urlscan.io logo urlscan.io
SecurityTrails logo

zdorovia.com.ua Open in urlscan Pro
91.210.190.92  Public Scan

Go To Rescan Add Verdict Report
URL: http://zdorovia.com.ua/
Submission: On November 23 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 103 IPs in 18 countries across 104 domains to perform 708 HTTP transactions. The main IP is 91.210.190.92, located in Ukraine and belongs to AS-EKVIA, UA. The main domain is zdorovia.com.ua.
This is the only time zdorovia.com.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
56 91.210.190.92 48440 (AS-EKVIA)
1 2a00:1450:400... 15169 (GOOGLE)
16 2a03:90c0:41:... 199524 (GCORE)
2 104.18.2.81 13335 (CLOUDFLAR...)
1 2 88.212.202.52 39134 (UNITEDNET)
2 2a00:1450:400... 15169 (GOOGLE)
5 28 51.83.220.94 16276 (OVH)
1 3 2a00:1450:400... 15169 (GOOGLE)
1 2 88.212.201.198 39134 (UNITEDNET)
1 2a03:2880:f12... 32934 (FACEBOOK)
1 1 193.239.68.97 39468 (BIGMIR-IN...)
1 193.239.71.100 39468 (BIGMIR-IN...)
1 2a03:2880:f08... 32934 (FACEBOOK)
1 1 2a00:1450:400... 15169 (GOOGLE)
2 13 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 77.123.132.42 35680 (VOLIA)
69 2a00:1450:400... 15169 (GOOGLE)
2 21 146.0.227.109 20773 (GODADDY)
13 146.0.227.107 20773 (GODADDY)
2 6 185.184.8.90 204995 (RTB-HOUSE...)
10 14 37.252.171.149 29990 (ASN-APPNEX)
10 11 185.64.190.79 62713 (AS-PUBMATIC)
16 28 142.250.184.226 15169 (GOOGLE)
4 4 185.64.190.80 62713 (AS-PUBMATIC)
1 5 198.47.127.20 3257 (GTT-BACKB...)
2 3 37.157.6.254 198622 (ADFORM)
1 2a02:2638:1::3 44788 (ASN-CRITE...)
1 5 185.172.90.251 49981 (WORLDSTREAM)
6 51.89.9.251 16276 (OVH)
4 185.239.172.58 55081 (24SHELLS)
4 8.2.108.194 46636 (NATCOWEB)
2 82.145.213.8 39832 (NO-OPERA)
4 4 3.126.56.137 16509 (AMAZON-02)
3 3 188.42.34.64 7979 (SERVERS-COM)
10 10 18.195.183.89 16509 (AMAZON-02)
2 2 99.81.44.108 16509 (AMAZON-02)
3 23.23.180.179 14618 (AMAZON-AES)
1 2 144.76.118.200 24940 (HETZNER-AS)
2 8.2.110.206 46636 (NATCOWEB)
2 193.200.65.6 6681 (GIVEME-CLOUD)
2 2 83.222.114.187 42632 (MNOGOBYTE...)
1 183.110.238.136 4766 (KIXS-AS-K...)
3 3 199.115.119.227 30633 (LEASEWEB-...)
1 1 51.68.39.188 16276 (OVH)
4 185.83.70.2 55081 (24SHELLS)
1 3 194.247.175.26 196831 (BEMOBILE-AS)
2 3 104.18.33.19 13335 (CLOUDFLAR...)
4 72.251.249.9 32475 (SINGLEHOP...)
6 2a02:2638::24 44788 (ASN-CRITE...)
11 28 52.72.183.146 14618 (AMAZON-AES)
12 185.172.90.250 49981 (WORLDSTREAM)
8 185.172.90.252 49981 (WORLDSTREAM)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
24 2a00:1450:400... 15169 (GOOGLE)
4 4 23.203.77.3 16625 (AKAMAI-AS)
8 23.205.235.133 16625 (AKAMAI-AS)
4 205.234.175.175 23352 (SERVERCEN...)
1 27 2606:4700:10:... 13335 (CLOUDFLAR...)
3 4 35.227.248.159 15169 (GOOGLE)
5 7 37.157.3.20 198622 (ADFORM)
5 3.33.220.150 16509 (AMAZON-02)
1 2a04:4e42:600... 54113 (FASTLY)
1 2607:ae80:128... 26558 (FREEWHEEL)
3 6 185.64.190.78 62713 (AS-PUBMATIC)
2 2 2a05:d018:24:... 16509 (AMAZON-02)
2 2 99.81.119.147 16509 (AMAZON-02)
1 18.198.69.109 16509 (AMAZON-02)
2 2 85.114.159.93 24961 (MYLOC-AS ...)
2 3 34.111.131.239 396982 (GOOGLE-CL...)
2 2 185.86.137.131 201081 (SMARTADSE...)
7 54.77.35.234 16509 (AMAZON-02)
1 1 212.82.100.182 34010 (YAHOO-IRD)
1 1 54.76.86.77 16509 (AMAZON-02)
1 34.98.67.61 396982 (GOOGLE-CL...)
2 54.229.209.150 16509 (AMAZON-02)
1 162.55.233.29 24940 (HETZNER-AS)
3 3 151.101.194.49 54113 (FASTLY)
1 1 13.32.99.36 16509 (AMAZON-02)
1 1 34.230.201.103 14618 (AMAZON-AES)
2 4 54.239.33.158 16509 (AMAZON-02)
2 3 69.192.160.219 16625 (AKAMAI-AS)
4 4 3.248.82.49 16509 (AMAZON-02)
1 4 69.173.144.139 26667 (RUBICONPR...)
2 67.202.105.33 32748 (STEADFAST)
3 35.214.223.115 15169 (GOOGLE)
5 23.35.236.201 16625 (AKAMAI-AS)
6 2a02:6ea0:c70... 60068 (CDN77 ^_^)
3 4 35.186.253.211 15169 (GOOGLE)
4 28 62.149.1.122 15497 (COLOCALL ...)
3 3 108.128.22.128 16509 (AMAZON-02)
4 4 213.19.147.44 3356 (LEVEL3)
3 2a00:1450:400... 15169 (GOOGLE)
5 69.173.144.138 26667 (RUBICONPR...)
50 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
8 65.9.66.97 16509 (AMAZON-02)
4 212.83.160.162 12876 (Online SAS)
2 2 185.29.134.244 30419 (MEDIAMATH...)
3 12 185.64.189.110 62713 (AS-PUBMATIC)
2 2 213.155.156.169 1299 (TWELVE99 ...)
1 178.250.0.163 44788 (ASN-CRITE...)
3 3 2620:116:800d... 16509 (AMAZON-02)
1 2a05:d018:d29... 16509 (AMAZON-02)
2 2 15.235.15.221 16276 (OVH)
2 2 34.254.143.3 16509 (AMAZON-02)
1 2 34.91.62.186 396982 (GOOGLE-CL...)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 2 35.156.8.143 16509 (AMAZON-02)
10 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 3 185.80.39.216 27381 (CASALE-MEDIA)
4 3.125.70.222 16509 (AMAZON-02)
10 34.149.12.213 15169 (GOOGLE)
2 173.194.76.157 15169 (GOOGLE)
2 35.244.159.8 15169 (GOOGLE)
2 23.35.237.56 16625 (AKAMAI-AS)
90 2a00:1450:400... 15169 (GOOGLE)
8 142.250.185.194 15169 (GOOGLE)
1 1 35.157.182.139 16509 (AMAZON-02)
2 3 54.171.34.58 16509 (AMAZON-02)
1 1 44.194.228.115 14618 (AMAZON-AES)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 195.5.165.20 44968 (IPROM-AS)
1 5.161.54.172 213230 (HETZNER-C...)
1 72.251.241.196 32475 (SINGLEHOP...)
1 1 141.94.240.141 16276 (OVH)
1 1 141.94.171.212 16276 (OVH)
1 35.186.193.173 15169 (GOOGLE)
2 2 35.201.96.126 15169 (GOOGLE)
1 185.64.190.87 62713 (AS-PUBMATIC)
1 2 77.243.60.138 42697 (NETIC-AS)
1 66.155.71.150 13768 (COGECO-PEER1)
1 1 2001:678:cb4:... 56396 (AMOBEE)
1 1 178.62.202.251 14061 (DIGITALOC...)
1 1 34.102.253.54 396982 (GOOGLE-CL...)
1 1 37.252.171.85 29990 (ASN-APPNEX)
1 1 54.235.189.154 14618 (AMAZON-AES)
1 2 2a02:2638::1c 44788 (ASN-CRITE...)
1 1 34.111.129.221 396982 (GOOGLE-CL...)
1 178.250.2.146 44788 (ASN-CRITE...)
708 103
56    91.210.190.92 (Ukraine)

ASN48440 (AS-EKVIA, UA)
PTR: internetmedia.ua
zdorovia.com.ua
nashamama.com
1    2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
16    2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)
scripts.go2net.com.ua
cdn.admixer.net
2    104.18.2.81 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
i.i.ua
r.i.ua
2    88.212.202.52 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: host152.rax.ru
counter.yadro.ru
2    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
28    51.83.220.94 (France)

