client%253Dca-pub-9663262642527369%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-9663262642527369%26output%3Dhtml%26h%3D250%26slotname%3D7596210885%26adk%3D2477841802%26adf%3D3619793251%26pi%3Dt.ma~as.7596210885%26w%3D312%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1620118888%26rafmt%3D1%26psa%3D0%26format%3D312x250%26url%3Dhttps%253A%252F%252Fsumypost.com%252F%26flash%3D0%26fwr%3D0%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdXQ..%26dt%3D1620118888737%26bpp%3D2%26bdt%3D1260%26idt%3D2%26shv%3Dr20210429%26cbv%3D%252Fr20190131%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D644x280%252C312x250%26correlator%3D7634100935257%26frm%3D20%26pv%3D1%26ga_vid%3D2028455744.1620118889%26ga_sid%3D1620118889%26ga_hid%3D721507080%26ga_fc%3D0%26u_tz%3D120%26u_his%3D2%26u_java%3D0%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_nplug%3D0%26u_nmime%3D0%26adx%3D1142%26ady%3D3319%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26oid%3D3%26pvsid%3D3458518872206284%26eae%3D0%26fc%3D640%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257ClEbr%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26ifi%3D4%26uci%3Da!4%26btvi%3D2%26fsb%3D1%26xpc%3D1COJS06atC%26p%3Dhttps%253A%2F%2Fsumypost.com%26dtd%3D45&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fsumypost.com&random=4015481284384&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9663262642527369&output=html&h=250&slotname=7596210885&adk=2477841802&adf=3619793251&pi=t.ma~as.7596210885&w=312&fwrn=4&fwrnh=100&lmt=1620118888&rafmt=1&psa=0&format=312x250&url=https%3A%2F%2Fsumypost.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620118888737&bpp=2&bdt=1260&idt=2&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=644x280%2C312x250&correlator=7634100935257&frm=20&pv=1&ga_vid=2028455744.1620118889&ga_sid=1620118889&ga_hid=721507080&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1142&ady=3319&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3458518872206284&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1COJS06atC&p=https%3A//sumypost.com&dtd=45
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.53.104.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 9d077e6243c3057587605d61cf0909f89a74513654ac65dd4b2aa931296eed62

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 04 May 2021 09:01:33 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 29481100074732902179199011584022
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 726
Expires: Tue, 04 May 2021 10:01:33 +0200

Redirect headers

Pragma: no-cache
Date: Tue, 04 May 2021 09:01:33 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=r9d3a58lo9uw&nw=20&renderingType=javascript&namespace=a17b142927&subid=&uid=d80dc6958fda3af4&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=1&gdpr_consent=BAAAAAAAAAAAAAAAAAluAA%2F%2F%2F%2F%2F%2F%2BABgCeAJ4Ang&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D7301410774164533775%26mt_id%3D8675609%26mt_adid%3D242876%26mt_sid%3D7324419%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D4aaa6091-0d6c-4101-a06a-9b161ae3edc8%26mt_cid%3D4aaa6091-0d6c-4101-a06a-9b161ae3edc8%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCYD0lag2RYO6GAsambeqil8ACz4eOm1zAhtmCxgLAjbcBEAEgAGCVAoIBF2NhLXB1Yi05NjYzMjYyNjQyNTI3MzY5yAEJqAMBqgS4AU_QVKM5dgmnBns8Ibv5fHxs4h5KhK13FX3zynbRj52f-kFTzzu-2hU5vOhehol5rUyZ9LNQw7FCRODS-55flBfY-bnEKYYUS0TZiZUwP8mGRaa7ld1CJ1vwo63cGgepTmzFXDSYGj7Dq7MX21M6h8EnI8TzgqKmQVMx84qaB3q0E5IF91g1FtCnxkBl5UpiDR9Kr91ZtEDsjyerdcp7GuH0DOcSLPTg_wBXS1wcMa98GFhVeiV72IKABurHh7CNx7b5pwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB%2526num%253D1%2526sig%253DAOD64_39BUCnxxk7CBoMd8VIW1WQXnB1wA%2526client%253Dca-pub-9663262642527369%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-9663262642527369%26output%3Dhtml%26h%3D250%26slotname%3D7596210885%26adk%3D2477841802%26adf%3D3619793251%26pi%3Dt.ma~as.7596210885%26w%3D312%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1620118888%26rafmt%3D1%26psa%3D0%26format%3D312x250%26url%3Dhttps%253A%252F%252Fsumypost.com%252F%26flash%3D0%26fwr%3D0%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdXQ..%26dt%3D1620118888737%26bpp%3D2%26bdt%3D1260%26idt%3D2%26shv%3Dr20210429%26cbv%3D%252Fr20190131%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D644x280%252C312x250%26correlator%3D7634100935257%26frm%3D20%26pv%3D1%26ga_vid%3D2028455744.1620118889%26ga_sid%3D1620118889%26ga_hid%3D721507080%26ga_fc%3D0%26u_tz%3D120%26u_his%3D2%26u_java%3D0%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_nplug%3D0%26u_nmime%3D0%26adx%3D1142%26ady%3D3319%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26oid%3D3%26pvsid%3D3458518872206284%26eae%3D0%26fc%3D640%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257ClEbr%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26ifi%3D4%26uci%3Da!4%26btvi%3D2%26fsb%3D1%26xpc%3D1COJS06atC%26p%3Dhttps%253A%2F%2Fsumypost.com%26dtd%3D45&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fsumypost.com&random=4015481284384&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Tue, 04 May 2021 10:01:33 +0200

GET
H/1.1 200
OK request_content.php Show response
hal900022.redintelligence.net/ Frame D023 3 KB
2 KB 147ms
47ms Document
text/html 144.76.104.53
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900022.redintelligence.net/request_content.php?s=29481100074732902179199011584022&a=0824f05d
Requested by: Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request.php?zone=r9d3a58lo9uw&nw=20&renderingType=javascript&namespace=a17b142927&subid=&uid=d80dc6958fda3af4&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=1&gdpr_consent=BAAAAAAAAAAAAAAAAAluAA%2F%2F%2F%2F%2F%2F%2BABgCeAJ4Ang&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D7301410774164533775%26mt_id%3D8675609%26mt_adid%3D242876%26mt_sid%3D7324419%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D4aaa6091-0d6c-4101-a06a-9b161ae3edc8%26mt_cid%3D4aaa6091-0d6c-4101-a06a-9b161ae3edc8%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCYD0lag2RYO6GAsambeqil8ACz4eOm1zAhtmCxgLAjbcBEAEgAGCVAoIBF2NhLXB1Yi05NjYzMjYyNjQyNTI3MzY5yAEJqAMBqgS4AU_QVKM5dgmnBns8Ibv5fHxs4h5KhK13FX3zynbRj52f-kFTzzu-2hU5vOhehol5rUyZ9LNQw7FCRODS-55flBfY-bnEKYYUS0TZiZUwP8mGRaa7ld1CJ1vwo63cGgepTmzFXDSYGj7Dq7MX21M6h8EnI8TzgqKmQVMx84qaB3q0E5IF91g1FtCnxkBl5UpiDR9Kr91ZtEDsjyerdcp7GuH0DOcSLPTg_wBXS1wcMa98GFhVeiV72IKABurHh7CNx7b5pwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB%2526num%253D1%2526sig%253DAOD64_39BUCnxxk7CBoMd8VIW1WQXnB1wA%2526client%253Dca-pub-9663262642527369%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-9663262642527369%26output%3Dhtml%26h%3D250%26slotname%3D7596210885%26adk%3D2477841802%26adf%3D3619793251%26pi%3Dt.ma~as.7596210885%26w%3D312%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1620118888%26rafmt%3D1%26psa%3D0%26format%3D312x250%26url%3Dhttps%253A%252F%252Fsumypost.com%252F%26flash%3D0%26fwr%3D0%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdXQ..%26dt%3D1620118888737%26bpp%3D2%26bdt%3D1260%26idt%3D2%26shv%3Dr20210429%26cbv%3D%252Fr20190131%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D644x280%252C312x250%26correlator%3D7634100935257%26frm%3D20%26pv%3D1%26ga_vid%3D2028455744.1620118889%26ga_sid%3D1620118889%26ga_hid%3D721507080%26ga_fc%3D0%26u_tz%3D120%26u_his%3D2%26u_java%3D0%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_nplug%3D0%26u_nmime%3D0%26adx%3D1142%26ady%3D3319%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26oid%3D3%26pvsid%3D3458518872206284%26eae%3D0%26fc%3D640%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257ClEbr%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26ifi%3D4%26uci%3Da!4%26btvi%3D2%26fsb%3D1%26xpc%3D1COJS06atC%26p%3Dhttps%253A%2F%2Fsumypost.com%26dtd%3D45&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fsumypost.com&random=4015481284384&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.53.104.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 0049ee98fd8fd1540e7201815331502b83397cc1b9d669aab32f8fb342440781

