dundapost.com Open in urlscan Pro
104.161.23.5 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.dundapost.com/
Effective URL:
https://dundapost.com/
Submission: On May 03 via automatic, source certstream-suspicious (May 3rd 2021, 1:47:41 pm UTC)

Summary HTTP 190 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 32 IPs in 4 countries across 26 domains to perform 190 HTTP transactions. The main IP is 104.161.23.5, located in Phoenix, United States and belongs to IOFLOOD, US. The main domain is dundapost.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on March 23rd 2021. Valid for: 3 months.

This is the only time dundapost.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 75	104.161.23.5 104.161.23.5	53755 (IOFLOOD) (IOFLOOD)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
5	104.19.136.78 104.19.136.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:e134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
26	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
5	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	104.19.135.78 104.19.135.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	185.29.133.208 185.29.133.208	30419 (MEDIAMATH...) (MEDIAMATH-INC)
15	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
1	138.201.220.30 138.201.220.30	24940 (HETZNER-AS) (HETZNER-AS)
1	184.30.20.207 184.30.20.207	16625 (AKAMAI-AS) (AKAMAI-AS)
1 5	138.201.63.150 138.201.63.150	24940 (HETZNER-AS) (HETZNER-AS)
1 2	92.123.148.9 92.123.148.9	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2620:116:800d... 2620:116:800d:21:8c6e:cf2c:8d6:9fb5	16509 (AMAZON-02) (AMAZON-02)
2 2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
6	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2 2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	184.30.20.241 184.30.20.241	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	79.137.69.91 79.137.69.91	16276 (OVH) (OVH)
2	188.138.33.34 188.138.33.34	8972 (GD-EMEA-D...) (GD-EMEA-DC-SXB1)
1 1	104.26.9.183 104.26.9.183	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700:20:... 2606:4700:20::681a:88b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
190	32

75 104.161.23.5 (Phoenix, United States) 1 redirects

ASN53755 (IOFLOOD, US)
PTR: corporate.vip2.noc401.com

www.dundapost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dundapost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.19.136.78 (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.135.78 (United States)

ASN13335 (CLOUDFLARENET, US)

c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.133.208 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)

tags.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.220.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.30.220.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.20.207 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-207.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 138.201.63.150 (Lingenfeld, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.150.63.201.138.clients.your-server.de

hal90008.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 92.123.148.9 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-148-9.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.30.20.241 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-241.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 79.137.69.91 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: gcm11.host.hit.gemius.pl

googlecm.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.138.33.34 (Strasbourg, France)

ASN8972 (GD-EMEA-DC-SXB1, DE)
PTR: loft9037.serverprofi24.de

cdn.contentspread.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.9.183 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

code.tidio.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:20::681a:88b (United States)

ASN13335 (CLOUDFLARENET, US)

widget-v4.tidiochat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
75	dundapost.com 1 redirects www.dundapost.com dundapost.com	2 MB
32	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	280 KB
23	doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	76 KB
9	gstatic.com fonts.gstatic.com www.gstatic.com	143 KB
6	redintelligence.net 1 redirects hal9000.redintelligence.net hal90008.redintelligence.net	9 KB
6	mgid.com jsc.mgid.com cdn.mgid.com c.mgid.com	72 KB
5	tidiochat.com widget-v4.tidiochat.com	246 KB
5	google.com 1 redirects adservice.google.com www.google.com	505 B
5	google-analytics.com www.google-analytics.com	20 KB
5	googleapis.com fonts.googleapis.com	3 KB
4	mathtag.com tags.mathtag.com pixel.mathtag.com	3 KB
4	googletagservices.com www.googletagservices.com	133 KB
3	google.de adservice.google.de	409 B
2	contentspread.net cdn.contentspread.net	37 KB
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com	2 KB
2	pubmatic.com 2 redirects image6.pubmatic.com	2 KB
2	rlcdn.com 2 redirects id.rlcdn.com	894 B
2	awin1.com 1 redirects www.awin1.com	1 KB
2	facebook.net connect.facebook.net	65 KB
1	tidio.co 1 redirects code.tidio.co	652 B
1	gemius.pl 1 redirects googlecm.hit.gemius.pl	306 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com	461 B
1	quantserve.com cms.quantserve.com	464 B
1	googleadservices.com partner.googleadservices.com	639 B
1	onesignal.com cdn.onesignal.com	3 KB
1	googletagmanager.com www.googletagmanager.com	35 KB
190	26

	Domain	Requested by
74	dundapost.com	dundapost.com
20	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
17	googleads.g.doubleclick.net	pagead2.googlesyndication.com dundapost.com googleads.g.doubleclick.net www.googletagservices.com
12	pagead2.googlesyndication.com	dundapost.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
8	fonts.gstatic.com	fonts.googleapis.com
6	cm.g.doubleclick.net	googleads.g.doubleclick.net
5	widget-v4.tidiochat.com	code.tidio.co
5	hal90008.redintelligence.net	1 redirects googleads.g.doubleclick.net hal90008.redintelligence.net
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com dundapost.com
5	fonts.googleapis.com	dundapost.com googleads.g.doubleclick.net tpc.googlesyndication.com
4	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	tags.mathtag.com	googleads.g.doubleclick.net tags.mathtag.com
3	c.mgid.com	jsc.mgid.com dundapost.com
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.de	pagead2.googlesyndication.com
2	cdn.contentspread.net	hal90008.redintelligence.net
2	ssum-sec.casalemedia.com	2 redirects
2	image6.pubmatic.com	2 redirects
2	id.rlcdn.com	2 redirects
2	www.awin1.com	1 redirects googleads.g.doubleclick.net
2	www.google.com	1 redirects googleads.g.doubleclick.net
2	connect.facebook.net	dundapost.com connect.facebook.net
2	cdn.mgid.com	dundapost.com
1	code.tidio.co	1 redirects
1	googlecm.hit.gemius.pl	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	pixel.mathtag.com	tags.mathtag.com
1	hal9000.redintelligence.net	dundapost.com
1	www.gstatic.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	cdn.onesignal.com	dundapost.com
1	jsc.mgid.com	dundapost.com
1	www.googletagmanager.com	dundapost.com
1	www.dundapost.com	1 redirects
190	35

This site contains links to these domains. Also see Links.

Domain
web.facebook.com
twitter.com
www.youtube.com
www.facebook.com
plus.google.com
youtube.com
www.instagram.com
swift-technologies.co.ke

Subject Issuer	Validity	Valid
dundapost.com cPanel, Inc. Certification Authority	`2021-03-23` - `2021-06-21`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-09` - `2021-07-09`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.mathtag.com DigiCert SHA2 Secure Server CA	`2020-04-15` - `2022-04-22`	2 years	crt.sh
www.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
redintelligence.net R3	`2021-04-21` - `2021-07-20`	3 months	crt.sh
pixel.mathtag.com DigiCert SHA2 Secure Server CA	`2020-04-15` - `2021-07-15`	a year	crt.sh
www.awin1.com DigiCert Secure Site ECC CA-1	`2020-04-21` - `2021-07-21`	a year	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
cdn.contentspread.net Go Daddy Secure Certificate Authority - G2	`2020-07-08` - `2021-07-08`	a year	crt.sh

This page contains 21 frames:

Primary Page: https://dundapost.com/
Frame ID: E0617E9233BAD01B8DC4760C59BCCAD9
Requests: 119 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210428/r20190131/zrt_lookup.html
Frame ID: D6752CA5E3A7D47239E1AF40D44108E0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5513997980152446&output=html&h=90&slotname=1261593740&adk=1754280212&adf=900154443&pi=t.ma~as.1261593740&w=728&lmt=1620049626&rafmt=12&psa=0&format=728x90&url=https%3A%2F%2Fdundapost.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620049626196&bpp=23&bdt=690&idt=98&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=2318045551770&frm=20&pv=2&ga_vid=1609345147.1620049626&ga_sid=1620049626&ga_hid=670428568&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=241&ady=194&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060930%2C31060828%2C31060839&oid=3&pvsid=433431954549986&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=HfMP7xojxF&p=https%3A//dundapost.com&dtd=132
Frame ID: BB214B0193866FA3704A6D0AF20E70E6
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5513997980152446&output=html&h=90&slotname=3298544548&adk=2580225339&adf=383669989&pi=t.ma~as.3298544548&w=728&lmt=1620049626&psa=0&format=728x90&url=https%3A%2F%2Fdundapost.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620049626351&bpp=1&bdt=845&idt=1&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=2318045551770&frm=20&pv=1&ga_vid=1609345147.1620049626&ga_sid=1620049626&ga_hid=670428568&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060930%2C31060828%2C31060839&oid=3&pvsid=433431954549986&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeEbr%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=3jabudvqAH&p=https%3A//dundapost.com&dtd=3
Frame ID: 369E8B41A43F83E399C7FDF3C1363396
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5513997980152446&output=html&h=90&slotname=1261593740&adk=1754280212&adf=1677928612&pi=t.ma~as.1261593740&w=728&lmt=1620049626&rafmt=12&psa=0&format=728x90&url=https%3A%2F%2Fdundapost.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620049626219&bpp=1&bdt=712&idt=166&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90&correlator=2318045551770&frm=20&pv=1&ga_vid=1609345147.1620049626&ga_sid=1620049626&ga_hid=670428568&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=241&ady=1055&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060930%2C31060828%2C31060839&oid=3&pvsid=433431954549986&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=cmgUabT0LG&p=https%3A//dundapost.com&dtd=169
Frame ID: FFAAE49BB13E63439470E34F8AA74302
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5513997980152446&output=html&h=250&slotname=9503045842&adk=520352030&adf=2544256464&pi=t.ma~as.9503045842&w=300&lmt=1620049626&rafmt=12&psa=0&format=300x250&url=https%3A%2F%2Fdundapost.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620049626229&bpp=1&bdt=723&idt=181&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90%2C728x90&correlator=2318045551770&frm=20&pv=1&ga_vid=1609345147.1620049626&ga_sid=1620049626&ga_hid=670428568&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1048&ady=468&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060930%2C31060828%2C31060839&oid=3&pvsid=433431954549986&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=3I0jWYUoTB&p=https%3A//dundapost.com&dtd=187
Frame ID: 5F257E982FBA7E5CF089F1667DD3A921
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5513997980152446&output=html&h=280&slotname=9503045842&adk=2978807076&adf=2327918766&pi=t.ma~as.9503045842&w=345&fwrn=4&fwrnh=100&lmt=1620049626&rafmt=1&psa=0&format=345x280&url=https%3A%2F%2Fdundapost.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620049626243&bpp=2&bdt=737&idt=176&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90%2C728x90%2C300x250&correlator=2318045551770&frm=20&pv=1&ga_vid=1609345147.1620049626&ga_sid=1620049626&ga_hid=670428568&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1025&ady=1564&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060930%2C31060828%2C31060839&oid=3&pvsid=433431954549986&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=HGWpWVEKuD&p=https%3A//dundapost.com&dtd=181
Frame ID: E7CBF28A5BE91FEBEE30B018B4AF3E80
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5513997980152446&output=html&h=280&slotname=9503045842&adk=2978807076&adf=1635608358&pi=t.ma~as.9503045842&w=345&fwrn=4&fwrnh=100&lmt=1620049626&rafmt=1&psa=0&format=345x280&url=https%3A%2F%2Fdundapost.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620049626253&bpp=1&bdt=747&idt=204&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90%2C728x90%2C300x250%2C345x280&correlator=2318045551770&frm=20&pv=1&ga_vid=1609345147.1620049626&ga_sid=1620049626&ga_hid=670428568&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1025&ady=2364&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060930%2C31060828%2C31060839&oid=3&pvsid=433431954549986&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=rKfRKjmxzS&p=https%3A//dundapost.com&dtd=211
Frame ID: AF53F835918A56F0FF6E7847E3BA8981
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5513997980152446&output=html&h=0&slotname=1261593740&adk=4094482915&adf=1652104338&pi=t.ma~as.1261593740&w=0&lmt=1620049626&rafmt=12&psa=0&format=0x0&url=https%3A%2F%2Fdundapost.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620049626282&bpp=1&bdt=776&idt=197&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90%2C728x90%2C300x250%2C345x280%2C345x280&correlator=2318045551770&frm=20&pv=1&ga_vid=1609345147.1620049626&ga_sid=1620049626&ga_hid=670428568&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=800&ady=3251&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060930%2C31060828%2C31060839&oid=3&pvsid=433431954549986&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&fu=256&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=Bbc8dUrO4s&p=https%3A//dundapost.com&dtd=201
Frame ID: 9DFD112BE4A4952080BC69C3AB6DC582
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5513997980152446&output=html&adk=1812271804&adf=3025194257&lmt=1620049626&plat=1%3A32776%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fdundapost.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620049626781&bpp=1&bdt=1275&idt=1&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5d4201b38427f042-22e38106fac700e3%3AT%3D1620049626%3ART%3D1620049626%3AS%3DALNI_Mabd-tGKFjRT4Is82LI7uhkkRDphA&prev_fmts=728x90%2C728x90%2C728x90%2C300x250%2C345x280%2C345x280%2C0x0&nras=1&correlator=2318045551770&frm=20&pv=1&ga_vid=1609345147.1620049626&ga_sid=1620049626&ga_hid=670428568&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060930%2C31060828%2C31060839&oid=3&pvsid=433431954549986&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=8&uci=a!8&fsb=1&dtd=7
Frame ID: E4995C63D680743288FFDD88E3725883
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5513997980152446&output=html&h=250&slotname=9503045842&adk=520352030&adf=2544256464&pi=t.ma~as.9503045842&w=300&lmt=1620049626&rafmt=12&psa=0&format=300x250&url=https%3A%2F%2Fdundapost.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620049626229&bpp=1&bdt=723&idt=181&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90%2C728x90&correlator=2318045551770&frm=20&pv=1&ga_vid=1609345147.1620049626&ga_sid=1620049626&ga_hid=670428568&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1048&ady=468&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060930%2C31060828%2C31060839&oid=3&pvsid=433431954549986&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=3I0jWYUoTB&p=https%3A//dundapost.com&dtd=187
Frame ID: C42E18C94D9D25421CD4C978D98F132B
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5513997980152446&output=html&h=280&slotname=9503045842&adk=2978807076&adf=2327918766&pi=t.ma~as.9503045842&w=345&fwrn=4&fwrnh=100&lmt=1620049626&rafmt=1&psa=0&format=345x280&url=https%3A%2F%2Fdundapost.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620049626243&bpp=2&bdt=737&idt=176&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90%2C728x90%2C300x250&correlator=2318045551770&frm=20&pv=1&ga_vid=1609345147.1620049626&ga_sid=1620049626&ga_hid=670428568&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1025&ady=1564&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060930%2C31060828%2C31060839&oid=3&pvsid=433431954549986&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=HGWpWVEKuD&p=https%3A//dundapost.com&dtd=181
Frame ID: 2D26A77F5C86BD20E02E6281584FA301
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5513997980152446&output=html&h=280&slotname=9503045842&adk=2978807076&adf=1635608358&pi=t.ma~as.9503045842&w=345&fwrn=4&fwrnh=100&lmt=1620049626&rafmt=1&psa=0&format=345x280&url=https%3A%2F%2Fdundapost.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620049626253&bpp=1&bdt=747&idt=204&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90%2C728x90%2C300x250%2C345x280&correlator=2318045551770&frm=20&pv=1&ga_vid=1609345147.1620049626&ga_sid=1620049626&ga_hid=670428568&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1025&ady=2364&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060930%2C31060828%2C31060839&oid=3&pvsid=433431954549986&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=rKfRKjmxzS&p=https%3A//dundapost.com&dtd=211
Frame ID: B1418ABF88AC7F636CEB33FFB7727A23
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/V1lNzVGDXdksv1u627CI7W0-mHZYzGGGZdNtnF4LgGE.js
Frame ID: 87591D1E93250D191F368388420E3620
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/error_handler.js
Frame ID: C935B26CEC912227A94AB73ED6CA8AB1
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13014175897113125687/index.html
Frame ID: 620506FD0E6E10C3A48DCD593456571C
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 1E5DD67FA58E5BF14E7F19FB23D8720B
Requests: 2 HTTP requests in this frame

Frame: https://hal90008.redintelligence.net/request_content.php?s=77872000158214002179199011583008&a=2f72fb9e
Frame ID: DB5245E7DFE831057E2CB51A85C73505
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 529F783CCF94835A21243C8BD6F37803
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 85E8EB28DD761AC8853470641D361A73
Requests: 2 HTTP requests in this frame

Frame: https://widget-v4.tidiochat.com/1_68_0/static/js/chunk-WidgetIframe-af06857f6bb1cfd0c730.js
Frame ID: BBFBCDE484922DAFFB2F16F121AA2455
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.dundapost.com/ HTTP 301
https://dundapost.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

LiteSpeed (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^LiteSpeed$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

190
Requests

99 %
HTTPS

54 %
IPv6

26
Domains

35
Subdomains

32
IPs

4
Countries

2881 kB
Transfer

6979 kB
Size

0
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://web.facebook.com/Dundapost/
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/dundapost
Title:

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCPyg7nxIFERL1J-O4MgIXHg?disable_polymer=true
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Dundapost
Title: FacebookLikes Like our page

Search URL Search Domain Scan URL

URL: https://plus.google.com/116030018206526131828
Title: Google+Followers Follow Us

Search URL Search Domain Scan URL

URL: https://youtube.com/channel/HomeNews
Title: YoutubeSubscribers Subscribe

Search URL Search Domain Scan URL

URL: https://www.instagram.com/

Search URL Search Domain Scan URL

URL: http://swift-technologies.co.ke/
Title: SwiftIT Technologies

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.dundapost.com/ HTTP 301
https://dundapost.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 161

https://hal90008.redintelligence.net/request.php?zone=r9d3a58lo9uw&nw=20&renderingType=javascript&namespace=241717b699&subid=&uid=d360f381fb641875&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=1&gdpr_consent=BAAAAAAAAAAAAAAAAAluAA%2F%2F%2F%2F%2F%2F%2BABgCeAJ4Ang&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D2689427270190091783%26mt_id%3D8675609%26mt_adid%3D242876%26mt_sid%3D7324419%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D5c4a608f-fedb-4e01-a3e5-456743886da1%26mt_cid%3D5c4a608f-fedb-4e01-a3e5-456743886da1%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCNwdi2v6PYPylNNq0gAfJ-a64CM-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNTUxMzk5Nzk4MDE1MjQ0NsgBCagDAaoEpgFP0EIcWFrTn4FqPMKBzgFp24eqa5a8sbG7y2prZSd1bTCXQllakz73ZyF-BLPoFYAXtDTt6XV5iPELCXQkW4QN28Z5KHIsoEoeKP6969tNQwKmaf0Nt_YqXChd5ZWOZubKBHHV26rH8o9bYPXvhfIzcjymi7tcwP-QMvfn52KAYxd5Rh41eYfLpYOLpiiwfeKC5vTPMvjuGi3eX8XIN5fa51DLYv_QgAbqx4ewjce2-acBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1vMP65F0fNUFmd_71uSwkXTfEB2w%2526client%253Dca-pub-5513997980152446%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fdundapost.com%2F&ancestorOrigins=https%3A%2F%2Fdundapost.com&random=2844222070533&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal90008.redintelligence.net/request.php?zone=r9d3a58lo9uw&nw=20&renderingType=javascript&namespace=241717b699&subid=&uid=d360f381fb641875&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=1&gdpr_consent=BAAAAAAAAAAAAAAAAAluAA%2F%2F%2F%2F%2F%2F%2BABgCeAJ4Ang&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D2689427270190091783%26mt_id%3D8675609%26mt_adid%3D242876%26mt_sid%3D7324419%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D5c4a608f-fedb-4e01-a3e5-456743886da1%26mt_cid%3D5c4a608f-fedb-4e01-a3e5-456743886da1%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCNwdi2v6PYPylNNq0gAfJ-a64CM-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNTUxMzk5Nzk4MDE1MjQ0NsgBCagDAaoEpgFP0EIcWFrTn4FqPMKBzgFp24eqa5a8sbG7y2prZSd1bTCXQllakz73ZyF-BLPoFYAXtDTt6XV5iPELCXQkW4QN28Z5KHIsoEoeKP6969tNQwKmaf0Nt_YqXChd5ZWOZubKBHHV26rH8o9bYPXvhfIzcjymi7tcwP-QMvfn52KAYxd5Rh41eYfLpYOLpiiwfeKC5vTPMvjuGi3eX8XIN5fa51DLYv_QgAbqx4ewjce2-acBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1vMP65F0fNUFmd_71uSwkXTfEB2w%2526client%253Dca-pub-5513997980152446%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fdundapost.com%2F&ancestorOrigins=https%3A%2F%2Fdundapost.com&random=2844222070533&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 167

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 176

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAQvitUI5MkKnxxKKymWJyeKSyQY3pt7nIXZDJQjtwKw5drHKD_fi-83Vxk2jsXRJtPrHaEp1w1b0Zr4CtMDvOZWyvn752bbKGJDZ&google_gid=CAESEB7TYtU2yLpKDUh_uoz4K2c&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCNz9v4QGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BUXZpdFVJNU1rS254eEtLeW1XSnllS1N5UVkzcHQ3bklYWkRKUWp0d0t3NWRySEtEX2ZpLTgzVnhrMmpzWFJKdFBySGFFcDF3MWIwWnI0Q3RNRHZPWld5dm43NTJiYktHSkRa HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwUWkxNWNvb0d3Vkc5UGp2RGRyWXFhT2dSV1FYbW55MmhCSlBFRzZBeWtvRQ==&google_push

Request Chain 177

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEPugeVf01wRiPrJMT4BR4SM&google_cver=1&google_push=AQvitUIF9_vq7Vy0kJFm9DWewv35tbv2RxlkuRgWwEnb4XjBEwCzStQ76PoWu7e_mOBcOROPgBVoIoE5OrtZclTrrRvpcRPQQgz3 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEPugeVf01wRiPrJMT4BR4SM&google_cver=1&google_push=AQvitUIF9_vq7Vy0kJFm9DWewv35tbv2RxlkuRgWwEnb4XjBEwCzStQ76PoWu7e_mOBcOROPgBVoIoE5OrtZclTrrRvpcRPQQgz3&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6iUBhXzdTxKNXr5hhEgGCA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUIF9_vq7Vy0kJFm9DWewv35tbv2RxlkuRgWwEnb4XjBEwCzStQ76PoWu7e_mOBcOROPgBVoIoE5OrtZclTrrRvpcRPQQgz3

Request Chain 178

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFdiBt0yRFdvFPl0oBbPpn0&google_cver=1&google_push=AQvitUKNvy7JA4MfZDCcNxR5cVy0myftP8JXEsa9YD3qtu5H_Wjbx00rfp9zL5NIVL0rRJkCXPdMu5H2p2wpPV0X9ceRzgY2QfGt HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S084TlBYRlktMTItOUVVUQ==&google_push=AQvitUKNvy7JA4MfZDCcNxR5cVy0myftP8JXEsa9YD3qtu5H_Wjbx00rfp9zL5NIVL0rRJkCXPdMu5H2p2wpPV0X9ceRzgY2QfGt

Request Chain 179

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGgCy_-Th3rwGbQT8Xyv2ck&google_cver=1&google_push=AQvitUKMe4Vjmnu8rjoQA9aF06XdFlrqMwrrDOS3_hvDDKPsaJmqFJQ7Pdp6kj_cAsUTXJx44tqDK5w903Cpo1xZb8gpENWajVM HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGgCy_-Th3rwGbQT8Xyv2ck&google_cver=1&google_push=AQvitUKMe4Vjmnu8rjoQA9aF06XdFlrqMwrrDOS3_hvDDKPsaJmqFJQ7Pdp6kj_cAsUTXJx44tqDK5w903Cpo1xZb8gpENWajVM&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YI_-3MHIFaR-8OwFHDNDPwAABI0AAAAB&google_gid=CAESEGgCy_-Th3rwGbQT8Xyv2ck&google_push=AQvitUKMe4Vjmnu8rjoQA9aF06XdFlrqMwrrDOS3_hvDDKPsaJmqFJQ7Pdp6kj_cAsUTXJx44tqDK5w903Cpo1xZb8gpENWajVM&google_cver=1

Request Chain 180

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEGDTGpQ_f1wOi_1zYtuA2Lk&google_cver=1&google_push=AQvitULI-2akwOhkuVDA0J0tmZL7P7JbyxwTmzdi97ExflEZBzRwYBDCEDSc5o4g4TH3Dun6n4pn7YRKyX3lM0mYKKU1vrr70FFM0w HTTP 301
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitULI-2akwOhkuVDA0J0tmZL7P7JbyxwTmzdi97ExflEZBzRwYBDCEDSc5o4g4TH3Dun6n4pn7YRKyX3lM0mYKKU1vrr70FFM0w&google_hm=

Request Chain 182

https://www.awin1.com/cshow.php?s=2846681&v=14098&q=409715&r=296283&pref1=77872000158214002179199011583008&pv=0 HTTP 302
https://cdn.contentspread.net/24i/advertiser/3839/creativesup/kl_kis_300x250px.gif

Request Chain 189

https://code.tidio.co/kagsz5col2zldmc1gdx5kjbtemkkzoh6.js HTTP 302
https://widget-v4.tidiochat.com/1_68_0/static/js/render.af06857f6bb1cfd0c730.js

190 HTTP transactions
14 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
dundapost.com/
Redirect Chain

https://www.dundapost.com/
https://dundapost.com/

241 KB
30 KB

167ms
166ms

Document
text/html

104.161.23.5
IOFLOOD

General

Check archive.org

Show headers Download Go to

Full URL: https://dundapost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.161.23.5 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: corporate.vip2.noc401.com
Software: LiteSpeed / PHP/7.3.27
Resource Hash: 90b30346a595ac3bd2e6a313bf3a104f02d6f8e42d88b518377530ff76a40f5c

Request headers

:method: GET
:authority: dundapost.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-powered-by: PHP/7.3.27
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
link: <https://dundapost.com/wp-json/>; rel="https://api.w.org/" <https://dundapost.com/wp-json/wp/v2/pages/74>; rel="alternate"; type="application/json" <https://dundapost.com/>; rel=shortlink
etag: "402581-1620046071;br"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 30901
date: Mon, 03 May 2021 13:47:05 GMT
server: LiteSpeed

Redirect headers

x-powered-by: PHP/7.3.27
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
x-redirect-by: WordPress
location: https://dundapost.com/
x-litespeed-cache: hit
content-length: 0
date: Mon, 03 May 2021 13:47:05 GMT
server: LiteSpeed
vary: User-Agent
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 88 KB
35 KB 41ms
32ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-175435196-1

Requested by

Host: dundapost.com
URL: https://dundapost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

30061354876d0edeba0460ce844d78e6b5bd9244c8731e478b5a4509df1ef133

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:05 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35849
x-xss-protection: 0
last-modified: Mon, 03 May 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 03 May 2021 13:47:05 GMT