ASN16276 (OVH, FR)
PTR: app-ngx-pl-03.adpartner.pro
a4p.adpartner.pro
3    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    88.212.201.198 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru
counter.yadro.ru
1    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    193.239.68.97 (Ukraine)

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: c.bigmir.net
c.bigmir.net
1    193.239.71.100 (Ukraine)

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: rs.img.com.ua
i.bigmir.net
1    2a03:2880:f080:9:face:b00c:0:3 (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)
static.xx.fbcdn.net
1    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
13    2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.co.uk
5    77.123.132.42 (Kyiv, Ukraine)

ASN35680 (VOLIA, UA)
PTR: 42.132.123.77.colo.static.dcvolia.com
file.adpartner.pro
69    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
21    146.0.227.109 (Ascension Island)

ASN20773 (GODADDY, DE)
inv-nets.admixer.net
13    146.0.227.107 (Ascension Island)

ASN20773 (GODADDY, DE)
ads.go2net.com.ua
6    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
prebid-eu.creativecdn.com
creativecdn.com
14    37.252.171.149 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
11    185.64.190.79 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
28    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
cm.g.doubleclick.net
4    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
5    198.47.127.20 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image4.pubmatic.com
simage4.pubmatic.com
3    37.157.6.254 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
cm.adform.net
1    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
5    185.172.90.251 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: ads.us.e-plannning.net
ads.us.e-planning.net
6    51.89.9.251 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu
onetag-sys.com
4    185.239.172.58 (United Kingdom)

ASN55081 (24SHELLS, US)
s.adtelligent.com
4    8.2.108.194 (United States)

ASN46636 (NATCOWEB, US)
us.ck-ie.com
2    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
4    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
3    188.42.34.64 (Odesa, Ukraine)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
10    18.195.183.89 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-183-89.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    99.81.44.108 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-44-108.eu-west-1.compute.amazonaws.com
r.scoota.co
3    23.23.180.179 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-23-180-179.compute-1.amazonaws.com
cs.yellowblue.io
2    144.76.118.200 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.200.118.76.144.clients.your-server.de
exchange.buzzoola.com
2    8.2.110.206 (United States)

ASN46636 (NATCOWEB, US)
cs.mobfox.com
2    193.200.65.6 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: adforce.team
m.trafmag.com
2    83.222.114.187 (Russian Federation)

ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU)
rtb.com.ru
1    183.110.238.136 (Korea, Republic Of)

ASN4766 (KIXS-AS-KR Korea Telecom, KR)
idsync.admixer.co.kr
3    199.115.119.227 (Pittsburgh, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
sync.lemmatechnologies.com
1    51.68.39.188 (France)

ASN16276 (OVH, FR)
PTR: ns3129809.ip-51-68-39.eu
dsp.nrich.ai
4    185.83.70.2 (London, United Kingdom)

ASN55081 (24SHELLS, US)
s.console.adtarget.com.tr
3    194.247.175.26 (Ukraine)

ASN196831 (BEMOBILE-AS, UA)
pa.tns-ua.com
3    104.18.33.19 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
4    72.251.249.9 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
6    2a02:2638::24 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
28    52.72.183.146 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-183-146.compute-1.amazonaws.com
a.audrte.com
12    185.172.90.250 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: s.e-planning.net
s.e-planning.net
8    185.172.90.252 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: ads.us.e-planning.net
u-ams03.e-planning.net
1    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.co.uk
6    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
24    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.co.uk
4    23.203.77.3 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-77-3.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
8    23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
4    205.234.175.175 (Lovettsville, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: vip1.G-anycast1.cachefly.net
i.e-planning.net
27    2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
4    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
7    37.157.3.20 (Denmark)

ASN198622 (ADFORM, DK)
dmp.adform.net
c1.adform.net
5    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    2a04:4e42:600::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
1    2607:ae80:128:1::48 (United States)

ASN26558 (FREEWHEEL, US)
dmp.v.fwmrm.net
6    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    2a05:d018:24:b002:eb7b:3a65:f7da:a48f (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.tidaltv.com
2    99.81.119.147 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-119-147.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    18.198.69.109 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
loadeu.exelator.com
2    85.114.159.93 (Tuttlingen, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
3    34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
2    185.86.137.131 (France)

ASN201081 (SMARTADSERVER, FR)
sync.smartadserver.com
7    54.77.35.234 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-35-234.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
sync.crwdcntrl.net
1    212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com
cms.analytics.yahoo.com
1    54.76.86.77 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-86-77.eu-west-1.compute.amazonaws.com
aa.agkn.com
1    34.98.67.61 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
2    54.229.209.150 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-209-150.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    162.55.233.29 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.29.233.55.162.clients.your-server.de
sync.richaudience.com
3    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    13.32.99.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-36.fra60.r.cloudfront.net
engine.widespace.com
1    34.230.201.103 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-230-201-103.compute-1.amazonaws.com
usermatch.krxd.net
4    54.239.33.158 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
3    69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com
tags.bluekai.com
e.dlx.addthis.com
4    3.248.82.49 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-82-49.eu-west-1.compute.amazonaws.com
obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com
4    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    67.202.105.33 (Palos Park, United States)

ASN32748 (STEADFAST, US)
PTR: ip33.67-202-105.static.steadfastdns.net
ic.tynt.com
3    35.214.223.115 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 115.223.214.35.bc.googleusercontent.com
csync.loopme.me
5    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
6    2a02:6ea0:c700::10 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
vid.vidoomy.com
4    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
28    62.149.1.122 (Vyshhorod, Ukraine)

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)
sync.adtelligent.com
sync.console.adtarget.com.tr
3    108.128.22.128 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-22-128.eu-west-1.compute.amazonaws.com
ad.360yield.com
4    213.19.147.44 (United Kingdom)

ASN3356 (LEVEL3, US)
sync.1rx.io
3    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
5    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel-eu.rubiconproject.com
50    2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
6    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
8    65.9.66.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-97.fra56.r.cloudfront.net
tags.crwdcntrl.net
4    212.83.160.162 (Mairieux, France)

ASN12876 (Online SAS, FR)
PTR: 212-83-160-162.rev.poneytelecom.eu
js.cookieless-data.com
2    185.29.134.244 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
12    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
2    213.155.156.169 (Uppsala, Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-169.teliacarrier-cust.com
d5p.de17a.com
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
3    2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    2a05:d018:d29:3602:2c64:3412:9e4:7e3a (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    15.235.15.221 (Canada)

ASN16276 (OVH, FR)
PTR: pikafka-us-3.cloudy.ovh
pixel.onaudience.com
2    34.254.143.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
loada.exelator.com
2    34.91.62.186 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com
um.simpli.fi
1    2a02:fa8:8806:12::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
2    35.156.8.143 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-8-143.eu-central-1.compute.amazonaws.com
rtb.mfadsrvr.com
10    2a02:26f0:3500:d::1732:83c8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.doubleverify.com
3    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
4    3.125.70.222 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-70-222.eu-central-1.compute.amazonaws.com
ps.eyeota.net
10    34.149.12.213 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 213.12.149.34.bc.googleusercontent.com
rtb0.doubleverify.com
tps.doubleverify.com
tpsc-eu3.doubleverify.com
2    173.194.76.157 (United States)

ASN15169 (GOOGLE, US)
PTR: ws-in-f157.1e100.net
bid.g.doubleclick.net
2    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
2    23.35.237.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-56.deploy.static.akamaitechnologies.com
sync.teads.tv
90    2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
8    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
googleads4.g.doubleclick.net
1    35.157.182.139 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-182-139.eu-central-1.compute.amazonaws.com
d.agkn.com
3    54.171.34.58 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-34-58.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    44.194.228.115 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-194-228-115.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    2606:4700::6812:19ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
1    5.161.54.172 (Germany)

ASN213230 (HETZNER-CLOUD2-AS, DE)
PTR: static.172.54.161.5.clients.your-server.de
matching.truffle.bid
1    72.251.241.196 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
1    141.94.240.141 (France)