Request headers

Host: hal900022.redintelligence.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: 8lcfmzhxc8d6_uid=169de7a61812a8d5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

Date: Tue, 04 May 2021 09:01:33 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 04 May 2021 10:01:33 +0200
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1343
Connection: close
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame DDF0 43 B
703 B 184ms
68ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2846681&v=14098&q=409715&r=296283&pref1=29481100074732902179199011584022&pv=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9663262642527369&output=html&h=250&slotname=7596210885&adk=2477841802&adf=3619793251&pi=t.ma~as.7596210885&w=312&fwrn=4&fwrnh=100&lmt=1620118888&rafmt=1&psa=0&format=312x250&url=https%3A%2F%2Fsumypost.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620118888737&bpp=2&bdt=1260&idt=2&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=644x280%2C312x250&correlator=7634100935257&frm=20&pv=1&ga_vid=2028455744.1620118889&ga_sid=1620118889&ga_hid=721507080&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1142&ady=3319&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3458518872206284&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1COJS06atC&p=https%3A//sumypost.com&dtd=45

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 04 May 2021 09:01:33 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B7B5 1 KB
749 B 19ms
11ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9663262642527369&output=html&h=250&slotname=7596210885&adk=2477841802&adf=3619793251&pi=t.ma~as.7596210885&w=312&fwrn=4&fwrnh=100&lmt=1620118888&rafmt=1&psa=0&format=312x250&url=https%3A%2F%2Fsumypost.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620118888737&bpp=2&bdt=1260&idt=2&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=644x280%2C312x250&correlator=7634100935257&frm=20&pv=1&ga_vid=2028455744.1620118889&ga_sid=1620118889&ga_hid=721507080&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1142&ady=3319&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3458518872206284&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1COJS06atC&p=https%3A//sumypost.com&dtd=45

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 04 May 2021 03:14:09 GMT
expires: Wed, 05 May 2021 03:14:09 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 20844
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame DDF0 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 88fe4e2737cab4367cd2035923830fd66012a04aa7ba1c7beb358a632019a6f6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1

200
OK

kl_kis_300x250px.gif
cdn.contentspread.net/24i/advertiser/3839/creativesup/ Frame D023
Redirect Chain

https://www.awin1.com/cshow.php?s=2846681&v=14098&q=409715&r=296283&pref1=29481100074732902179199011584022&pv=0
https://cdn.contentspread.net/24i/advertiser/3839/creativesup/kl_kis_300x250px.gif

36 KB
36 KB

225ms
79ms

Image
image/gif

88.99.69.161
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/24i/advertiser/3839/creativesup/kl_kis_300x250px.gif
Requested by: Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request_content.php?s=29481100074732902179199011584022&a=0824f05d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.69.161 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.161.69.99.88.clients.your-server.de
Software: nginx /
Resource Hash: 47b04e7ebabf7a5d10e7ff6e7916bd9db7ec3fe22b7a03ac8712b90f01fef145

Request headers

Referer: https://hal900022.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 09:01:34 GMT
Last-Modified: Mon, 29 Mar 2021 07:44:26 GMT
Server: nginx
ETag: "6061855a-8f2f"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 36655

Redirect headers

Date: Tue, 04 May 2021 09:01:33 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://cdn.contentspread.net/24i/advertiser/3839/creativesup/kl_kis_300x250px.gif
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK viewability Show response
hal900022.redintelligence.net/ Frame D023 0
150 B 163ms
47ms Script
text/html 144.76.104.53
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900022.redintelligence.net/viewability?s=29481100074732902179199011584022&a=1b05160b&vb=m
Requested by: Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request_content.php?s=29481100074732902179199011584022&a=0824f05d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.53.104.76.144.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hal900022.redintelligence.net/request_content.php?s=29481100074732902179199011584022&a=0824f05d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 09:01:33 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame D023 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK addDoubleBorder.js Show response
cdn.contentspread.net/24i/tools/js/ Frame D023 851 B
1 KB 226ms
47ms Script
application/javascript 88.99.69.161
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.contentspread.net/24i/tools/js/addDoubleBorder.js
Requested by: Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request_content.php?s=29481100074732902179199011584022&a=0824f05d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.69.161 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.161.69.99.88.clients.your-server.de
Software: nginx /
Resource Hash: abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107

Request headers

Referer: https://hal900022.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 09:01:33 GMT
Last-Modified: Tue, 03 May 2016 20:54:50 GMT
Server: nginx
ETag: "5729101a-353"
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 851

GET
H2 200 dpixel
cms.quantserve.com/ Frame B7B5 35 B
463 B 84ms
8ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEN4hQL9ADKKKm1n8bLbhF6g&google_cver=1&google_push=AQvitUKXfMIxo2i2Qhdlpwj-hMF38yCIbbawY_L_kaQ8qRtz3CLBhx-ymCiZo4qWunYa3s-XfZ88606Zb9OOMx44SjTuWwNjdZfC

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9663262642527369&output=html&h=250&slotname=7596210885&adk=2477841802&adf=3619793251&pi=t.ma~as.7596210885&w=312&fwrn=4&fwrnh=100&lmt=1620118888&rafmt=1&psa=0&format=312x250&url=https%3A%2F%2Fsumypost.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620118888737&bpp=2&bdt=1260&idt=2&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=644x280%2C312x250&correlator=7634100935257&frm=20&pv=1&ga_vid=2028455744.1620118889&ga_sid=1620118889&ga_hid=721507080&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1142&ady=3319&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3458518872206284&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1COJS06atC&p=https%3A//sumypost.com&dtd=45

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 09:01:33 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame B7B5
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAQvitUJrltTIizaEwC80Jh22vN-jRJd-Zb3Dzn0fWH4wvh-lfp3EW-Lp_PbZY7Q6_-nVW-A1ejM0qLEYGyv7S_rsxnf3RZyclIPd&google_gid=CAESEE6Z2fso1EsoyS0IgtMbZEM&goo...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCO2axIQGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BUXZpdFVKcmx0VElpemFFd0M4MEpoMjJ2Ti1qUkpkLVpiM0R6bjBmV0g0d3ZoLWxmcDNFVy1McF9QYlpZN1E2Xy1uVlctQTFlak0wcUxFWUd5djdTX3...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwWXM4NGQ2OGxUU0VyNEhCdkFSNTZGc3hfYzUxUW5ySFZjeWx5RjRLdkZPSQ==&google_push