GET
H2 200 style.min.css
dundapost.com/wp-includes/css/dist/block-library/ 57 KB
8 KB 154ms
146ms Stylesheet
text/css 104.161.23.5
IOFLOOD

General

Check archive.org

Show headers Download Go to

Full URL: https://dundapost.com/wp-includes/css/dist/block-library/style.min.css?ver=5.7.1
Requested by: Host: dundapost.com
URL: https://dundapost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.161.23.5 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: corporate.vip2.noc401.com
Software: LiteSpeed /
Resource Hash: 2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde

Request headers

:path: /wp-includes/css/dist/block-library/style.min.css?ver=5.7.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: dundapost.com
referer: https://dundapost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:05 GMT
content-encoding: br
last-modified: Thu, 15 Apr 2021 20:56:57 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 8146
expires: Mon, 10 May 2021 13:47:05 GMT

GET
H2 200 style.min.css
dundapost.com/wp-includes/css/dist/components/ 109 KB
15 KB 157ms
150ms Stylesheet
text/css 104.161.23.5
IOFLOOD

General

Check archive.org

Show headers Download Go to

Full URL: https://dundapost.com/wp-includes/css/dist/components/style.min.css?ver=5.7.1
Requested by: Host: dundapost.com
URL: https://dundapost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.161.23.5 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: corporate.vip2.noc401.com
Software: LiteSpeed /
Resource Hash: 326d0bda74e1b897845728260dafccd9ec8847ce2180eb0cae0255097308f688

Request headers

:path: /wp-includes/css/dist/components/style.min.css?ver=5.7.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: dundapost.com
referer: https://dundapost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:05 GMT
content-encoding: br
last-modified: Mon, 29 Mar 2021 19:37:03 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 15173
expires: Mon, 10 May 2021 13:47:05 GMT

GET
H2 200 style.min.css
dundapost.com/wp-includes/css/dist/block-editor/ 91 KB
11 KB 164ms
156ms Stylesheet
text/css 104.161.23.5
IOFLOOD

General

Check archive.org

Show headers Download Go to

Full URL: https://dundapost.com/wp-includes/css/dist/block-editor/style.min.css?ver=5.7.1
Requested by: Host: dundapost.com
URL: https://dundapost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.161.23.5 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: corporate.vip2.noc401.com
Software: LiteSpeed /
Resource Hash: 26a8833b3f616d42ce16ba186e2283f43aaca6b97ce2231d38e8789bfc6f0798

Request headers

:path: /wp-includes/css/dist/block-editor/style.min.css?ver=5.7.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: dundapost.com
referer: https://dundapost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:05 GMT
content-encoding: br
last-modified: Mon, 29 Mar 2021 19:37:03 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 11567
expires: Mon, 10 May 2021 13:47:05 GMT

GET
H2 200 style.min.css
dundapost.com/wp-includes/css/dist/nux/ 3 KB
708 B 169ms
161ms Stylesheet
text/css 104.161.23.5
IOFLOOD

General

Check archive.org

Show headers Download Go to

Full URL: https://dundapost.com/wp-includes/css/dist/nux/style.min.css?ver=5.7.1
Requested by: Host: dundapost.com
URL: https://dundapost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.161.23.5 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: corporate.vip2.noc401.com
Software: LiteSpeed /
Resource Hash: f14fdd346b1ec64d40a6a03c7cfb4561f784e8249c1fde667bf018ccff66c238

Request headers

:path: /wp-includes/css/dist/nux/style.min.css?ver=5.7.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: dundapost.com
referer: https://dundapost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:05 GMT
content-encoding: br
last-modified: Mon, 29 Mar 2021 19:37:03 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 674
expires: Mon, 10 May 2021 13:47:05 GMT

GET
H2 200 style.min.css
dundapost.com/wp-includes/css/dist/editor/ 22 KB
4 KB 169ms
161ms Stylesheet
text/css 104.161.23.5
IOFLOOD

General

Check archive.org

Show headers Download Go to

Full URL: https://dundapost.com/wp-includes/css/dist/editor/style.min.css?ver=5.7.1
Requested by: Host: dundapost.com
URL: https://dundapost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.161.23.5 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: corporate.vip2.noc401.com
Software: LiteSpeed /
Resource Hash: caceb5c6afee7548a5281cfe5be7af62aee13db7652c5425af34a7d2661dd9fd

Request headers

:path: /wp-includes/css/dist/editor/style.min.css?ver=5.7.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: dundapost.com
referer: https://dundapost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:05 GMT
content-encoding: br
last-modified: Mon, 29 Mar 2021 19:37:03 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3602
expires: Mon, 10 May 2021 13:47:05 GMT

GET
H2 200 blocks.style.build.css
dundapost.com/wp-content/plugins/captainform/admin/gutenberg/ 0
52 B 171ms
163ms Stylesheet
text/css 104.161.23.5
IOFLOOD

General

Check archive.org

Show headers Download Go to

Full URL: https://dundapost.com/wp-content/plugins/captainform/admin/gutenberg/blocks.style.build.css?ver=5.7.1
Requested by: Host: dundapost.com
URL: https://dundapost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.161.23.5 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: corporate.vip2.noc401.com
Software: LiteSpeed /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /wp-content/plugins/captainform/admin/gutenberg/blocks.style.build.css?ver=5.7.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: dundapost.com
referer: https://dundapost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:05 GMT
last-modified: Fri, 07 Aug 2020 17:06:52 GMT
server: LiteSpeed
vary: User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 0
expires: Mon, 10 May 2021 13:47:05 GMT

GET
H2 200 style.min.css
dundapost.com/wp-content/plugins/ad-ace/assets/css/ 5 KB
1 KB 171ms
163ms Stylesheet
text/css 104.161.23.5
IOFLOOD

General

Check archive.org

Show headers Download Go to

Full URL: https://dundapost.com/wp-content/plugins/ad-ace/assets/css/style.min.css?ver=1.3.15
Requested by: Host: dundapost.com
URL: https://dundapost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.161.23.5 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: corporate.vip2.noc401.com
Software: LiteSpeed /
Resource Hash: d9b18570e5896f6247bb318f5fe61a11772c3015e5626253dd70881251c60db9

Request headers

:path: /wp-content/plugins/ad-ace/assets/css/style.min.css?ver=1.3.15
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: dundapost.com
referer: https://dundapost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:05 GMT
content-encoding: br
last-modified: Fri, 30 Oct 2020 13:02:13 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1270
expires: Mon, 10 May 2021 13:47:05 GMT

GET
H2 200 shoppable-images-front.min.css
dundapost.com/wp-content/plugins/ad-ace/assets/css/ 6 KB
1 KB 281ms
273ms Stylesheet
text/css 104.161.23.5
IOFLOOD

General

Check archive.org

Show headers Download Go to

Full URL: https://dundapost.com/wp-content/plugins/ad-ace/assets/css/shoppable-images-front.min.css?ver=1.3.15
Requested by: Host: dundapost.com
URL: https://dundapost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.161.23.5 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: corporate.vip2.noc401.com
Software: LiteSpeed /
Resource Hash: 30cd961db82d46c3ac5c6a4abb291fcdc9e1bd4ded973363d2c8dad8039bf3df

Request headers

:path: /wp-content/plugins/ad-ace/assets/css/shoppable-images-front.min.css?ver=1.3.15
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: dundapost.com
referer: https://dundapost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:05 GMT
content-encoding: br
last-modified: Fri, 30 Oct 2020 13:02:13 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1164
expires: Mon, 10 May 2021 13:47:05 GMT

GET
H2 200 bs-icons.css
dundapost.com/wp-content/plugins/better-social-counter/includes/libs/better-framework/assets/css/ 4 KB
908 B 281ms
274ms Stylesheet
text/css 104.161.23.5
IOFLOOD

General

Check archive.org

Show headers Download Go to

Full URL: https://dundapost.com/wp-content/plugins/better-social-counter/includes/libs/better-framework/assets/css/bs-icons.css?ver=3.10.14
Requested by: Host: dundapost.com
URL: https://dundapost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.161.23.5 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: corporate.vip2.noc401.com
Software: LiteSpeed /
Resource Hash: 2c4564a5a6a9f5193d09fd02d9201292d50153dbad3257e5abf93f8e333551ce

Request headers

:path: /wp-content/plugins/better-social-counter/includes/libs/better-framework/assets/css/bs-icons.css?ver=3.10.14
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: dundapost.com
referer: https://dundapost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:05 GMT
content-encoding: br
last-modified: Sat, 04 May 2019 18:38:32 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 850
expires: Mon, 10 May 2021 13:47:05 GMT

GET
H2 200 style.min.css
dundapost.com/wp-content/plugins/better-social-counter/css/ 54 KB
5 KB 282ms
274ms Stylesheet
text/css 104.161.23.5
IOFLOOD

General

Check archive.org

Show headers Download Go to

Full URL: https://dundapost.com/wp-content/plugins/better-social-counter/css/style.min.css?ver=1.13.0
Requested by: Host: dundapost.com
URL: https://dundapost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.161.23.5 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: corporate.vip2.noc401.com
Software: LiteSpeed /
Resource Hash: 513c777a66d7cd4d76de6462d6842c8251c46feee07689e81967a7862b24b1a2

Request headers

:path: /wp-content/plugins/better-social-counter/css/style.min.css?ver=1.13.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: dundapost.com
referer: https://dundapost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:05 GMT
content-encoding: br
last-modified: Sat, 04 May 2019 18:39:18 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 5169
expires: Mon, 10 May 2021 13:47:05 GMT

GET
H2 200 styles.css
dundapost.com/wp-content/plugins/contact-form-7/includes/css/ 3 KB
882 B 282ms
275ms Stylesheet
text/css 104.161.23.5
IOFLOOD

General

Check archive.org

Show headers Download Go to

Full URL: https://dundapost.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.4.1
Requested by: Host: dundapost.com
URL: https://dundapost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.161.23.5 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: corporate.vip2.noc401.com
Software: LiteSpeed /
Resource Hash: 070edfef42e0980783d0acf8fa9ca6a9833b994eca13ffaa94e9a2deb47c92cf

Request headers

:path: /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.4.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: dundapost.com
referer: https://dundapost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:05 GMT
content-encoding: br
last-modified: Thu, 29 Apr 2021 06:56:31 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 824
expires: Mon, 10 May 2021 13:47:05 GMT

GET
H2 200 js_composer.min.css
dundapost.com/wp-content/plugins/js_composer/assets/css/ 474 KB
41 KB 283ms
275ms Stylesheet
text/css 104.161.23.5
IOFLOOD

General

Check archive.org

Show headers Download Go to

Full URL: https://dundapost.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.6.0
Requested by: Host: dundapost.com
URL: https://dundapost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.161.23.5 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: corporate.vip2.noc401.com
Software: LiteSpeed /
Resource Hash: 97b5b6bb0bfd4413504da4a5b78546698c75a127fff51b095080ee7fd3b8ec0c

Request headers

:path: /wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.6.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: dundapost.com
referer: https://dundapost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:05 GMT
content-encoding: br
last-modified: Sat, 20 Feb 2021 09:31:08 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 42005
expires: Mon, 10 May 2021 13:47:05 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
677 B 22ms
14ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Anaheim%3Areguler%7CMontserrat%3A700&display=swap&ver=1.2.5

Requested by

Host: dundapost.com
URL: https://dundapost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c1b5cd503cb61cdb668d79dc4e9e729d26763357c72cc95ae15f399815020db7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 03 May 2021 13:47:05 GMT
server: ESF
date: Mon, 03 May 2021 13:47:05 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 03 May 2021 13:47:05 GMT

GET
H2 200 front.css
dundapost.com/wp-content/plugins/super-socializer/css/ 68 KB
17 KB 291ms
284ms Stylesheet
text/css 104.161.23.5
IOFLOOD

General

Check archive.org

Show headers Download Go to

Full URL: https://dundapost.com/wp-content/plugins/super-socializer/css/front.css?ver=7.13.15
Requested by: Host: dundapost.com
URL: https://dundapost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.161.23.5 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: corporate.vip2.noc401.com
Software: LiteSpeed /
Resource Hash: 38db15048c48e0229698c2439da12cbd124f9ff0335114a1d5ef463e526575a2

Request headers

:path: /wp-content/plugins/super-socializer/css/front.css?ver=7.13.15
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: dundapost.com
referer: https://dundapost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:05 GMT
content-encoding: br
last-modified: Wed, 31 Mar 2021 16:41:12 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 17541
expires: Mon, 10 May 2021 13:47:05 GMT

GET
H2 200 share-svg.css
dundapost.com/wp-content/plugins/super-socializer/css/ 101 KB
30 KB 294ms
288ms Stylesheet
text/css 104.161.23.5
IOFLOOD

General

Check archive.org

Show headers Download Go to

Full URL: https://dundapost.com/wp-content/plugins/super-socializer/css/share-svg.css?ver=7.13.15
Requested by: Host: dundapost.com
URL: https://dundapost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.161.23.5 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: corporate.vip2.noc401.com
Software: LiteSpeed /
Resource Hash: 686a984a5a1b7f770a8f446487028a504259711778820c4d3332674d65d59438

Request headers

:path: /wp-content/plugins/super-socializer/css/share-svg.css?ver=7.13.15
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: dundapost.com
referer: https://dundapost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:05 GMT
content-encoding: br
last-modified: Wed, 31 Mar 2021 16:41:12 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 31143
expires: Mon, 10 May 2021 13:47:05 GMT

GET
H2 200 mediaelementplayer-legacy.min.css
dundapost.com/wp-includes/js/mediaelement/ 11 KB
2 KB 299ms
293ms Stylesheet
text/css 104.161.23.5
IOFLOOD

General

Check archive.org

Show headers Download Go to

Full URL: https://dundapost.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16
Requested by: Host: dundapost.com
URL: https://dundapost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.161.23.5 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: corporate.vip2.noc401.com
Software: LiteSpeed /
Resource Hash: b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Request headers

:path: /wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: dundapost.com
referer: https://dundapost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:05 GMT
content-encoding: br
last-modified: Sun, 07 Feb 2021 16:15:46 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2394
expires: Mon, 10 May 2021 13:47:05 GMT

GET
H2 200 wp-mediaelement.min.css
dundapost.com/wp-includes/js/mediaelement/ 4 KB
1 KB 299ms
294ms Stylesheet
text/css 104.161.23.5
IOFLOOD

General

Check archive.org

Show headers Download Go to

Full URL: https://dundapost.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=5.7.1
Requested by: Host: dundapost.com
URL: https://dundapost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.161.23.5 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: corporate.vip2.noc401.com
Software: LiteSpeed /
Resource Hash: 2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Request headers

:path: /wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=5.7.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: dundapost.com
referer: https://dundapost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:05 GMT
content-encoding: br
last-modified: Sat, 08 Jun 2019 09:15:02 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 982
expires: Mon, 10 May 2021 13:47:05 GMT

GET
H2 200 frontend.min.css
dundapost.com/wp-content/themes/jnews/assets/dist/ 548 KB
84 KB 299ms
294ms Stylesheet
text/css 104.161.23.5
IOFLOOD

General

Check archive.org

Show headers Download Go to

Full URL: https://dundapost.com/wp-content/themes/jnews/assets/dist/frontend.min.css?ver=8.0.3
Requested by: Host: dundapost.com
URL: https://dundapost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.161.23.5 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: corporate.vip2.noc401.com
Software: LiteSpeed /
Resource Hash: b03c305064447f4109562672db698759874b47a730ade28b4db0c64c63c0e54e

Request headers

:path: /wp-content/themes/jnews/assets/dist/frontend.min.css?ver=8.0.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: dundapost.com
referer: https://dundapost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:05 GMT
content-encoding: br
last-modified: Mon, 12 Apr 2021 21:20:44 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 85625
expires: Mon, 10 May 2021 13:47:05 GMT

GET
H2 200 style.css
dundapost.com/wp-content/themes/jnews/ 426 B
277 B 302ms
297ms Stylesheet
text/css 104.161.23.5
IOFLOOD

General

Check archive.org

Show headers Download Go to

Full URL: https://dundapost.com/wp-content/themes/jnews/style.css?ver=8.0.3
Requested by: Host: dundapost.com
URL: https://dundapost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.161.23.5 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: corporate.vip2.noc401.com
Software: LiteSpeed /
Resource Hash: 559a9b1c0df77c9a5b5f7af721eced640085eb5853a31e1c48f6bd652198f86b

Request headers

:path: /wp-content/themes/jnews/style.css?ver=8.0.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: dundapost.com
referer: https://dundapost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:05 GMT
content-encoding: br
last-modified: Fri, 09 Apr 2021 20:44:32 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 220
expires: Mon, 10 May 2021 13:47:05 GMT

GET
H2 200 darkmode.css
dundapost.com/wp-content/themes/jnews/assets/css/ 44 KB
6 KB 302ms
297ms Stylesheet
text/css 104.161.23.5
IOFLOOD

General

Check archive.org

Show headers Download Go to

Full URL: https://dundapost.com/wp-content/themes/jnews/assets/css/darkmode.css?ver=8.0.3
Requested by: Host: dundapost.com
URL: https://dundapost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.161.23.5 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: corporate.vip2.noc401.com
Software: LiteSpeed /
Resource Hash: eb90bf2dd6c52461f21742878e64a32df469fe701e30e6a4040cc2a5745775f2

Request headers

:path: /wp-content/themes/jnews/assets/css/darkmode.css?ver=8.0.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: dundapost.com
referer: https://dundapost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:05 GMT
content-encoding: br
last-modified: Wed, 17 Mar 2021 00:00:56 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 6471
expires: Mon, 10 May 2021 13:47:05 GMT

GET
H2 200 scheme.css
dundapost.com/wp-content/themes/jnews/data/import/morningnews/ 5 KB
1 KB 302ms
298ms Stylesheet
text/css 104.161.23.5
IOFLOOD

General

Check archive.org

Show headers Download Go to

Full URL: https://dundapost.com/wp-content/themes/jnews/data/import/morningnews/scheme.css?ver=8.0.3
Requested by: Host: dundapost.com
URL: https://dundapost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.161.23.5 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: corporate.vip2.noc401.com
Software: LiteSpeed /
Resource Hash: 1209144233ebb64f04d0dfaf2e7cec6c32a3095009953bdf07ad13d4b87dc1d2

Request headers

:path: /wp-content/themes/jnews/data/import/morningnews/scheme.css?ver=8.0.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: dundapost.com
referer: https://dundapost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:05 GMT
content-encoding: br
last-modified: Mon, 05 Aug 2019 21:14:50 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1233
expires: Mon, 10 May 2021 13:47:05 GMT

GET
H2 200 plugin.css
dundapost.com/wp-content/plugins/jnews-social-login/assets/css/ 2 KB
565 B 303ms
298ms Stylesheet
text/css 104.161.23.5
IOFLOOD

General

Check archive.org

Show headers Download Go to

Full URL: https://dundapost.com/wp-content/plugins/jnews-social-login/assets/css/plugin.css?ver=8.0.0
Requested by: Host: dundapost.com
URL: https://dundapost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.161.23.5 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: corporate.vip2.noc401.com
Software: LiteSpeed /
Resource Hash: 4c62c820213f1ab28757a744fd3d15b65fc1ac9e148c8db2c50eb8a20959f930

Request headers

:path: /wp-content/plugins/jnews-social-login/assets/css/plugin.css?ver=8.0.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: dundapost.com
referer: https://dundapost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:05 GMT
content-encoding: br
last-modified: Fri, 09 Apr 2021 11:38:57 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 507
expires: Mon, 10 May 2021 13:47:05 GMT

GET
H2 200 plugin.css
dundapost.com/wp-content/plugins/jnews-social-share/assets/css/ 1 KB
432 B 303ms
298ms Stylesheet
text/css 104.161.23.5
IOFLOOD

General

Check archive.org

Show headers Download Go to

Full URL: https://dundapost.com/wp-content/plugins/jnews-social-share/assets/css/plugin.css
Requested by: Host: dundapost.com
URL: https://dundapost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.161.23.5 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: corporate.vip2.noc401.com
Software: LiteSpeed /
Resource Hash: 5847707988b0ee28c7b583abaabd6c203ad910326e5b9fe12149a0bc8ac43e5c

Request headers

:path: /wp-content/plugins/jnews-social-share/assets/css/plugin.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: dundapost.com
referer: https://dundapost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:05 GMT
content-encoding: br
last-modified: Mon, 29 Mar 2021 19:23:36 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 374
expires: Mon, 10 May 2021 13:47:05 GMT

GET
H2 200 jquery.min.js Show response
dundapost.com/wp-includes/js/jquery/ 87 KB
30 KB 416ms
412ms Script
application/javascript 104.161.23.5
IOFLOOD

General

Check archive.org

Show headers Download Go to

Full URL: https://dundapost.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by: Host: dundapost.com
URL: https://dundapost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.161.23.5 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: corporate.vip2.noc401.com
Software: LiteSpeed /
Resource Hash: 60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

:path: /wp-includes/js/jquery/jquery.min.js?ver=3.5.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: dundapost.com
referer: https://dundapost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:05 GMT
content-encoding: br
last-modified: Sun, 07 Feb 2021 16:15:46 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 30287
expires: Mon, 10 May 2021 13:47:05 GMT

GET
H2 200 jquery-migrate.min.js Show response
dundapost.com/wp-includes/js/jquery/ 11 KB
4 KB 416ms
412ms Script
application/javascript 104.161.23.5
IOFLOOD

General

Check archive.org

Show headers Download Go to

Full URL: https://dundapost.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: dundapost.com
URL: https://dundapost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.161.23.5 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: corporate.vip2.noc401.com
Software: LiteSpeed /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

:path: /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: dundapost.com
referer: https://dundapost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:05 GMT
content-encoding: br
last-modified: Sun, 07 Feb 2021 16:15:46 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3995
expires: Mon, 10 May 2021 13:47:05 GMT

GET
H2 200 frontend-gtag.min.js Show response
dundapost.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/ 9 KB
3 KB 416ms
413ms Script
application/javascript 104.161.23.5
IOFLOOD

General

Check archive.org

Show headers Download Go to

Full URL: https://dundapost.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=7.17.0
Requested by: Host: dundapost.com
URL: https://dundapost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.161.23.5 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: corporate.vip2.noc401.com
Software: LiteSpeed /
Resource Hash: a98e42b2d4ab1ae36f3b270a0dff6ad2f158100833978ff0a549674a2543e78a

Request headers

:path: /wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=7.17.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: dundapost.com
referer: https://dundapost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:05 GMT
content-encoding: br
last-modified: Tue, 23 Mar 2021 18:57:44 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2594
expires: Mon, 10 May 2021 13:47:05 GMT

GET
H2 200 slideup.js Show response
dundapost.com/wp-content/plugins/ad-ace/assets/js/ 2 KB
632 B 417ms
413ms Script
application/javascript 104.161.23.5
IOFLOOD

General

Check archive.org

Show headers Download Go to

Full URL: https://dundapost.com/wp-content/plugins/ad-ace/assets/js/slideup.js?ver=1.3.15
Requested by: Host: dundapost.com
URL: https://dundapost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.161.23.5 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: corporate.vip2.noc401.com
Software: LiteSpeed /
Resource Hash: a7acfb3926865d68cafe8359320b0fa8959de6de7d2422ec43bd2a3736c40754

Request headers

:path: /wp-content/plugins/ad-ace/assets/js/slideup.js?ver=1.3.15
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: dundapost.com
referer: https://dundapost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:05 GMT
content-encoding: br
last-modified: Fri, 30 Oct 2020 13:02:13 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 598
expires: Mon, 10 May 2021 13:47:05 GMT

GET
H2 200 shoppable-images-front.js Show response
dundapost.com/wp-content/plugins/ad-ace/includes/shoppable-images/assets/js/ 2 KB
629 B 417ms
414ms Script
application/javascript 104.161.23.5
IOFLOOD

General

Check archive.org

Show headers Download Go to

Full URL: https://dundapost.com/wp-content/plugins/ad-ace/includes/shoppable-images/assets/js/shoppable-images-front.js?ver=1.3.15
Requested by: Host: dundapost.com
URL: https://dundapost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.161.23.5 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: corporate.vip2.noc401.com
Software: LiteSpeed /
Resource Hash: d355cf98aeecbb16480cc19e5f0afa9cf9b0a92526437d3e91a084a5ca78d400

Request headers

:path: /wp-content/plugins/ad-ace/includes/shoppable-images/assets/js/shoppable-images-front.js?ver=1.3.15
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: dundapost.com
referer: https://dundapost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:05 GMT
content-encoding: br
last-modified: Fri, 30 Oct 2020 13:02:13 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 595
expires: Mon, 10 May 2021 13:47:05 GMT

GET
H2 200 coupons.js Show response
dundapost.com/wp-content/plugins/ad-ace/assets/js/ 2 KB
582 B 417ms
414ms Script
application/javascript 104.161.23.5
IOFLOOD

General

Check archive.org

Show headers Download Go to

Full URL: https://dundapost.com/wp-content/plugins/ad-ace/assets/js/coupons.js?ver=1.3.15
Requested by: Host: dundapost.com
URL: https://dundapost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.161.23.5 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: corporate.vip2.noc401.com
Software: LiteSpeed /
Resource Hash: 1069a63dba084c49a2d8946bddfaed6f2701a02f718ece3e59c41a4e69479204

Request headers

:path: /wp-content/plugins/ad-ace/assets/js/coupons.js?ver=1.3.15
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: dundapost.com
referer: https://dundapost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:05 GMT
content-encoding: br
last-modified: Fri, 30 Oct 2020 13:02:13 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 548
expires: Mon, 10 May 2021 13:47:05 GMT

GET
H2 200 Dunda-Post-Logo.edited-e1596536727881.png
dundapost.com/wp-content/uploads/2020/08/ 13 KB
13 KB 148ms
148ms Image
image/png 104.161.23.5
IOFLOOD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dundapost.com/wp-content/uploads/2020/08/Dunda-Post-Logo.edited-e1596536727881.png
Requested by: Host: dundapost.com
URL: https://dundapost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.161.23.5 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: corporate.vip2.noc401.com
Software: LiteSpeed /
Resource Hash: 459d029e44e1c7b79901fee44223affb085019edd70ef2eb7580a2f380b1b89f

Request headers

:path: /wp-content/uploads/2020/08/Dunda-Post-Logo.edited-e1596536727881.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: dundapost.com
referer: https://dundapost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:06 GMT
last-modified: Tue, 04 Aug 2020 10:25:27 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 13119
expires: Mon, 10 May 2021 13:47:06 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 132 KB
47 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: dundapost.com
URL: https://dundapost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5438358c912e2cc4eef33fa29a797b23abf87b836c9eab0c051863c888577bc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47818
x-xss-protection: 0
server: cafe
etag: 10827134978754216822
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 03 May 2021 13:47:06 GMT