ASN16276 (OVH, FR)
PTR: bixel-12.cloudy.ovh
green.erne.co
1    141.94.171.212 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-4.cloudy.ovh
pixel-eu.onaudience.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
2    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 126.96.201.35.bc.googleusercontent.com
visitor.fiftyt.com
1    185.64.190.87 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
2    77.243.60.138 (Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
1    66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
1    178.62.202.251 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
1    37.252.171.85 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
1    54.235.189.154 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-235-189-154.compute-1.amazonaws.com
sync.ipredictive.com
2    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
1    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
Apex Domain
Subdomains		 Transfer
119 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 101
tpc.googlesyndication.com — Cisco Umbrella Rank: 136
2 MB
90 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 262
919 KB
58 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
cm.g.doubleclick.net — Cisco Umbrella Rank: 203
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
bid.g.doubleclick.net — Cisco Umbrella Rank: 672
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 294
261 KB
53 zdorovia.com.ua
zdorovia.com.ua
1 MB
44 pubmatic.com
image8.pubmatic.com — Cisco Umbrella Rank: 561
image2.pubmatic.com — Cisco Umbrella Rank: 882
image4.pubmatic.com — Cisco Umbrella Rank: 822
image6.pubmatic.com — Cisco Umbrella Rank: 662
ads.pubmatic.com — Cisco Umbrella Rank: 458
simage2.pubmatic.com — Cisco Umbrella Rank: 671
simage4.pubmatic.com — Cisco Umbrella Rank: 1110
aud.pubmatic.com — Cisco Umbrella Rank: 4434
56 KB
33 adpartner.pro
a4p.adpartner.pro — Cisco Umbrella Rank: 8982
file.adpartner.pro — Cisco Umbrella Rank: 262914
61 KB
29 e-planning.net
ads.us.e-planning.net — Cisco Umbrella Rank: 3402
s.e-planning.net — Cisco Umbrella Rank: 5574
u-ams03.e-planning.net — Cisco Umbrella Rank: 65304
i.e-planning.net — Cisco Umbrella Rank: 5645
15 KB
28 audrte.com
a.audrte.com — Cisco Umbrella Rank: 1771
21 KB
27 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 2717
mwzeom.zeotap.com — Cisco Umbrella Rank: 2386
8 KB
27 admixer.net
cdn.admixer.net — Cisco Umbrella Rank: 46950
inv-nets.admixer.net — Cisco Umbrella Rank: 2481
105 KB
26 adtelligent.com
s.adtelligent.com — Cisco Umbrella Rank: 5816
sync.adtelligent.com — Cisco Umbrella Rank: 4017
14 KB
23 go2net.com.ua
scripts.go2net.com.ua — Cisco Umbrella Rank: 850068
ads.go2net.com.ua — Cisco Umbrella Rank: 264311
316 KB
21 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 861
eus.rubiconproject.com — Cisco Umbrella Rank: 541
pixel.rubiconproject.com — Cisco Umbrella Rank: 307
token.rubiconproject.com — Cisco Umbrella Rank: 544
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2024
47 KB
20 doubleverify.com
cdn.doubleverify.com — Cisco Umbrella Rank: 448
rtb0.doubleverify.com — Cisco Umbrella Rank: 649
tps.doubleverify.com — Cisco Umbrella Rank: 457
tpsc-eu3.doubleverify.com — Cisco Umbrella Rank: 9195
473 KB
19 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 72
5 KB
15 crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 744
tags.crwdcntrl.net — Cisco Umbrella Rank: 984
sync.crwdcntrl.net — Cisco Umbrella Rank: 714
69 KB
15 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 209
secure.adnxs.com — Cisco Umbrella Rank: 426
13 KB
10 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 691
dis.criteo.com — Cisco Umbrella Rank: 631
gum.criteo.com — Cisco Umbrella Rank: 390
mug.criteo.com — Cisco Umbrella Rank: 2725
10 KB
10 adtarget.com.tr
s.console.adtarget.com.tr — Cisco Umbrella Rank: 17504
sync.console.adtarget.com.tr — Cisco Umbrella Rank: 17048
4 KB
10 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 281
3 KB
10 adform.net
adx.adform.net — Cisco Umbrella Rank: 3954
dmp.adform.net — Cisco Umbrella Rank: 4100
cm.adform.net — Cisco Umbrella Rank: 1373
c1.adform.net — Cisco Umbrella Rank: 582
4 KB
7 google.co.uk
www.google.co.uk — Cisco Umbrella Rank: 3108
adservice.google.co.uk — Cisco Umbrella Rank: 5214
2 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 185
284 KB
6 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1473
us-u.openx.net — Cisco Umbrella Rank: 407
983 B
6 vidoomy.com
vid.vidoomy.com — Cisco Umbrella Rank: 2549
70 KB
6 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 418
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 512
5 KB
6 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 280
cms.analytics.yahoo.com — Cisco Umbrella Rank: 835
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 416
2 KB
6 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 723
6 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6054
creativecdn.com — Cisco Umbrella Rank: 612
2 KB
5 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 341
1 KB
4 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 926
5 KB
4 cookieless-data.com
js.cookieless-data.com — Cisco Umbrella Rank: 5458
2 KB
4 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 519
2 KB
4 imrworldwide.com
obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com — Cisco Umbrella Rank: 44056
853 B
4 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 915
3 KB
4 weborama.fr
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 24650
cr.frontend.weborama.fr — Cisco Umbrella Rank: 22314
1 KB
4 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 400
1 KB
4 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 599
1 KB
4 ck-ie.com
us.ck-ie.com — Cisco Umbrella Rank: 4787
516 B
4 yadro.ru
counter.yadro.ru — Cisco Umbrella Rank: 9992
3 KB
3 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 465
2 KB
3 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 3206
pixel-eu.onaudience.com — Cisco Umbrella Rank: 13081
2 KB
3 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 615
1 KB
3 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 860
1 KB
3 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 645
865 B
3 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 840
3 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 533
1 KB
3 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 530
usermatch.krxd.net — Cisco Umbrella Rank: 1283
934 B
3 exelator.com
loadeu.exelator.com — Cisco Umbrella Rank: 7303
loada.exelator.com — Cisco Umbrella Rank: 25718
2 KB
3 tns-ua.com
pa.tns-ua.com — Cisco Umbrella Rank: 164907
639 B
3 lemmatechnologies.com
sync.lemmatechnologies.com — Cisco Umbrella Rank: 6442
1 KB
3 yellowblue.io
cs.yellowblue.io — Cisco Umbrella Rank: 4958
840 B
3 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1902
2 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
37 KB
3 nashamama.com
nashamama.com
40 KB
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1134
1 KB
2 fiftyt.com
visitor.fiftyt.com — Cisco Umbrella Rank: 4014
625 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 745
s.tribalfusion.com — Cisco Umbrella Rank: 1840
1 KB
2 addthis.com
e.dlx.addthis.com — Cisco Umbrella Rank: 1487
1 KB
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1226
344 B
2 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 865
1 KB
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 752
1 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4495
562 B
2 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 446
1 KB
2 tynt.com
ic.tynt.com — Cisco Umbrella Rank: 6453
2 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 434
d.agkn.com — Cisco Umbrella Rank: 621
1 KB
2 smartadserver.com
sync.smartadserver.com — Cisco Umbrella Rank: 1338
1 KB
2 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1442
1 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 197
2 KB
2 tidaltv.com
sync.tidaltv.com — Cisco Umbrella Rank: 1315
750 B
2 com.ru
rtb.com.ru — Cisco Umbrella Rank: 42782
2 KB
2 trafmag.com
m.trafmag.com — Cisco Umbrella Rank: 111973
702 B
2 mobfox.com
cs.mobfox.com — Cisco Umbrella Rank: 17145
1020 B
2 buzzoola.com
exchange.buzzoola.com — Cisco Umbrella Rank: 19525
543 B
2 scoota.co
r.scoota.co — Cisco Umbrella Rank: 32840
1 KB
2 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1729
842 B
2 bigmir.net
c.bigmir.net — Cisco Umbrella Rank: 170326
i.bigmir.net — Cisco Umbrella Rank: 364102
1 KB
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 94
55 KB
2 i.ua
i.i.ua — Cisco Umbrella Rank: 424333
r.i.ua — Cisco Umbrella Rank: 174278
4 KB
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 830
554 B
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 3659
465 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 1949
534 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 708