170 B
188 B

100ms
52ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwWXM4NGQ2OGxUU0VyNEhCdkFSNTZGc3hfYzUxUW5ySFZjeWx5RjRLdkZPSQ==&google_push

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9663262642527369&output=html&h=250&slotname=7596210885&adk=2477841802&adf=3619793251&pi=t.ma~as.7596210885&w=312&fwrn=4&fwrnh=100&lmt=1620118888&rafmt=1&psa=0&format=312x250&url=https%3A%2F%2Fsumypost.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620118888737&bpp=2&bdt=1260&idt=2&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=644x280%2C312x250&correlator=7634100935257&frm=20&pv=1&ga_vid=2028455744.1620118889&ga_sid=1620118889&ga_hid=721507080&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1142&ady=3319&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3458518872206284&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1COJS06atC&p=https%3A//sumypost.com&dtd=45

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 09:01:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 04 May 2021 09:01:33 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwWXM4NGQ2OGxUU0VyNEhCdkFSNTZGc3hfYzUxUW5ySFZjeWx5RjRLdkZPSQ==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame B7B5
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEN-XoSZrvUce_uwWkxUSyP8&google_cver=1&google_push=AQvitUImvalwO0KjN6XvF1YD_zD62V-GqEVnMvB8-r4RSG2C1qzrkNWUTCWHzF3Z7t9myB0pV4PwppYeTrgANnRPF97tpLQTPYwF
https://rtb.openx.net/sync/dds?google_gid=CAESEN-XoSZrvUce_uwWkxUSyP8&google_cver=1&google_push=AQvitUImvalwO0KjN6XvF1YD_zD62V-GqEVnMvB8-r4RSG2C1qzrkNWUTCWHzF3Z7t9myB0pV4PwppYeTrgANnRPF97tpLQTPYwF&...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUImvalwO0KjN6XvF1YD_zD62V-GqEVnMvB8-r4RSG2C1qzrkNWUTCWHzF3Z7t9myB0pV4PwppYeTrgANnRPF97tpLQTPYwF&google_hm=kNq-BebFxp8HBnRZgCYniA==

170 B
188 B

95ms
47ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUImvalwO0KjN6XvF1YD_zD62V-GqEVnMvB8-r4RSG2C1qzrkNWUTCWHzF3Z7t9myB0pV4PwppYeTrgANnRPF97tpLQTPYwF&google_hm=kNq-BebFxp8HBnRZgCYniA==

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9663262642527369&output=html&h=250&slotname=7596210885&adk=2477841802&adf=3619793251&pi=t.ma~as.7596210885&w=312&fwrn=4&fwrnh=100&lmt=1620118888&rafmt=1&psa=0&format=312x250&url=https%3A%2F%2Fsumypost.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620118888737&bpp=2&bdt=1260&idt=2&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=644x280%2C312x250&correlator=7634100935257&frm=20&pv=1&ga_vid=2028455744.1620118889&ga_sid=1620118889&ga_hid=721507080&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1142&ady=3319&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3458518872206284&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1COJS06atC&p=https%3A//sumypost.com&dtd=45

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 09:01:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 04 May 2021 09:01:32 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUImvalwO0KjN6XvF1YD_zD62V-GqEVnMvB8-r4RSG2C1qzrkNWUTCWHzF3Z7t9myB0pV4PwppYeTrgANnRPF97tpLQTPYwF&google_hm=kNq-BebFxp8HBnRZgCYniA==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: 5lmg4hkpd7jjnmvn3no9iu1s23av2lju

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame B7B5
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=TzKs-I-cS_6GDcfZ6yLLwQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

53ms
53ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=TzKs-I-cS_6GDcfZ6yLLwQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUIvFB-l_6GwfFvkEb1QJcobai4ELFO0eiLMB9zcOY4e3tl3m6uWdP2eruB7rtonWXAEkMtqy5K209HesxidUunA-DkLKeSD

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9663262642527369&output=html&h=250&slotname=7596210885&adk=2477841802&adf=3619793251&pi=t.ma~as.7596210885&w=312&fwrn=4&fwrnh=100&lmt=1620118888&rafmt=1&psa=0&format=312x250&url=https%3A%2F%2Fsumypost.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620118888737&bpp=2&bdt=1260&idt=2&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=644x280%2C312x250&correlator=7634100935257&frm=20&pv=1&ga_vid=2028455744.1620118889&ga_sid=1620118889&ga_hid=721507080&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1142&ady=3319&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3458518872206284&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1COJS06atC&p=https%3A//sumypost.com&dtd=45

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 09:01:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=TzKs-I-cS_6GDcfZ6yLLwQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUIvFB-l_6GwfFvkEb1QJcobai4ELFO0eiLMB9zcOY4e3tl3m6uWdP2eruB7rtonWXAEkMtqy5K209HesxidUunA-DkLKeSD
Date: Tue, 04 May 2021 09:01:33 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame B7B5
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIK6GZcVOLfTrcIlYMfe42E&google_cver=1&google_push=AQvitUIKf6qPZT2HMFkOoJO_gJANZ-R8paLsKUOeI8mtmHIH44nYgWS5ZHxZuGuxZvAxMoen4XZ...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S085U1lKNFItUi0xWEU1&google_push=AQvitUIKf6qPZT2HMFkOoJO_gJANZ-R8paLsKUOeI8mtmHIH44nYgWS5ZHxZuGuxZvAxMoen4XZR3yPMmXx4s-MGGtrhUNsaSu--

170 B
188 B

99ms
51ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S085U1lKNFItUi0xWEU1&google_push=AQvitUIKf6qPZT2HMFkOoJO_gJANZ-R8paLsKUOeI8mtmHIH44nYgWS5ZHxZuGuxZvAxMoen4XZR3yPMmXx4s-MGGtrhUNsaSu--

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9663262642527369&output=html&h=250&slotname=7596210885&adk=2477841802&adf=3619793251&pi=t.ma~as.7596210885&w=312&fwrn=4&fwrnh=100&lmt=1620118888&rafmt=1&psa=0&format=312x250&url=https%3A%2F%2Fsumypost.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620118888737&bpp=2&bdt=1260&idt=2&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=644x280%2C312x250&correlator=7634100935257&frm=20&pv=1&ga_vid=2028455744.1620118889&ga_sid=1620118889&ga_hid=721507080&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1142&ady=3319&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3458518872206284&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1COJS06atC&p=https%3A//sumypost.com&dtd=45

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 09:01:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S085U1lKNFItUi0xWEU1&google_push=AQvitUIKf6qPZT2HMFkOoJO_gJANZ-R8paLsKUOeI8mtmHIH44nYgWS5ZHxZuGuxZvAxMoen4XZR3yPMmXx4s-MGGtrhUNsaSu--
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Expires: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame B7B5
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELacA8dmcOvVDzTumrN4KXk&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELacA8dmcOvVDzTumrN4KXk&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJENbUhoWVxGbJex8zQEsQAABE4AAAAB&google_gid=CAESELacA8dmcOvVDzTumrN4KXk&google_cver=1&google_push=AQvitUJFtzTvBoUqSrKrRM4tlk3rjWSP31Vqm...