GET
H2 200 dundapost.com.984807.js Show response
jsc.mgid.com/d/u/ 279 KB
69 KB 352ms
306ms Script
text/javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/d/u/dundapost.com.984807.js
Requested by: Host: dundapost.com
URL: https://dundapost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69a535ecb758165dae81660c2f233e3d6c1cdeaa4b41a70a9d6c3e0999a74e20

Request headers

Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:06 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: 0EATR2XBHXAVQNM0
cf-polished: origSize=286123
last-modified: Thu, 22 Apr 2021 10:56:44 GMT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 3QsIIvDCrCFoseIaLKfbiAlNzZ//jd1ay3Et/QzqBlTUpEh6MlvpOTdeTQlCXZlNaXYq0ZirIGo=
cf-bgj: minify
server: cloudflare
etag: W/"43231e729b62efd2483f7074a72a15bd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-request-id: 09d4149c230000ee5075870000000001
cf-ray: 6499f0736fdbee50-CDG
expires: Mon, 03 May 2021 16:47:06 GMT

GET
H2 200 element-query.min.js Show response
dundapost.com/wp-content/plugins/better-social-counter/includes/libs/better-framework/assets/js/ 2 KB
1 KB 149ms
149ms Script
application/javascript 104.161.23.5
IOFLOOD

General

Check archive.org

Show headers Download Go to

Full URL: https://dundapost.com/wp-content/plugins/better-social-counter/includes/libs/better-framework/assets/js/element-query.min.js?ver=3.10.14
Requested by: Host: dundapost.com
URL: https://dundapost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.161.23.5 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: corporate.vip2.noc401.com
Software: LiteSpeed /
Resource Hash: 71aa7adb4e65b1a8a779f4f31a22ce4a791253ddd2e7dc63fcf66ea36e690e48

Request headers

:path: /wp-content/plugins/better-social-counter/includes/libs/better-framework/assets/js/element-query.min.js?ver=3.10.14
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: dundapost.com
referer: https://dundapost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:06 GMT
content-encoding: br
last-modified: Wed, 30 Mar 2016 00:02:06 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1054
expires: Mon, 10 May 2021 13:47:06 GMT

GET
H2 200 script.min.js Show response
dundapost.com/wp-content/plugins/better-social-counter/js/ 376 B
301 B 150ms
149ms Script
application/javascript 104.161.23.5
IOFLOOD

General

Check archive.org

Show headers Download Go to

Full URL: https://dundapost.com/wp-content/plugins/better-social-counter/js/script.min.js?ver=1.13.0
Requested by: Host: dundapost.com
URL: https://dundapost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.161.23.5 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: corporate.vip2.noc401.com
Software: LiteSpeed /
Resource Hash: 79756fe562878dc019e54a881643688dbafe7eb74af09b97718dfbb365fff0dd

Request headers

:path: /wp-content/plugins/better-social-counter/js/script.min.js?ver=1.13.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: dundapost.com
referer: https://dundapost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:06 GMT
content-encoding: br
last-modified: Sat, 04 May 2019 18:39:18 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 197
expires: Mon, 10 May 2021 13:47:06 GMT

GET
H2 200 wp-polyfill.min.js Show response
dundapost.com/wp-includes/js/dist/vendor/ 97 KB
32 KB 151ms
147ms Script
application/javascript 104.161.23.5
IOFLOOD

General

Check archive.org

Show headers Download Go to

Full URL: https://dundapost.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4
Requested by: Host: dundapost.com
URL: https://dundapost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.161.23.5 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: corporate.vip2.noc401.com
Software: LiteSpeed /
Resource Hash: d36e5d7328268d21c6941039a7b6a15c7ed7414f60dbee72d2231d11ac9bdaf3

Request headers

:path: /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: dundapost.com
referer: https://dundapost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:06 GMT
content-encoding: br
last-modified: Sun, 07 Feb 2021 16:15:45 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 32625
expires: Mon, 10 May 2021 13:47:06 GMT

GET
H2 200 index.js Show response
dundapost.com/wp-content/plugins/contact-form-7/includes/js/ 13 KB
4 KB 152ms
148ms Script
application/javascript 104.161.23.5
IOFLOOD

General

Check archive.org

Show headers Download Go to

Full URL: https://dundapost.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4.1
Requested by: Host: dundapost.com
URL: https://dundapost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.161.23.5 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: corporate.vip2.noc401.com
Software: LiteSpeed /
Resource Hash: 927d5436967ebce8a52c4bdcd27cc056c910a72270f74990dfbd1d554840c12d

Request headers

:path: /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: dundapost.com
referer: https://dundapost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:06 GMT
content-encoding: br
last-modified: Thu, 29 Apr 2021 06:56:31 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3775
expires: Mon, 10 May 2021 13:47:06 GMT

GET
H2 200 comment-reply.min.js Show response
dundapost.com/wp-includes/js/ 3 KB
1 KB 152ms
148ms Script
application/javascript 104.161.23.5
IOFLOOD

General

Check archive.org

Show headers Download Go to

Full URL: https://dundapost.com/wp-includes/js/comment-reply.min.js?ver=5.7.1
Requested by: Host: dundapost.com
URL: https://dundapost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.161.23.5 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: corporate.vip2.noc401.com
Software: LiteSpeed /
Resource Hash: 143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103

Request headers

:path: /wp-includes/js/comment-reply.min.js?ver=5.7.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: dundapost.com
referer: https://dundapost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:06 GMT
content-encoding: br
last-modified: Thu, 15 Apr 2021 20:56:57 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1228
expires: Mon, 10 May 2021 13:47:06 GMT

GET
H2 200 mediaelement-and-player.min.js Show response
dundapost.com/wp-includes/js/mediaelement/ 154 KB
36 KB 152ms
149ms Script
application/javascript 104.161.23.5
IOFLOOD

General

Check archive.org

Show headers Download Go to

Full URL: https://dundapost.com/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.16
Requested by: Host: dundapost.com
URL: https://dundapost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.161.23.5 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: corporate.vip2.noc401.com
Software: LiteSpeed /
Resource Hash: 443ba0af7a7ed827223c7fb3c008c02b9ff1d651b6492e9c270378b07d9f6008

Request headers

:path: /wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.16
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: dundapost.com
referer: https://dundapost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:06 GMT
content-encoding: br
last-modified: Sun, 07 Feb 2021 16:15:46 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 36311
expires: Mon, 10 May 2021 13:47:06 GMT

GET
H2 200 mediaelement-migrate.min.js Show response
dundapost.com/wp-includes/js/mediaelement/ 1 KB
514 B 150ms
150ms Script
application/javascript 104.161.23.5
IOFLOOD

General

Check archive.org

Show headers Download Go to

Full URL: https://dundapost.com/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=5.7.1
Requested by: Host: dundapost.com
URL: https://dundapost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.161.23.5 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: corporate.vip2.noc401.com
Software: LiteSpeed /
Resource Hash: 7f34b768792b90cf0b04fced2470e43d8fab7644f6565d5178fbfb49c4859cee

Request headers

:path: /wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=5.7.1
pragma: no-cache
cookie: _ga=GA1.2.1609345147.1620049626; _gid=GA1.2.872587614.1620049626
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: dundapost.com
referer: https://dundapost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:06 GMT
content-encoding: br
last-modified: Sun, 07 Feb 2021 16:15:46 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 480
expires: Mon, 10 May 2021 13:47:06 GMT

GET
H2 200 wp-mediaelement.min.js Show response
dundapost.com/wp-includes/js/mediaelement/ 906 B
426 B 148ms
148ms Script
application/javascript 104.161.23.5
IOFLOOD

General

Check archive.org

Show headers Download Go to

Full URL: https://dundapost.com/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=5.7.1
Requested by: Host: dundapost.com
URL: https://dundapost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.161.23.5 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: corporate.vip2.noc401.com
Software: LiteSpeed /
Resource Hash: 3e6131330963c472b950b8aaf544ba3829735b8ccb103d614ba7793e3a786550

Request headers

:path: /wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=5.7.1
pragma: no-cache
cookie: _ga=GA1.2.1609345147.1620049626; _gid=GA1.2.872587614.1620049626; _gat_gtag_UA_175435196_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: dundapost.com
referer: https://dundapost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:06 GMT
content-encoding: br
last-modified: Sun, 07 Feb 2021 16:15:46 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 392
expires: Mon, 10 May 2021 13:47:06 GMT

GET
H2 200 hoverIntent.min.js Show response
dundapost.com/wp-includes/js/ 1 KB
481 B 148ms
148ms Script
application/javascript 104.161.23.5
IOFLOOD

General

Check archive.org

Show headers Download Go to

Full URL: https://dundapost.com/wp-includes/js/hoverIntent.min.js?ver=1.8.1
Requested by: Host: dundapost.com
URL: https://dundapost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.161.23.5 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: corporate.vip2.noc401.com
Software: LiteSpeed /
Resource Hash: 495d2f8c8b7f1bbd664c2c10c086a644e63e4934b9734813b27956a34709eea4

Request headers

:path: /wp-includes/js/hoverIntent.min.js?ver=1.8.1
pragma: no-cache
cookie: _ga=GA1.2.1609345147.1620049626; _gid=GA1.2.872587614.1620049626; _gat_gtag_UA_175435196_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: dundapost.com
referer: https://dundapost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:06 GMT
content-encoding: br
last-modified: Sun, 07 Feb 2021 16:15:46 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 447
expires: Mon, 10 May 2021 13:47:06 GMT

GET
H2 200 imagesloaded.min.js Show response
dundapost.com/wp-includes/js/ 5 KB
2 KB 148ms
147ms Script
application/javascript 104.161.23.5
IOFLOOD

General

Check archive.org

Show headers Download Go to

Full URL: https://dundapost.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Requested by: Host: dundapost.com
URL: https://dundapost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.161.23.5 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: corporate.vip2.noc401.com
Software: LiteSpeed /
Resource Hash: ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Request headers

:path: /wp-includes/js/imagesloaded.min.js?ver=4.1.4
pragma: no-cache
cookie: _ga=GA1.2.1609345147.1620049626; _gid=GA1.2.872587614.1620049626; _gat_gtag_UA_175435196_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: dundapost.com
referer: https://dundapost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:06 GMT
content-encoding: br
last-modified: Sun, 07 Feb 2021 16:15:46 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1733
expires: Mon, 10 May 2021 13:47:06 GMT

GET
H2 200 frontend.min.js Show response
dundapost.com/wp-content/themes/jnews/assets/dist/ 280 KB
75 KB 148ms
148ms Script
application/javascript 104.161.23.5
IOFLOOD

General

Check archive.org

Show headers Download Go to

Full URL: https://dundapost.com/wp-content/themes/jnews/assets/dist/frontend.min.js?ver=8.0.3
Requested by: Host: dundapost.com
URL: https://dundapost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.161.23.5 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: corporate.vip2.noc401.com
Software: LiteSpeed /
Resource Hash: 80e8da89389efc63cd6f84a1055830bcea522666e3e1b1ba61e6f09475072039

Request headers

:path: /wp-content/themes/jnews/assets/dist/frontend.min.js?ver=8.0.3
pragma: no-cache
cookie: _ga=GA1.2.1609345147.1620049626; _gid=GA1.2.872587614.1620049626; _gat_gtag_UA_175435196_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: dundapost.com
referer: https://dundapost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:06 GMT
content-encoding: br
last-modified: Mon, 12 Apr 2021 21:20:36 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 76352
expires: Mon, 10 May 2021 13:47:06 GMT

GET
H2 200 general.js Show response
dundapost.com/wp-content/plugins/super-socializer/js/front/social_login/ 1 KB
684 B 148ms
148ms Script
application/javascript 104.161.23.5
IOFLOOD

General

Check archive.org

Show headers Download Go to

Full URL: https://dundapost.com/wp-content/plugins/super-socializer/js/front/social_login/general.js?ver=7.13.15
Requested by: Host: dundapost.com
URL: https://dundapost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.161.23.5 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: corporate.vip2.noc401.com
Software: LiteSpeed /
Resource Hash: bdbc00de393216f6118f704088accc9ebddd220480741d5ed088c01f46f84088

Request headers

:path: /wp-content/plugins/super-socializer/js/front/social_login/general.js?ver=7.13.15
pragma: no-cache
cookie: _ga=GA1.2.1609345147.1620049626; _gid=GA1.2.872587614.1620049626; _gat_gtag_UA_175435196_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: dundapost.com
referer: https://dundapost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:06 GMT
content-encoding: br
last-modified: Wed, 31 Mar 2021 16:41:11 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 626
expires: Mon, 10 May 2021 13:47:06 GMT

GET
H2 200 sdk.js Show response
dundapost.com/wp-content/plugins/super-socializer/js/front/facebook/ 2 KB
698 B 148ms
148ms Script
application/javascript 104.161.23.5
IOFLOOD

General

Check archive.org

Show headers Download Go to

Full URL: https://dundapost.com/wp-content/plugins/super-socializer/js/front/facebook/sdk.js?ver=7.13.15
Requested by: Host: dundapost.com
URL: https://dundapost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.161.23.5 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: corporate.vip2.noc401.com
Software: LiteSpeed /
Resource Hash: 78423c4a9a19219e7c002b614298e550c87bb19788cbf348992e20c6cdfc2495

Request headers

:path: /wp-content/plugins/super-socializer/js/front/facebook/sdk.js?ver=7.13.15
pragma: no-cache
cookie: _ga=GA1.2.1609345147.1620049626; _gid=GA1.2.872587614.1620049626; _gat_gtag_UA_175435196_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: dundapost.com
referer: https://dundapost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:06 GMT
content-encoding: br
last-modified: Wed, 31 Mar 2021 16:41:11 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 641
expires: Mon, 10 May 2021 13:47:06 GMT

GET
H2 200 commenting.js Show response
dundapost.com/wp-content/plugins/super-socializer/js/front/facebook/ 5 KB
1 KB 148ms
148ms Script
application/javascript 104.161.23.5
IOFLOOD

General

Check archive.org

Show headers Download Go to

Full URL: https://dundapost.com/wp-content/plugins/super-socializer/js/front/facebook/commenting.js?ver=7.13.15
Requested by: Host: dundapost.com
URL: https://dundapost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.161.23.5 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: corporate.vip2.noc401.com
Software: LiteSpeed /
Resource Hash: 420d5c7ee5a3e7582b7ed91343962411712a183d42a69395c4bc1fe378699f07

Request headers

:path: /wp-content/plugins/super-socializer/js/front/facebook/commenting.js?ver=7.13.15
pragma: no-cache
cookie: _ga=GA1.2.1609345147.1620049626; _gid=GA1.2.872587614.1620049626; _gat_gtag_UA_175435196_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: dundapost.com
referer: https://dundapost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:06 GMT
content-encoding: br
last-modified: Wed, 31 Mar 2021 16:41:11 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1406
expires: Mon, 10 May 2021 13:47:06 GMT

GET
H2 200 sharing.js Show response
dundapost.com/wp-content/plugins/super-socializer/js/front/sharing/ 44 KB
11 KB 148ms
147ms Script
application/javascript 104.161.23.5
IOFLOOD

General

Check archive.org

Show headers Download Go to

Full URL: https://dundapost.com/wp-content/plugins/super-socializer/js/front/sharing/sharing.js?ver=7.13.15
Requested by: Host: dundapost.com
URL: https://dundapost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.161.23.5 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: corporate.vip2.noc401.com
Software: LiteSpeed /
Resource Hash: f3b1a8c30c2b627ea75987ccd3c375106446496ddb8015449b30b5b08e5e97e7

Request headers

:path: /wp-content/plugins/super-socializer/js/front/sharing/sharing.js?ver=7.13.15
pragma: no-cache
cookie: _ga=GA1.2.1609345147.1620049626; _gid=GA1.2.872587614.1620049626; _gat_gtag_UA_175435196_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: dundapost.com
referer: https://dundapost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:06 GMT
content-encoding: br
last-modified: Wed, 31 Mar 2021 16:41:11 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 10815
expires: Mon, 10 May 2021 13:47:06 GMT

GET
H2 200 plugin.js Show response
dundapost.com/wp-content/plugins/jnews-like/assets/js/ 2 KB
714 B 149ms
148ms Script
application/javascript 104.161.23.5
IOFLOOD

General

Check archive.org

Show headers Download Go to

Full URL: https://dundapost.com/wp-content/plugins/jnews-like/assets/js/plugin.js?ver=8.0.0
Requested by: Host: dundapost.com
URL: https://dundapost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.161.23.5 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: corporate.vip2.noc401.com
Software: LiteSpeed /
Resource Hash: bf295d5276dcf249788c7b6478a224d8d460b0150670b70376da45c9b7a98134

Request headers

:path: /wp-content/plugins/jnews-like/assets/js/plugin.js?ver=8.0.0
pragma: no-cache
cookie: _ga=GA1.2.1609345147.1620049626; _gid=GA1.2.872587614.1620049626; _gat_gtag_UA_175435196_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: dundapost.com
referer: https://dundapost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:06 GMT
content-encoding: br
last-modified: Mon, 29 Mar 2021 19:24:43 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 656
expires: Mon, 10 May 2021 13:47:06 GMT

GET
H2 200 plugin.js Show response
dundapost.com/wp-content/plugins/jnews-social-login/assets/js/ 907 B
456 B 148ms
147ms Script
application/javascript 104.161.23.5
IOFLOOD

General

Check archive.org

Show headers Download Go to

Full URL: https://dundapost.com/wp-content/plugins/jnews-social-login/assets/js/plugin.js?ver=8.0.0
Requested by: Host: dundapost.com
URL: https://dundapost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.161.23.5 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: corporate.vip2.noc401.com
Software: LiteSpeed /
Resource Hash: a05b5c6f3d2ebf0a27eb700a499a8860699ce224b61eebab608215ea1ddf2531

Request headers

:path: /wp-content/plugins/jnews-social-login/assets/js/plugin.js?ver=8.0.0
pragma: no-cache
cookie: _ga=GA1.2.1609345147.1620049626; _gid=GA1.2.872587614.1620049626; _gat_gtag_UA_175435196_1=1; __gads=ID=5d4201b38427f042-22e38106fac700e3:T=1620049626:RT=1620049626:S=ALNI_Mabd-tGKFjRT4Is82LI7uhkkRDphA
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: dundapost.com
referer: https://dundapost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:06 GMT
content-encoding: br
last-modified: Fri, 09 Apr 2021 11:38:57 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 398
expires: Mon, 10 May 2021 13:47:06 GMT

GET
H2 200 plugin.js Show response
dundapost.com/wp-content/plugins/jnews-social-share/assets/js/ 3 KB
1 KB 148ms
148ms Script
application/javascript 104.161.23.5
IOFLOOD

General

Check archive.org

Show headers Download Go to

Full URL: https://dundapost.com/wp-content/plugins/jnews-social-share/assets/js/plugin.js
Requested by: Host: dundapost.com
URL: https://dundapost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.161.23.5 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: corporate.vip2.noc401.com
Software: LiteSpeed /
Resource Hash: 1571f1bece418ee90d63337858269630c13b63c4bc5d8fcbb6caf1ea8b29d998

Request headers

:path: /wp-content/plugins/jnews-social-share/assets/js/plugin.js
pragma: no-cache
cookie: _ga=GA1.2.1609345147.1620049626; _gid=GA1.2.872587614.1620049626; _gat_gtag_UA_175435196_1=1; __gads=ID=5d4201b38427f042-22e38106fac700e3:T=1620049626:RT=1620049626:S=ALNI_Mabd-tGKFjRT4Is82LI7uhkkRDphA; MarketGidStorage=%7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%2C%22TejndEEDj%22%3A%22WQg0-2ZWp%22%7D%2C%22C984807%22%3A%7B%22page%22%3A1%7D%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: dundapost.com
referer: https://dundapost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:06 GMT
content-encoding: br
last-modified: Mon, 29 Mar 2021 19:23:36 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1186
expires: Mon, 10 May 2021 13:47:06 GMT

GET
H2 200 wp-embed.min.js Show response
dundapost.com/wp-includes/js/ 1 KB
721 B 149ms
149ms Script
application/javascript 104.161.23.5
IOFLOOD

General

Check archive.org

Show headers Download Go to

Full URL: https://dundapost.com/wp-includes/js/wp-embed.min.js?ver=5.7.1
Requested by: Host: dundapost.com
URL: https://dundapost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.161.23.5 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: corporate.vip2.noc401.com
Software: LiteSpeed /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

:path: /wp-includes/js/wp-embed.min.js?ver=5.7.1
pragma: no-cache
cookie: _ga=GA1.2.1609345147.1620049626; _gid=GA1.2.872587614.1620049626; _gat_gtag_UA_175435196_1=1; __gads=ID=5d4201b38427f042-22e38106fac700e3:T=1620049626:RT=1620049626:S=ALNI_Mabd-tGKFjRT4Is82LI7uhkkRDphA; MarketGidStorage=%7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A2%2C%22TejndEEDj%22%3A%22WQg0-2ZWp%22%7D%2C%22C984807%22%3A%7B%22page%22%3A1%7D%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: dundapost.com
referer: https://dundapost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:06 GMT
content-encoding: br
last-modified: Sun, 07 Feb 2021 16:15:44 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 663
expires: Mon, 10 May 2021 13:47:06 GMT

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 37ms
17ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.7.1
Requested by: Host: dundapost.com
URL: https://dundapost.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4acc1ad1225689fe2c5479e7f8d822ecba31f2fe25bf5897678f12e640fc2321

Request headers

Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:06 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 3258
etag: W/"e96732c560b171a3c798575723231e7e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6499f0733cb34d89-FRA
cf-request-id: 09d4149c0400004d89569dc000000001
expires: Thu, 06 May 2021 13:47:06 GMT

GET
H2 200 js_composer_front.min.js Show response
dundapost.com/wp-content/plugins/js_composer/assets/js/dist/ 20 KB
5 KB 148ms
148ms Script
application/javascript 104.161.23.5
IOFLOOD

General

Check archive.org

Show headers Download Go to

Full URL: https://dundapost.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.6.0
Requested by: Host: dundapost.com
URL: https://dundapost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.161.23.5 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: corporate.vip2.noc401.com
Software: LiteSpeed /
Resource Hash: 314ce6baaa3218eb171fa2c278d7fdf1b9872305dfa667e9cbf2df77c83a9a88

Request headers

:path: /wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.6.0
pragma: no-cache
cookie: _ga=GA1.2.1609345147.1620049626; _gid=GA1.2.872587614.1620049626; _gat_gtag_UA_175435196_1=1; __gads=ID=5d4201b38427f042-22e38106fac700e3:T=1620049626:RT=1620049626:S=ALNI_Mabd-tGKFjRT4Is82LI7uhkkRDphA; MarketGidStorage=%7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A2%2C%22TejndEEDj%22%3A%22WQg0-2ZWp%22%7D%2C%22C984807%22%3A%7B%22page%22%3A1%7D%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: dundapost.com
referer: https://dundapost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:06 GMT
content-encoding: br
last-modified: Sat, 20 Feb 2021 09:31:08 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 5560
expires: Mon, 10 May 2021 13:47:06 GMT

GET
H2 200 forms.min.js Show response
dundapost.com/wp-content/plugins/mailchimp-for-wp/assets/js/ 7 KB
3 KB 148ms
148ms Script
application/javascript 104.161.23.5
IOFLOOD

General

Check archive.org

Show headers Download Go to

Full URL: https://dundapost.com/wp-content/plugins/mailchimp-for-wp/assets/js/forms.min.js?ver=4.8.3
Requested by: Host: dundapost.com
URL: https://dundapost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.161.23.5 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: corporate.vip2.noc401.com
Software: LiteSpeed /
Resource Hash: 4a967a69edb3b1b523c71a86b0c665fa93436249640a987aead72a28ca348461

Request headers

:path: /wp-content/plugins/mailchimp-for-wp/assets/js/forms.min.js?ver=4.8.3
pragma: no-cache
cookie: _ga=GA1.2.1609345147.1620049626; _gid=GA1.2.872587614.1620049626; _gat_gtag_UA_175435196_1=1; __gads=ID=5d4201b38427f042-22e38106fac700e3:T=1620049626:RT=1620049626:S=ALNI_Mabd-tGKFjRT4Is82LI7uhkkRDphA; MarketGidStorage=%7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A2%2C%22TejndEEDj%22%3A%22WQg0-2ZWp%22%7D%2C%22C984807%22%3A%7B%22page%22%3A1%7D%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: dundapost.com
referer: https://dundapost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:06 GMT
content-encoding: br
last-modified: Sun, 07 Feb 2021 16:18:18 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2583
expires: Mon, 10 May 2021 13:47:06 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-175435196-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 391
date: Mon, 03 May 2021 13:40:35 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Mon, 03 May 2021 15:40:35 GMT

GET
H2 200 wp-emoji-release.min.js Show response
dundapost.com/wp-includes/js/ 14 KB
4 KB 148ms
148ms Script
application/javascript 104.161.23.5
IOFLOOD

General

Check archive.org

Show headers Download Go to

Full URL: https://dundapost.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7.1
Requested by: Host: dundapost.com
URL: https://dundapost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.161.23.5 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: corporate.vip2.noc401.com
Software: LiteSpeed /
Resource Hash: 0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

:path: /wp-includes/js/wp-emoji-release.min.js?ver=5.7.1
pragma: no-cache
cookie: _ga=GA1.2.1609345147.1620049626; _gid=GA1.2.872587614.1620049626; _gat_gtag_UA_175435196_1=1; __gads=ID=5d4201b38427f042-22e38106fac700e3:T=1620049626:RT=1620049626:S=ALNI_Mabd-tGKFjRT4Is82LI7uhkkRDphA; MarketGidStorage=%7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A2%2C%22TejndEEDj%22%3A%22WQg0-2ZWp%22%7D%2C%22C984807%22%3A%7B%22page%22%3A1%7D%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: dundapost.com
referer: https://dundapost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:06 GMT
content-encoding: br
last-modified: Sun, 07 Feb 2021 16:15:44 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4316
expires: Mon, 10 May 2021 13:47:06 GMT

GET
H2 200 8vII7w042Wp87g4G4UPeEQ.woff2
fonts.gstatic.com/s/anaheim/v8/ 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/anaheim/v8/8vII7w042Wp87g4G4UPeEQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Anaheim%3Areguler%7CMontserrat%3A700&display=swap&ver=1.2.5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d623feacd2078cebfdcd9527cdefbbd04e9c95dae7ac4dfc8c4942c4d107ba94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://dundapost.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 21:03:44 GMT
x-content-type-options: nosniff
last-modified: Thu, 23 Jul 2020 19:38:35 GMT
server: sffe
age: 492202
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14304
x-xss-protection: 0
expires: Wed, 27 Apr 2022 21:03:44 GMT