518 B
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 559
191 B
1 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 5115
370 B
1 erne.co
green.erne.co — Cisco Umbrella Rank: 16063
367 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1298
283 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 6159
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 5822
277 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 665
615 B
1 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3009
104 B
1 gstatic.com
www.gstatic.com
14 KB
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 508
145 B
1 widespace.com
engine.widespace.com — Cisco Umbrella Rank: 64662
482 B
1 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 1870
359 B
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 929
356 B
1 fwmrm.net
dmp.v.fwmrm.net — Cisco Umbrella Rank: 10937
411 B
1 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 636
161 B
1 nrich.ai
dsp.nrich.ai — Cisco Umbrella Rank: 2774
523 B
1 admixer.co.kr
idsync.admixer.co.kr — Cisco Umbrella Rank: 16988
904 B
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 623
40 KB
1 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 715
4 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 106
9 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 304
85 KB
708 104
Domain Requested by
90 s0.2mdn.net zdorovia.com.ua
s0.2mdn.net
googleads.g.doubleclick.net
69 pagead2.googlesyndication.com file.adpartner.pro
pagead2.googlesyndication.com
scripts.go2net.com.ua
googleads.g.doubleclick.net
zdorovia.com.ua
tpc.googlesyndication.com
www.googletagservices.com
bid.g.doubleclick.net
s0.2mdn.net
53 zdorovia.com.ua zdorovia.com.ua
50 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
zdorovia.com.ua
s0.2mdn.net
28 a.audrte.com 11 redirects ads.us.e-planning.net
a.audrte.com
zdorovia.com.ua
28 cm.g.doubleclick.net 16 redirects zdorovia.com.ua
spl.zeotap.com
googleads.g.doubleclick.net
28 a4p.adpartner.pro 5 redirects zdorovia.com.ua
a4p.adpartner.pro
22 sync.adtelligent.com 2 redirects s.adtelligent.com
s.console.adtarget.com.tr
ads.us.e-planning.net
ads.pubmatic.com
22 mwzeom.zeotap.com 1 redirects spl.zeotap.com
zdorovia.com.ua
21 inv-nets.admixer.net 2 redirects scripts.go2net.com.ua
zdorovia.com.ua
ads.us.e-planning.net
19 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
zdorovia.com.ua
14 ib.adnxs.com 10 redirects zdorovia.com.ua
spl.zeotap.com
scripts.go2net.com.ua
googleads.g.doubleclick.net
13 ads.go2net.com.ua scripts.go2net.com.ua
zdorovia.com.ua
13 www.google.com 2 redirects googleads.g.doubleclick.net
tpc.googlesyndication.com
12 simage2.pubmatic.com 3 redirects ads.pubmatic.com
zdorovia.com.ua
12 s.e-planning.net ads.us.e-planning.net
11 image8.pubmatic.com 10 redirects zdorovia.com.ua
10 cdn.doubleverify.com googleads.g.doubleclick.net
cdn.doubleverify.com
zdorovia.com.ua
10 x.bidswitch.net 10 redirects
10 scripts.go2net.com.ua zdorovia.com.ua
scripts.go2net.com.ua
8 googleads4.g.doubleclick.net zdorovia.com.ua
8 tags.crwdcntrl.net s.e-planning.net
tags.crwdcntrl.net
8 eus.rubiconproject.com ads.us.e-planning.net
eus.rubiconproject.com
8 u-ams03.e-planning.net ads.us.e-planning.net
vid.vidoomy.com
6 sync.console.adtarget.com.tr 2 redirects s.console.adtarget.com.tr
6 www.googletagservices.com googleads.g.doubleclick.net
6 vid.vidoomy.com s.adtelligent.com
ads.us.e-planning.net
6 image6.pubmatic.com 3 redirects ads.pubmatic.com
6 adservice.google.com pagead2.googlesyndication.com
6 adservice.google.co.uk pagead2.googlesyndication.com
6 bidder.criteo.com static.criteo.net
6 onetag-sys.com ads.go2net.com.ua
s.adtelligent.com
6 cdn.admixer.net zdorovia.com.ua
scripts.go2net.com.ua
cdn.admixer.net
5 ads.pubmatic.com s.adtelligent.com
ads.pubmatic.com
5 bcp.crwdcntrl.net spl.zeotap.com
tags.crwdcntrl.net
5 match.adsrvr.org spl.zeotap.com
s.adtelligent.com
ads.pubmatic.com
5 dmp.adform.net 4 redirects spl.zeotap.com
5 spl.zeotap.com ads.us.e-planning.net
ads.pubmatic.com
5 ads.us.e-planning.net 1 redirects ads.go2net.com.ua
s.adtelligent.com
5 file.adpartner.pro zdorovia.com.ua
a4p.adpartner.pro
4 tpsc-eu3.doubleverify.com cdn.doubleverify.com
4 tps.doubleverify.com cdn.doubleverify.com
4 ps.eyeota.net s.adtelligent.com
zdorovia.com.ua
a.audrte.com
4 js.cookieless-data.com s.e-planning.net
4 token.rubiconproject.com eus.rubiconproject.com
4 sync.1rx.io 4 redirects
4 rtb.openx.net 3 redirects googleads.g.doubleclick.net
4 pixel.rubiconproject.com 1 redirects spl.zeotap.com
s.adtelligent.com
4 obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com 4 redirects
4 aax-eu.amazon-adsystem.com 2 redirects spl.zeotap.com
ads.pubmatic.com
4 pixel.tapad.com 3 redirects spl.zeotap.com
4 i.e-planning.net ads.us.e-planning.net
4 secure-assets.rubiconproject.com 4 redirects
4 ap.lijit.com zdorovia.com.ua
s.adtelligent.com
4 s.console.adtarget.com.tr zdorovia.com.ua
s.adtelligent.com
4 ups.analytics.yahoo.com 4 redirects
4 us.ck-ie.com zdorovia.com.ua
4 s.adtelligent.com ads.go2net.com.ua
s.adtelligent.com
4 image2.pubmatic.com 4 redirects
4 creativecdn.com 2 redirects zdorovia.com.ua
scripts.go2net.com.ua
4 counter.yadro.ru 2 redirects zdorovia.com.ua
3 match.prod.bidr.io 2 redirects ads.pubmatic.com
3 dsum-sec.casalemedia.com 1 redirects googleads.g.doubleclick.net
3 cms.quantserve.com 3 redirects
3 partner.googleadservices.com pagead2.googlesyndication.com
3 ad.360yield.com 3 redirects
3 csync.loopme.me s.adtelligent.com
ads.pubmatic.com
3 sync-tm.everesttech.net 3 redirects
3 idsync.frontend.weborama.fr 2 redirects
3 ssum-sec.casalemedia.com 2 redirects zdorovia.com.ua
3 pa.tns-ua.com 1 redirects zdorovia.com.ua
scripts.go2net.com.ua
3 sync.lemmatechnologies.com 3 redirects
3 cs.yellowblue.io zdorovia.com.ua
ads.pubmatic.com
3 ads.betweendigital.com 3 redirects
3 image4.pubmatic.com 1 redirects ads.pubmatic.com
3 www.google-analytics.com 1 redirects zdorovia.com.ua
a4p.adpartner.pro
3 nashamama.com zdorovia.com.ua
2 gum.criteo.com 1 redirects static.criteo.net
2 uipglob.semasio.net 1 redirects zdorovia.com.ua
2 visitor.fiftyt.com 2 redirects
2 sync.crwdcntrl.net ads.pubmatic.com
2 e.dlx.addthis.com 2 redirects
2 simage4.pubmatic.com ads.pubmatic.com
2 sync.teads.tv googleads.g.doubleclick.net
2 us-u.openx.net googleads.g.doubleclick.net
2 bid.g.doubleclick.net cdn.doubleverify.com
2 rtb0.doubleverify.com cdn.doubleverify.com
2 rtb.mfadsrvr.com 2 redirects
2 um.simpli.fi 1 redirects ads.pubmatic.com
2 loada.exelator.com 2 redirects
2 pixel.onaudience.com 2 redirects
2 d5p.de17a.com 2 redirects
2 sync.mathtag.com 2 redirects
2 c1.adform.net 1 redirects ads.pubmatic.com
2 ic.tynt.com s.adtelligent.com
2 beacon.krxd.net spl.zeotap.com
2 sync.smartadserver.com 2 redirects
2 dsp.adfarm1.adition.com 2 redirects
2 dpm.demdex.net 2 redirects
2 sync.tidaltv.com 2 redirects
2 rtb.com.ru 2 redirects
2 m.trafmag.com zdorovia.com.ua
2 cs.mobfox.com zdorovia.com.ua
scripts.go2net.com.ua
2 exchange.buzzoola.com 1 redirects zdorovia.com.ua
2 r.scoota.co 2 redirects
2 t.adx.opera.com zdorovia.com.ua
scripts.go2net.com.ua
2 adx.adform.net 1 redirects zdorovia.com.ua
2 prebid-eu.creativecdn.com scripts.go2net.com.ua
2 www.youtube.com zdorovia.com.ua
www.youtube.com
1 mug.criteo.com
1 cr.frontend.weborama.fr 1 redirects
1 sync.ipredictive.com 1 redirects
1 secure.adnxs.com 1 redirects
1 ads.playground.xyz 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 ad.turn.com 1 redirects
1 pixel-sync.sitescout.com zdorovia.com.ua
1 aud.pubmatic.com zdorovia.com.ua
1 ipac.ctnsnet.com ads.pubmatic.com
1 pixel-eu.onaudience.com 1 redirects
1 green.erne.co 1 redirects
1 cm.adgrx.com ads.pubmatic.com
1 matching.truffle.bid ads.pubmatic.com
1 core.iprom.net ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 d.agkn.com 1 redirects
1 pixel-eu.rubiconproject.com eus.rubiconproject.com
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 pr-bh.ybp.yahoo.com ads.pubmatic.com
1 dis.criteo.com ads.pubmatic.com
1 cm.adform.net 1 redirects
1 www.gstatic.com googleads.g.doubleclick.net
1 tags.bluekai.com spl.zeotap.com
1 usermatch.krxd.net 1 redirects
1 engine.widespace.com 1 redirects
1 sync.richaudience.com spl.zeotap.com
1 odr.mookie1.com spl.zeotap.com
1 aa.agkn.com 1 redirects
1 cms.analytics.yahoo.com 1 redirects
1 loadeu.exelator.com spl.zeotap.com
1 dmp.v.fwmrm.net spl.zeotap.com
1 trc.taboola.com spl.zeotap.com
1 dsp.nrich.ai 1 redirects
1 idsync.admixer.co.kr zdorovia.com.ua
1 static.criteo.net scripts.go2net.com.ua
1 www.google.co.uk zdorovia.com.ua
1 stats.g.doubleclick.net 1 redirects
1 static.xx.fbcdn.net www.facebook.com
1 i.bigmir.net zdorovia.com.ua
1 c.bigmir.net 1 redirects
1 www.facebook.com zdorovia.com.ua
1 r.i.ua zdorovia.com.ua
1 i.i.ua zdorovia.com.ua
1 ajax.googleapis.com zdorovia.com.ua
708 156