170 B
188 B

53ms
52ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJENbUhoWVxGbJex8zQEsQAABE4AAAAB&google_gid=CAESELacA8dmcOvVDzTumrN4KXk&google_cver=1&google_push=AQvitUJFtzTvBoUqSrKrRM4tlk3rjWSP31VqmC4WecjU6feTAgRVNMMWmScUzcrnb40mDtcen7CQqpQV_CbczvgR0no5Zybv2elj

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9663262642527369&output=html&h=250&slotname=7596210885&adk=2477841802&adf=3619793251&pi=t.ma~as.7596210885&w=312&fwrn=4&fwrnh=100&lmt=1620118888&rafmt=1&psa=0&format=312x250&url=https%3A%2F%2Fsumypost.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620118888737&bpp=2&bdt=1260&idt=2&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=644x280%2C312x250&correlator=7634100935257&frm=20&pv=1&ga_vid=2028455744.1620118889&ga_sid=1620118889&ga_hid=721507080&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1142&ady=3319&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3458518872206284&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1COJS06atC&p=https%3A//sumypost.com&dtd=45

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 09:01:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 04 May 2021 09:01:33 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJENbUhoWVxGbJex8zQEsQAABE4AAAAB&google_gid=CAESELacA8dmcOvVDzTumrN4KXk&google_cver=1&google_push=AQvitUJFtzTvBoUqSrKrRM4tlk3rjWSP31VqmC4WecjU6feTAgRVNMMWmScUzcrnb40mDtcen7CQqpQV_CbczvgR0no5Zybv2elj
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 460
Expires: Tue, 04 May 2021 09:01:33 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame B7B5
Redirect Chain

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEBPUuwCllhgjbuXUjecmKsY&google_cver=1&google_push=AQvitUJaTc-dOwQQWCrfQeiA...
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUJaTc-dOwQQWCrfQeiAnyCoDCNFufVX_KrEhTeiN9LfNU13ZrRKeAIzmbh7BCC3Mb4qeeSlwICBROXBjVdVjNTIDrcetzawQg&google_hm=1acojboblrrreff...

170 B
329 B

52ms
52ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUJaTc-dOwQQWCrfQeiAnyCoDCNFufVX_KrEhTeiN9LfNU13ZrRKeAIzmbh7BCC3Mb4qeeSlwICBROXBjVdVjNTIDrcetzawQg&google_hm=1acojboblrrreffnlxkvshnovsla

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9663262642527369&output=html&h=250&slotname=7596210885&adk=2477841802&adf=3619793251&pi=t.ma~as.7596210885&w=312&fwrn=4&fwrnh=100&lmt=1620118888&rafmt=1&psa=0&format=312x250&url=https%3A%2F%2Fsumypost.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620118888737&bpp=2&bdt=1260&idt=2&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=644x280%2C312x250&correlator=7634100935257&frm=20&pv=1&ga_vid=2028455744.1620118889&ga_sid=1620118889&ga_hid=721507080&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1142&ady=3319&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3458518872206284&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1COJS06atC&p=https%3A//sumypost.com&dtd=45

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 09:01:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 04 May 2021 09:01:33 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUJaTc-dOwQQWCrfQeiAnyCoDCNFufVX_KrEhTeiN9LfNU13ZrRKeAIzmbh7BCC3Mb4qeeSlwICBROXBjVdVjNTIDrcetzawQg&google_hm=1acojboblrrreffnlxkvshnovsla
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: none
content-length: 0
expires: Mon, 03 May 2021 09:01:33 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame B7B5 0
236 B 216ms
49ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LDypWu1Pz4e8M6bl4KhO2JMRcxl-eINw8pOYFHP6vm0KZBaE3haTIUUh8ErRdh-3rZn89ZWw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9663262642527369&output=html&h=250&slotname=7596210885&adk=2477841802&adf=3619793251&pi=t.ma~as.7596210885&w=312&fwrn=4&fwrnh=100&lmt=1620118888&rafmt=1&psa=0&format=312x250&url=https%3A%2F%2Fsumypost.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620118888737&bpp=2&bdt=1260&idt=2&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=644x280%2C312x250&correlator=7634100935257&frm=20&pv=1&ga_vid=2028455744.1620118889&ga_sid=1620118889&ga_hid=721507080&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1142&ady=3319&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3458518872206284&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1COJS06atC&p=https%3A//sumypost.com&dtd=45

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:01:33 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
7 KB 32ms
17ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210429&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cca1d9ca38e1bdd0792b3ec996aa220271387b7c3551d011a6913088b7ed7030

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 04 May 2021 09:01:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7609
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 33ms
17ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:01:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Tue, 04 May 2021 09:01:34 GMT

GET
H2 200 sumbud_banner2_478_100.jpg
sumypost.com/media/ 55 KB
55 KB 175ms
134ms Image
image/jpeg 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sumypost.com/media/sumbud_banner2_478_100.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: b7ae06b0bd88fd9b8e74350b431f4321263f35e017b9b463ab8c60eb9563e520

Request headers

:path: /media/sumbud_banner2_478_100.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sumypost.com
referer: https://sumypost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ray: p15931:0.010/wn688:0.000/
last-modified: Tue, 06 Nov 2018 19:44:01 GMT
server: nginx
etag: "5be1ef01-dc13"
content-type: image/jpeg
cache-control: max-age=604800
date: Tue, 04 May 2021 09:01:34 GMT
accept-ranges: bytes
content-length: 56339
expires: Tue, 11 May 2021 09:01:34 GMT

GET
H2 200 news_20210503_103332_1620027212-315x247.jpeg
sumypost.com/wp-content/uploads/2021/05/ 13 KB
14 KB 116ms
76ms Image
image/jpeg 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sumypost.com/wp-content/uploads/2021/05/news_20210503_103332_1620027212-315x247.jpeg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 3d37af3c27451b138110f825897b83728acbd218471a2a2632aabbb37d4a4966

Request headers

:path: /wp-content/uploads/2021/05/news_20210503_103332_1620027212-315x247.jpeg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sumypost.com
referer: https://sumypost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ray: p15931:0.010/wn688:0.000/
last-modified: Tue, 04 May 2021 05:24:12 GMT
server: nginx
etag: "6090da7c-35ae"
content-type: image/jpeg
cache-control: max-age=604800
date: Tue, 04 May 2021 09:01:34 GMT
accept-ranges: bytes
content-length: 13742
expires: Tue, 11 May 2021 09:01:34 GMT

GET
H2 200 1-2-315x247.jpg
sumypost.com/wp-content/uploads/2021/05/ 15 KB
15 KB 288ms
248ms Image
image/jpeg 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sumypost.com/wp-content/uploads/2021/05/1-2-315x247.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: e26c1aa6a8a4066f51003fac6b3e02488111b2a62596c03c5fe619a49149d4b3

Request headers

:path: /wp-content/uploads/2021/05/1-2-315x247.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sumypost.com
referer: https://sumypost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ray: p15931:0.010/wn688:0.000/
last-modified: Mon, 03 May 2021 18:18:06 GMT
server: nginx
etag: "60903e5e-3ca5"
content-type: image/jpeg
cache-control: max-age=604800
date: Tue, 04 May 2021 09:01:34 GMT
accept-ranges: bytes
content-length: 15525
expires: Tue, 11 May 2021 09:01:34 GMT

GET
H2 200 Manukian.jpg
sumypost.com/wp-content/uploads/2021/05/ 11 KB
11 KB 288ms
248ms Image
image/jpeg 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sumypost.com/wp-content/uploads/2021/05/Manukian.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 491f5fad1f4a2eb172decafa70fc472dc76f4f99dd14cb08f317469361531de4

Request headers

:path: /wp-content/uploads/2021/05/Manukian.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sumypost.com
referer: https://sumypost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ray: p15931:0.010/wn688:0.000/
last-modified: Mon, 03 May 2021 16:51:54 GMT
server: nginx
etag: "60902a2a-2bc8"
content-type: image/jpeg
cache-control: max-age=604800
date: Tue, 04 May 2021 09:01:34 GMT
accept-ranges: bytes
content-length: 11208
expires: Tue, 11 May 2021 09:01:34 GMT