GET
H2 200 fontawesome-webfont.woff2
dundapost.com/wp-content/themes/jnews/assets/dist/font/ 75 KB
75 KB 148ms
147ms Font
font/woff2 104.161.23.5
IOFLOOD

General

Check archive.org

Show headers Download Go to

Full URL: https://dundapost.com/wp-content/themes/jnews/assets/dist/font/fontawesome-webfont.woff2
Requested by: Host: dundapost.com
URL: https://dundapost.com/wp-content/themes/jnews/assets/dist/frontend.min.css?ver=8.0.3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.161.23.5 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: corporate.vip2.noc401.com
Software: LiteSpeed /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

:path: /wp-content/themes/jnews/assets/dist/font/fontawesome-webfont.woff2
pragma: no-cache
origin: https://dundapost.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: dundapost.com
referer: https://dundapost.com/wp-content/themes/jnews/assets/dist/frontend.min.css?ver=8.0.3
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://dundapost.com
Referer: https://dundapost.com/wp-content/themes/jnews/assets/dist/frontend.min.css?ver=8.0.3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:06 GMT
last-modified: Mon, 12 Apr 2021 21:20:44 GMT
server: LiteSpeed
vary: User-Agent
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 77160
expires: Mon, 10 May 2021 13:47:06 GMT

GET
H2 200 preloader.gif
dundapost.com/wp-content/themes/jnews/assets/dist/image/ 4 KB
4 KB 148ms
148ms Image
image/gif 104.161.23.5
IOFLOOD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dundapost.com/wp-content/themes/jnews/assets/dist/image/preloader.gif
Requested by: Host: dundapost.com
URL: https://dundapost.com/wp-content/themes/jnews/assets/dist/frontend.min.css?ver=8.0.3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.161.23.5 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: corporate.vip2.noc401.com
Software: LiteSpeed /
Resource Hash: e2e60e9eae839d6b2e857c708f6d02ae6069141594b941a1590cd5c5435d42f4

Request headers

:path: /wp-content/themes/jnews/assets/dist/image/preloader.gif
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: dundapost.com
referer: https://dundapost.com/wp-content/themes/jnews/assets/dist/frontend.min.css?ver=8.0.3
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://dundapost.com/wp-content/themes/jnews/assets/dist/frontend.min.css?ver=8.0.3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:06 GMT
last-modified: Mon, 12 Apr 2021 21:20:44 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4399
expires: Mon, 10 May 2021 13:47:06 GMT

GET
H2 200 jeg-empty.png
dundapost.com/wp-content/themes/jnews/assets/img/ 70 B
134 B 149ms
148ms Image
image/png 104.161.23.5
IOFLOOD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dundapost.com/wp-content/themes/jnews/assets/img/jeg-empty.png
Requested by: Host: dundapost.com
URL: https://dundapost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.161.23.5 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: corporate.vip2.noc401.com
Software: LiteSpeed /
Resource Hash: 67ebf650147a9122e94ff1b25a78a82e903b92b877821c1479de69f00f59d429

Request headers

:path: /wp-content/themes/jnews/assets/img/jeg-empty.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: dundapost.com
referer: https://dundapost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:06 GMT
last-modified: Mon, 05 Aug 2019 21:14:50 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 70
expires: Mon, 10 May 2021 13:47:06 GMT

GET
H3-29 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
882 B 15ms
13ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:02:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 2681
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
expires: Mon, 03 May 2021 14:02:25 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210428/r20190131/ 223 KB
82 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210428/r20190131/show_ads_impl_with_ama_fy2019.js?client=pub-5513997980152446&plah=dundapost.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09a0099bf7fefd4d080249360f6a41730158897b2c1613fe50eea9c5520eb9d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84347
x-xss-protection: 0
server: cafe
etag: 8033165652557143678
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 03 May 2021 13:47:06 GMT

GET
H2 200 bs-icons.woff
dundapost.com/wp-content/plugins/better-social-counter/includes/libs/better-framework/assets/fonts/ 13 KB
13 KB 149ms
149ms Font
font/woff 104.161.23.5
IOFLOOD

General

Check archive.org

Show headers Download Go to

Full URL: https://dundapost.com/wp-content/plugins/better-social-counter/includes/libs/better-framework/assets/fonts/bs-icons.woff
Requested by: Host: dundapost.com
URL: https://dundapost.com/wp-content/plugins/better-social-counter/includes/libs/better-framework/assets/css/bs-icons.css?ver=3.10.14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.161.23.5 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: corporate.vip2.noc401.com
Software: LiteSpeed /
Resource Hash: 0107fd69fc1a00f8ce7e2ab3d1f2b22c4af0eec254e0632c8f2c0d82e4846cf1

Request headers

sec-fetch-mode: cors
origin: https://dundapost.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: _ga=GA1.2.1609345147.1620049626; _gid=GA1.2.872587614.1620049626
:path: /wp-content/plugins/better-social-counter/includes/libs/better-framework/assets/fonts/bs-icons.woff
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: dundapost.com
referer: https://dundapost.com/wp-content/plugins/better-social-counter/includes/libs/better-framework/assets/css/bs-icons.css?ver=3.10.14
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://dundapost.com
Referer: https://dundapost.com/wp-content/plugins/better-social-counter/includes/libs/better-framework/assets/css/bs-icons.css?ver=3.10.14
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:06 GMT
last-modified: Fri, 13 Apr 2018 19:47:50 GMT
server: LiteSpeed
vary: User-Agent
content-type: font/woff
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 13500
expires: Mon, 10 May 2021 13:47:06 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210428/r20190131/ Frame D675 10 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210428/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210428/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://dundapost.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://dundapost.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 03 May 2021 01:20:46 GMT
expires: Mon, 17 May 2021 01:20:46 GMT
content-type: text/html; charset=UTF-8
etag: 10446291943670460780
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4644
x-xss-protection: 0
age: 44780
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 13ms
13ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&aip=1&a=670428568&t=pageview&_s=1&dl=https%3A%2F%2Fdundapost.com%2F&ul=en-us&de=UTF-8&dt=Dunda%20Post%20%E2%80%93%20Urban%20%7C%20Hot%20%7C%20Stubborn&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAUIhAAAAAC~&jid=1862493565&gjid=434012530&cid=1609345147.1620049626&tid=UA-175435196-1&_gid=872587614.1620049626&_r=1&gtm=2ou4l3&did=dZGIzZG&z=1438255134

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 May 2021 13:47:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dundapost.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&aip=1&a=670428568&t=pageview&_s=2&dl=https%3A%2F%2Fdundapost.com%2F&ul=en-us&de=UTF-8&dt=Dunda%20Post%20%E2%80%93%20Urban%20%7C%20Hot%20%7C%20Stubborn&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAUIhAAAAAC~&jid=&gjid=&cid=1609345147.1620049626&tid=UA-175435196-1&_gid=872587614.1620049626&gtm=2ou4l3&did=dZGIzZG&z=1326298469

Requested by

Host: dundapost.com
URL: https://dundapost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 04:56:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 31810
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 302 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b980f62a2d545d64f24e6f96902c8fbf5da0018569c369bc18f9e5b5fcf099ed

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 682 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c2e8b4fba49f90cfca5a43371c09879aed7447e0ba2ed4abd75b81448776c4f7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 436 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2662e0eef0f270830358bb255f079f695da71794ecbe8ba0825200862d8e9746

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 338 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 649efd3b18f3e9c03757831a8a192077b72fb32547f25d9746954c4348594aa8

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 346 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 706b60c871be65726479e872d219c82f59373249338874be494dd6b4aeb47543

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 742 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d8b5d59d6004bd8a9c1c6000a0421b32cd360819b7192918d00cef4516f66a2d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 327 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d31374e862fe63f0cfabb3f4cebf0723e3ee46c70589a8576daa1643cebdd651

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H2 200 jegicon.woff
dundapost.com/wp-content/themes/jnews/assets/dist/font/ 7 KB
7 KB 148ms
148ms Font
font/woff 104.161.23.5
IOFLOOD

General

Check archive.org

Show headers Download Go to

Full URL: https://dundapost.com/wp-content/themes/jnews/assets/dist/font/jegicon.woff
Requested by: Host: dundapost.com
URL: https://dundapost.com/wp-content/themes/jnews/assets/dist/frontend.min.css?ver=8.0.3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.161.23.5 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: corporate.vip2.noc401.com
Software: LiteSpeed /
Resource Hash: e2d3127da85763e024971c6192f78becbdf85db231b3d088c9f8b3777d444ede

Request headers

sec-fetch-mode: cors
origin: https://dundapost.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: _ga=GA1.2.1609345147.1620049626; _gid=GA1.2.872587614.1620049626; _gat_gtag_UA_175435196_1=1
:path: /wp-content/themes/jnews/assets/dist/font/jegicon.woff
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: dundapost.com
referer: https://dundapost.com/wp-content/themes/jnews/assets/dist/frontend.min.css?ver=8.0.3
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://dundapost.com
Referer: https://dundapost.com/wp-content/themes/jnews/assets/dist/frontend.min.css?ver=8.0.3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:06 GMT
last-modified: Mon, 12 Apr 2021 21:20:44 GMT
server: LiteSpeed
vary: User-Agent
content-type: font/woff
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7144
expires: Mon, 10 May 2021 13:47:06 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 203 B
639 B 126ms
61ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=dundapost.com&callback=_gfp_s_&client=ca-pub-5513997980152446

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210428/r20190131/show_ads_impl_with_ama_fy2019.js?client=pub-5513997980152446&plah=dundapost.com&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

248617e4d13e1b6fdc44fc6cb957cb812a623bc2f5c75737b7fcea20f1fce5bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 191
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 15ms
14ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=dundapost.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 03 May 2021 13:47:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=dundapost.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 03 May 2021 13:47:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BB21 68 KB
23 KB 263ms
261ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5513997980152446&output=html&h=90&slotname=1261593740&adk=1754280212&adf=900154443&pi=t.ma~as.1261593740&w=728&lmt=1620049626&rafmt=12&psa=0&format=728x90&url=https%3A%2F%2Fdundapost.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620049626196&bpp=23&bdt=690&idt=98&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=2318045551770&frm=20&pv=2&ga_vid=1609345147.1620049626&ga_sid=1620049626&ga_hid=670428568&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=241&ady=194&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060930%2C31060828%2C31060839&oid=3&pvsid=433431954549986&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=HfMP7xojxF&p=https%3A//dundapost.com&dtd=132

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b5b1a995a6bd965cffe0401b43790aa504dd4b2ecde8b3922576c899f1776f71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5513997980152446&output=html&h=90&slotname=1261593740&adk=1754280212&adf=900154443&pi=t.ma~as.1261593740&w=728&lmt=1620049626&rafmt=12&psa=0&format=728x90&url=https%3A%2F%2Fdundapost.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620049626196&bpp=23&bdt=690&idt=98&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=2318045551770&frm=20&pv=2&ga_vid=1609345147.1620049626&ga_sid=1620049626&ga_hid=670428568&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=241&ady=194&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060930%2C31060828%2C31060839&oid=3&pvsid=433431954549986&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=HfMP7xojxF&p=https%3A//dundapost.com&dtd=132
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://dundapost.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://dundapost.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 03 May 2021 13:47:06 GMT
server: cafe
content-length: 23515
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 03-May-2021 14:02:06 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 03 May 2021 13:47:06 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6d0cd742a198805ce2b0ad6d533898464553bf5f804c8fc96689e5a03073331

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619782026698183"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27954
x-xss-protection: 0
expires: Mon, 03 May 2021 13:47:06 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 369E 405 B
226 B 712ms
712ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5513997980152446&output=html&h=90&slotname=3298544548&adk=2580225339&adf=383669989&pi=t.ma~as.3298544548&w=728&lmt=1620049626&psa=0&format=728x90&url=https%3A%2F%2Fdundapost.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620049626351&bpp=1&bdt=845&idt=1&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=2318045551770&frm=20&pv=1&ga_vid=1609345147.1620049626&ga_sid=1620049626&ga_hid=670428568&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060930%2C31060828%2C31060839&oid=3&pvsid=433431954549986&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeEbr%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=3jabudvqAH&p=https%3A//dundapost.com&dtd=3

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4469698f147e913f0057fbeae95a661287e7c9a5f7b31fcb145d4286eebf2e88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5513997980152446&output=html&h=90&slotname=3298544548&adk=2580225339&adf=383669989&pi=t.ma~as.3298544548&w=728&lmt=1620049626&psa=0&format=728x90&url=https%3A%2F%2Fdundapost.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620049626351&bpp=1&bdt=845&idt=1&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=2318045551770&frm=20&pv=1&ga_vid=1609345147.1620049626&ga_sid=1620049626&ga_hid=670428568&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060930%2C31060828%2C31060839&oid=3&pvsid=433431954549986&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeEbr%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=3jabudvqAH&p=https%3A//dundapost.com&dtd=3
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://dundapost.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://dundapost.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 03 May 2021 13:47:07 GMT
server: cafe
content-length: 203
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 03-May-2021 14:02:06 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 03 May 2021 13:47:07 GMT
cache-control: private

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&aip=1&a=670428568&t=pageview&_s=3&dl=https%3A%2F%2Fdundapost.com%2F&ul=en-us&de=UTF-8&dt=Dunda%20Post%20%E2%80%93%20Urban%20%7C%20Hot%20%7C%20Stubborn&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAUIhAAAAAC~&jid=&gjid=&cid=1609345147.1620049626&tid=UA-175435196-1&_gid=872587614.1620049626&gtm=2ou4l3&did=dZGIzZG&z=1388334316

Requested by

Host: dundapost.com
URL: https://dundapost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 04:56:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 31810
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FFAA 405 B
226 B 314ms
314ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5513997980152446&output=html&h=90&slotname=1261593740&adk=1754280212&adf=1677928612&pi=t.ma~as.1261593740&w=728&lmt=1620049626&rafmt=12&psa=0&format=728x90&url=https%3A%2F%2Fdundapost.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620049626219&bpp=1&bdt=712&idt=166&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90&correlator=2318045551770&frm=20&pv=1&ga_vid=1609345147.1620049626&ga_sid=1620049626&ga_hid=670428568&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=241&ady=1055&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060930%2C31060828%2C31060839&oid=3&pvsid=433431954549986&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=cmgUabT0LG&p=https%3A//dundapost.com&dtd=169

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

25abf1c0c1163bfc4cfaeaec62699294054a71328dc481d907383b16ede6dee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5513997980152446&output=html&h=90&slotname=1261593740&adk=1754280212&adf=1677928612&pi=t.ma~as.1261593740&w=728&lmt=1620049626&rafmt=12&psa=0&format=728x90&url=https%3A%2F%2Fdundapost.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620049626219&bpp=1&bdt=712&idt=166&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90&correlator=2318045551770&frm=20&pv=1&ga_vid=1609345147.1620049626&ga_sid=1620049626&ga_hid=670428568&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=241&ady=1055&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060930%2C31060828%2C31060839&oid=3&pvsid=433431954549986&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=cmgUabT0LG&p=https%3A//dundapost.com&dtd=169
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://dundapost.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://dundapost.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 03 May 2021 13:47:06 GMT
server: cafe
content-length: 203
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 03-May-2021 14:02:06 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 03 May 2021 13:47:06 GMT
cache-control: private

GET
H3-29 200 ads
googleads.g.doubleclick.net/pagead/ Frame 5F25 405 B
0 257ms
256ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5513997980152446&output=html&h=250&slotname=9503045842&adk=520352030&adf=2544256464&pi=t.ma~as.9503045842&w=300&lmt=1620049626&rafmt=12&psa=0&format=300x250&url=https%3A%2F%2Fdundapost.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620049626229&bpp=1&bdt=723&idt=181&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90%2C728x90&correlator=2318045551770&frm=20&pv=1&ga_vid=1609345147.1620049626&ga_sid=1620049626&ga_hid=670428568&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1048&ady=468&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060930%2C31060828%2C31060839&oid=3&pvsid=433431954549986&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=3I0jWYUoTB&p=https%3A//dundapost.com&dtd=187

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5513997980152446&output=html&h=250&slotname=9503045842&adk=520352030&adf=2544256464&pi=t.ma~as.9503045842&w=300&lmt=1620049626&rafmt=12&psa=0&format=300x250&url=https%3A%2F%2Fdundapost.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620049626229&bpp=1&bdt=723&idt=181&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90%2C728x90&correlator=2318045551770&frm=20&pv=1&ga_vid=1609345147.1620049626&ga_sid=1620049626&ga_hid=670428568&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1048&ady=468&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060930%2C31060828%2C31060839&oid=3&pvsid=433431954549986&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=3I0jWYUoTB&p=https%3A//dundapost.com&dtd=187
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://dundapost.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://dundapost.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 03 May 2021 13:47:06 GMT
server: cafe
content-length: 205
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 03-May-2021 14:02:06 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 03 May 2021 13:47:06 GMT
cache-control: private

GET
H3-29 200 ads
googleads.g.doubleclick.net/pagead/ Frame E7CB 0
0 401ms
401ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5513997980152446&output=html&h=280&slotname=9503045842&adk=2978807076&adf=2327918766&pi=t.ma~as.9503045842&w=345&fwrn=4&fwrnh=100&lmt=1620049626&rafmt=1&psa=0&format=345x280&url=https%3A%2F%2Fdundapost.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620049626243&bpp=2&bdt=737&idt=176&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90%2C728x90%2C300x250&correlator=2318045551770&frm=20&pv=1&ga_vid=1609345147.1620049626&ga_sid=1620049626&ga_hid=670428568&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1025&ady=1564&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060930%2C31060828%2C31060839&oid=3&pvsid=433431954549986&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=HGWpWVEKuD&p=https%3A//dundapost.com&dtd=181

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5513997980152446&output=html&h=280&slotname=9503045842&adk=2978807076&adf=2327918766&pi=t.ma~as.9503045842&w=345&fwrn=4&fwrnh=100&lmt=1620049626&rafmt=1&psa=0&format=345x280&url=https%3A%2F%2Fdundapost.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620049626243&bpp=2&bdt=737&idt=176&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90%2C728x90%2C300x250&correlator=2318045551770&frm=20&pv=1&ga_vid=1609345147.1620049626&ga_sid=1620049626&ga_hid=670428568&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1025&ady=1564&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060930%2C31060828%2C31060839&oid=3&pvsid=433431954549986&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=HGWpWVEKuD&p=https%3A//dundapost.com&dtd=181
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://dundapost.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://dundapost.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 03 May 2021 13:47:06 GMT
server: cafe
content-length: 204
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 03-May-2021 14:02:06 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 03 May 2021 13:47:06 GMT
cache-control: private

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 28ms
15ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=dundapost.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 03 May 2021 13:47:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 29ms
14ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=dundapost.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 03 May 2021 13:47:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET ads
googleads.g.doubleclick.net/pagead/ Frame AF53 0
0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9DFD 603 B
68 B 22ms
22ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5513997980152446&output=html&h=0&slotname=1261593740&adk=4094482915&adf=1652104338&pi=t.ma~as.1261593740&w=0&lmt=1620049626&rafmt=12&psa=0&format=0x0&url=https%3A%2F%2Fdundapost.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620049626282&bpp=1&bdt=776&idt=197&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90%2C728x90%2C300x250%2C345x280%2C345x280&correlator=2318045551770&frm=20&pv=1&ga_vid=1609345147.1620049626&ga_sid=1620049626&ga_hid=670428568&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=800&ady=3251&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060930%2C31060828%2C31060839&oid=3&pvsid=433431954549986&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&fu=256&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=Bbc8dUrO4s&p=https%3A//dundapost.com&dtd=201

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5513997980152446&output=html&h=0&slotname=1261593740&adk=4094482915&adf=1652104338&pi=t.ma~as.1261593740&w=0&lmt=1620049626&rafmt=12&psa=0&format=0x0&url=https%3A%2F%2Fdundapost.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620049626282&bpp=1&bdt=776&idt=197&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90%2C728x90%2C300x250%2C345x280%2C345x280&correlator=2318045551770&frm=20&pv=1&ga_vid=1609345147.1620049626&ga_sid=1620049626&ga_hid=670428568&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=800&ady=3251&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060930%2C31060828%2C31060839&oid=3&pvsid=433431954549986&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&fu=256&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=Bbc8dUrO4s&p=https%3A//dundapost.com&dtd=201
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://dundapost.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://dundapost.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 03 May 2021 13:47:06 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 03-May-2021 14:02:06 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 03 May 2021 13:47:06 GMT
cache-control: private

GET
H3-29 200 css
fonts.googleapis.com/ 21 KB
1 KB 25ms
22ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Requested by

Host: dundapost.com
URL: https://dundapost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b24778ddf954b52d774d1620e1f7a371a0366c6b431cb979c11e0bf4fc6caa5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 03 May 2021 11:51:52 GMT
server: ESF
date: Mon, 03 May 2021 13:47:06 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 03 May 2021 13:47:06 GMT

GET
H3-29 200 css
fonts.googleapis.com/ 2 KB
546 B 23ms
21ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: dundapost.com
URL: https://dundapost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c340f2fc9103b3a383daf2262c4c58829e4acd29f2e18e02675a823f89eef33b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 03 May 2021 12:15:12 GMT
server: ESF
date: Mon, 03 May 2021 13:47:06 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 03 May 2021 13:47:06 GMT

GET
H2 200 MGID_plus.svg
cdn.mgid.com/images/logos/ 2 KB
1 KB 35ms
33ms Image
image/svg+xml 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/MGID_plus.svg
Requested by: Host: dundapost.com
URL: https://dundapost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:06 GMT
content-encoding: br
cf-cache-status: HIT
age: 3006
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: B9201827F81D32DC
x-amz-id-2: oKgOzNf5arXSuLpawmQDb8wF7AHHBYdedIxY85YAn8qIfNXdz81xtOQ1yH8O6og8UfPiWO7QqMs=
last-modified: Tue, 23 Feb 2021 16:22:15 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag: W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-request-id: 09d4149dc20000ee509685e000000001
cf-ray: 6499f0760d37ee50-CDG
expires: Tue, 04 May 2021 13:47:06 GMT

GET
H2 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
812 B 71ms
69ms Image
image/svg+xml 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: dundapost.com
URL: https://dundapost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:06 GMT
content-encoding: br
cf-cache-status: HIT
age: 3006
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 1D76EA8A206ECCA7
x-amz-id-2: lDknoZ+PjBnoUXPCB23wx2Qe85exuRo8TYxKWQhUypnILC9L/y8Csv7mWGGtYjTXsNVPMSG83Fo=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-request-id: 09d4149dd30000ee50e40a7000000001
cf-ray: 6499f0760d34ee50-CDG
expires: Tue, 04 May 2021 13:47:06 GMT

GET
DATA 200
OK truncated
/ 138 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d98d7a81b2cc1e6b36d75db78826771fed2ddbe50ab593bea89ba19d6e6f7cb4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 15ms
14ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://dundapost.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 15:35:29 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
age: 339097
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
expires: Fri, 29 Apr 2022 15:35:29 GMT

GET
H2 200 / Show response
c.mgid.com/pv/ 0
307 B 164ms
163ms Script
text/plain 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.mgid.com/pv/?w=750&h=261&p3_w=242&p3_h=201&maxw_3=242&maxh_3=201&cols=3&pv=5&cbuster=1620049626665673568518&uniqId=106ad&niet=4g&nisd=false&ref=&cxurl=https%3A%2F%2Fdundapost.com&lu=https%3A%2F%2Fdundapost.com%2F&pageView=1&site=623900&pvid=179327b86299414fdf7&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/d/u/dundapost.com.984807.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 13:47:06 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 6499f076beb2ee50-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09d4149e340000ee50f1293000000001

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 19ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: dundapost.com
URL: https://dundapost.com/wp-content/plugins/super-socializer/js/front/facebook/sdk.js?ver=7.13.15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9b80a0377e8855966fb025a06db3eb2703df7b9b5619ae8a44af2ff2f1d29c03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: ZuTB8lUYkfWuMpjdIEjNEg==
cross-origin-resource-policy: cross-origin
expires: Mon, 03 May 2021 13:58:42 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1781
x-fb-rlafr: 0
x-fb-debug: 3sI/XghgixYr0mtzyuzk5V2MI+GX7lDRpF7uRK6NkdefCVgd2/6y6NJtJZw6eR3aYrRlrGmWuhBxXrb8j57jaw==
x-fb-trip-id: 686109401
x-fb-content-md5: 47986c946e62264f589c50be174a1d73
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 03 May 2021 13:47:06 GMT
x-frame-options: DENY
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "df3b32bfcf96149c271bfcceacbf979d"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 / Show response
c.mgid.com/pv/ 0
151 B 176ms
175ms Script
text/plain 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.mgid.com/pv/?w=1140&h=332&p3_w=368&p3_h=272&maxw_3=368&maxh_3=272&cols=3&pv=5&cbuster=1620049626745664109418&uniqId=08cd4&niet=4g&nisd=false&ref=&cxurl=https%3A%2F%2Fdundapost.com&lu=https%3A%2F%2Fdundapost.com%2F&pageView=0&site=623900&pvid=179327b8679855100db&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/d/u/dundapost.com.984807.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 13:47:06 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 6499f0773f61ee50-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09d4149e810000ee50a911c000000001

GET
H2 200 talisa-moi-360x504.jpg
dundapost.com/wp-content/uploads/2021/05/ 32 KB
32 KB 150ms
148ms Image
image/jpeg 104.161.23.5
IOFLOOD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dundapost.com/wp-content/uploads/2021/05/talisa-moi-360x504.jpg
Requested by: Host: dundapost.com
URL: https://dundapost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.161.23.5 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: corporate.vip2.noc401.com
Software: LiteSpeed /
Resource Hash: a1d77eace9251df6b9765421bc97587858f02e08c681c5d0002e456eb718dd4c

Request headers

:path: /wp-content/uploads/2021/05/talisa-moi-360x504.jpg
pragma: no-cache
cookie: _ga=GA1.2.1609345147.1620049626; _gid=GA1.2.872587614.1620049626; _gat_gtag_UA_175435196_1=1; __gads=ID=5d4201b38427f042-22e38106fac700e3:T=1620049626:RT=1620049626:S=ALNI_Mabd-tGKFjRT4Is82LI7uhkkRDphA; MarketGidStorage=%7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A2%2C%22TejndEEDj%22%3A%22WQg0-2ZWp%22%7D%2C%22C984807%22%3A%7B%22page%22%3A1%7D%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: dundapost.com
referer: https://dundapost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:06 GMT
last-modified: Sun, 02 May 2021 18:34:52 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 32485
expires: Mon, 10 May 2021 13:47:06 GMT

GET
H2 200 HUYTRE-360x504.jpg
dundapost.com/wp-content/uploads/2020/11/ 28 KB
28 KB 151ms
149ms Image
image/jpeg 104.161.23.5
IOFLOOD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dundapost.com/wp-content/uploads/2020/11/HUYTRE-360x504.jpg
Requested by: Host: dundapost.com
URL: https://dundapost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.161.23.5 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: corporate.vip2.noc401.com
Software: LiteSpeed /
Resource Hash: 389116509f125fb140c28faf358c3ae2528626d0b074114364fe2debf2748b78