This site contains links to these domains. Also see Links.

Domain
vk.com
www.facebook.com
twitter.com
www.bigmir.net
www.i.ua
www.liveinternet.ru
Subject Issuer Validity Valid
*.go2net.com.ua
Sectigo RSA Domain Validation Secure Server CA		 2021-11-15 -
2022-12-05		 a year crt.sh
*.admixer.net
Sectigo RSA Domain Validation Secure Server CA		 2022-06-08 -
2023-06-21		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-09-01 -
2022-11-30		 3 months crt.sh
adpartner.pro
R3		 2022-09-04 -
2022-12-03		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-17 -
2023-04-12		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-08 -
2023-02-04		 3 months crt.sh
ads.us.e-planning.net
R3		 2022-10-10 -
2023-01-08		 3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
s.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-09-29 -
2022-12-28		 3 months crt.sh
ck-ie.com
Go Daddy Secure Certificate Authority - G2		 2021-11-12 -
2022-12-14		 a year crt.sh
*.adx.opera.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-18 -
2023-06-18		 a year crt.sh
*.mobfox.com
R3		 2022-09-22 -
2022-12-21		 3 months crt.sh
*.trafmag.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-14 -
2023-06-14		 a year crt.sh
*.admixer.co.kr
GeoTrust RSA CA 2018		 2022-04-29 -
2023-05-01		 a year crt.sh
s.console.adtarget.com.tr
ZeroSSL ECC Domain Secure Site CA		 2022-09-25 -
2022-12-24		 3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-31 -
2023-01-26		 3 months crt.sh
*.audrte.com
Amazon		 2022-02-24 -
2023-03-24		 a year crt.sh
*.e-planning.net
R3		 2022-10-10 -
2023-01-08		 3 months crt.sh
*.google.co.uk
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-17 -
2023-04-04		 a year crt.sh
i.e-planning.net
Sectigo RSA Domain Validation Secure Server CA		 2022-02-23 -
2023-02-03		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-04 -
2023-06-03		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-09 -
2023-12-10		 a year crt.sh
*.exelator.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-08 -
2023-06-10		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-24 -
2023-03-27		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-20 -
2023-10-19		 a year crt.sh
*.richaudience.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-11 -
2023-03-10		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2022-02-26 -
2023-03-01		 a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-07 -
2023-09-30		 a year crt.sh
loopme.com
R3		 2022-09-26 -
2022-12-25		 3 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-01 -
2023-10-02		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
sync.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-09-26 -
2022-12-25		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
sync.console.adtarget.com.tr
ZeroSSL ECC Domain Secure Site CA		 2022-09-24 -
2022-12-23		 3 months crt.sh
*.cookieless-data.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-23 -
2023-03-22		 a year crt.sh
*.yellowblue.io
Amazon		 2022-04-23 -
2023-05-22		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2022-07-20 -
2023-07-19		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-11-08 -
2023-05-03		 6 months crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
juke.mmi.tns-ua.com
R3		 2022-10-03 -
2023-01-01		 3 months crt.sh
*.doubleverify.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-05 -
2023-07-07		 a year crt.sh
eyeota.net
GoGetSSL RSA DV CA		 2022-03-18 -
2023-03-18		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
teads.tv
R3		 2022-10-27 -
2023-01-25		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.tps.doubleverify.com
Go Daddy Secure Certificate Authority - G2		 2022-09-28 -
2023-10-30		 a year crt.sh
*.match.prod.bidr.io
Amazon		 2022-01-27 -
2023-02-25		 a year crt.sh
*.iprom.net
R3		 2022-09-13 -
2022-12-12		 3 months crt.sh
truffle.bid
R3		 2022-10-03 -
2023-01-01		 3 months crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-01 -
2023-03-28		 a year crt.sh
*.ctnsnet.com
DigiCert SHA2 Secure Server CA		 2022-09-27 -
2023-03-08		 5 months crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh

This page contains 150 frames:

Primary Page: http://zdorovia.com.ua/
Frame ID: 89799BEDBE655602D07BD130E17BCF69
Requests: 146 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FZdoroviacomua%2F&tabs=timeline&width=300&height=600&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=348298842028226
Frame ID: E391E98B8CCFB05EC28C6F2EBCC30D70
Requests: 2 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=1&session_id=d983296b-ba03-4194-a396-ebfa56b4b876&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F&referer=
Frame ID: D61FFFAA57A3D5F66FDDC8D23668D6F8
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/branding/ls?branding=1550&bannerNum=92005143690506380&apuid=b396dead-d407-4521-bd1c-20b0ee5894fe&session_pageview=1&session_id=d983296b-ba03-4194-a396-ebfa56b4b876&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Frame ID: 03825FBA4F31AB5E5E657EF26BA6E961
Requests: 3 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522b396dead-d407-4521-bd1c-20b0ee5894fe%2522%252C%2522event%2522%253A%2522visible_show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2297845%252C%2522rule_id%2522%253A209963%252C%2522show_id%2522%253A%2522f6294f0f-e729-4bdc-b28f-761c055acf36%2522%257D%255D%252C%2522unit_id%2522%253A1550%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522f6294f0f-e729-4bdc-b28f-761c055acf36%2522%252C%2522url%2522%253A%2522http%25253A%25252F%25252Fzdorovia.com.ua%25252F%2522%257D
Frame ID: AEC0FD5A2E2768D033DAE9787F324C34
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/51428/c.html?b=51428
Frame ID: 835F57F5D72B64B8605D3033F00ADF1C
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/51428/c.html?b=51428
Frame ID: 7896B6BAD1AC9E320E33200F97E2C12D
Requests: 1 HTTP requests in this frame

Frame: https://file.adpartner.pro/2297/2297845/zdorovia.com.ua_160x600_br1.html?content_width=980px&background_size=1710.5454545454545&top_padding=0&side_width=310&bg_url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fbackground_empty.jpg&unit_num=1550_92005143690506380&url=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F1550%2F2297845%2Ff6294f0f-e729-4bdc-b28f-761c055acf36%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjY5MTcyMDkwLCJzaG93X2lkIjoiZjYyOTRmMGYtZTcyOS00YmRjLWIyOGYtNzYxYzA1NWFjZjM2IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYjM5NmRlYWQtZDQwNy00NTIxLWJkMWMtMjBiMGVlNTg5NGZlIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%3D%3D%26hash%3D676d187b190c7157f4c37b8beb6ce1b1
Frame ID: 3CAAF02C3C40C8461B8E6F53047AEDC5
Requests: 9 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522b396dead-d407-4521-bd1c-20b0ee5894fe%2522%252C%2522event%2522%253A%2522load%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2297845%252C%2522rule_id%2522%253A209963%252C%2522show_id%2522%253A%2522f6294f0f-e729-4bdc-b28f-761c055acf36%2522%257D%255D%252C%2522unit_id%2522%253A1550%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522f6294f0f-e729-4bdc-b28f-761c055acf36%2522%252C%2522url%2522%253A%2522http%25253A%25252F%25252Fzdorovia.com.ua%25252F%2522%257D
Frame ID: 2C6664453E2EDCBC640891DC855DFC8F
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522b396dead-d407-4521-bd1c-20b0ee5894fe%2522%252C%2522event%2522%253A%2522show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2297845%252C%2522rule_id%2522%253A209963%252C%2522show_id%2522%253A%2522f6294f0f-e729-4bdc-b28f-761c055acf36%2522%257D%255D%252C%2522unit_id%2522%253A1550%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522f6294f0f-e729-4bdc-b28f-761c055acf36%2522%252C%2522url%2522%253A%2522http%25253A%25252F%25252Fzdorovia.com.ua%25252F%2522%257D
Frame ID: 6D85AA8626E6D699C07AE57096E93E63
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Frame ID: 71C7F55E56EB9EDF5124E54DA9198B3B
Requests: 12 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59d216e971852f2
Frame ID: 48498036182D47CBB331D524A89C1A57
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=707176
Frame ID: A1366C59A27377F5FD60664C0C452594
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_1&adk=1620915178&adf=2310543992&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_92005143690506380%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252Ff6294f0f-e729-4bdc-b28f-761c055acf36%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjY5MTcyMDkwLCJzaG93X2lkIjoiZjYyOTRmMGYtZTcyOS00YmRjLWIyOGYtNzYxYzA1NWFjZjM2IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYjM5NmRlYWQtZDQwNy00NTIxLWJkMWMtMjBiMGVlNTg5NGZlIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D676d187b190c7157f4c37b8beb6ce1b1&wgl=1&dt=1669172091077&bpp=14&bdt=197&idt=284&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=2517354019158&frm=22&ife=1&pv=2&ga_vid=1951171059.1669172091&ga_sid=1669172091&ga_hid=1374441472&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=827021184&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44773809%2C42531705%2C44777506%2C44777948&oid=2&pvsid=1336550878665547&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.jjdeic54bucn&fsb=1&xpc=AW8QE0jNoR&p=https%3A//file.adpartner.pro&dtd=312
Frame ID: D677168E6DE013A31273C402EEA14EA8
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Frame ID: 0085CE1901361136FE189D62EE72D6F1
Requests: 3 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: 5020F39C0467F75667814078C4957C1D
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: B535F73F06030ABE4CA28E3E24A97ED7
Requests: 31 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_2&adk=1974494150&adf=162286153&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_92005143690506380%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252Ff6294f0f-e729-4bdc-b28f-761c055acf36%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjY5MTcyMDkwLCJzaG93X2lkIjoiZjYyOTRmMGYtZTcyOS00YmRjLWIyOGYtNzYxYzA1NWFjZjM2IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYjM5NmRlYWQtZDQwNy00NTIxLWJkMWMtMjBiMGVlNTg5NGZlIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D676d187b190c7157f4c37b8beb6ce1b1&wgl=1&dt=1669172091096&bpp=2&bdt=216&idt=306&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&prev_slotnames=zdorovia.com.ua_160x600_br_1&correlator=2517354019158&frm=22&ife=1&pv=1&ga_vid=1951171059.1669172091&ga_sid=1669172091&ga_hid=1374441472&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=827021184&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44773809%2C42531705%2C44777506%2C44777948&oid=2&pvsid=1336550878665547&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.5xw6kjwz6amw&fsb=1&xpc=i7NWMsWpiw&p=https%3A//file.adpartner.pro&dtd=312
Frame ID: 63E74B1D3F13162C12B18F46BC0711A8
Requests: 11 HTTP requests in this frame