GET
H2 200 news_20140116_121529_1389867329-315x247.jpg
sumypost.com/wp-content/uploads/2021/05/ 17 KB
18 KB 288ms
249ms Image
image/jpeg 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sumypost.com/wp-content/uploads/2021/05/news_20140116_121529_1389867329-315x247.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: b262ea7b2baf2d69dd35317cf24a599271cadcc55353ddf038ece277038d18b0

Request headers

:path: /wp-content/uploads/2021/05/news_20140116_121529_1389867329-315x247.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sumypost.com
referer: https://sumypost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ray: p15931:0.010/wn688:0.000/
last-modified: Mon, 03 May 2021 16:50:24 GMT
server: nginx
etag: "609029d0-4590"
content-type: image/jpeg
cache-control: max-age=604800
date: Tue, 04 May 2021 09:01:34 GMT
accept-ranges: bytes
content-length: 17808
expires: Tue, 11 May 2021 09:01:34 GMT

GET
H2 200 0001-737954565_20210503_145639_0000-315x247.png
sumypost.com/wp-content/uploads/2021/05/ 107 KB
107 KB 286ms
248ms Image
image/png 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sumypost.com/wp-content/uploads/2021/05/0001-737954565_20210503_145639_0000-315x247.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 85b6b48b7449ee7b225cad8b58e89f6df4b690ec84b3be8668593d4b6299db50

Request headers

:path: /wp-content/uploads/2021/05/0001-737954565_20210503_145639_0000-315x247.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sumypost.com
referer: https://sumypost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ray: p15931:0.010/wn688:0.000/
last-modified: Mon, 03 May 2021 11:57:38 GMT
server: nginx
etag: "608fe532-1abfa"
content-type: image/png
cache-control: max-age=604800
date: Tue, 04 May 2021 09:01:34 GMT
accept-ranges: bytes
content-length: 109562
expires: Tue, 11 May 2021 09:01:34 GMT

GET
H2 200 181092078_4362079567160017_5365284738996650610_n-315x247.png
sumypost.com/wp-content/uploads/2021/05/ 125 KB
125 KB 148ms
142ms Image
image/png 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sumypost.com/wp-content/uploads/2021/05/181092078_4362079567160017_5365284738996650610_n-315x247.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 11061d8aaaea70308f808d93b81da97a2c9f083ff3859f553a6841830a4a5d8d

Request headers

:path: /wp-content/uploads/2021/05/181092078_4362079567160017_5365284738996650610_n-315x247.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sumypost.com
referer: https://sumypost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ray: p15931:0.000/wn688:0.000/
last-modified: Mon, 03 May 2021 13:16:03 GMT
server: nginx
etag: "608ff793-1f2f9"
content-type: image/png
cache-control: max-age=604800
date: Tue, 04 May 2021 09:01:34 GMT
accept-ranges: bytes
content-length: 127737
expires: Tue, 11 May 2021 09:01:34 GMT

GET
H2 200 596532da16c1db7ecd78ddddce79044d_L-315x247.jpg
sumypost.com/wp-content/uploads/2021/05/ 18 KB
18 KB 172ms
169ms Image
image/jpeg 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sumypost.com/wp-content/uploads/2021/05/596532da16c1db7ecd78ddddce79044d_L-315x247.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: a7ae2bc512e73adedcdc0f3d33e6aadbbf9944617d02d785ba1f75efd809eb60

Request headers

:path: /wp-content/uploads/2021/05/596532da16c1db7ecd78ddddce79044d_L-315x247.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sumypost.com
referer: https://sumypost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ray: p15931:0.000/wn688:0.000/
last-modified: Mon, 03 May 2021 13:03:38 GMT
server: nginx
etag: "608ff4aa-485e"
content-type: image/jpeg
cache-control: max-age=604800
date: Tue, 04 May 2021 09:01:34 GMT
accept-ranges: bytes
content-length: 18526
expires: Tue, 11 May 2021 09:01:34 GMT

GET
H2 200 182448094_3751213455001207_7846127029148311504_n-315x247.jpg
sumypost.com/wp-content/uploads/2021/05/ 24 KB
24 KB 170ms
168ms Image
image/jpeg 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sumypost.com/wp-content/uploads/2021/05/182448094_3751213455001207_7846127029148311504_n-315x247.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 8c02ac48ef903257d2f7337b577937762f327635f709308ed3c03cdff82609e4

Request headers

:path: /wp-content/uploads/2021/05/182448094_3751213455001207_7846127029148311504_n-315x247.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sumypost.com
referer: https://sumypost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ray: p15931:0.000/wn688:0.000/
last-modified: Mon, 03 May 2021 13:00:40 GMT
server: nginx
etag: "608ff3f8-609e"
content-type: image/jpeg
cache-control: max-age=604800
date: Tue, 04 May 2021 09:01:34 GMT
accept-ranges: bytes
content-length: 24734
expires: Tue, 11 May 2021 09:01:34 GMT

GET
H2 200 f8c0b1d0dc57fef8047182b6149ff19c_L-315x247.jpg
sumypost.com/wp-content/uploads/2021/05/ 23 KB
23 KB 172ms
170ms Image
image/jpeg 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sumypost.com/wp-content/uploads/2021/05/f8c0b1d0dc57fef8047182b6149ff19c_L-315x247.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 92aa80fc2263cb00822d0db25a3c39391e32c718334b14a9ba605cce844d45df

Request headers

:path: /wp-content/uploads/2021/05/f8c0b1d0dc57fef8047182b6149ff19c_L-315x247.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sumypost.com
referer: https://sumypost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ray: p15931:0.000/wn688:0.000/
last-modified: Mon, 03 May 2021 13:19:14 GMT
server: nginx
etag: "608ff852-5cf4"
content-type: image/jpeg
cache-control: max-age=604800
date: Tue, 04 May 2021 09:01:34 GMT
accept-ranges: bytes
content-length: 23796
expires: Tue, 11 May 2021 09:01:34 GMT

GET
H2 200 jevvqenvushaamacdmnj_th_lnd_xx-315x247.jpg
sumypost.com/wp-content/uploads/2021/05/ 9 KB
9 KB 171ms
170ms Image
image/jpeg 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sumypost.com/wp-content/uploads/2021/05/jevvqenvushaamacdmnj_th_lnd_xx-315x247.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 47c8bea433f4705fc4812198e2e713bf760e1aae3aa96cb58148fad7b10842e6

Request headers

:path: /wp-content/uploads/2021/05/jevvqenvushaamacdmnj_th_lnd_xx-315x247.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sumypost.com
referer: https://sumypost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ray: p15931:0.000/wn688:0.000/
last-modified: Mon, 03 May 2021 12:24:31 GMT
server: nginx
etag: "608feb7f-23da"
content-type: image/jpeg
cache-control: max-age=604800
date: Tue, 04 May 2021 09:01:34 GMT
accept-ranges: bytes
content-length: 9178
expires: Tue, 11 May 2021 09:01:34 GMT

GET
H2 200 likarnya-315x247.jpg
sumypost.com/wp-content/uploads/2021/03/ 10 KB
10 KB 173ms
172ms Image
image/jpeg 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sumypost.com/wp-content/uploads/2021/03/likarnya-315x247.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 4f04f3cc7a538e30f5db2e61cc36a098e29f97e6ca3a85c56b93f885c747f387

Request headers

:path: /wp-content/uploads/2021/03/likarnya-315x247.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sumypost.com
referer: https://sumypost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ray: p15931:0.000/wn688:0.000/
last-modified: Thu, 11 Mar 2021 11:25:00 GMT
server: nginx
etag: "6049fe0c-2721"
content-type: image/jpeg
cache-control: max-age=604800
date: Tue, 04 May 2021 09:01:34 GMT
accept-ranges: bytes
content-length: 10017
expires: Tue, 11 May 2021 09:01:34 GMT