Request headers

:path: /wp-content/uploads/2020/11/HUYTRE-360x504.jpg
pragma: no-cache
cookie: _ga=GA1.2.1609345147.1620049626; _gid=GA1.2.872587614.1620049626; _gat_gtag_UA_175435196_1=1; __gads=ID=5d4201b38427f042-22e38106fac700e3:T=1620049626:RT=1620049626:S=ALNI_Mabd-tGKFjRT4Is82LI7uhkkRDphA; MarketGidStorage=%7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A2%2C%22TejndEEDj%22%3A%22WQg0-2ZWp%22%7D%2C%22C984807%22%3A%7B%22page%22%3A1%7D%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: dundapost.com
referer: https://dundapost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:06 GMT
last-modified: Thu, 12 Nov 2020 18:01:50 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 28551
expires: Mon, 10 May 2021 13:47:06 GMT

GET
H2 200 1111-1-360x449.png
dundapost.com/wp-content/uploads/2021/05/ 283 KB
283 KB 152ms
151ms Image
image/png 104.161.23.5
IOFLOOD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dundapost.com/wp-content/uploads/2021/05/1111-1-360x449.png
Requested by: Host: dundapost.com
URL: https://dundapost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.161.23.5 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: corporate.vip2.noc401.com
Software: LiteSpeed /
Resource Hash: 9eb7997ee921f9f248c4d1d9c8e8b443610036855b7215d68d408f803b293c32

Request headers

:path: /wp-content/uploads/2021/05/1111-1-360x449.png
pragma: no-cache
cookie: _ga=GA1.2.1609345147.1620049626; _gid=GA1.2.872587614.1620049626; _gat_gtag_UA_175435196_1=1; __gads=ID=5d4201b38427f042-22e38106fac700e3:T=1620049626:RT=1620049626:S=ALNI_Mabd-tGKFjRT4Is82LI7uhkkRDphA; MarketGidStorage=%7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A2%2C%22TejndEEDj%22%3A%22WQg0-2ZWp%22%7D%2C%22C984807%22%3A%7B%22page%22%3A1%7D%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: dundapost.com
referer: https://dundapost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:06 GMT
last-modified: Sun, 02 May 2021 14:39:24 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 290003
expires: Mon, 10 May 2021 13:47:06 GMT

GET
H2 200 talisa-moi-350x250.jpg
dundapost.com/wp-content/uploads/2021/05/ 17 KB
17 KB 153ms
151ms Image
image/jpeg 104.161.23.5
IOFLOOD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dundapost.com/wp-content/uploads/2021/05/talisa-moi-350x250.jpg
Requested by: Host: dundapost.com
URL: https://dundapost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.161.23.5 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: corporate.vip2.noc401.com
Software: LiteSpeed /
Resource Hash: 9c66fdf44f5cda137f2d24db2ee4abfcb0821dda583dc288c8e468884a56ba80

Request headers

:path: /wp-content/uploads/2021/05/talisa-moi-350x250.jpg
pragma: no-cache
cookie: _ga=GA1.2.1609345147.1620049626; _gid=GA1.2.872587614.1620049626; _gat_gtag_UA_175435196_1=1; __gads=ID=5d4201b38427f042-22e38106fac700e3:T=1620049626:RT=1620049626:S=ALNI_Mabd-tGKFjRT4Is82LI7uhkkRDphA; MarketGidStorage=%7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A2%2C%22TejndEEDj%22%3A%22WQg0-2ZWp%22%7D%2C%22C984807%22%3A%7B%22page%22%3A1%7D%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: dundapost.com
referer: https://dundapost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:06 GMT
last-modified: Sun, 02 May 2021 18:34:51 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 17655
expires: Mon, 10 May 2021 13:47:06 GMT

GET
H2 200 HUYTRE-350x250.jpg
dundapost.com/wp-content/uploads/2020/11/ 13 KB
13 KB 153ms
152ms Image
image/jpeg 104.161.23.5
IOFLOOD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dundapost.com/wp-content/uploads/2020/11/HUYTRE-350x250.jpg
Requested by: Host: dundapost.com
URL: https://dundapost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.161.23.5 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: corporate.vip2.noc401.com
Software: LiteSpeed /
Resource Hash: 91418e605a1930c0662500fb32e24a636303e605659325478d3a4f441b25462b

Request headers

:path: /wp-content/uploads/2020/11/HUYTRE-350x250.jpg
pragma: no-cache
cookie: _ga=GA1.2.1609345147.1620049626; _gid=GA1.2.872587614.1620049626; _gat_gtag_UA_175435196_1=1; __gads=ID=5d4201b38427f042-22e38106fac700e3:T=1620049626:RT=1620049626:S=ALNI_Mabd-tGKFjRT4Is82LI7uhkkRDphA; MarketGidStorage=%7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A2%2C%22TejndEEDj%22%3A%22WQg0-2ZWp%22%7D%2C%22C984807%22%3A%7B%22page%22%3A1%7D%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: dundapost.com
referer: https://dundapost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:06 GMT
last-modified: Thu, 12 Nov 2020 18:01:50 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 13161
expires: Mon, 10 May 2021 13:47:06 GMT

GET
H2 200 1111-1-350x250.png
dundapost.com/wp-content/uploads/2021/05/ 179 KB
179 KB 4028ms
4028ms Image
image/png 104.161.23.5
IOFLOOD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dundapost.com/wp-content/uploads/2021/05/1111-1-350x250.png
Requested by: Host: dundapost.com
URL: https://dundapost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.161.23.5 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: corporate.vip2.noc401.com
Software: LiteSpeed /
Resource Hash: 361135ac01f1a4da1e80ad7311095e1bcee8f84d6186d75244c1b70a6d02487b

Request headers

:path: /wp-content/uploads/2021/05/1111-1-350x250.png
pragma: no-cache
cookie: _ga=GA1.2.1609345147.1620049626; _gid=GA1.2.872587614.1620049626; _gat_gtag_UA_175435196_1=1; __gads=ID=5d4201b38427f042-22e38106fac700e3:T=1620049626:RT=1620049626:S=ALNI_Mabd-tGKFjRT4Is82LI7uhkkRDphA; MarketGidStorage=%7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A2%2C%22TejndEEDj%22%3A%22WQg0-2ZWp%22%7D%2C%22C984807%22%3A%7B%22page%22%3A1%7D%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: dundapost.com
referer: https://dundapost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:08 GMT
last-modified: Sun, 02 May 2021 14:39:23 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 183000
expires: Mon, 10 May 2021 13:47:08 GMT

GET
H2 200 JHGG-350x250.jpg
dundapost.com/wp-content/uploads/2021/05/ 27 KB
27 KB 3886ms
3882ms Image
image/jpeg 104.161.23.5
IOFLOOD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dundapost.com/wp-content/uploads/2021/05/JHGG-350x250.jpg
Requested by: Host: dundapost.com
URL: https://dundapost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.161.23.5 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: corporate.vip2.noc401.com
Software: LiteSpeed /
Resource Hash: d0f391cd64e504e3b83d2b3f4e75718f7224c19eeed3a42c43a40ff06d3e3dbd

Request headers

:path: /wp-content/uploads/2021/05/JHGG-350x250.jpg
pragma: no-cache
cookie: _ga=GA1.2.1609345147.1620049626; _gid=GA1.2.872587614.1620049626; _gat_gtag_UA_175435196_1=1; __gads=ID=5d4201b38427f042-22e38106fac700e3:T=1620049626:RT=1620049626:S=ALNI_Mabd-tGKFjRT4Is82LI7uhkkRDphA; MarketGidStorage=%7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A2%2C%22TejndEEDj%22%3A%22WQg0-2ZWp%22%7D%2C%22C984807%22%3A%7B%22page%22%3A1%7D%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: dundapost.com
referer: https://dundapost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:08 GMT
last-modified: Mon, 03 May 2021 11:42:29 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 27178
expires: Mon, 10 May 2021 13:47:08 GMT

GET
H2 200 HUYTRE-750x536.jpg
dundapost.com/wp-content/uploads/2020/11/ 47 KB
47 KB 3886ms
3883ms Image
image/jpeg 104.161.23.5
IOFLOOD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dundapost.com/wp-content/uploads/2020/11/HUYTRE-750x536.jpg
Requested by: Host: dundapost.com
URL: https://dundapost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.161.23.5 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: corporate.vip2.noc401.com
Software: LiteSpeed /
Resource Hash: 93e627871df22e4390cea8d5edb6b438c84554172a796b4a1b88ca45000cadbe

Request headers

:path: /wp-content/uploads/2020/11/HUYTRE-750x536.jpg
pragma: no-cache
cookie: _ga=GA1.2.1609345147.1620049626; _gid=GA1.2.872587614.1620049626; _gat_gtag_UA_175435196_1=1; __gads=ID=5d4201b38427f042-22e38106fac700e3:T=1620049626:RT=1620049626:S=ALNI_Mabd-tGKFjRT4Is82LI7uhkkRDphA; MarketGidStorage=%7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A2%2C%22TejndEEDj%22%3A%22WQg0-2ZWp%22%7D%2C%22C984807%22%3A%7B%22page%22%3A1%7D%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: dundapost.com
referer: https://dundapost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:08 GMT
last-modified: Thu, 12 Nov 2020 18:01:50 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 47971
expires: Mon, 10 May 2021 13:47:08 GMT

GET
H2 200 ENTITY-nail-first-job-interview-unsplash-rawpixel2-120x86.jpg
dundapost.com/wp-content/uploads/2020/08/ 4 KB
4 KB 3960ms
3960ms Image
image/jpeg 104.161.23.5
IOFLOOD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dundapost.com/wp-content/uploads/2020/08/ENTITY-nail-first-job-interview-unsplash-rawpixel2-120x86.jpg
Requested by: Host: dundapost.com
URL: https://dundapost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.161.23.5 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: corporate.vip2.noc401.com
Software: LiteSpeed /
Resource Hash: 88bd41c4d35af76a7fdf8ef4e368e6bdc36445dabb4c2116a672429564034455

Request headers

:path: /wp-content/uploads/2020/08/ENTITY-nail-first-job-interview-unsplash-rawpixel2-120x86.jpg
pragma: no-cache
cookie: _ga=GA1.2.1609345147.1620049626; _gid=GA1.2.872587614.1620049626; _gat_gtag_UA_175435196_1=1; __gads=ID=5d4201b38427f042-22e38106fac700e3:T=1620049626:RT=1620049626:S=ALNI_Mabd-tGKFjRT4Is82LI7uhkkRDphA; MarketGidStorage=%7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A2%2C%22TejndEEDj%22%3A%22WQg0-2ZWp%22%7D%2C%22C984807%22%3A%7B%22page%22%3A1%7D%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: dundapost.com
referer: https://dundapost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:08 GMT
last-modified: Thu, 06 Aug 2020 14:25:55 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4025
expires: Mon, 10 May 2021 13:47:08 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame BB21 6 KB
668 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5513997980152446&output=html&h=90&slotname=1261593740&adk=1754280212&adf=900154443&pi=t.ma~as.1261593740&w=728&lmt=1620049626&rafmt=12&psa=0&format=728x90&url=https%3A%2F%2Fdundapost.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620049626196&bpp=23&bdt=690&idt=98&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=2318045551770&frm=20&pv=2&ga_vid=1609345147.1620049626&ga_sid=1620049626&ga_hid=670428568&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=241&ady=194&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060930%2C31060828%2C31060839&oid=3&pvsid=433431954549986&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=HfMP7xojxF&p=https%3A//dundapost.com&dtd=132

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d4876c12b071f74470f52c0404d10730ab271ae769c2c407fe131dae8b33e236

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 03 May 2021 12:12:44 GMT
server: ESF
date: Mon, 03 May 2021 13:47:06 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 03 May 2021 13:47:06 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=dundapost.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 03 May 2021 13:47:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=dundapost.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 03 May 2021 13:47:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 39ms
38ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fdundapost.com%2F&tn=DIV&cls=the_champ_sharing_container%20the_champ_vertical_sharing%20the_champ_hide_sharing%20the_champ_bottom_sharing&ign=false

Requested by

Host: dundapost.com
URL: https://dundapost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 13:47:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E499 8 KB
844 B 104ms
104ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5513997980152446&output=html&adk=1812271804&adf=3025194257&lmt=1620049626&plat=1%3A32776%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fdundapost.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620049626781&bpp=1&bdt=1275&idt=1&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5d4201b38427f042-22e38106fac700e3%3AT%3D1620049626%3ART%3D1620049626%3AS%3DALNI_Mabd-tGKFjRT4Is82LI7uhkkRDphA&prev_fmts=728x90%2C728x90%2C728x90%2C300x250%2C345x280%2C345x280%2C0x0&nras=1&correlator=2318045551770&frm=20&pv=1&ga_vid=1609345147.1620049626&ga_sid=1620049626&ga_hid=670428568&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060930%2C31060828%2C31060839&oid=3&pvsid=433431954549986&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=8&uci=a!8&fsb=1&dtd=7

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac1c0dc00a1db0563d58a7b1d5c5dedb941999a82dcb1e4288f6c83dd3f77d61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5513997980152446&output=html&adk=1812271804&adf=3025194257&lmt=1620049626&plat=1%3A32776%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fdundapost.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620049626781&bpp=1&bdt=1275&idt=1&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5d4201b38427f042-22e38106fac700e3%3AT%3D1620049626%3ART%3D1620049626%3AS%3DALNI_Mabd-tGKFjRT4Is82LI7uhkkRDphA&prev_fmts=728x90%2C728x90%2C728x90%2C300x250%2C345x280%2C345x280%2C0x0&nras=1&correlator=2318045551770&frm=20&pv=1&ga_vid=1609345147.1620049626&ga_sid=1620049626&ga_hid=670428568&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060930%2C31060828%2C31060839&oid=3&pvsid=433431954549986&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=8&uci=a!8&fsb=1&dtd=7
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://dundapost.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://dundapost.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 03 May 2021 13:47:06 GMT
server: cafe
content-length: 820
x-xss-protection: 0
set-cookie: IDE=AHWqTUlWJ-z3tF5A3x6UqoociXk2hHrPD43tty8rEH4adybgwtVP-5S1G2UJl1ttuUE; expires=Sat, 28-May-2022 13:47:06 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 03 May 2021 13:47:06 GMT
cache-control: private

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame BB21 1 KB
989 B 7ms
7ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:45:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 May 2021 13:45:44 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/ Frame BB21 17 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa460b17301428633e549a2d3a7fe90df64707c56c63b6eaeb14bf7e9308be50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:41:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 361
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7028
x-xss-protection: 0
server: cafe
etag: 882276978028997863
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 May 2021 13:41:05 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame BB21 2 KB
1 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:44:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 142
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 May 2021 13:44:44 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BB21 116 KB
35 KB 29ms
14ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

437b96bfb27c65f904cc78ddc11105eff1cf79b7fec2203e1c23841ac8d95712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619782032619693"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35920
x-xss-protection: 0
expires: Mon, 03 May 2021 13:47:06 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame BB21 13 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:46:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5604
x-xss-protection: 0
server: cafe
etag: 2846967340006788112
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 May 2021 13:46:45 GMT

GET
H2 200 95e6c1f88e21b7366c50a3f905bff199.js Show response
www.gstatic.com/mysidia/ Frame BB21 25 KB
10 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/95e6c1f88e21b7366c50a3f905bff199.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

173fd00f452c8209f6cebea57cb9a5ab26ab6802ede684468faff558efffd53e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 07:59:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 27 Apr 2021 21:04:36 GMT
server: sffe
age: 20829
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10548
x-xss-protection: 0
expires: Sun, 01 Aug 2021 07:59:57 GMT

GET
DATA 200
OK truncated
/ Frame BB21 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ce5ab0260a7860ea167511114f1b2a1a8c5dff2b1a3885e2c2e70fb54c4e7a9

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C42E 14 KB
7 KB 572ms
572ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: dundapost.com
URL: https://dundapost.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bb0a282a3bd9d687270d0b117351fd5d3e45b9f000a25d1bf427e852e084bf60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5513997980152446&output=html&h=250&slotname=9503045842&adk=520352030&adf=2544256464&pi=t.ma~as.9503045842&w=300&lmt=1620049626&rafmt=12&psa=0&format=300x250&url=https%3A%2F%2Fdundapost.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620049626229&bpp=1&bdt=723&idt=181&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90%2C728x90&correlator=2318045551770&frm=20&pv=1&ga_vid=1609345147.1620049626&ga_sid=1620049626&ga_hid=670428568&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1048&ady=468&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060930%2C31060828%2C31060839&oid=3&pvsid=433431954549986&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=3I0jWYUoTB&p=https%3A//dundapost.com&dtd=187
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://dundapost.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://dundapost.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 03 May 2021 13:47:07 GMT
server: cafe
content-length: 7264
x-xss-protection: 0
set-cookie: IDE=AHWqTUloQA98XMmLSlnvdgylCXSbAfU7hqq_pDZBhDJr0zGuVF4ONxWKXbDZth61woE; expires=Sat, 28-May-2022 13:47:06 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 03 May 2021 13:47:07 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2D26 117 KB
38 KB 752ms
752ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: dundapost.com
URL: https://dundapost.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e479a0028bdf40a7033db2ab63f4aa9c1af3d62f67bc467305ee541175fdefb

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13014175897113125687/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13014175897113125687/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLKmnJTTrfACFXrUEQgdQaICHQ&gqi=2v6PYOPnM_ujx_APx548&layout=/sadbundle/%24csp%253Der3%24/13014175897113125687/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5513997980152446&output=html&h=280&slotname=9503045842&adk=2978807076&adf=2327918766&pi=t.ma~as.9503045842&w=345&fwrn=4&fwrnh=100&lmt=1620049626&rafmt=1&psa=0&format=345x280&url=https%3A%2F%2Fdundapost.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620049626243&bpp=2&bdt=737&idt=176&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90%2C728x90%2C300x250&correlator=2318045551770&frm=20&pv=1&ga_vid=1609345147.1620049626&ga_sid=1620049626&ga_hid=670428568&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1025&ady=1564&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060930%2C31060828%2C31060839&oid=3&pvsid=433431954549986&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=HGWpWVEKuD&p=https%3A//dundapost.com&dtd=181
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://dundapost.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://dundapost.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13014175897113125687/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13014175897113125687/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLKmnJTTrfACFXrUEQgdQaICHQ&gqi=2v6PYOPnM_ujx_APx548&layout=/sadbundle/%24csp%253Der3%24/13014175897113125687/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 03 May 2021 13:47:07 GMT
server: cafe
content-length: 38983
x-xss-protection: 0
set-cookie: IDE=AHWqTUksdQs6x5RCv1w4INGgXNw9LrEdnqY1A3JeMhLVimJ-oi796AYZ3yYlUiS_-YU; expires=Sat, 28-May-2022 13:47:06 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 03 May 2021 13:47:07 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B141 405 B
227 B 709ms
709ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5513997980152446&output=html&h=280&slotname=9503045842&adk=2978807076&adf=1635608358&pi=t.ma~as.9503045842&w=345&fwrn=4&fwrnh=100&lmt=1620049626&rafmt=1&psa=0&format=345x280&url=https%3A%2F%2Fdundapost.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620049626253&bpp=1&bdt=747&idt=204&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90%2C728x90%2C300x250%2C345x280&correlator=2318045551770&frm=20&pv=1&ga_vid=1609345147.1620049626&ga_sid=1620049626&ga_hid=670428568&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1025&ady=2364&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060930%2C31060828%2C31060839&oid=3&pvsid=433431954549986&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=rKfRKjmxzS&p=https%3A//dundapost.com&dtd=211

Requested by

Host: dundapost.com
URL: https://dundapost.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

07e954fbd89b93b0bb71507b88da88083030e8334c2bd5e9d77e40fb1c623154

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5513997980152446&output=html&h=280&slotname=9503045842&adk=2978807076&adf=1635608358&pi=t.ma~as.9503045842&w=345&fwrn=4&fwrnh=100&lmt=1620049626&rafmt=1&psa=0&format=345x280&url=https%3A%2F%2Fdundapost.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620049626253&bpp=1&bdt=747&idt=204&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90%2C728x90%2C300x250%2C345x280&correlator=2318045551770&frm=20&pv=1&ga_vid=1609345147.1620049626&ga_sid=1620049626&ga_hid=670428568&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1025&ady=2364&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060930%2C31060828%2C31060839&oid=3&pvsid=433431954549986&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=rKfRKjmxzS&p=https%3A//dundapost.com&dtd=211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://dundapost.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://dundapost.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 03 May 2021 13:47:07 GMT
server: cafe
content-length: 203
x-xss-protection: 0
set-cookie: IDE=AHWqTUnjiQUFWZfRunFQZH-zZ7W0oiQWVycDN7ir-brBlNK2RLTk8k4fB4Q0h7l7KvQ; expires=Sat, 28-May-2022 13:47:06 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 03 May 2021 13:47:07 GMT
cache-control: private

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame BB21 0
0 77ms
76ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cgh5l2v6PYPSfFeazx_APhKeTiAWb7bPFYpqhk5_pDbmUqKOjJBABIJjVyn5glQKgAa_T3roByAEGqQLrT-IW6De0PqgDAcgDywSqBLYBT9BloR312eTBUJZjG9kYdPB3YYnNtePeuLqwj4hjODpskW2o0LxZcwdFwuLODURS9SWThKTC3Lqi5Y4hvpYuYLq_fAbyci7O2sQ79Ux2CN9g6WZkyO_ymWQwJvuDFnjuDhUNOvpcr9y6VtpkjBE2bJ3vxaAJZlXYolW_ih-3EnkBi6x-6knJVdk_6N1s-4-ZHm2TuxxyllFyHvjFvUB_cYzhFg4t3PWCkVeA4I9TgQwWxIYb0XXABIaCxou7A6AGN4AHuayhxQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQh6sB0ggJCIDhgBAQARgfgAoByAsB2BMDshcaChgIABIUcHViLTU1MTM5OTc5ODAxNTI0NDY&sigh=2EsjME7v5NM&template_id=492

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5513997980152446&output=html&h=90&slotname=1261593740&adk=1754280212&adf=900154443&pi=t.ma~as.1261593740&w=728&lmt=1620049626&rafmt=12&psa=0&format=728x90&url=https%3A%2F%2Fdundapost.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620049626196&bpp=23&bdt=690&idt=98&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=2318045551770&frm=20&pv=2&ga_vid=1609345147.1620049626&ga_sid=1620049626&ga_hid=670428568&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=241&ady=194&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060930%2C31060828%2C31060839&oid=3&pvsid=433431954549986&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=HfMP7xojxF&p=https%3A//dundapost.com&dtd=132
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 03 May 2021 13:47:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 03 May 2021 13:47:06 GMT

GET
DATA 200
OK truncated
/ 234 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0d7cd639c89358f19d898c0f407c362e22f9f3efb8f419bb35ede15d184daa71

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ 211 KB
62 KB 13ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=72cf46407d3a893f584769c7bc78772d&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

11b39b651d7f7e2efd806b1c46fcf3b6dfbcf9a74610128a488d90ceede4af2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://dundapost.com
Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 8RLGHRpkQX51a0BaV7UnUw==
cross-origin-resource-policy: cross-origin
expires: Tue, 03 May 2022 11:57:00 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 63632
x-fb-rlafr: 0
x-fb-debug: 2DQxugmwm9GIVrGMn9Vu4p84Yt2QsoC96l8V6BkZ8JAIaYQ4wOk0wlCU25ts4r7OjjhTN7UBmDY0QJ6I7kbAPQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: c5a853a915377e7fab90e4ec3fa69b7a
date: Mon, 03 May 2021 13:47:06 GMT
x-frame-options: DENY
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "a93b5d5147f3c02dc45785d221813c6e"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H3-29 200 widget-ssp-performance
c.mgid.com/ 43 B
551 B 174ms
148ms Image
image/gif 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/widget-ssp-performance?time=166
Requested by: Host: dundapost.com
URL: https://dundapost.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 13:47:07 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6499f0785fe3cd9f-CDG
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09d4149f330000cd9f341fd000000001

GET
DATA 200
OK truncated
/ Frame BB21 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3f83a6253952ddefed9d0a3b4ba1763f1ef43c98203d2344e4775e36df47eccd

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame BB21 16 KB
16 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:12:11 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
age: 567295
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
expires: Wed, 27 Apr 2022 00:12:11 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame BB21 15 KB
15 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 04:23:23 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
age: 120223
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
expires: Mon, 02 May 2022 04:23:23 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame BB21 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 01:43:32 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
age: 389014
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
expires: Fri, 29 Apr 2022 01:43:32 GMT

GET
H3-29 200 V1lNzVGDXdksv1u627CI7W0-mHZYzGGGZdNtnF4LgGE.js Show response
pagead2.googlesyndication.com/bg/ Frame 8759 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/V1lNzVGDXdksv1u627CI7W0-mHZYzGGGZdNtnF4LgGE.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57594dcd51835dd92cbf5bbadbb088ed6d3e987658cc618665d36d9c5e0b8061

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 05:48:53 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 15:58:00 GMT
server: sffe
age: 28693
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5617
x-xss-protection: 0
expires: Tue, 03 May 2022 05:48:53 GMT

GET
H2 200 wwww-360x437.png
dundapost.com/wp-content/uploads/2021/05/ 168 KB
168 KB 3776ms
3775ms Image
image/png 104.161.23.5
IOFLOOD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dundapost.com/wp-content/uploads/2021/05/wwww-360x437.png
Requested by: Host: dundapost.com
URL: https://dundapost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.161.23.5 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: corporate.vip2.noc401.com
Software: LiteSpeed /
Resource Hash: 11e4dc45cc75f68c4fc5b359a02e745c9c4f1062df0b57474ff02eebb312682a

Request headers

:path: /wp-content/uploads/2021/05/wwww-360x437.png
pragma: no-cache
cookie: _ga=GA1.2.1609345147.1620049626; _gid=GA1.2.872587614.1620049626; _gat_gtag_UA_175435196_1=1; __gads=ID=5d4201b38427f042-22e38106fac700e3:T=1620049626:RT=1620049626:S=ALNI_Mabd-tGKFjRT4Is82LI7uhkkRDphA; MarketGidStorage=%7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A2%2C%22TejndEEDj%22%3A%22WQg0-2ZWp%22%7D%2C%22C984807%22%3A%7B%22page%22%3A1%7D%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: dundapost.com
referer: https://dundapost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:08 GMT
last-modified: Sat, 01 May 2021 18:13:28 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 171581
expires: Mon, 10 May 2021 13:47:08 GMT