Frame: https://scripts.go2net.com.ua/scripts3/loader2.js
Frame ID: 668179519C2BE8169FE0A7B2C68DDAE6
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Frame ID: 01CCBEDA066993FDEE5B941CC490B2FD
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: 3C9F6950F4DED8FE599C1C56480D52E0
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: 9CD19249D4A8A88B74D248DF164F86FE
Requests: 8 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: 787D12C0CEA2F7F72FF00EC547073870
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Frame ID: 30645C723FCE5DDF139E64C5594AF27C
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/51428/c.html?b=51428
Frame ID: E2F7E797D9A18E1C74536F5F8C057377
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Frame ID: A8004FEACA699B7A73B4057CE43DB960
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Frame ID: D981FBCD54FF385F8B73847A2C136B30
Requests: 12 HTTP requests in this frame

Frame: https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Frame ID: 6DFC026E9224F6B2D454D562752FFCB3
Requests: 1 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=755289
Frame ID: E939EECE63845C9D3424D339DEA9D274
Requests: 2 HTTP requests in this frame

Frame: https://csync.loopme.me/?pubid=11378&gdpr=$0&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bviewer_token%7D
Frame ID: EB1C407CD230E09A517C276C55E51C93
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Frame ID: C2791B35D1E0C191A158D62F5A8D511B
Requests: 10 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=651796
Frame ID: 6DA817C1C37A2113A56ED8AFF634B1F8
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417939&pi=t.ma~as.7553037928&w=728&lmt=1669172091&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1669172091570&bpp=7&bdt=106&idt=190&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&correlator=4639092018766&frm=23&ife=5&pv=2&ga_vid=1022265231.1669172090&ga_sid=1669172090&ga_hid=52432709&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531705%2C31070923&oid=2&pvsid=417168342558042&tmod=1518457775&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.f1jdbaqguy4t&fsb=1&dtd=214
Frame ID: ADBF2D1A5DEDA4F5E03D4746D4D8A282
Requests: 20 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Frame ID: 6F06FF727E965AA4057984CB65EEBB3F
Requests: 4 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: D84D9D823B69AEF91C6C683B2A05D0F7
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: 4E682E95FB741C9A440FF9D5DDF6D8A9
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75a1922f904cc20
Frame ID: 5E787E683D017C24CA362C9850B3E846
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: C24164AC935E584F50AE2BAE44243746
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417948&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1669172091&rafmt=1&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1669172091668&bpp=5&bdt=190&idt=191&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&correlator=4639092018766&frm=23&ife=5&pv=1&ga_vid=1022265231.1669172090&ga_sid=1669172090&ga_hid=927732058&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44768832%2C44773614%2C44779076&oid=2&pvsid=1045003748251155&tmod=523807073&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.maxf71wxo28k&fsb=1&dtd=217
Frame ID: AAFE141BD355CE1697411CE1E413EB4E
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/51428/c.html?b=51428
Frame ID: 5E89ED250F3F614A47C378AD33AF1483
Requests: 1 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: BE63A7A9F79D22A22B5862049E599F7B
Requests: 2 HTTP requests in this frame

Frame: https://u-ams03.e-planning.net/um?dc=3ab023ac29ea5990&fi=b2fa57c77b829b93&uid=f480e52263601e65ea80c40c597af449
Frame ID: 1D0DAF883CA0B382B4718A9389D9E954
Requests: 2 HTTP requests in this frame

Frame: https://inv-nets.admixer.net/adxcm.aspx?ssp=D56DC09D-C39C-4BD6-BD73-03CAB4DA9C50&id=ADAxld9Q1WPJ3fmG
Frame ID: BD801151B90E06E84E96028A60ECB786
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=wTexWmdAG4YFBWa8Ajjx&pi=admatic
Frame ID: B2F4F0110FE39EF6D22D91B1310F2341
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=738101&extuid=${UID}
Frame ID: 4E7ACEFD6D6BFF06EDC965EA4D2CC363
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307565&extuid=${UID}
Frame ID: 6958DE9CF8BD48DBD21F6C6E09E42363
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=8510913750865436768
Frame ID: 3A0324E3DD13C92C030667D222DF47EA
Requests: 1 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: 392665AA10CD4A7CB25AC474151BF419
Requests: 2 HTTP requests in this frame

Frame: https://u-ams03.e-planning.net/um?dc=3ab023ac29ea5990&fi=b2fa57c77b829b93&uid=f66c2b0869940a26a878505394b8e720
Frame ID: 5B93BF302EB1BC6391AFE22B86A00ADB
Requests: 2 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=ADAxld9Q1WPJ3fmG
Frame ID: 9575E5B698AAE8760EAF07D89B36C036
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=2&session_id=d983296b-ba03-4194-a396-ebfa56b4b876&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F&referer=http%3A%2F%2Fzdorovia.com.ua%2F
Frame ID: 42F711C9F5B79FE31451EF4A8941DBF8
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/media/ls?mediaunit=7434&apuid=b396dead-d407-4521-bd1c-20b0ee5894fe&session_pageview=2&session_id=d983296b-ba03-4194-a396-ebfa56b4b876&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Frame ID: 3BE4FEE9E8846CBD8A8B90165090AF6C
Requests: 2 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=1540EA77-AB19-43EC-AD22-9A8D43F3C8DE&gdpr=0&gdpr_consent=
Frame ID: 6282F5380F0499799DB9CBC2E2FCE170
Requests: 1 HTTP requests in this frame

Frame: https://cs.yellowblue.io/cs?aid=11576&id=d364e212501d4e3d804c2267b01abaeb
Frame ID: 0E56E7B68FA736B5C304E0B98930D17C
Requests: 1 HTTP requests in this frame

Frame: https://cs.yellowblue.io/cs?aid=11576&id=d364e212501d4e3d804c2267b01abaeb
Frame ID: 1F55D480A3A56581C04EEA3CF395CD05
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: EBEBE8AA05B06543693FE872587522C1
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=1540EA77-AB19-43EC-AD22-9A8D43F3C8DE&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 5BA6E9C7F0155AB39FF5B8582D0F86E8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3740268398524048266&gdpr=0&gdpr_consent=
Frame ID: 88B795746331CB30552AC41EB2291142
Requests: 1 HTTP requests in this frame

Frame: https://pr-bh.ybp.yahoo.com/sync/pubmatic/1540EA77-AB19-43EC-AD22-9A8D43F3C8DE?gdpr=0&gdpr_consent=
Frame ID: 6BE47A660A9A49A99893DBD6A6096F6D
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=558003&extuid=1540EA77-AB19-43EC-AD22-9A8D43F3C8DE
Frame ID: 1843C4E36C36010F14347D5AD9DF88A6
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Frame ID: 7C46F2CFDFF4EE3C2013E528FB4BB784
Requests: 2 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Frame ID: 9408E7E93CFC7ED3047A8C0B05DB43EC
Requests: 12 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59d216e971852f2
Frame ID: 1C34F6C184059FB4FEAAEC6BC4A121CD
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=707176
Frame ID: D78612D0ADB09A4719FD4C7B946C7D6E
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 55BEC2E1ED92DDC2B2C10AA60D83A609
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 300C62EC967A678375685F88895209CA
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjepwIQ67KGuwIYmo-5ywEwAQ&v=APEucNXVJR96VV_0DMpdMZJA1SYmw1wCMLTNPTOIt5KHQ8ySRhCc1XnyWM9Pn9XDuXROobDGOoOe8O6YxfdOn4-HL_myt52oAJBk7kecbw4ViTd3DNSILuWbLWr77Sys_Xd4RYnMinihfNyWsGHax0l1PCbWDuw0-lpF9wiVBqWkekHwo4UCHbU
Frame ID: C1E1B5239127F1FAB59D68C2B97BFD08
Requests: 5 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Frame ID: 0C1CCEEBC8A1D618C11E08B2D3B34083
Requests: 3 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: 3AACA2BB65C6DD2F6D8A7D828595A8CA
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: 45F56CEC1C7BA46F2E5E0B6080673F16
Requests: 3 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=755289
Frame ID: C257A75E289B782F6D20B67A7C1319DC
Requests: 2 HTTP requests in this frame