GET
H2 200 3_main-v1584382427-980x551.jpg.pagespeed.ce_.tKQHygfCWA-315x247.jpg
sumypost.com/wp-content/uploads/2021/05/ 11 KB
11 KB 110ms
109ms Image
image/jpeg 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sumypost.com/wp-content/uploads/2021/05/3_main-v1584382427-980x551.jpg.pagespeed.ce_.tKQHygfCWA-315x247.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 66e2d6a5b96303b450c5d2141f090aff6f6b8ae27be9345d475fbec600497725

Request headers

:path: /wp-content/uploads/2021/05/3_main-v1584382427-980x551.jpg.pagespeed.ce_.tKQHygfCWA-315x247.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sumypost.com
referer: https://sumypost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ray: p15931:0.000/wn688:0.000/
last-modified: Mon, 03 May 2021 09:07:55 GMT
server: nginx
etag: "608fbd6b-2c87"
content-type: image/jpeg
cache-control: max-age=604800
date: Tue, 04 May 2021 09:01:34 GMT
accept-ranges: bytes
content-length: 11399
expires: Tue, 11 May 2021 09:01:34 GMT

GET
H2 200 204b5d095de8fa17476f9374955fffe3_L-315x247.jpg
sumypost.com/wp-content/uploads/2021/05/ 18 KB
18 KB 67ms
58ms Image
image/jpeg 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sumypost.com/wp-content/uploads/2021/05/204b5d095de8fa17476f9374955fffe3_L-315x247.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: e3f3f967b6e5dcd21d9543e5c2efdf6c075a729a3113f8aed3eb41a727d989cd

Request headers

:path: /wp-content/uploads/2021/05/204b5d095de8fa17476f9374955fffe3_L-315x247.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sumypost.com
referer: https://sumypost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ray: p15931:0.010/wn688:0.000/
last-modified: Mon, 03 May 2021 08:09:33 GMT
server: nginx
etag: "608fafbd-48e2"
content-type: image/jpeg
cache-control: max-age=604800
date: Tue, 04 May 2021 09:01:35 GMT
accept-ranges: bytes
content-length: 18658
expires: Tue, 11 May 2021 09:01:35 GMT

GET
H2 200 IMG_20201110_091551_939-980x599-315x247.jpg
sumypost.com/wp-content/uploads/2021/05/ 15 KB
15 KB 68ms
59ms Image
image/jpeg 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sumypost.com/wp-content/uploads/2021/05/IMG_20201110_091551_939-980x599-315x247.jpg
Requested by: Host: sumypost.com
URL: https://sumypost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 30e90a20f65d85a41c4065fe4ee6ca85701d82ca30eb96b30e994c79e6fd74cb

Request headers

:path: /wp-content/uploads/2021/05/IMG_20201110_091551_939-980x599-315x247.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sumypost.com
referer: https://sumypost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ray: p15931:0.010/wn688:0.000/
last-modified: Sun, 02 May 2021 06:26:59 GMT
server: nginx
etag: "608e4633-3b53"
content-type: image/jpeg
cache-control: max-age=604800
date: Tue, 04 May 2021 09:01:35 GMT
accept-ranges: bytes
content-length: 15187
expires: Tue, 11 May 2021 09:01:35 GMT

GET
H2 200 e40c7cc0570d68438767e8d118402df7_L.jpg
sumypost.com/wp-content/uploads/2021/03/ 133 KB
133 KB 187ms
178ms Image
image/jpeg 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sumypost.com/wp-content/uploads/2021/03/e40c7cc0570d68438767e8d118402df7_L.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 9a87feda1cf03e06dd3f743a46d37f5ac981fd745aa14d4c6b171dabac0db237

Request headers

:path: /wp-content/uploads/2021/03/e40c7cc0570d68438767e8d118402df7_L.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sumypost.com
referer: https://sumypost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ray: p15931:0.010/wn688:0.000/
last-modified: Mon, 22 Mar 2021 07:43:43 GMT
server: nginx
etag: "60584aaf-212e3"
content-type: image/jpeg
cache-control: max-age=604800
date: Tue, 04 May 2021 09:01:35 GMT
accept-ranges: bytes
content-length: 135907
expires: Tue, 11 May 2021 09:01:35 GMT

GET
H2 200 1-35-312x380.jpg
sumypost.com/wp-content/uploads/2021/03/ 21 KB
22 KB 69ms
59ms Image
image/jpeg 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sumypost.com/wp-content/uploads/2021/03/1-35-312x380.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: ca7f6a75f8da2e497c0448e9cabc0f2175efe0d0738bdcecca679308e0e4968b

Request headers

:path: /wp-content/uploads/2021/03/1-35-312x380.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sumypost.com
referer: https://sumypost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ray: p15931:0.010/wn688:0.000/
last-modified: Sat, 13 Mar 2021 11:54:20 GMT
server: nginx
etag: "604ca7ec-551d"
content-type: image/jpeg
cache-control: max-age=604800
date: Tue, 04 May 2021 09:01:35 GMT
accept-ranges: bytes
content-length: 21789
expires: Tue, 11 May 2021 09:01:35 GMT

GET
H2 200 photo_2021-03-03_12-20-45-1.jpg
sumypost.com/wp-content/uploads/2021/03/ 85 KB
86 KB 179ms
178ms Image
image/jpeg 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sumypost.com/wp-content/uploads/2021/03/photo_2021-03-03_12-20-45-1.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 9221cec7c481944705c959106c1f1ca527693c076209b5070c99338f465a291f

Request headers

:path: /wp-content/uploads/2021/03/photo_2021-03-03_12-20-45-1.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sumypost.com
referer: https://sumypost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ray: p15931:0.010/wn688:0.000/
last-modified: Wed, 03 Mar 2021 10:29:01 GMT
server: nginx
etag: "603f64ed-15582"
content-type: image/jpeg
cache-control: max-age=604800
date: Tue, 04 May 2021 09:01:35 GMT
accept-ranges: bytes
content-length: 87426
expires: Tue, 11 May 2021 09:01:35 GMT

GET
H2 200 01.jpg
sumypost.com/wp-content/uploads/2019/07/ 45 KB
45 KB 118ms
117ms Image
image/jpeg 2a00:7a60:0:10c0::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sumypost.com/wp-content/uploads/2019/07/01.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c0::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 7764025674ca6855094c3801171697066c09ce371428720c1152b6f3e5c8b40f