GET
H2 200 1111-360x369.png
dundapost.com/wp-content/uploads/2021/05/ 156 KB
156 KB 8734ms
8732ms Image
image/png 104.161.23.5
IOFLOOD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dundapost.com/wp-content/uploads/2021/05/1111-360x369.png
Requested by: Host: dundapost.com
URL: https://dundapost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.161.23.5 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: corporate.vip2.noc401.com
Software: LiteSpeed /
Resource Hash: 5cb411e7c06609c740fc4bffa439ff2e0016412a71c209ae097427ef0e114be6

Request headers

:path: /wp-content/uploads/2021/05/1111-360x369.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: dundapost.com
referer: https://dundapost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:10 GMT
last-modified: Sat, 01 May 2021 18:32:31 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 159445
expires: Mon, 10 May 2021 13:47:10 GMT

GET
H2 200 OPE-120x86.jpeg
dundapost.com/wp-content/uploads/2020/08/ 8 KB
8 KB 8993ms
8990ms Image
image/jpeg 104.161.23.5
IOFLOOD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dundapost.com/wp-content/uploads/2020/08/OPE-120x86.jpeg
Requested by: Host: dundapost.com
URL: https://dundapost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.161.23.5 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: corporate.vip2.noc401.com
Software: LiteSpeed /
Resource Hash: 10253d5e1607827346435af674df3b615a8af5c9ac75a579c3b2ba58d1ae5537

Request headers

:path: /wp-content/uploads/2020/08/OPE-120x86.jpeg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: dundapost.com
referer: https://dundapost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:10 GMT
last-modified: Thu, 06 Aug 2020 14:04:40 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7904
expires: Mon, 10 May 2021 13:47:10 GMT

GET
H2 200 BVFRRII-120x86.jpg
dundapost.com/wp-content/uploads/2021/03/ 5 KB
5 KB 8992ms
8991ms Image
image/jpeg 104.161.23.5
IOFLOOD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dundapost.com/wp-content/uploads/2021/03/BVFRRII-120x86.jpg
Requested by: Host: dundapost.com
URL: https://dundapost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.161.23.5 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: corporate.vip2.noc401.com
Software: LiteSpeed /
Resource Hash: 3fdff71ae8e899802f3ea164d190df3eb97cb894a64768f7634b5308b502626c

Request headers

:path: /wp-content/uploads/2021/03/BVFRRII-120x86.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: dundapost.com
referer: https://dundapost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:10 GMT
last-modified: Wed, 03 Mar 2021 07:12:08 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4758
expires: Mon, 10 May 2021 13:47:10 GMT

GET
H/1.1 200
OK js Show response
tags.mathtag.com/notify/ Frame C42E 2 KB
2 KB 167ms
101ms Script
application/x-javascript 185.29.133.208
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWmpWaVlqQmxaR1l0T0RCbU55MDBNamhtTFRBd01EQXRNREF3TURBd01EQXdNREF3LzI2ODk0MjcyNzAxOTAwOTE3ODMvODY3NTYwOS83MzI0NDE5LzQvbnhKcjRHc0E4eXVlckNjb19VWVFmNDJyZEhmTlVuX2NuYjdZZ2hvRldvVS8xLzQvMC8wLzE1MTI1ODYvMC8yNDI4NzYvODYzMTgyLzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvNDk5NTI3MDI3OTQwMzc4NTEzMC9hbXMvMC8yOTcvNjUvOTk5LzY2LzJhMDE6NGY4OjEyMTo6LzAuMDAwLzE2MjAwNDk2MjYvMTYyMDA2MjIyNi80L3B1Yi01NTEzOTk3OTgwMTUyNDQ2Lw/O9_NcCS4wUTM7PpvElVM4x4QBOo&nodeid=1902&group=eu&auctionid=2689427270190091783&sid=7324419&cid=8675609&bp=a_agffcb&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.96&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNwdi2v6PYPylNNq0gAfJ-a64CM-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNTUxMzk5Nzk4MDE1MjQ0NsgBCagDAaoEpgFP0EIcWFrTn4FqPMKBzgFp24eqa5a8sbG7y2prZSd1bTCXQllakz73ZyF-BLPoFYAXtDTt6XV5iPELCXQkW4QN28Z5KHIsoEoeKP6969tNQwKmaf0Nt_YqXChd5ZWOZubKBHHV26rH8o9bYPXvhfIzcjymi7tcwP-QMvfn52KAYxd5Rh41eYfLpYOLpiiwfeKC5vTPMvjuGi3eX8XIN5fa51DLYv_QgAbqx4ewjce2-acBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1vMP65F0fNUFmd_71uSwkXTfEB2w%26client%3Dca-pub-5513997980152446%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5513997980152446&output=html&h=250&slotname=9503045842&adk=520352030&adf=2544256464&pi=t.ma~as.9503045842&w=300&lmt=1620049626&rafmt=12&psa=0&format=300x250&url=https%3A%2F%2Fdundapost.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620049626229&bpp=1&bdt=723&idt=181&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90%2C728x90&correlator=2318045551770&frm=20&pv=1&ga_vid=1609345147.1620049626&ga_sid=1620049626&ga_hid=670428568&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1048&ady=468&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060930%2C31060828%2C31060839&oid=3&pvsid=433431954549986&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=3I0jWYUoTB&p=https%3A//dundapost.com&dtd=187
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.133.208 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.197.0 /
Resource Hash: 2afa4111eb3ba5f30b80ed18ef31249b63a8c095e86f05d5cba54418044e1fb5

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 03 May 2021 13:47:01 GMT
Content-Encoding: gzip
x-mm-bid-request-time: 1620049626
Last-Modified: Mon, 03 May 2021 13:47:06 GMT
Server: MMBD/3.197.0
x-mm-latency: 56 (39)
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
x-mm-dbg: Count
Cache-Control: no-cache
x-mm-host: zrh-router-x70, cdg-bidder-x141
Connection: close
Content-Type: application/x-javascript; charset=UTF-8
Expires: Mon, 03 May 2021 13:47:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame C42E 2 KB
1 KB 16ms
13ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5513997980152446&output=html&h=250&slotname=9503045842&adk=520352030&adf=2544256464&pi=t.ma~as.9503045842&w=300&lmt=1620049626&rafmt=12&psa=0&format=300x250&url=https%3A%2F%2Fdundapost.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620049626229&bpp=1&bdt=723&idt=181&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90%2C728x90&correlator=2318045551770&frm=20&pv=1&ga_vid=1609345147.1620049626&ga_sid=1620049626&ga_hid=670428568&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1048&ady=468&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060930%2C31060828%2C31060839&oid=3&pvsid=433431954549986&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=3I0jWYUoTB&p=https%3A//dundapost.com&dtd=187

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:44:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 143
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 May 2021 13:44:44 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C42E 116 KB
35 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

437b96bfb27c65f904cc78ddc11105eff1cf79b7fec2203e1c23841ac8d95712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619782032619693"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35920
x-xss-protection: 0
expires: Mon, 03 May 2021 13:47:07 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame C42E 13 KB
5 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:46:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5604
x-xss-protection: 0
server: cafe
etag: 2846967340006788112
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 May 2021 13:46:45 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame C42E 0
0 14ms
14ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRtemE6DC3q4t0aRgPVYXRjSXDRFJ_-BKi7MfSabDbqFgU0CTryjmMh6qRu7DqocU6aHYzzoN2LVZ4FE5RuFW43wul1DA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5513997980152446&output=html&h=250&slotname=9503045842&adk=520352030&adf=2544256464&pi=t.ma~as.9503045842&w=300&lmt=1620049626&rafmt=12&psa=0&format=300x250&url=https%3A%2F%2Fdundapost.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620049626229&bpp=1&bdt=723&idt=181&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90%2C728x90&correlator=2318045551770&frm=20&pv=1&ga_vid=1609345147.1620049626&ga_sid=1620049626&ga_hid=670428568&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1048&ady=468&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060930%2C31060828%2C31060839&oid=3&pvsid=433431954549986&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=3I0jWYUoTB&p=https%3A//dundapost.com&dtd=187
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame C42E 0
0 43ms
43ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CT5w62v6PYPylNNq0gAfJ-a64CM-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNTUxMzk5Nzk4MDE1MjQ0NsgBCagDAaoEowFP0EIcWFrTn4FqPMKBzgFp24eqa5a8sbG7y2prZSd1bTCXQllakz73ZyF-BLPoFYAXtDTt6XV5iPELCXQkW4QN28Z5KHIsoEoeKP6969tNQwKmaf0Nt_YqXChd5ZWOZubKBHHV26rH8o9bYPXvhfIzcjymi7tcwP-QMvfn52KAYxd5Rh41eYfLpYOLpiiwfeKCpPbCoFR-vipT-41j79d1F03fgAbqx4ewjce2-acBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGAoWEhRwdWItNTUxMzk5Nzk4MDE1MjQ0Ng&sigh=bgtp9veZe6A&tpd=AGWhJmtvTahhyVyXRH30mNvNReVOAK9LF1ElTQsTbjQ_6u9AkBQqZLjDFsgzpSV0scJd_xJn0u8tycBwY4a82L7yvyzLhO6B2vcDIvuG5mshIR_WoBkohAblJNs_xLH2uMK5EWxubIjQdgfLmBjwB62UL0EPCEOyvs0oorgwTTLosRh80K5RUbTViNFsMx98uIwXhPNe-_um3o5svWYZiWngB6_5upfD_ceFTXv16bNDp9PbQxHJURgjdgy4_LCC9eivr334a3s9TSaz_pWTm1274tkB9ywpBRazMCIPNTdkyTM8KjI6TAO4mQ3PNZZa4DrkQCOkdEln4brmYsfxVq4MBjUPwcCgtiSkTpG2rM-awNuNSY0m229gwzIPijzUqU9q48kgT0x01tl_-blA4olz6N1j-Kc2lUz5UxlOsVhuAGA0RfxuQS6vHinSsFBr6w0mmAGI7Llz_6jckz2p7XtKljoAd_PX_In8VX9Yov_iT1XFth2msasc2Vogf4zU2eGlAQmz1DWdkFWO3ogNWXU2-aXLlIySn8gpXNGIQ8Q7-8tezyAkeLSiSSaFPUJeH6hneLRfHOY5Mpi-Jj6zKSJN7XItzXFcCOU_oNlkoi3WEkL5MyJ4LwnTgzz0U9C7FgzFtCuhcGQl0DMyrDY2JSvRsHVYrnGG0BijGeej2WFkg5nGf9mDad-27iPHsso1jIEplBnO-Z1MSjMEAQGyawbOL47IkI5dRWM2Vs8Mv7gVLwXvLcqKzgNRHG1TPvmdHkANB-XrAfZZBvLj82KivHEUYCz29i4B0tlaeNP8dfTZK29wUmCT2VAiZgzU4nwRSt0Q6N80J1HWtorCz299oHVTPAUZ6L0ZOEiKHTxOW_yfagntLqU-vY55UWpswtdPoLAZNDET0uExFN2GIGidexFwkLGwuTk-4Wfb8WeWR1BzayI6MZAr1sz0GZfAkkr1uErBqOa6RH9y_n5xyoe3i_T9k-quAOy3N2Hn6bCxXyLUjwwX8PKQ_BgDspDR4D59amaIY-Nedxc2drVp5MlMCE7ww0QqGvYNUw

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5513997980152446&output=html&h=250&slotname=9503045842&adk=520352030&adf=2544256464&pi=t.ma~as.9503045842&w=300&lmt=1620049626&rafmt=12&psa=0&format=300x250&url=https%3A%2F%2Fdundapost.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620049626229&bpp=1&bdt=723&idt=181&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90%2C728x90&correlator=2318045551770&frm=20&pv=1&ga_vid=1609345147.1620049626&ga_sid=1620049626&ga_hid=670428568&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1048&ady=468&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060930%2C31060828%2C31060839&oid=3&pvsid=433431954549986&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=3I0jWYUoTB&p=https%3A//dundapost.com&dtd=187
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 03 May 2021 13:47:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 transparent.png
tpc.googlesyndication.com/pagead/images/ Frame 2D26 67 B
91 B 6ms
6ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/transparent.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5513997980152446&output=html&h=280&slotname=9503045842&adk=2978807076&adf=2327918766&pi=t.ma~as.9503045842&w=345&fwrn=4&fwrnh=100&lmt=1620049626&rafmt=1&psa=0&format=345x280&url=https%3A%2F%2Fdundapost.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620049626243&bpp=2&bdt=737&idt=176&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90%2C728x90%2C300x250&correlator=2318045551770&frm=20&pv=1&ga_vid=1609345147.1620049626&ga_sid=1620049626&ga_hid=670428568&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1025&ady=1564&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060930%2C31060828%2C31060839&oid=3&pvsid=433431954549986&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=HGWpWVEKuD&p=https%3A//dundapost.com&dtd=181

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 03 May 2021 01:32:03 GMT
x-content-type-options: nosniff
server: cafe
age: 44104
etag: 2462972746714251406
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
expires: Tue, 04 May 2021 01:32:03 GMT

GET
H/1.1 200
OK r9d3a58lo9uw Show response
hal9000.redintelligence.net/zone/ Frame C42E 10 KB
3 KB 113ms
38ms Script
text/html 138.201.220.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/r9d3a58lo9uw?subid=&gdpr=1&gdpr_consent=BAAAAAAAAAAAAAAAAAluAA%2F%2F%2F%2F%2F%2F%2BABgCeAJ4Ang&rnd=2689427270190091783&extVar[]=DOUBLEBORDER:1&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D2689427270190091783%26mt_id%3D8675609%26mt_adid%3D242876%26mt_sid%3D7324419%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D5c4a608f-fedb-4e01-a3e5-456743886da1%26mt_cid%3D5c4a608f-fedb-4e01-a3e5-456743886da1%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCNwdi2v6PYPylNNq0gAfJ-a64CM-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNTUxMzk5Nzk4MDE1MjQ0NsgBCagDAaoEpgFP0EIcWFrTn4FqPMKBzgFp24eqa5a8sbG7y2prZSd1bTCXQllakz73ZyF-BLPoFYAXtDTt6XV5iPELCXQkW4QN28Z5KHIsoEoeKP6969tNQwKmaf0Nt_YqXChd5ZWOZubKBHHV26rH8o9bYPXvhfIzcjymi7tcwP-QMvfn52KAYxd5Rh41eYfLpYOLpiiwfeKC5vTPMvjuGi3eX8XIN5fa51DLYv_QgAbqx4ewjce2-acBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1vMP65F0fNUFmd_71uSwkXTfEB2w%2526client%253Dca-pub-5513997980152446%2526adurl%253D%26redirect%3D
Requested by: Host: dundapost.com
URL: https://dundapost.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.220.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 80847a60a6246d1f785df03cf2991c8a1eb8408285c17439a7946b8a4976fb48

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 03 May 2021 13:47:07 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3346
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ck-confirm
tags.mathtag.com/ Frame C42E 49 B
330 B 110ms
53ms Image
image/gif 185.29.133.208
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/ck-confirm?bid_id=2689427270190091783&node_id=1902&exch_id=4
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWmpWaVlqQmxaR1l0T0RCbU55MDBNamhtTFRBd01EQXRNREF3TURBd01EQXdNREF3LzI2ODk0MjcyNzAxOTAwOTE3ODMvODY3NTYwOS83MzI0NDE5LzQvbnhKcjRHc0E4eXVlckNjb19VWVFmNDJyZEhmTlVuX2NuYjdZZ2hvRldvVS8xLzQvMC8wLzE1MTI1ODYvMC8yNDI4NzYvODYzMTgyLzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvNDk5NTI3MDI3OTQwMzc4NTEzMC9hbXMvMC8yOTcvNjUvOTk5LzY2LzJhMDE6NGY4OjEyMTo6LzAuMDAwLzE2MjAwNDk2MjYvMTYyMDA2MjIyNi80L3B1Yi01NTEzOTk3OTgwMTUyNDQ2Lw/O9_NcCS4wUTM7PpvElVM4x4QBOo&nodeid=1902&group=eu&auctionid=2689427270190091783&sid=7324419&cid=8675609&bp=a_agffcb&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.96&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNwdi2v6PYPylNNq0gAfJ-a64CM-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNTUxMzk5Nzk4MDE1MjQ0NsgBCagDAaoEpgFP0EIcWFrTn4FqPMKBzgFp24eqa5a8sbG7y2prZSd1bTCXQllakz73ZyF-BLPoFYAXtDTt6XV5iPELCXQkW4QN28Z5KHIsoEoeKP6969tNQwKmaf0Nt_YqXChd5ZWOZubKBHHV26rH8o9bYPXvhfIzcjymi7tcwP-QMvfn52KAYxd5Rh41eYfLpYOLpiiwfeKC5vTPMvjuGi3eX8XIN5fa51DLYv_QgAbqx4ewjce2-acBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1vMP65F0fNUFmd_71uSwkXTfEB2w%26client%3Dca-pub-5513997980152446%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.133.208 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.197.0 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 03 May 2021 13:47:01 GMT
Server: MMBD/3.197.0
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x73, cdg-bidder-x141
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Mon, 03 May 2021 13:47:00 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame C42E 43 B
360 B 146ms
86ms Image
image/gif 184.30.20.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=2689427270190091783&v3=863182&v4=7324419&v5=8675609&mt_nsync=1&no_attr=1
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWmpWaVlqQmxaR1l0T0RCbU55MDBNamhtTFRBd01EQXRNREF3TURBd01EQXdNREF3LzI2ODk0MjcyNzAxOTAwOTE3ODMvODY3NTYwOS83MzI0NDE5LzQvbnhKcjRHc0E4eXVlckNjb19VWVFmNDJyZEhmTlVuX2NuYjdZZ2hvRldvVS8xLzQvMC8wLzE1MTI1ODYvMC8yNDI4NzYvODYzMTgyLzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvNDk5NTI3MDI3OTQwMzc4NTEzMC9hbXMvMC8yOTcvNjUvOTk5LzY2LzJhMDE6NGY4OjEyMTo6LzAuMDAwLzE2MjAwNDk2MjYvMTYyMDA2MjIyNi80L3B1Yi01NTEzOTk3OTgwMTUyNDQ2Lw/O9_NcCS4wUTM7PpvElVM4x4QBOo&nodeid=1902&group=eu&auctionid=2689427270190091783&sid=7324419&cid=8675609&bp=a_agffcb&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.96&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNwdi2v6PYPylNNq0gAfJ-a64CM-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNTUxMzk5Nzk4MDE1MjQ0NsgBCagDAaoEpgFP0EIcWFrTn4FqPMKBzgFp24eqa5a8sbG7y2prZSd1bTCXQllakz73ZyF-BLPoFYAXtDTt6XV5iPELCXQkW4QN28Z5KHIsoEoeKP6969tNQwKmaf0Nt_YqXChd5ZWOZubKBHHV26rH8o9bYPXvhfIzcjymi7tcwP-QMvfn52KAYxd5Rh41eYfLpYOLpiiwfeKC5vTPMvjuGi3eX8XIN5fa51DLYv_QgAbqx4ewjce2-acBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1vMP65F0fNUFmd_71uSwkXTfEB2w%26client%3Dca-pub-5513997980152446%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-207.deploy.static.akamaitechnologies.com
Software: MT3 3709 11aaa92 master cdg-pixel-x12 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 03 May 2021 13:47:07 GMT
Server: MT3 3709 11aaa92 master cdg-pixel-x12
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 03 May 2021 13:46:35 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame C42E 49 B
330 B 123ms
52ms Image
image/gif 185.29.133.208
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=2689427270190091783&st=7324419&time=1620049627&nodeid=1902
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWmpWaVlqQmxaR1l0T0RCbU55MDBNamhtTFRBd01EQXRNREF3TURBd01EQXdNREF3LzI2ODk0MjcyNzAxOTAwOTE3ODMvODY3NTYwOS83MzI0NDE5LzQvbnhKcjRHc0E4eXVlckNjb19VWVFmNDJyZEhmTlVuX2NuYjdZZ2hvRldvVS8xLzQvMC8wLzE1MTI1ODYvMC8yNDI4NzYvODYzMTgyLzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvNDk5NTI3MDI3OTQwMzc4NTEzMC9hbXMvMC8yOTcvNjUvOTk5LzY2LzJhMDE6NGY4OjEyMTo6LzAuMDAwLzE2MjAwNDk2MjYvMTYyMDA2MjIyNi80L3B1Yi01NTEzOTk3OTgwMTUyNDQ2Lw/O9_NcCS4wUTM7PpvElVM4x4QBOo&nodeid=1902&group=eu&auctionid=2689427270190091783&sid=7324419&cid=8675609&bp=a_agffcb&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.96&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNwdi2v6PYPylNNq0gAfJ-a64CM-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNTUxMzk5Nzk4MDE1MjQ0NsgBCagDAaoEpgFP0EIcWFrTn4FqPMKBzgFp24eqa5a8sbG7y2prZSd1bTCXQllakz73ZyF-BLPoFYAXtDTt6XV5iPELCXQkW4QN28Z5KHIsoEoeKP6969tNQwKmaf0Nt_YqXChd5ZWOZubKBHHV26rH8o9bYPXvhfIzcjymi7tcwP-QMvfn52KAYxd5Rh41eYfLpYOLpiiwfeKC5vTPMvjuGi3eX8XIN5fa51DLYv_QgAbqx4ewjce2-acBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1vMP65F0fNUFmd_71uSwkXTfEB2w%26client%3Dca-pub-5513997980152446%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.133.208 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.197.0 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 03 May 2021 13:47:01 GMT
Server: MMBD/3.197.0
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x70, cdg-bidder-x141
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Mon, 03 May 2021 13:47:00 GMT

GET
H3-29 200 error_handler.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame C935 7 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/error_handler.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

721154081a378daf4fc49ab976f45e6e4c880ae3cf86d0fb8c904a65c17a965d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 01:48:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43118
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3336
x-xss-protection: 0
server: cafe
etag: 3226523041973447647
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 May 2021 01:48:29 GMT

GET
H3-29 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13014175897113125687/ Frame 6205 12 KB
3 KB 7ms
6ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13014175897113125687/index.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

739aa72ac5c5d22fbff53db22d761fac6be92d3087b9c3ae2ff2b320b657e59a

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/13014175897113125687/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3362
date: Fri, 30 Apr 2021 06:23:00 GMT
expires: Sat, 30 Apr 2022 06:23:00 GMT
last-modified: Thu, 01 Apr 2021 16:59:46 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
age: 285847
cache-control: public, max-age=31536000
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame C935 0
0 43ms
42ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cx2dK2v6PYLLRNPqox_APwcSK6AHLitupYsvWj9jMDdrZHhABIJjVyn5glQKgAbWQxMADyAEJqAMByANIqgS8AU_QB4lQh-B9ixqYD-yjpB6XV5MYYSI75ICIXkJVjJaOX39nuQPux2Kz87SZAZsc6ZKjvGw2gCzp6jNe2yv3LDCT_FCB5KGMIM1ym6ME3WGtGJbkc58vTFt9fwkYwsU_O1MyWs41PJ4CmSl2ta6_6cVrUD5ZtmFI3fxxnjdprChjQbLCeulwie_FXtpanno9DPH3R8Wq__gHhhCILQTHf9fh9EJVY8pvQjHq1pXlKu5uAAPjMDE3OMeRXNgRwAS_lY_zzQOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHs--7P6gH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBDB-wHSCAkIgOGAEBABGB-ACgHICwHYEw2yFxoKGAgAEhRwdWItNTUxMzk5Nzk4MDE1MjQ0Ng&sigh=jGELAuocw7w&template_id=419

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5513997980152446&output=html&h=280&slotname=9503045842&adk=2978807076&adf=2327918766&pi=t.ma~as.9503045842&w=345&fwrn=4&fwrnh=100&lmt=1620049626&rafmt=1&psa=0&format=345x280&url=https%3A%2F%2Fdundapost.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620049626243&bpp=2&bdt=737&idt=176&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90%2C728x90%2C300x250&correlator=2318045551770&frm=20&pv=1&ga_vid=1609345147.1620049626&ga_sid=1620049626&ga_hid=670428568&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1025&ady=1564&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060930%2C31060828%2C31060839&oid=3&pvsid=433431954549986&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=HGWpWVEKuD&p=https%3A//dundapost.com&dtd=181
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 03 May 2021 13:47:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/ Frame C935 17 KB
7 KB 20ms
6ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa460b17301428633e549a2d3a7fe90df64707c56c63b6eaeb14bf7e9308be50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:43:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 201
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7028
x-xss-protection: 0
server: cafe
etag: 882276978028997863
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 May 2021 13:43:46 GMT

GET
H3-29 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 6205 9 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13014175897113125687/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 23:34:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51182
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 03 May 2021 23:34:05 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 6205 22 KB
9 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13014175897113125687/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 23:11:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52566
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8867
x-xss-protection: 0
server: cafe
etag: 18043545750443934562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 03 May 2021 23:11:01 GMT

GET
H3-29 200 2b9bca78717e44645984f4bd46ca7462.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13014175897113125687/ Frame 6205 71 KB
19 KB 7ms
7ms Script
application/x-javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13014175897113125687/2b9bca78717e44645984f4bd46ca7462.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13014175897113125687/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05a6817c5341d7fb32880cf79cc5b3ed89340d3bdf5d240c1c1a14349a16e759

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 285846
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19087
x-xss-protection: 0
last-modified: Thu, 01 Apr 2021 16:59:46 GMT
server: sffe
date: Fri, 30 Apr 2021 06:23:01 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Apr 2022 06:23:01 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 6205 5 KB
589 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:700|Montserrat:600|Montserrat:500

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13014175897113125687/2b9bca78717e44645984f4bd46ca7462.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6aeda827f439d97c90a633d8fa27a1f01d882d133573c2f694c7ae9dabb5f9f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 03 May 2021 13:44:17 GMT
server: ESF
date: Mon, 03 May 2021 13:47:07 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 03 May 2021 13:47:07 GMT

GET
H3-29 200 e50be9916a9219b0681d1b35f7abaa99.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13014175897113125687/media/ Frame 6205 36 KB
36 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13014175897113125687/media/e50be9916a9219b0681d1b35f7abaa99.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13014175897113125687/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed2c498a761170ddb9c3f590b1b6d120d7a8c7debbc5079b99951db43c036862

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 281254
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36524
x-xss-protection: 0
last-modified: Thu, 01 Apr 2021 16:59:46 GMT
server: sffe
date: Fri, 30 Apr 2021 07:39:33 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Apr 2022 07:39:33 GMT

GET
H3-29 200 dbd88037109e586c26bdfc50fa232cd6.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13014175897113125687/media/ Frame 6205 5 KB
5 KB 9ms
9ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13014175897113125687/media/dbd88037109e586c26bdfc50fa232cd6.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13014175897113125687/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90f76036f54fde1969a5ea98043a8ce4c14210dc7c154d1bb228391e63e806d6

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 458349
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4689
x-xss-protection: 0
last-modified: Thu, 01 Apr 2021 16:59:46 GMT
server: sffe
date: Wed, 28 Apr 2021 06:27:58 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Apr 2022 06:27:58 GMT

GET
H3-29 200 48a65d4757eca0aa44c9b7d1daed062b.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13014175897113125687/media/ Frame 6205 1 KB
1 KB 10ms
9ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13014175897113125687/media/48a65d4757eca0aa44c9b7d1daed062b.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13014175897113125687/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

700490644eee8f5e27de79233f44079a13d885a7ab224647f45bf7c4122dd83e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 546273
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1404
x-xss-protection: 0
last-modified: Thu, 01 Apr 2021 16:59:46 GMT
server: sffe
date: Tue, 27 Apr 2021 06:02:34 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Apr 2022 06:02:34 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1E5D 143 B
163 B 10ms
6ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5513997980152446&output=html&h=280&slotname=9503045842&adk=2978807076&adf=2327918766&pi=t.ma~as.9503045842&w=345&fwrn=4&fwrnh=100&lmt=1620049626&rafmt=1&psa=0&format=345x280&url=https%3A%2F%2Fdundapost.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620049626243&bpp=2&bdt=737&idt=176&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90%2C728x90%2C300x250&correlator=2318045551770&frm=20&pv=1&ga_vid=1609345147.1620049626&ga_sid=1620049626&ga_hid=670428568&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1025&ady=1564&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060930%2C31060828%2C31060839&oid=3&pvsid=433431954549986&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=HGWpWVEKuD&p=https%3A//dundapost.com&dtd=181
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUksdQs6x5RCv1w4INGgXNw9LrEdnqY1A3JeMhLVimJ-oi796AYZ3yYlUiS_-YU
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5513997980152446&output=html&h=280&slotname=9503045842&adk=2978807076&adf=2327918766&pi=t.ma~as.9503045842&w=345&fwrn=4&fwrnh=100&lmt=1620049626&rafmt=1&psa=0&format=345x280&url=https%3A%2F%2Fdundapost.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620049626243&bpp=2&bdt=737&idt=176&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90%2C728x90%2C300x250&correlator=2318045551770&frm=20&pv=1&ga_vid=1609345147.1620049626&ga_sid=1620049626&ga_hid=670428568&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1025&ady=1564&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060930%2C31060828%2C31060839&oid=3&pvsid=433431954549986&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=HGWpWVEKuD&p=https%3A//dundapost.com&dtd=181

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 03 May 2021 12:56:55 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3012
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame C935 2 KB
1 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 May 2021 13:47:01 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C935 116 KB
35 KB 18ms
13ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

437b96bfb27c65f904cc78ddc11105eff1cf79b7fec2203e1c23841ac8d95712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619782032619693"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35920
x-xss-protection: 0
expires: Mon, 03 May 2021 13:47:07 GMT

POST
H3-29 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame C935 0
20 B 53ms
40ms Other
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLKmnJTTrfACFXrUEQgdQaICHQ&gqi=2v6PYOPnM_ujx_APx548&layout=/sadbundle/%24csp%253Der3%24/13014175897113125687/index.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Mon, 03 May 2021 13:47:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

request.php Show response
hal90008.redintelligence.net/ Frame C42E
Redirect Chain

https://hal90008.redintelligence.net/request.php?zone=r9d3a58lo9uw&nw=20&renderingType=javascript&namespace=241717b699&subid=&uid=d360f381fb641875&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
https://hal90008.redintelligence.net/request.php?zone=r9d3a58lo9uw&nw=20&renderingType=javascript&namespace=241717b699&subid=&uid=d360f381fb641875&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...