Frame: https://csync.loopme.me/?pubid=11378&gdpr=$0&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bviewer_token%7D
Frame ID: E9260EFDBD15688BA0D5C214EFB461E0
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=651796
Frame ID: B3D5B451F151E5254E8A461783E29490
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Frame ID: EE8F35A73B153F4ABEEBC366E5A3A2DC
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Frame ID: 7CDE476C4D22FB4395ABEB795634B465
Requests: 12 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Frame ID: 1742FA332B870AF628101F5618C00B55
Requests: 4 HTTP requests in this frame

Frame: https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Frame ID: 15D1676B503FB95E066791E8AF18F5C1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 513A752A862E47466D38E1BCDB695833
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 167AE2077AC93FB11317919FCC13FE3F
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/871407110805838366/index.html
Frame ID: F2E6C244E1F3F973CBD5BE2CBEE0442F
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=Cv3nGe4t9Y4G8OJWLjuwPoeaFiAqblqHNaYjqm9zwBtzLqPzoChABIKzk9ghgu4aAgNAKoAGF2YbSA8gBCakCp9rtKcPxsz6oAwHIA0iqBMwBT9BL0cPQnt-pF7KNAbRBNrk0sBt1FcVY5UT3e0EHA6hgCrcbJ1PN4HplJufHiYkR_60_bNb6-n81txg42gmaevdHHz_rrxRPiTJbLe9iokEMttn_euzvjId6DEZ0jN0ZXE8MAPTAxK5O8fvqwsvAQrCwb69KJgVTfB7DX8R9thZPCXRXvxPxSx4m_J7zJZQuiSINEDam64fIi-NjxeHgSSNz-QYKLOu5DB7oxTWEu1KOMEtsKSlNTvhD56Pb8peM211i8enDcgy1i302wASVyuudoQGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH46b5LagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEITEDdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMC0BUBgBcBshccChoIABIUcHViLTQ1NzcyNTQ0MzU1OTcxMDQYAA&sigh=PZrsLv361FU&uach_m=[UACH]&cid=CAQSKQDq26N9sfDzHRxk7XfVC-8GpQjZxAJcmjd8sS0FncdEAG7LQUTZorctGAEgEw&template_id=419
Frame ID: 06723BE5996B362D2131A1C5011093D2
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Frame ID: CBBFFD69E091FBBE1E976370E76B5DC5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417949&pi=t.ma~as.6208660382&w=300&lmt=1669172092&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1669172092258&bpp=4&bdt=728&idt=555&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&cookie=ID%3Df966468c1f21bd2a-22b3fecf76d700fd%3AT%3D1669172092%3ART%3D1669172092%3AS%3DALNI_MbxLjDH9BsH-ncOtlGFqPmHIHUxvQ&gpic=UID%3D00000b86211eed53%3AT%3D1669172092%3ART%3D1669172092%3AS%3DALNI_MaxgCLLG6BrkRDm3aXhGq6BAbnv-Q&correlator=4639092018766&frm=23&ife=5&pv=1&ga_vid=1022265231.1669172090&ga_sid=1669172090&ga_hid=663377632&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=910&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44777506%2C31070968%2C44770881&oid=2&pvsid=2843744206474669&tmod=1440526577&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.6ul7w0abq8ea&fsb=1&dtd=572
Frame ID: D4568E80BDDE947959DFFA924D4FEDC4
Requests: 20 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: 6CCE08335AB2556AAB5497019615ACCE
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75a1922f904cc20
Frame ID: 96B3A1D13352EE49578EBC0A1DEB9BFF
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=3&session_id=d983296b-ba03-4194-a396-ebfa56b4b876&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F&referer=http%3A%2F%2Fzdorovia.com.ua%2F
Frame ID: 120F75C1031EC3835AFDED190E057CB3
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/media/ls?mediaunit=7434&apuid=b396dead-d407-4521-bd1c-20b0ee5894fe&session_pageview=3&session_id=d983296b-ba03-4194-a396-ebfa56b4b876&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Frame ID: CC40F1F527351A4D55755175CA7A1460
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Frame ID: 6BE8F6F895B12AEF335C9BA33E3A6410
Requests: 3 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: 6D062B4F784C3869E28156515EEAA1C7
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: FA7E1F63D8DDE14D5DBAD0E3821D344E
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 1ADE328F8C1B267269CCC21E5E9C5542
Requests: 2 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: F114E59BAA5CC09BC12F2DC109E34A66
Requests: 2 HTTP requests in this frame

Frame: https://u-ams03.e-planning.net/um?dc=3ab023ac29ea5990&fi=7a666ecd51ae352c&uid=f480e52263601e65ea80c40c597af449
Frame ID: E8AF197F787A560BFAEC51D06FA39AE2
Requests: 2 HTTP requests in this frame

Frame: https://inv-nets.admixer.net/adxcm.aspx?ssp=D56DC09D-C39C-4BD6-BD73-03CAB4DA9C50&id=ADAxld9Q1WPJ3fmG
Frame ID: DEFAD45E727DDF3D042E03B5EF003CED
Requests: 1 HTTP requests in this frame

Frame: https://file.adpartner.pro/2085/2085828/zdorovia.com.ua_970x250_ruslan1.html?adId=2085828&unitId=7434&link=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F7434%2F2085828%2F3a5a9d6d-9e9a-4529-a22b-82af7384ba38%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjY5MTcyMDkyLCJzaG93X2lkIjoiM2E1YTlkNmQtOWU5YS00NTI5LWEyMmItODJhZjczODRiYTM4IiwiYWRfdW5pdF9pZCI6NzQzNCwicnVsZV9pZCI6MTg0MzIzLCJhZF9pZCI6MjA4NTgyOCwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYjM5NmRlYWQtZDQwNy00NTIxLWJkMWMtMjBiMGVlNTg5NGZlIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%3D%3D%26hash%3Def83b6bc83581b1315c4e4c643ce8f72&showId=3a5a9d6d-9e9a-4529-a22b-82af7384ba38&apuid=b396dead-d407-4521-bd1c-20b0ee5894fe
Frame ID: 9470C3910768871103EB6DC7F7FD1ED1
Requests: 8 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: 84BE1D00C2BB3798AC45664F46E6885C
Requests: 2 HTTP requests in this frame

Frame: https://u-ams03.e-planning.net/um?dc=3ab023ac29ea5990&fi=7a666ecd51ae352c&uid=f66c2b0869940a26a878505394b8e720
Frame ID: 6C72BABEEAE2AD59690C6B5F84B0C417
Requests: 2 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=ADAxld9Q1WPJ3fmG
Frame ID: FFAD1EC49220E484521513D76EEF40D3
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522b396dead-d407-4521-bd1c-20b0ee5894fe%2522%252C%2522event%2522%253A%2522load%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2085828%252C%2522rule_id%2522%253A184323%252C%2522show_id%2522%253A%25223a5a9d6d-9e9a-4529-a22b-82af7384ba38%2522%257D%255D%252C%2522unit_id%2522%253A7434%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%25223a5a9d6d-9e9a-4529-a22b-82af7384ba38%2522%252C%2522url%2522%253A%2522http%253A%252F%252Fzdorovia.com.ua%252F%2522%257D
Frame ID: 4EA43BD7EC9897479B83BD2176F5EEBC
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522b396dead-d407-4521-bd1c-20b0ee5894fe%2522%252C%2522event%2522%253A%2522show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2085828%252C%2522rule_id%2522%253A184323%252C%2522show_id%2522%253A%25223a5a9d6d-9e9a-4529-a22b-82af7384ba38%2522%257D%255D%252C%2522unit_id%2522%253A7434%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%25223a5a9d6d-9e9a-4529-a22b-82af7384ba38%2522%252C%2522url%2522%253A%2522http%253A%252F%252Fzdorovia.com.ua%252F%2522%257D
Frame ID: 31898817A20A81AE605D9115DD53BB30
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 233A0E4E66C14AAAF21C2A40244D64CC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B8936BE7FB2185EEB43F0C370A2743F6
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 99D72CB16D673BB11FDE3FBC83AB2AEA
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3A628082154E23A66C0666BC15E7E3AF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 125B0DC5F678641B78DD0A201F52164D
Requests: 2 HTTP requests in this frame