Request headers

:path: /wp-content/uploads/2019/07/01.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: sumypost.com
referer: https://sumypost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ray: p15931:0.010/wn688:0.000/
last-modified: Tue, 23 Jul 2019 09:29:30 GMT
server: nginx
etag: "5d36d37a-b450"
content-type: image/jpeg
cache-control: max-age=604800
date: Tue, 04 May 2021 09:01:35 GMT
accept-ranges: bytes
content-length: 46160
expires: Tue, 11 May 2021 09:01:35 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 8B2A 12 KB
5 KB 9ms
7ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sumypost.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sumypost.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Tue, 04 May 2021 08:58:22 GMT
expires: Wed, 04 May 2022 08:58:22 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 192
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 WoE6FlxLfDckfFPcighdBxIW8EHvlo7fGH3q-u1F8Es.js Show response
pagead2.googlesyndication.com/bg/ Frame 8B2A 14 KB
6 KB 13ms
8ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WoE6FlxLfDckfFPcighdBxIW8EHvlo7fGH3q-u1F8Es.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a813a165c4b7c37247c53dc8a085d071216f041ef968edf187deafaed45f04b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 08:11:30 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 28 Apr 2021 12:48:00 GMT
server: sffe
age: 3004
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5711
x-xss-protection: 0
expires: Wed, 04 May 2022 08:11:30 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 45ms
39ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210429&jk=3458518872206284&bg=!BQalBkLNAAYXzPaOF8w7ACkAdvg8Wgk3VC3PqznhM0EdWdsM43yv3UN8DUokgCi2HjJWmiHUaSNGkQIAAAE4UgAAABFoAQeZAjscpdlPTXC2NZ_d4ru0D1999Ld3FLHQTsl7-vyaIxws-QE4pMrYyqvGfSSJ0jYADxvgPq4TekJYwOsyzNWOp6D65MunKptU4ynjdtmyMwCqCUZ5juEOadHMzThMhmrZr8f9KnVV0dJ4kYittGwl917ccgw70PFdkrOg3cQRTFpxAwsvCvrPt-DCL8UoDd2B7BlvzxiC-Tn7ekNKyGE245mcA8tvV6rcKwWRArhwT9h68AZ3FHSM6pULLFNAeEWez-VhV03Yn_yXdg_DI7EOadvkZVfBNXmdZv-c_m-5tCeA-AffPSYLxQ1yIjwx5VE2wNgmOIWFnBJ0lRWvXM3o6i0RIjnsSD6OJaz41QZ4lSProd_Uly7joCXkRZNxhreGK8u7DGqDd27hmyASFbEk_ldQDYjBlV83OANDyi3Y7TVsopIdjmkD5yKfUhgEBOdB_beMMcXh4PFa0VuoglwfU0xM72AP-yVmRbvzSHk5j5AbK8NIV8zXLDK_Baw7tc82cCi8QpMDtwc4y2U3y_YEs_pRfELonSVBJigEl2SSsMTovu_HhTuNBufDHUIT4RawU3x6WzxFarndBy-eSvczQ-JDgcqUx0UrvbjP0KF6JThNh0UjfdzYg5KUZftMPajuIXT5Wprdz9j9xNC0YCJlyWWdjb9CcV9xsQlQW9GyZQ39q2ywlSJlXfyEhW3FW6V-EtQRo7toZbrW7LIaGmr37FwEuIx47nzVqZfqxjqA0QdZTgZEqyJtgE5S_-ZE

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sumypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 09:01:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9663262642527369&output=html&h=250&slotname=7596210885&adk=2477841802&adf=679629689&pi=t.ma~as.7596210885&w=312&fwrn=4&fwrnh=100&lmt=1620118888&rafmt=1&psa=0&format=312x250&url=https%3A%2F%2Fsumypost.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620118888716&bpp=1&bdt=1239&idt=2&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=644x280&correlator=7634100935257&frm=20&pv=1&ga_vid=2028455744.1620118889&ga_sid=1620118889&ga_hid=721507080&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=810&ady=3319&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3458518872206284&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=KR0U0xrE3H&p=https%3A//sumypost.com&dtd=15

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9663262642527369&output=html&h=250&slotname=7596210885&adk=2477841802&adf=3619793251&pi=t.ma~as.7596210885&w=312&fwrn=4&fwrnh=100&lmt=1620118888&rafmt=1&psa=0&format=312x250&url=https%3A%2F%2Fsumypost.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620118888737&bpp=2&bdt=1260&idt=2&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=644x280%2C312x250&correlator=7634100935257&frm=20&pv=1&ga_vid=2028455744.1620118889&ga_sid=1620118889&ga_hid=721507080&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1142&ady=3319&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3458518872206284&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1COJS06atC&p=https%3A//sumypost.com&dtd=45

Verdicts & Comments Add Verdict or Comment

138 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.redintelligence.net/	1970-01-19 20:11:34	Name: 8lcfmzhxc8d6_uid Value: 169de7a61812a8d5
.doubleclick.net/	1970-01-19 18:02:02	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-19 18:01:59	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-20 03:23:34	Name: IDE Value: AHWqTUkueIjoJOQYQoipOyYWP5DHt9iA8sPyCF-Pu0DYtBKlA_01w1ACZ8CVXMpzjtc