2 KB
1 KB

155ms
79ms

Script
application/x-javascript

138.201.63.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90008.redintelligence.net/request.php?zone=r9d3a58lo9uw&nw=20&renderingType=javascript&namespace=241717b699&subid=&uid=d360f381fb641875&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=1&gdpr_consent=BAAAAAAAAAAAAAAAAAluAA%2F%2F%2F%2F%2F%2F%2BABgCeAJ4Ang&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D2689427270190091783%26mt_id%3D8675609%26mt_adid%3D242876%26mt_sid%3D7324419%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D5c4a608f-fedb-4e01-a3e5-456743886da1%26mt_cid%3D5c4a608f-fedb-4e01-a3e5-456743886da1%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCNwdi2v6PYPylNNq0gAfJ-a64CM-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNTUxMzk5Nzk4MDE1MjQ0NsgBCagDAaoEpgFP0EIcWFrTn4FqPMKBzgFp24eqa5a8sbG7y2prZSd1bTCXQllakz73ZyF-BLPoFYAXtDTt6XV5iPELCXQkW4QN28Z5KHIsoEoeKP6969tNQwKmaf0Nt_YqXChd5ZWOZubKBHHV26rH8o9bYPXvhfIzcjymi7tcwP-QMvfn52KAYxd5Rh41eYfLpYOLpiiwfeKC5vTPMvjuGi3eX8XIN5fa51DLYv_QgAbqx4ewjce2-acBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1vMP65F0fNUFmd_71uSwkXTfEB2w%2526client%253Dca-pub-5513997980152446%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fdundapost.com%2F&ancestorOrigins=https%3A%2F%2Fdundapost.com&random=2844222070533&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5513997980152446&output=html&h=250&slotname=9503045842&adk=520352030&adf=2544256464&pi=t.ma~as.9503045842&w=300&lmt=1620049626&rafmt=12&psa=0&format=300x250&url=https%3A%2F%2Fdundapost.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620049626229&bpp=1&bdt=723&idt=181&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90%2C728x90&correlator=2318045551770&frm=20&pv=1&ga_vid=1609345147.1620049626&ga_sid=1620049626&ga_hid=670428568&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1048&ady=468&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060930%2C31060828%2C31060839&oid=3&pvsid=433431954549986&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=3I0jWYUoTB&p=https%3A//dundapost.com&dtd=187
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.150 Lingenfeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 29d184b29d46c69be53faa92b98568916a42a585be707bd1442f5ea70b1d8e9b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 May 2021 13:47:08 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 77872000158214002179199011583008
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 724
Expires: Mon, 03 May 2021 14:47:08 +0200

Redirect headers

Pragma: no-cache
Date: Mon, 03 May 2021 13:47:07 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=r9d3a58lo9uw&nw=20&renderingType=javascript&namespace=241717b699&subid=&uid=d360f381fb641875&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=1&gdpr_consent=BAAAAAAAAAAAAAAAAAluAA%2F%2F%2F%2F%2F%2F%2BABgCeAJ4Ang&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D2689427270190091783%26mt_id%3D8675609%26mt_adid%3D242876%26mt_sid%3D7324419%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D5c4a608f-fedb-4e01-a3e5-456743886da1%26mt_cid%3D5c4a608f-fedb-4e01-a3e5-456743886da1%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCNwdi2v6PYPylNNq0gAfJ-a64CM-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNTUxMzk5Nzk4MDE1MjQ0NsgBCagDAaoEpgFP0EIcWFrTn4FqPMKBzgFp24eqa5a8sbG7y2prZSd1bTCXQllakz73ZyF-BLPoFYAXtDTt6XV5iPELCXQkW4QN28Z5KHIsoEoeKP6969tNQwKmaf0Nt_YqXChd5ZWOZubKBHHV26rH8o9bYPXvhfIzcjymi7tcwP-QMvfn52KAYxd5Rh41eYfLpYOLpiiwfeKC5vTPMvjuGi3eX8XIN5fa51DLYv_QgAbqx4ewjce2-acBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1vMP65F0fNUFmd_71uSwkXTfEB2w%2526client%253Dca-pub-5513997980152446%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fdundapost.com%2F&ancestorOrigins=https%3A%2F%2Fdundapost.com&random=2844222070533&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Mon, 03 May 2021 14:47:07 +0200

GET
H3-29 200 JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ Frame 6205 19 KB
19 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:700|Montserrat:600|Montserrat:500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

965574e97c29813feaa62a0a149731306ee4725e027603b937905375d3121c89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:03 GMT
server: sffe
age: 99809
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19272
x-xss-protection: 0
expires: Mon, 02 May 2022 10:03:38 GMT

GET
H3-29 200 JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ Frame 6205 19 KB
19 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:700|Montserrat:600|Montserrat:500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d10e701c44ab739c7d711b6483def0c6cd47e5a3d04eda1df2c5cbb08f21d81a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 23:40:58 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:13:07 GMT
server: sffe
age: 569169
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19264
x-xss-protection: 0
expires: Tue, 26 Apr 2022 23:40:58 GMT

GET
H3-29 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ Frame 6205 19 KB
19 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:700|Montserrat:600|Montserrat:500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 04:11:30 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:46 GMT
server: sffe
age: 120937
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19480
x-xss-protection: 0
expires: Mon, 02 May 2022 04:11:30 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame C935 13 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:45:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5604
x-xss-protection: 0
server: cafe
etag: 2846967340006788112
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 May 2021 13:45:59 GMT

GET
DATA 200
OK truncated
/ Frame C935 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: acf43b3cc607603fbfa21dbd26e98f79b1878780b46e12e781f1f13b300d12b5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1E5D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
179 B

38ms
38ms

Document
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 03 May 2021 13:47:07 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Mon, 03-May-2021 14:47:07 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 03 May 2021 13:47:07 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 03 May 2021 13:47:07 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 V1lNzVGDXdksv1u627CI7W0-mHZYzGGGZdNtnF4LgGE.js Show response
pagead2.googlesyndication.com/bg/ Frame 6205 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/V1lNzVGDXdksv1u627CI7W0-mHZYzGGGZdNtnF4LgGE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57594dcd51835dd92cbf5bbadbb088ed6d3e987658cc618665d36d9c5e0b8061

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:02:29 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 15:58:00 GMT
server: sffe
age: 2678
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5617
x-xss-protection: 0
expires: Tue, 03 May 2022 13:02:29 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame BB21 0
0 43ms
42ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C7T-K2v6PYPSfFeazx_APhKeTiAWb7bPFYpqhk5_pDbmUqKOjJBABIJjVyn5glQKgAa_T3roByAEGqQLrT-IW6De0PqgDAaoEtgFP0GWhHfXZ5MFQlmMb2Rh08Hdhic214964urCPiGM4OmyRbajQvFlzB0XC4s4NRFL1JZOEpMLcuqLljiG-li5gur98BvJyLs7axDv1THYI32DpZmTI7_KZZDAm-4MWeO4OFQ06-lyv3LpW2mSMETZsne_FoAlmVdiiVb-KH7cSeQGLrH7qSclV2T_o3Wz7j5kebZO7HHKWUXIe-MW9QH9xjOEWDi3c9YKRV4Dgj1OBDBbEhhvRdcAEhoLGi7sDoAY3gAe5rKHFAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBCHqwHSCAkIgOGAEBABGB-ACgHICwHYEwOyFxoKGAgAEhRwdWItNTUxMzk5Nzk4MDE1MjQ0Ng&sigh=OvV9bUVj6gY&vt=1&template_id=492

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5513997980152446&output=html&h=90&slotname=1261593740&adk=1754280212&adf=900154443&pi=t.ma~as.1261593740&w=728&lmt=1620049626&rafmt=12&psa=0&format=728x90&url=https%3A%2F%2Fdundapost.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620049626196&bpp=23&bdt=690&idt=98&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=2318045551770&frm=20&pv=2&ga_vid=1609345147.1620049626&ga_sid=1620049626&ga_hid=670428568&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=241&ady=194&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060930%2C31060828%2C31060839&oid=3&pvsid=433431954549986&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=HfMP7xojxF&p=https%3A//dundapost.com&dtd=132
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 03 May 2021 13:47:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 03 May 2021 13:47:07 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BB21 42 B
64 B 43ms
42ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstOKBw1Z6tLRM6OwEDDMbkGfbYx3L6Tc1oN-yQlVSkuU4-wXS5__nyyGr3ItbP7Mb7rn3zGGCArMOeKeyNFRndwoH6czOni2orEwq3ycpzFZdP6DGgWN3MX-Jbzrw&sai=AMfl-YSSU69oRV5RCXYVTC0ouZ1KkQSTnkBRj0ltIzKGZO895R7BfeILaI7u3dhksgGc2_tbonC9W4QDbV1r&sig=Cg0ArKJSzHqHcdiy_BctEAE&id=lidar2&mcvt=1000&p=194,241,284,969&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210430&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1754280212&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1620049626330&dlt=316&rpt=124&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 13:47:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK request_content.php Show response
hal90008.redintelligence.net/ Frame DB52 3 KB
2 KB 97ms
33ms Document
text/html 138.201.63.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90008.redintelligence.net/request_content.php?s=77872000158214002179199011583008&a=2f72fb9e
Requested by: Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request.php?zone=r9d3a58lo9uw&nw=20&renderingType=javascript&namespace=241717b699&subid=&uid=d360f381fb641875&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=1&gdpr_consent=BAAAAAAAAAAAAAAAAAluAA%2F%2F%2F%2F%2F%2F%2BABgCeAJ4Ang&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D2689427270190091783%26mt_id%3D8675609%26mt_adid%3D242876%26mt_sid%3D7324419%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D5c4a608f-fedb-4e01-a3e5-456743886da1%26mt_cid%3D5c4a608f-fedb-4e01-a3e5-456743886da1%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCNwdi2v6PYPylNNq0gAfJ-a64CM-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNTUxMzk5Nzk4MDE1MjQ0NsgBCagDAaoEpgFP0EIcWFrTn4FqPMKBzgFp24eqa5a8sbG7y2prZSd1bTCXQllakz73ZyF-BLPoFYAXtDTt6XV5iPELCXQkW4QN28Z5KHIsoEoeKP6969tNQwKmaf0Nt_YqXChd5ZWOZubKBHHV26rH8o9bYPXvhfIzcjymi7tcwP-QMvfn52KAYxd5Rh41eYfLpYOLpiiwfeKC5vTPMvjuGi3eX8XIN5fa51DLYv_QgAbqx4ewjce2-acBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1vMP65F0fNUFmd_71uSwkXTfEB2w%2526client%253Dca-pub-5513997980152446%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fdundapost.com%2F&ancestorOrigins=https%3A%2F%2Fdundapost.com&random=2844222070533&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.150 Lingenfeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: cf6a3e8e608ebfd98d58aa8f1d11f4cfb528a0168d78eda6193b552fdca15207

Request headers

Host: hal90008.redintelligence.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: 8lcfmzhxc8d6_uid=f595de4a3b905b78
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

Date: Mon, 03 May 2021 13:47:08 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Mon, 03 May 2021 14:47:08 +0200
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1343
Connection: close
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame C42E 43 B
702 B 131ms
63ms Image
image/gif 92.123.148.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2846681&v=14098&q=409715&r=296283&pref1=77872000158214002179199011583008&pv=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

92.123.148.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-123-148-9.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 May 2021 13:47:08 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 529F 1 KB
749 B 6ms
6ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 03 May 2021 03:14:09 GMT
expires: Tue, 04 May 2021 03:14:09 GMT
content-type: text/html; charset=ISO-8859-1
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 37979
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame C42E 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c5aba6d9509718a8b1a791b99ac959cf99b758d3670ee402cb13b1c2009d745

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame 529F 35 B
464 B 25ms
8ms Image
image/gif 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESENLxSpqsUnch6TJ54FtOsmg&google_cver=1&google_push=AQvitULCpKYVn2lUlKLq8-3DCrLrgwQvxjLstz6WZtHV4Hy376QQ_A68VSdYvz2QmBYEmgTlR8hdLaCIplHwOoe7byuVUiQwVnP7

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 13:47:08 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 529F
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAQvitUI5MkKnxxKKymWJyeKSyQY3pt7nIXZDJQjtwKw5drHKD_fi-83Vxk2jsXRJtPrHaEp1w1b0Zr4CtMDvOZWyvn752bbKGJDZ&google_gid=CAESEB7TYtU2yLpKDUh_uoz4K2c&goo...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCNz9v4QGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BUXZpdFVJNU1rS254eEtLeW1XSnllS1N5UVkzcHQ3bklYWkRKUWp0d0t3NWRySEtEX2ZpLTgzVnhrMmpzWFJKdFBySGFFcDF3MWIwWnI0Q3RNRHZPWl...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwUWkxNWNvb0d3Vkc5UGp2RGRyWXFhT2dSV1FYbW55MmhCSlBFRzZBeWtvRQ==&google_push

170 B
329 B

86ms
38ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwUWkxNWNvb0d3Vkc5UGp2RGRyWXFhT2dSV1FYbW55MmhCSlBFRzZBeWtvRQ==&google_push

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 13:47:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 03 May 2021 13:47:08 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwUWkxNWNvb0d3Vkc5UGp2RGRyWXFhT2dSV1FYbW55MmhCSlBFRzZBeWtvRQ==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 529F
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6iUBhXzdTxKNXr5hhEgGCA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

57ms
38ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6iUBhXzdTxKNXr5hhEgGCA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUIF9_vq7Vy0kJFm9DWewv35tbv2RxlkuRgWwEnb4XjBEwCzStQ76PoWu7e_mOBcOROPgBVoIoE5OrtZclTrrRvpcRPQQgz3

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 13:47:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6iUBhXzdTxKNXr5hhEgGCA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUIF9_vq7Vy0kJFm9DWewv35tbv2RxlkuRgWwEnb4XjBEwCzStQ76PoWu7e_mOBcOROPgBVoIoE5OrtZclTrrRvpcRPQQgz3
Date: Mon, 03 May 2021 13:47:08 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 529F
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFdiBt0yRFdvFPl0oBbPpn0&google_cver=1&google_push=AQvitUKNvy7JA4MfZDCcNxR5cVy0myftP8JXEsa9YD3qtu5H_Wjbx00rfp9zL5NIVL0rRJkCXPd...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S084TlBYRlktMTItOUVVUQ==&google_push=AQvitUKNvy7JA4MfZDCcNxR5cVy0myftP8JXEsa9YD3qtu5H_Wjbx00rfp9zL5NIVL0rRJkCXPdMu5H2p2wpPV0X9ceRzgY2QfGt

170 B
188 B

74ms
38ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S084TlBYRlktMTItOUVVUQ==&google_push=AQvitUKNvy7JA4MfZDCcNxR5cVy0myftP8JXEsa9YD3qtu5H_Wjbx00rfp9zL5NIVL0rRJkCXPdMu5H2p2wpPV0X9ceRzgY2QfGt

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 13:47:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S084TlBYRlktMTItOUVVUQ==&google_push=AQvitUKNvy7JA4MfZDCcNxR5cVy0myftP8JXEsa9YD3qtu5H_Wjbx00rfp9zL5NIVL0rRJkCXPdMu5H2p2wpPV0X9ceRzgY2QfGt
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Expires: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 529F
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGgCy_-Th3rwGbQT8Xyv2ck&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGgCy_-Th3rwGbQT8Xyv2ck&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YI_-3MHIFaR-8OwFHDNDPwAABI0AAAAB&google_gid=CAESEGgCy_-Th3rwGbQT8Xyv2ck&google_push=AQvitUKMe4Vjmnu8rjoQA9aF06XdFlrqMwrrDOS3_hvDDKPsaJm...

170 B
188 B

39ms
38ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YI_-3MHIFaR-8OwFHDNDPwAABI0AAAAB&google_gid=CAESEGgCy_-Th3rwGbQT8Xyv2ck&google_push=AQvitUKMe4Vjmnu8rjoQA9aF06XdFlrqMwrrDOS3_hvDDKPsaJmqFJQ7Pdp6kj_cAsUTXJx44tqDK5w903Cpo1xZb8gpENWajVM&google_cver=1

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 13:47:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 03 May 2021 13:47:08 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YI_-3MHIFaR-8OwFHDNDPwAABI0AAAAB&google_gid=CAESEGgCy_-Th3rwGbQT8Xyv2ck&google_push=AQvitUKMe4Vjmnu8rjoQA9aF06XdFlrqMwrrDOS3_hvDDKPsaJmqFJQ7Pdp6kj_cAsUTXJx44tqDK5w903Cpo1xZb8gpENWajVM&google_cver=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 459
Expires: Mon, 03 May 2021 13:47:08 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 529F
Redirect Chain

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEGDTGpQ_f1wOi_1zYtuA2Lk&google_cver=1&google_push=AQvitULI-2akwOhkuVDA0J0t...
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitULI-2akwOhkuVDA0J0tmZL7P7JbyxwTmzdi97ExflEZBzRwYBDCEDSc5o4g4TH3Dun6n4pn7YRKyX3lM0mYKKU1vrr70FFM0w&google_hm=

170 B
188 B

67ms
39ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitULI-2akwOhkuVDA0J0tmZL7P7JbyxwTmzdi97ExflEZBzRwYBDCEDSc5o4g4TH3Dun6n4pn7YRKyX3lM0mYKKU1vrr70FFM0w&google_hm=

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 13:47:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 May 2021 13:47:08 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitULI-2akwOhkuVDA0J0tmZL7P7JbyxwTmzdi97ExflEZBzRwYBDCEDSc5o4g4TH3Dun6n4pn7YRKyX3lM0mYKKU1vrr70FFM0w&google_hm=
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: none
content-length: 0
expires: Sun, 02 May 2021 13:47:08 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 529F 0
236 B 180ms
36ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LT8Qszc_89TWq4eEUxcEIFKy25NUbRS5OSgS6zg2wrwkH5d0pSU2pApTyl1aHBnu4

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:08 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H/1.1

200
OK

kl_kis_300x250px.gif
cdn.contentspread.net/24i/advertiser/3839/creativesup/ Frame DB52
Redirect Chain

https://www.awin1.com/cshow.php?s=2846681&v=14098&q=409715&r=296283&pref1=77872000158214002179199011583008&pv=0
https://cdn.contentspread.net/24i/advertiser/3839/creativesup/kl_kis_300x250px.gif

36 KB
36 KB

115ms
50ms

Image
image/gif

188.138.33.34
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/24i/advertiser/3839/creativesup/kl_kis_300x250px.gif
Requested by: Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=77872000158214002179199011583008&a=2f72fb9e
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.138.33.34 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS: loft9037.serverprofi24.de
Software: nginx /
Resource Hash: 47b04e7ebabf7a5d10e7ff6e7916bd9db7ec3fe22b7a03ac8712b90f01fef145

Request headers

Referer: https://hal90008.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 03 May 2021 13:47:08 GMT
Last-Modified: Mon, 29 Mar 2021 07:44:32 GMT
Server: nginx
ETag: "60618560-8f2f"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 36655

Redirect headers

Date: Mon, 03 May 2021 13:47:08 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://cdn.contentspread.net/24i/advertiser/3839/creativesup/kl_kis_300x250px.gif
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK viewability Show response
hal90008.redintelligence.net/ Frame DB52 0
150 B 115ms
39ms Script
text/html 138.201.63.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90008.redintelligence.net/viewability?s=77872000158214002179199011583008&a=761d7d15&vb=m
Requested by: Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=77872000158214002179199011583008&a=2f72fb9e
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.150 Lingenfeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hal90008.redintelligence.net/request_content.php?s=77872000158214002179199011583008&a=2f72fb9e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 03 May 2021 13:47:08 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame DB52 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK addDoubleBorder.js Show response
cdn.contentspread.net/24i/tools/js/ Frame DB52 851 B
1 KB 92ms
29ms Script
application/javascript 188.138.33.34
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.contentspread.net/24i/tools/js/addDoubleBorder.js
Requested by: Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=77872000158214002179199011583008&a=2f72fb9e
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.138.33.34 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS: loft9037.serverprofi24.de
Software: nginx /
Resource Hash: abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107

Request headers

Referer: https://hal90008.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 03 May 2021 13:47:08 GMT
Last-Modified: Tue, 03 May 2016 20:54:50 GMT
Server: nginx
ETag: "5729101a-353"
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 851

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C42E 42 B
64 B 39ms
39ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvHNaAzgSHnAlozyjiCFxhb6RzbG8yU1tpw09ro6CrpUjhax01jCBYleaOwDIparRkSNaG19BtmTWKdgdTnFbFyf2X6gzJm_A&sig=Cg0ArKJSzDFetCrRd-suEAE&cid=CAASF-RoQpO6Jw6YdJDxUZ4FWwvQB4nPxLrR&id=lidar2&mcvt=1001&p=468,1048,718,1348&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210430&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=520352030&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1620049626839&dlt=1004&rpt=1260&msd=0&r=v&fum=1&speed=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 13:47:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK viewability Show response
hal90008.redintelligence.net/ Frame DB52 0
150 B 2540ms
33ms Script
text/html 138.201.63.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90008.redintelligence.net/viewability?s=77872000158214002179199011583008&a=761d7d15&vb=v
Requested by: Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=77872000158214002179199011583008&a=2f72fb9e
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.150 Lingenfeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hal90008.redintelligence.net/request_content.php?s=77872000158214002179199011583008&a=2f72fb9e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 03 May 2021 13:47:11 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 17ms
17ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210428&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83afecb8d82ce509e94b3c3bd49fa0aa25203e1bad8cc13283a0c5ced8285645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 03 May 2021 13:47:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7804
x-xss-protection: 0

GET
H2

200

render.af06857f6bb1cfd0c730.js Show response
widget-v4.tidiochat.com/1_68_0/static/js/
Redirect Chain

https://code.tidio.co/kagsz5col2zldmc1gdx5kjbtemkkzoh6.js
https://widget-v4.tidiochat.com/1_68_0/static/js/render.af06857f6bb1cfd0c730.js

17 KB
6 KB

34ms
17ms

Script
application/javascript

2606:4700:20::681a:88b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-v4.tidiochat.com/1_68_0/static/js/render.af06857f6bb1cfd0c730.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:88b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca2dd670481f13f47ed525632f9ed5504f8e4f681bfe9f62128cdfb22640bc65

Request headers

Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 27 Apr 2021 11:00:56 GMT
server: cloudflare
age: 2676
etag: W/"6087eee8-4302"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RH0tifmeR%2F1KerfTAf9cT6q%2FWSVI%2F0Q9ryaTYaQtFJJRGhrMwZziz4qC8oVkYpcI%2BZY74rJK3j%2F3AHMhTXVwn4VzyQh6ejiXAhLEG09SXC12z0o3JkC%2B8R5QzRWqFBnaH1xzvQ%3D%3D"}]}
content-type: application/javascript
cache-control: max-age=691200
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 6499f092385dc2e5-FRA
cf-request-id: 09d414af670000c2e58d95e000000001

Redirect headers

date: Mon, 03 May 2021 13:47:11 GMT
cf-cache-status: BYPASS
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7xG5p2E5lsQ8oSJfzcB03K%2BkooInHy%2BG%2BI9PuD3U1v%2BGFV3cdtXFxg8Vl3BlVRDiuS6WibLfYIKobnSaT%2B9molAKF%2Bp68qPnfGol%2FZRp"}],"max_age":604800,"group":"cf-nel"}
content-type: text/html
location: https://widget-v4.tidiochat.com/1_68_0/static/js/render.af06857f6bb1cfd0c730.js
cache-control: private, no-cache, no-store, must-revalidate
cf-ray: 6499f09148f153cd-LHR
cf-request-id: 09d414aed4000053cddabf9000000001