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	(Line 1) Message: JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
c.bigmir.net
cdn.contentspread.net
cm.g.doubleclick.net
cms.quantserve.com
fonts.googleapis.com
fonts.gstatic.com
get.mycounter.ua
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
hal9000.redintelligence.net
hal900022.redintelligence.net
i.bigmir.net
id.rlcdn.com
image6.pubmatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.mathtag.com
pixel.rubiconproject.com
pm-image.com
rtb.openx.net
ssum-sec.casalemedia.com
stats.g.doubleclick.net
sumypost.com
tags.mathtag.com
tpc.googlesyndication.com
www.awin1.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.gstatic.com
googleads.g.doubleclick.net
104.111.239.217
142.250.185.226
144.76.104.53
185.29.133.199
185.64.189.115
193.239.68.97
193.239.71.100
195.16.88.9
2.18.233.201
2.18.234.21
217.182.200.19
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1450:4001:800::2002
2a00:1450:4001:801::2002
2a00:1450:4001:802::2003
2a00:1450:4001:803::2001
2a00:1450:4001:803::2003
2a00:1450:4001:808::2004
2a00:1450:4001:808::200e
2a00:1450:4001:809::2002
2a00:1450:4001:813::2002
2a00:1450:4001:813::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2003
2a00:1450:400c:c08::9c
2a00:7a60:0:10c0::1
35.186.253.211
35.244.174.68
62.149.0.249
69.173.144.165
88.99.219.174
88.99.69.161
000c1cc4f1a196dee4a13fe7a485f4ba6f161e56cd2c10605010daf689b054cc
0049ee98fd8fd1540e7201815331502b83397cc1b9d669aab32f8fb342440781
01c87d6dbb55518c114e983b3d4a8631072905893a45cffc9afd68db8b5fd180
04d470dc2e9679f841039cb7c8ca471cee2bea57a9cee8a79184ed0240d7b5cf
056cb6fb8f182c6525d8d683c754d037afbbec05336674466b55c088637893e8
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
11061d8aaaea70308f808d93b81da97a2c9f083ff3859f553a6841830a4a5d8d
1661c6d01207f8e58d4babdc4f2352b965ef741777cddbb0319745fcf75ad933
173fd00f452c8209f6cebea57cb9a5ab26ab6802ede684468faff558efffd53e
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1b23e8807bc0edea369325f915c9d5211d251600462b045e138a227071a6a1c1
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
1eddc73cd37d151291adc510a4a547c4b0248b5bf7d368fcf4b73840a75b819a
230226211b6fa75f73a7257ef16ffa5904523b30e32e7aae949790ae288a4dc0
266a3771ef39c4855333a8ff90d4a48d8c19f2ddb561ceb41a5a8ab4747304f8
268d4ee9f8e316f07f185acd7b3ce896ae73437a8aceb8e516fad7c1b405e72b
278a038fd510240f76a0b812d57f7cd0ee7ba7ec252ab960cdf1997c02cf0523
28fb0fd49a226763f1de085ab6e81bc59d8f74e94a4e4bd712da5600dca3506e
29b1bccf6c758537a82e38ba5b9e1e064dce368076ec371cc1f477e9e1ea0f40
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2fc4cc1bfc175be0c3a822a4fa2c3dfe2b83c900b80171deca4441ff5a5769a5
30e90a20f65d85a41c4065fe4ee6ca85701d82ca30eb96b30e994c79e6fd74cb
35703cfab4436ea19ad920b66165c2df1f54b9efbb5682ae9b374a2efb5a0575
39c6b27bf26876c9b27d32cd1741577dfc79b5545beb6b8616f3b9cea0f2b0e2
3d37af3c27451b138110f825897b83728acbd218471a2a2632aabbb37d4a4966
3f62d2f95c3642606f92c38db573546731c3430e4d0fa101c0b2fdfd63695bb5
407e890165b2142c21727e836edfde16f15bb88f568f1e47fd392c982d890d34
439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c
441783bfcddf048111ca318b61c3e1441c4e78c6803ec8ebd4d991d7163a54e0
4576f04bf8fb6939c33c742d6fa0add87f69badbc5947a022d60514813fa92b2
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
473681f8a3838c51c275a4a05671e8b01b1c7cc0f1476d6e675997e7c4626c0b
47b04e7ebabf7a5d10e7ff6e7916bd9db7ec3fe22b7a03ac8712b90f01fef145
47c8bea433f4705fc4812198e2e713bf760e1aae3aa96cb58148fad7b10842e6
491f5fad1f4a2eb172decafa70fc472dc76f4f99dd14cb08f317469361531de4
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
4f04f3cc7a538e30f5db2e61cc36a098e29f97e6ca3a85c56b93f885c747f387
4f3e758eee93b746eb32f72127664b6bb6de1465f28eb6d32600ab2b3071c500
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
5a813a165c4b7c37247c53dc8a085d071216f041ef968edf187deafaed45f04b
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
66e2d6a5b96303b450c5d2141f090aff6f6b8ae27be9345d475fbec600497725
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
68f11ecbc8e56ff531e130db65cf00ab6a81b1706cf2aa3eaffee237b8b8e9c9
6b44de504fe9504ea2636b637f8fb3f2be8d29674c427654bdf78bceff624435
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
734507a7c6a1964d63ca6502f2310a8cad206f0f7c78100ed323dfee81d0bd71
7764025674ca6855094c3801171697066c09ce371428720c1152b6f3e5c8b40f
7ecf284e717e15fb163e7c0bd1a0c014dfee68c084f86dbc6399db492e08af37
828082977a5f96b0a62e0d58c7545ef1036b320bb2d9db72f94993170cb15c58
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85b6b48b7449ee7b225cad8b58e89f6df4b690ec84b3be8668593d4b6299db50
88fe4e2737cab4367cd2035923830fd66012a04aa7ba1c7beb358a632019a6f6
8c02ac48ef903257d2f7337b577937762f327635f709308ed3c03cdff82609e4
8cadae5225b49124780184bf43516e483ac517c05151c872fd9dd6bb5d459afd
8e46813172e9fa6ada136f50d2bea0b539e249f3e14b537447b61c43076dee74
8efe3e24fbff7b370d1d24175f1de783017859e0fe80d2e0f08e22b8e1c0c08a
90e5243c11607e4a858e3edbfcb8f3401bd0cb682c48c1c10b023b9d5e38e7eb
91b3409ecfc085b8c41bda8854235cbbd2c67286f2a650f92f2ed0979914e23b
9221cec7c481944705c959106c1f1ca527693c076209b5070c99338f465a291f
92aa80fc2263cb00822d0db25a3c39391e32c718334b14a9ba605cce844d45df
94442ab42e60dd5c6c276c1777c56fc3f9dff44e999524ca6431af82a9bff9af
991dbd5b6ac97b00a785c28887be53b4370ffb7a195f32b815a70cbdf5543f6a
999cde936420491d96d2213f62f5b14d7fd930102980566ba4c43abba331393f
9a87feda1cf03e06dd3f743a46d37f5ac981fd745aa14d4c6b171dabac0db237
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bce1ee2df74787fb7017a6a86cc0fa1a90a1301b465763d31ae517d3b07e323
9d077e6243c3057587605d61cf0909f89a74513654ac65dd4b2aa931296eed62
9dc50cbbaa80bae4734be5dbb8cf6a3bbd4a760448a1ebff2d8cf91e6689217e
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
a6ba6fba1112b7017688440cc23b9b440937c1b20a304206cb45b5ab9aecc253
a7ae2bc512e73adedcdc0f3d33e6aadbbf9944617d02d785ba1f75efd809eb60
a7dff3d19d46ecb27a23dbb25eb379ad20b6107122a629613b299a3a9997700f
abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b0678ccc3094a26b167cf82fd0b0d2fa62b2b59a435a4bf9b19a7febac3e01ec
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b262ea7b2baf2d69dd35317cf24a599271cadcc55353ddf038ece277038d18b0
b4c2550b07d12bba335752254860f12b44388f449397b9e6e85a8e3f9ed7a6df
b67c782b336105a0cf78c06d5ee73c1a14c38062d06ef3d31beeb5b9ea624024
b68cfb96f2bed12acf01f82c07442739f55ccea9421beae3bff3b05dad930979
b7ae06b0bd88fd9b8e74350b431f4321263f35e017b9b463ab8c60eb9563e520
bd2a55446b7da7fc6b49d8d5a013bec4ce7294d4bcbacd618aff7854232985db
bd44729be14dd0f8fa9be974e1a164fd6b8b69eba047056e369b84e6a6d46c97
bdaa38f52441bf7af0793fbf059e5598ffd9d18fa264b14bd55f6b3655fcc958
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c6c90a9b3443352d72701940c7d481187437570b43156c994ce6a7f90c67eb9e
ca7f6a75f8da2e497c0448e9cabc0f2175efe0d0738bdcecca679308e0e4968b
cb8395cdd55a97aea2d5d34a5c453a5e098f7250c3846a42e5a1301c4b5514b5
cca1d9ca38e1bdd0792b3ec996aa220271387b7c3551d011a6913088b7ed7030
cd3c21db58383e67406558a08962488ed59dc0de0301fc3ee15665b0a7bd71e7
d08fdf960890b4f7662bad35400a8464627110622652b944445b4a4ab32c01cb
d179df34c1ba991ee5d52b240df6d74b9542da5c8c26c4964f9e4cfe0c1f43b8
d21022fedae715e019b0827c3923e0a92f750b2ea36b249933632a921b1e8d2e
d284077f47e9d30edbdf7caa8b229ac10c08150562c4be18909b5b92d6c772fe
d74faf3dba15909820c656f6c8a266891f47becd215f5d1d43b1855577e76584
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d85112d14c6fac3e461e6c2aafcf58316e996a380ad30215777cd8760521673b
d931393ae1a1c0b3d4126858ea4a15442f1e094f07420283272902e1a878c0cc
e00db7d3373fb5fd2fa2c7f5f7de6a4e90423ee5068404ba02913f6f781150a9
e26c1aa6a8a4066f51003fac6b3e02488111b2a62596c03c5fe619a49149d4b3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f3f967b6e5dcd21d9543e5c2efdf6c075a729a3113f8aed3eb41a727d989cd
e60a3d9e5e60abd14d62324a850de1bd9e7e99d3f2153daf6dd1637cb35b2e67
ebf244a66931bb750c0eed9f5d90f7708abdadc364bbef7df8a4049c0a26c2b4
edfe76acca4890e0a8208bebc32efce37ad25ac68518fef50db520474294bcbf
ef14d630ab1e5bb9b4a5fa9fca09abf749c3dbd4301405fd85b5a2629840b066
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

sumypost.com Open in urlscan Pro 2a00:7a60:0:10c0::1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

159 Requests

99 %HTTPS

47 %IPv6

24 Domains

33 Subdomains

27 IPs

7 Countries

2808 kBTransfer

4443 kBSize

4 Cookies

21 Outgoing links

Redirected requests

159 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

sumypost.com Open in urlscan Pro
2a00:7a60:0:10c0::1 Public Scan

Screenshot
Live screenshot

Full Image

159
Requests

99 %
HTTPS

47 %
IPv6

24
Domains

33
Subdomains

27
IPs

7
Countries

2808 kB
Transfer

4443 kB
Size

4
Cookies

159 HTTP transactions
8 data transactions