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Mon, 03 May 2021 13:47:10 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 85E8 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://dundapost.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://dundapost.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Mon, 03 May 2021 13:39:02 GMT
expires: Tue, 03 May 2022 13:39:02 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 488
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 wwww-360x437.png
dundapost.com/wp-content/uploads/2021/05/ 168 KB
168 KB 8915ms
8914ms Image
image/png 104.161.23.5
IOFLOOD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dundapost.com/wp-content/uploads/2021/05/wwww-360x437.png
Requested by: Host: dundapost.com
URL: https://dundapost.com/wp-content/themes/jnews/assets/dist/frontend.min.js?ver=8.0.3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.161.23.5 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: corporate.vip2.noc401.com
Software: LiteSpeed /
Resource Hash: 11e4dc45cc75f68c4fc5b359a02e745c9c4f1062df0b57474ff02eebb312682a

Request headers

:path: /wp-content/uploads/2021/05/wwww-360x437.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: dundapost.com
referer: https://dundapost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:10 GMT
last-modified: Sat, 01 May 2021 18:13:28 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 171581
expires: Mon, 10 May 2021 13:47:10 GMT

GET jeg-empty.png
dundapost.com/wp-content/themes/jnews/assets/img/ 0
0

GET
H2 200 JNH-120x86.jpg
dundapost.com/wp-content/uploads/2021/02/ 3 KB
3 KB 8915ms
8914ms Image
image/jpeg 104.161.23.5
IOFLOOD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dundapost.com/wp-content/uploads/2021/02/JNH-120x86.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.161.23.5 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: corporate.vip2.noc401.com
Software: LiteSpeed /
Resource Hash: dfa2bdb1db0f386034afe7bfb18d49710c95471452f1a4914826333fc51b7f41

Request headers

:path: /wp-content/uploads/2021/02/JNH-120x86.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: dundapost.com
referer: https://dundapost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:10 GMT
last-modified: Sun, 28 Feb 2021 11:04:59 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2836
expires: Mon, 10 May 2021 13:47:10 GMT

GET
H2 200 HJBG-120x86.png
dundapost.com/wp-content/uploads/2021/02/ 20 KB
20 KB 8898ms
8898ms Image
image/png 104.161.23.5
IOFLOOD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dundapost.com/wp-content/uploads/2021/02/HJBG-120x86.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.161.23.5 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: corporate.vip2.noc401.com
Software: LiteSpeed /
Resource Hash: de489c063335acc7c5fdbd2dae9608e8b55d4f8e6ef41d722d916e288c5b9d34

Request headers

:path: /wp-content/uploads/2021/02/HJBG-120x86.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: dundapost.com
referer: https://dundapost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:10 GMT
last-modified: Fri, 26 Feb 2021 05:44:37 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 20395
expires: Mon, 10 May 2021 13:47:10 GMT

GET
H2 200 HUYYY-120x86.jpg
dundapost.com/wp-content/uploads/2021/02/ 4 KB
4 KB 757ms
755ms Image
image/jpeg 104.161.23.5
IOFLOOD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dundapost.com/wp-content/uploads/2021/02/HUYYY-120x86.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.161.23.5 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: corporate.vip2.noc401.com
Software: LiteSpeed /
Resource Hash: 6e855e88dbc9550ab0e05706ff3dbcb484a32c837d1727f84d34662989e85c09

Request headers

:path: /wp-content/uploads/2021/02/HUYYY-120x86.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: dundapost.com
referer: https://dundapost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:20 GMT
last-modified: Wed, 24 Feb 2021 05:47:36 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3628
expires: Mon, 10 May 2021 13:47:20 GMT

GET
H3-29 200 V1lNzVGDXdksv1u627CI7W0-mHZYzGGGZdNtnF4LgGE.js Show response
pagead2.googlesyndication.com/bg/ Frame 85E8 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/V1lNzVGDXdksv1u627CI7W0-mHZYzGGGZdNtnF4LgGE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57594dcd51835dd92cbf5bbadbb088ed6d3e987658cc618665d36d9c5e0b8061

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 05:48:53 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 15:58:00 GMT
server: sffe
age: 28697
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5617
x-xss-protection: 0
expires: Tue, 03 May 2022 05:48:53 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 40ms
40ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210428&jk=433431954549986&bg=!Tk2lTQnNAAZLnZBaS507ACkAdvg8Wja89xqlhSrs5Oh5Pz0MdPujD6U0QxPGOGX8PNP6XrNT118IYgIAAABLUgAAAAxoAQeZAjvMMPv7XU29VUYT5cvIRvxtM5bBTCEAPDbb-8kSsyUDQWzD6oDJZEB_1lrem4wtA1xQPTBAyJhwXF7GSxqOze-W0WEe8-NNWmazAbm6WezxhyL3DtZtqE-P_wGV6gNzlbkWCyLGTqGUUniPfV3xWa9hFa1zZ-Er8udasAiyxM2Ff8fu0gRVlEWhUKV3awf9Ka3l5n4GxxII3EiBZ4CnmDW3m-696PQ_ap_6Pt8gpxelMSqhR3cG1nmK0pX7mhOCsYtfPeeW95_PqJ5imbWtVXIGx5dcYjsAjdEsNcpfwasIWznqbGW7Kmewb4VPjJ9l03N04L_8qCwRk-rDOe0-d_2rfWrxWDcx1aQgeJsT48zUbsJiLI6PKrVXNo3Y4gxSqJE1ja2NO9D7TSgWeFmtsN8dnn4IBn6cOXfEZGEygkqQUWLjCICpB7yicXPxZaiVwPVRBmIQ-Z0O1L8qdx1m1ci1tov1Si32kHer8PJYz3_b06Xy2CgLLDFwIi5ZR7RPdql2DtpXMzChNF47hOBZKU-zJBwJwevx2YdmmENe2udMgJj9-YstRBRYO6OuK1ZwdWRrjUakh8WaoLeFaetakjNPLlNsH3MmryevS5o5UiBmbVjZOFFoZVY-EPckLcgf1V4wMC4SNKG1kkR6_rSDr_N6_3sin7A00nyMUM3L7mAUN1rIshv8ZhcnWntgqUOMZY5mFNPV6a7DCWW2-62pw4lbyAkpwdSuJOpm9XHboCSpCAwLbM6esbR42rxi

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dundapost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 13:47:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 chunk-WidgetIframe-af06857f6bb1cfd0c730.js Show response
widget-v4.tidiochat.com/1_68_0/static/js/ Frame BBFB 332 KB
78 KB 32ms
32ms Script
application/javascript 2606:4700:20::681a:88b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-v4.tidiochat.com/1_68_0/static/js/chunk-WidgetIframe-af06857f6bb1cfd0c730.js
Requested by: Host: code.tidio.co
URL: https://code.tidio.co/kagsz5col2zldmc1gdx5kjbtemkkzoh6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:88b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d0c0872ef5e94185ea2c718747457397de510f69b25d42475cd0e601dba051e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 27 Apr 2021 11:01:17 GMT
server: cloudflare
age: 2676
etag: W/"6087eefd-530d3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=j9ohdp3xM7LPYQ0ZmQC1V%2F19qcnv%2FKQ1OmbzzjVxiuV4uiaTA2gbgInQ6EFJ5RHjYkGE3qAyooHj38cI8qzVd3loJzz26IgdfDr2LMKYsCEzMNJUn5RtaJLzNPRb5NElCdCm3A%3D%3D"}]}
content-type: application/javascript
cache-control: max-age=691200
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 6499f09278b5c2e5-FRA
cf-request-id: 09d414af870000c2e5b4ad5000000001

GET
H2 206 tururu.mp3
widget-v4.tidiochat.com// Frame BBFB 7 KB
8 KB 12ms
12ms Media
audio/mpeg 2606:4700:20::681a:88b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-v4.tidiochat.com//tururu.mp3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:88b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12c7687514ca85ba2157ed61914ac526bb9dd15cb5a2a2d9e4d88f919349284f

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 03 May 2021 13:47:11 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1183680
Content-Range: bytes 0-7223/7224
Content-Length: 7224
cf-request-id: 09d414af880000c2e5ba887000000001
pragma: public
last-modified: Mon, 19 Apr 2021 12:39:04 GMT
server: cloudflare
etag: "607d79e8-1c38"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ogzQ7ELTnXvAWpbqAKwjE31PmX%2BAf577WXr%2FPEKGHJy8Ycrh7sjxM83QiQILkoxpbMn3y7Jl47D8waP6aatZlX9rPqnhZ%2FyBlv3Wdi9NTJE9R7KoxK3CfOChFF3ftusH1Qq0%2Fg%3D%3D"}]}
content-type: audio/mpeg
cache-control: public, max-age=31536000
cf-ray: 6499f09278bbc2e5-FRA
expires: Mon, 03 May 2021 20:59:11 GMT

GET
H2 200 widget.af06857f6bb1cfd0c730.js Show response
widget-v4.tidiochat.com//1_68_0/static/js/ Frame BBFB 503 KB
147 KB 53ms
53ms Script
application/javascript 2606:4700:20::681a:88b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-v4.tidiochat.com//1_68_0/static/js/widget.af06857f6bb1cfd0c730.js
Requested by: Host: code.tidio.co
URL: https://code.tidio.co/kagsz5col2zldmc1gdx5kjbtemkkzoh6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:88b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2fee125da069440997f56d4ca9b6ca320feb9517db0ba8e8ac28d1fa43334286

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:47:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 27 Apr 2021 11:01:17 GMT
server: cloudflare
age: 2676
etag: W/"6087eefd-7da85"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jXxcYUsvB%2B1nWyT064okhEpuEtRRrq7gUfxw1mrn%2FFghFyppHInGyDW5nH5IcMR4on0U%2BAiuxWO%2Bbzrs4AMjNt3knuQiM9CV0TH1ZT9C1Tn6tQU5fWSapODZfXLtX5aRjP3SpA%3D%3D"}]}
content-type: application/javascript
cache-control: max-age=691200
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 6499f09278bec2e5-FRA
cf-request-id: 09d414af890000c2e5a931a000000001

GET
H2 206 tururu.mp3
widget-v4.tidiochat.com// Frame BBFB 7 KB
7 KB 24ms
23ms Media
audio/mpeg 2606:4700:20::681a:88b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-v4.tidiochat.com//tururu.mp3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:88b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12c7687514ca85ba2157ed61914ac526bb9dd15cb5a2a2d9e4d88f919349284f

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 03 May 2021 13:47:11 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1183680
Content-Range: bytes 0-7223/7224
Content-Length: 7224
cf-request-id: 09d414afe30000c2e589341000000001
pragma: public
last-modified: Mon, 19 Apr 2021 12:39:04 GMT
server: cloudflare
etag: "607d79e8-1c38"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XleyYClhwSAEXYiRBMIosQFZDjdoEL1s5pVuQWAWC41p7t4rKE5h0Kxng0673%2B%2B7425tVRYNGPHEt1Z7SibRalq4xybg2swJQd4AVtoQOgnQZ%2BT9bZ%2BLZxQQkNDST9o4r54Mjg%3D%3D"}]}
content-type: audio/mpeg
cache-control: public, max-age=31536000
cf-ray: 6499f093099ec2e5-FRA
expires: Mon, 03 May 2021 20:59:11 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5513997980152446&output=html&h=280&slotname=9503045842&adk=2978807076&adf=1635608358&pi=t.ma~as.9503045842&w=345&fwrn=4&fwrnh=100&lmt=1620049626&rafmt=1&psa=0&format=345x280&url=https%3A%2F%2Fdundapost.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620049626253&bpp=1&bdt=747&idt=204&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90%2C728x90%2C300x250%2C345x280&correlator=2318045551770&frm=20&pv=1&ga_vid=1609345147.1620049626&ga_sid=1620049626&ga_hid=670428568&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1025&ady=2364&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060930%2C31060828%2C31060839&oid=3&pvsid=433431954549986&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=rKfRKjmxzS&p=https%3A//dundapost.com&dtd=211

Domain: dundapost.com
URL: https://dundapost.com/wp-content/themes/jnews/assets/img/jeg-empty.png

Verdicts & Comments Add Verdict or Comment

266 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://dundapost.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.2
console-api	log	URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.7.1(Line 1) Message: OneSignal: Using fallback ES5 Stub for backwards compatibility.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
c.mgid.com
cdn.contentspread.net
cdn.mgid.com
cdn.onesignal.com
cm.g.doubleclick.net
cms.quantserve.com
code.tidio.co
connect.facebook.net
dundapost.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
hal9000.redintelligence.net
hal90008.redintelligence.net
id.rlcdn.com
image6.pubmatic.com
jsc.mgid.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.mathtag.com
pixel.rubiconproject.com
ssum-sec.casalemedia.com
tags.mathtag.com
tpc.googlesyndication.com
widget-v4.tidiochat.com
www.awin1.com
www.dundapost.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
dundapost.com
googleads.g.doubleclick.net
104.161.23.5
104.19.135.78
104.19.136.78
104.26.9.183
138.201.220.30
138.201.63.150
142.250.185.98
142.250.186.162
184.30.20.207
184.30.20.241
185.29.133.208
185.64.190.78
188.138.33.34
2606:4700:20::681a:88b
2606:4700::6812:e134
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2a00:1450:4001:800::2003
2a00:1450:4001:803::2001
2a00:1450:4001:808::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2002
2a00:1450:4001:811::200e
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:827::200a
2a00:1450:4001:828::2001
2a00:1450:4001:828::2003
2a00:1450:4001:829::2002
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2008
2a03:2880:f01c:8012:face:b00c:0:3
35.244.174.68
69.173.144.139
79.137.69.91
92.123.148.9
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0107fd69fc1a00f8ce7e2ab3d1f2b22c4af0eec254e0632c8f2c0d82e4846cf1
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
05a6817c5341d7fb32880cf79cc5b3ed89340d3bdf5d240c1c1a14349a16e759
070edfef42e0980783d0acf8fa9ca6a9833b994eca13ffaa94e9a2deb47c92cf
07e954fbd89b93b0bb71507b88da88083030e8334c2bd5e9d77e40fb1c623154
09a0099bf7fefd4d080249360f6a41730158897b2c1613fe50eea9c5520eb9d8
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0ce5ab0260a7860ea167511114f1b2a1a8c5dff2b1a3885e2c2e70fb54c4e7a9
0d7cd639c89358f19d898c0f407c362e22f9f3efb8f419bb35ede15d184daa71
0e479a0028bdf40a7033db2ab63f4aa9c1af3d62f67bc467305ee541175fdefb
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
10253d5e1607827346435af674df3b615a8af5c9ac75a579c3b2ba58d1ae5537
1069a63dba084c49a2d8946bddfaed6f2701a02f718ece3e59c41a4e69479204
11b39b651d7f7e2efd806b1c46fcf3b6dfbcf9a74610128a488d90ceede4af2d
11e4dc45cc75f68c4fc5b359a02e745c9c4f1062df0b57474ff02eebb312682a
1209144233ebb64f04d0dfaf2e7cec6c32a3095009953bdf07ad13d4b87dc1d2
12c7687514ca85ba2157ed61914ac526bb9dd15cb5a2a2d9e4d88f919349284f
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
1571f1bece418ee90d63337858269630c13b63c4bc5d8fcbb6caf1ea8b29d998
173fd00f452c8209f6cebea57cb9a5ab26ab6802ede684468faff558efffd53e
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
248617e4d13e1b6fdc44fc6cb957cb812a623bc2f5c75737b7fcea20f1fce5bf
25abf1c0c1163bfc4cfaeaec62699294054a71328dc481d907383b16ede6dee9
2662e0eef0f270830358bb255f079f695da71794ecbe8ba0825200862d8e9746
26a8833b3f616d42ce16ba186e2283f43aaca6b97ce2231d38e8789bfc6f0798
29d184b29d46c69be53faa92b98568916a42a585be707bd1442f5ea70b1d8e9b
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2afa4111eb3ba5f30b80ed18ef31249b63a8c095e86f05d5cba54418044e1fb5
2c4564a5a6a9f5193d09fd02d9201292d50153dbad3257e5abf93f8e333551ce
2c5aba6d9509718a8b1a791b99ac959cf99b758d3670ee402cb13b1c2009d745
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2fee125da069440997f56d4ca9b6ca320feb9517db0ba8e8ac28d1fa43334286
30061354876d0edeba0460ce844d78e6b5bd9244c8731e478b5a4509df1ef133
30cd961db82d46c3ac5c6a4abb291fcdc9e1bd4ded973363d2c8dad8039bf3df
314ce6baaa3218eb171fa2c278d7fdf1b9872305dfa667e9cbf2df77c83a9a88
326d0bda74e1b897845728260dafccd9ec8847ce2180eb0cae0255097308f688
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
361135ac01f1a4da1e80ad7311095e1bcee8f84d6186d75244c1b70a6d02487b
389116509f125fb140c28faf358c3ae2528626d0b074114364fe2debf2748b78
38db15048c48e0229698c2439da12cbd124f9ff0335114a1d5ef463e526575a2
3e6131330963c472b950b8aaf544ba3829735b8ccb103d614ba7793e3a786550
3f83a6253952ddefed9d0a3b4ba1763f1ef43c98203d2344e4775e36df47eccd
3fdff71ae8e899802f3ea164d190df3eb97cb894a64768f7634b5308b502626c
420d5c7ee5a3e7582b7ed91343962411712a183d42a69395c4bc1fe378699f07
437b96bfb27c65f904cc78ddc11105eff1cf79b7fec2203e1c23841ac8d95712
439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c
443ba0af7a7ed827223c7fb3c008c02b9ff1d651b6492e9c270378b07d9f6008
4469698f147e913f0057fbeae95a661287e7c9a5f7b31fcb145d4286eebf2e88
4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a
459d029e44e1c7b79901fee44223affb085019edd70ef2eb7580a2f380b1b89f
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
47b04e7ebabf7a5d10e7ff6e7916bd9db7ec3fe22b7a03ac8712b90f01fef145
495d2f8c8b7f1bbd664c2c10c086a644e63e4934b9734813b27956a34709eea4
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
4a967a69edb3b1b523c71a86b0c665fa93436249640a987aead72a28ca348461
4acc1ad1225689fe2c5479e7f8d822ecba31f2fe25bf5897678f12e640fc2321
4c62c820213f1ab28757a744fd3d15b65fc1ac9e148c8db2c50eb8a20959f930
513c777a66d7cd4d76de6462d6842c8251c46feee07689e81967a7862b24b1a2
5438358c912e2cc4eef33fa29a797b23abf87b836c9eab0c051863c888577bc4
559a9b1c0df77c9a5b5f7af721eced640085eb5853a31e1c48f6bd652198f86b
57594dcd51835dd92cbf5bbadbb088ed6d3e987658cc618665d36d9c5e0b8061
5847707988b0ee28c7b583abaabd6c203ad910326e5b9fe12149a0bc8ac43e5c
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5cb411e7c06609c740fc4bffa439ff2e0016412a71c209ae097427ef0e114be6
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
649efd3b18f3e9c03757831a8a192077b72fb32547f25d9746954c4348594aa8
67ebf650147a9122e94ff1b25a78a82e903b92b877821c1479de69f00f59d429
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
686a984a5a1b7f770a8f446487028a504259711778820c4d3332674d65d59438
69a535ecb758165dae81660c2f233e3d6c1cdeaa4b41a70a9d6c3e0999a74e20
6aeda827f439d97c90a633d8fa27a1f01d882d133573c2f694c7ae9dabb5f9f7
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e855e88dbc9550ab0e05706ff3dbcb484a32c837d1727f84d34662989e85c09
700490644eee8f5e27de79233f44079a13d885a7ab224647f45bf7c4122dd83e
706b60c871be65726479e872d219c82f59373249338874be494dd6b4aeb47543
71aa7adb4e65b1a8a779f4f31a22ce4a791253ddd2e7dc63fcf66ea36e690e48
721154081a378daf4fc49ab976f45e6e4c880ae3cf86d0fb8c904a65c17a965d
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
739aa72ac5c5d22fbff53db22d761fac6be92d3087b9c3ae2ff2b320b657e59a
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131
78423c4a9a19219e7c002b614298e550c87bb19788cbf348992e20c6cdfc2495
79756fe562878dc019e54a881643688dbafe7eb74af09b97718dfbb365fff0dd
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
7f34b768792b90cf0b04fced2470e43d8fab7644f6565d5178fbfb49c4859cee
80847a60a6246d1f785df03cf2991c8a1eb8408285c17439a7946b8a4976fb48
80e8da89389efc63cd6f84a1055830bcea522666e3e1b1ba61e6f09475072039
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83afecb8d82ce509e94b3c3bd49fa0aa25203e1bad8cc13283a0c5ced8285645
88bd41c4d35af76a7fdf8ef4e368e6bdc36445dabb4c2116a672429564034455
90b30346a595ac3bd2e6a313bf3a104f02d6f8e42d88b518377530ff76a40f5c
90f76036f54fde1969a5ea98043a8ce4c14210dc7c154d1bb228391e63e806d6
91418e605a1930c0662500fb32e24a636303e605659325478d3a4f441b25462b
927d5436967ebce8a52c4bdcd27cc056c910a72270f74990dfbd1d554840c12d
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
93e627871df22e4390cea8d5edb6b438c84554172a796b4a1b88ca45000cadbe
965574e97c29813feaa62a0a149731306ee4725e027603b937905375d3121c89
97b5b6bb0bfd4413504da4a5b78546698c75a127fff51b095080ee7fd3b8ec0c
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b80a0377e8855966fb025a06db3eb2703df7b9b5619ae8a44af2ff2f1d29c03
9c66fdf44f5cda137f2d24db2ee4abfcb0821dda583dc288c8e468884a56ba80
9d0c0872ef5e94185ea2c718747457397de510f69b25d42475cd0e601dba051e
9eb7997ee921f9f248c4d1d9c8e8b443610036855b7215d68d408f803b293c32
a05b5c6f3d2ebf0a27eb700a499a8860699ce224b61eebab608215ea1ddf2531
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1d77eace9251df6b9765421bc97587858f02e08c681c5d0002e456eb718dd4c
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
a7acfb3926865d68cafe8359320b0fa8959de6de7d2422ec43bd2a3736c40754
a98e42b2d4ab1ae36f3b270a0dff6ad2f158100833978ff0a549674a2543e78a
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa460b17301428633e549a2d3a7fe90df64707c56c63b6eaeb14bf7e9308be50
abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107
ac1c0dc00a1db0563d58a7b1d5c5dedb941999a82dcb1e4288f6c83dd3f77d61
acf43b3cc607603fbfa21dbd26e98f79b1878780b46e12e781f1f13b300d12b5
b03c305064447f4109562672db698759874b47a730ade28b4db0c64c63c0e54e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b24778ddf954b52d774d1620e1f7a371a0366c6b431cb979c11e0bf4fc6caa5d
b5b1a995a6bd965cffe0401b43790aa504dd4b2ecde8b3922576c899f1776f71
b6d0cd742a198805ce2b0ad6d533898464553bf5f804c8fc96689e5a03073331
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b980f62a2d545d64f24e6f96902c8fbf5da0018569c369bc18f9e5b5fcf099ed
bb0a282a3bd9d687270d0b117351fd5d3e45b9f000a25d1bf427e852e084bf60
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bdbc00de393216f6118f704088accc9ebddd220480741d5ed088c01f46f84088
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
bf295d5276dcf249788c7b6478a224d8d460b0150670b70376da45c9b7a98134
c1b5cd503cb61cdb668d79dc4e9e729d26763357c72cc95ae15f399815020db7
c2e8b4fba49f90cfca5a43371c09879aed7447e0ba2ed4abd75b81448776c4f7
c340f2fc9103b3a383daf2262c4c58829e4acd29f2e18e02675a823f89eef33b
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
ca2dd670481f13f47ed525632f9ed5504f8e4f681bfe9f62128cdfb22640bc65
caceb5c6afee7548a5281cfe5be7af62aee13db7652c5425af34a7d2661dd9fd
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cf6a3e8e608ebfd98d58aa8f1d11f4cfb528a0168d78eda6193b552fdca15207
d0f391cd64e504e3b83d2b3f4e75718f7224c19eeed3a42c43a40ff06d3e3dbd
d10e701c44ab739c7d711b6483def0c6cd47e5a3d04eda1df2c5cbb08f21d81a
d31374e862fe63f0cfabb3f4cebf0723e3ee46c70589a8576daa1643cebdd651
d355cf98aeecbb16480cc19e5f0afa9cf9b0a92526437d3e91a084a5ca78d400
d36e5d7328268d21c6941039a7b6a15c7ed7414f60dbee72d2231d11ac9bdaf3
d4876c12b071f74470f52c0404d10730ab271ae769c2c407fe131dae8b33e236
d623feacd2078cebfdcd9527cdefbbd04e9c95dae7ac4dfc8c4942c4d107ba94
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d8b5d59d6004bd8a9c1c6000a0421b32cd360819b7192918d00cef4516f66a2d
d98d7a81b2cc1e6b36d75db78826771fed2ddbe50ab593bea89ba19d6e6f7cb4
d9b18570e5896f6247bb318f5fe61a11772c3015e5626253dd70881251c60db9
de489c063335acc7c5fdbd2dae9608e8b55d4f8e6ef41d722d916e288c5b9d34
dfa2bdb1db0f386034afe7bfb18d49710c95471452f1a4914826333fc51b7f41
e2d3127da85763e024971c6192f78becbdf85db231b3d088c9f8b3777d444ede
e2e60e9eae839d6b2e857c708f6d02ae6069141594b941a1590cd5c5435d42f4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb90bf2dd6c52461f21742878e64a32df469fe701e30e6a4040cc2a5745775f2
ed2c498a761170ddb9c3f590b1b6d120d7a8c7debbc5079b99951db43c036862
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f14fdd346b1ec64d40a6a03c7cfb4561f784e8249c1fde667bf018ccff66c238
f3b1a8c30c2b627ea75987ccd3c375106446496ddb8015449b30b5b08e5e97e7
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

dundapost.com Open in urlscan Pro 104.161.23.5 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

190 Requests

99 %HTTPS

54 %IPv6

26 Domains

35 Subdomains

32 IPs

4 Countries

2881 kBTransfer

6979 kBSize

0 Cookies

8 Outgoing links

Page URL History

Redirected requests

190 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 14 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

dundapost.com Open in urlscan Pro
104.161.23.5 Public Scan

Screenshot
Live screenshot

Full Image

190
Requests

99 %
HTTPS

54 %
IPv6

26
Domains

35
Subdomains

32
IPs

4
Countries

2881 kB
Transfer

6979 kB
Size

0
Cookies

190 HTTP transactions
14 data transactions