Frame: https://file.adpartner.pro/2085/2085828/zdorovia.com.ua_970x250_ruslan1.html?adId=2085828&unitId=7434&link=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F7434%2F2085828%2F2d0adcf5-3781-4e0a-a8ea-0d58b78b519e%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjY5MTcyMDkzLCJzaG93X2lkIjoiMmQwYWRjZjUtMzc4MS00ZTBhLWE4ZWEtMGQ1OGI3OGI1MTllIiwiYWRfdW5pdF9pZCI6NzQzNCwicnVsZV9pZCI6MTg0MzIzLCJhZF9pZCI6MjA4NTgyOCwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYjM5NmRlYWQtZDQwNy00NTIxLWJkMWMtMjBiMGVlNTg5NGZlIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%3D%3D%26hash%3Dec5eb7b6e0a59949d2ac1f550d71d351&showId=2d0adcf5-3781-4e0a-a8ea-0d58b78b519e&apuid=b396dead-d407-4521-bd1c-20b0ee5894fe
Frame ID: 3D916E35E17BF4F739F12836D6448E0E
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjepwIQlvvE0AIY0_WwzQEwAQ&v=APEucNUH9Y5vyeGNeR8jJ-6QWjDOdPVpp6pqa2zf4QfUq-SXAX-EEJgP62x4g4P4vQwtMwcTM9mLsmloxcH8KpQ7Kd5feuhazGB2bqEluLMf9GpHTO-fxJaykklEW5CwG4fRND-6_HHHWQtVBjMsnTFjoHIjPJo6tE6iE1GtTkqkN071W9GvhH8
Frame ID: D12E1C887E7301D48A5D680732FEE378
Requests: 5 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522b396dead-d407-4521-bd1c-20b0ee5894fe%2522%252C%2522event%2522%253A%2522load%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2085828%252C%2522rule_id%2522%253A184323%252C%2522show_id%2522%253A%25222d0adcf5-3781-4e0a-a8ea-0d58b78b519e%2522%257D%255D%252C%2522unit_id%2522%253A7434%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%25222d0adcf5-3781-4e0a-a8ea-0d58b78b519e%2522%252C%2522url%2522%253A%2522http%253A%252F%252Fzdorovia.com.ua%252F%2522%257D
Frame ID: 424687D4A2C04B781A78F32B12C62506
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522b396dead-d407-4521-bd1c-20b0ee5894fe%2522%252C%2522event%2522%253A%2522show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2085828%252C%2522rule_id%2522%253A184323%252C%2522show_id%2522%253A%25222d0adcf5-3781-4e0a-a8ea-0d58b78b519e%2522%257D%255D%252C%2522unit_id%2522%253A7434%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%25222d0adcf5-3781-4e0a-a8ea-0d58b78b519e%2522%252C%2522url%2522%253A%2522http%253A%252F%252Fzdorovia.com.ua%252F%2522%257D
Frame ID: 1850E3B3AB12E9DBA1B6789AD3BBBBBE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155820289&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1669172093443&bpp=18&bdt=230&idt=219&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=1749007849656&frm=8&ife=1&pv=2&ga_vid=1427029477.1669172094&ga_sid=1669172094&ga_hid=574819294&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3846571605&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44774649%2C42531705%2C44774653%2C44777506%2C31070763%2C44770881&oid=2&pvsid=2870033142786992&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.ai7kwka5pwwb&fsb=1&dtd=238
Frame ID: C3A1C200A89F5CF4760BD6363D67A428
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMe4vAEQnPDewQIY0ZbY1wEwAQ&v=APEucNWoKSQB8yD1lR1ckSzQyTUZW2g21uoJVvK3J2sd3OqXRLCpHPaUbTZqrjehdlkeXfMMJlCYnvCsGHYkWnMKJqmaIv24sw
Frame ID: 92721F4D3AEF1AD55740737D424416B4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 6F24FB558700C873E3EB514C02CFB9EF
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155823868&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1669172093862&bpp=13&bdt=236&idt=324&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=3857357183040&frm=8&ife=1&pv=2&ga_vid=1240897355.1669172094&ga_sid=1669172094&ga_hid=311990213&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=802331862&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C42531705%2C44774606&oid=2&pvsid=1999659876815096&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.enrtmqh2xdo1&fsb=1&dtd=342
Frame ID: 159038683DC8785914941240C61B7576
Requests: 14 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12253562395284209664/728x90-Crystal_Ski/index.html?e=69&leftOffset=0&topOffset=0&c=uvcZk6if6d&t=1&renderingType=2&ev=01_247
Frame ID: 746EBB74D79454806419195254260372
Requests: 25 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements3225.js
Frame ID: 1BEF26BBBD242CC465CB9D6C3AC82E17
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D436E3BC7F205BA01070ACD0BBC4E2CB
Requests: 9 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements3225.js
Frame ID: 6026810B2032A7F5307F7E28151DA9A2
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMe4vAEQnPDewQIY66yj2AEwAQ&v=APEucNVdQwFj8KamRw0UQKS2-NwlNJ0s-rxK5Y3ZglsGEDbEB99S_W6DyDF2ZljopvBxM1LO9uOzY7TFMXffwdl3YCPkEzbrsQ
Frame ID: 403A318F8B89B13601D6DE4663F21750
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/2978795306681093372/index.html
Frame ID: DB3947070CDB76D0A5AB3AC4CD3A4FC3
Requests: 22 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/11451833700682039296/300x250-First%20Choice%20-%20Aktiv/index.html?e=69&leftOffset=0&topOffset=0&c=cxZRQO0Vvo&t=1&renderingType=2&ev=01_247
Frame ID: 5FA792930B92EDA9601F98E04BB1547F
Requests: 20 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements3225.js
Frame ID: 3239004CEBC3E23C89B53362564AA400
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 3EEF60006B983A1BE4AEC03C6EE82CDC
Requests: 3 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements3225.js
Frame ID: 2F3A6E9AD5E02383554A4D7135E728EC
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5A537394A301F0A192B871B8D28FB557
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/18030282549340789940/index.html
Frame ID: 6BC4A7C6AAC6F8C5ECA83DE2D9752F9C
Requests: 23 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7169039542254237838&gdpr=0&gdpr_consent=
Frame ID: 91A101D2DE5700061C6EAAF32F02D1BE
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Frame ID: AB3B802E9143F4C9E1B92E5443C2532E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=oywzxlZ-TQZkjoxdHLND8NmKxGQ
Frame ID: 5B348BB6271771750A9A07AD364516C3
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y32LfAAKFdI0aAA7&gdpr=0&gdpr_consent=
Frame ID: 335F401317FD95A54DEB968EC8792E59
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent=
Frame ID: A46D1C093E157D434ADA182E69C7E610
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: BF4E1132344633A969DCC671737B9241
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: CE92DF317E214D94AAE76BD257025107
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 91A236935B4F0BA68383C6857B390A52
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8548484106
Frame ID: 58C83E0722D77B78F197F519C9A32FDC
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 90DBB1D0E4F115EFC07CB5FCFCE5BA57
Requests: 1 HTTP requests in this frame

Frame: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=d3ac1de4f69aa85b/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DEcv7Kmx8QYgjbQnWMURggSVh
Frame ID: C81CA681149CEAD48840ED846038FB25
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 34FC1C52245C9A4E5507E3DBA16C40BE
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A6E0864F3955409AAE0AC8EBB77074AF&gdpr=0&gdpr_consent=
Frame ID: A49AE5D99CFC8DC02137497EC002D7F0
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=1540EA77-AB19-43EC-AD22-9A8D43F3C8DE
Frame ID: 67480379BC1CBDEE9A05361A7D0EEF9C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0ED2CC4BA5B04063B173C5F87A774463
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Frame ID: 910B78A480A372AEB5C8EB056C51402A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DEB41168D70D75D3C21C261EF5582A64
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1245F196734AA6C7FBBF877154F7A138
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Frame ID: ADBB1A106D0ACEB84CA5979A0C0440AE
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=zdorovia.com.ua
Frame ID: F6D7E6D52D8584DFA711256F967524BD
Requests: 2 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=558003&extuid=1540EA77-AB19-43EC-AD22-9A8D43F3C8DE
Frame ID: CF14EC74D9B00ABEEDB8737E193750F8
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=1540EA77-AB19-43EC-AD22-9A8D43F3C8DE
Frame ID: 81581A5BA1E50437BE1F1020AD1F6272
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 359AE39C2B2F19B650135CF1B8799467
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1600A4D30A457C4FBB906C1EA0079700
Requests: 2 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tt?time=10&apuid=b396dead-d407-4521-bd1c-20b0ee5894fe&session_pageview=1&session_id=d983296b-ba03-4194-a396-ebfa56b4b876&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F&referer=
Frame ID: AAE3F458B1690F12004DBD014047EF28
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Новини здоров'я, лікування та здорового харчування та очищення

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

708
Requests

78 %
HTTPS

23 %
IPv6

104
Domains

156
Subdomains

103
IPs

18
Countries

6067 kB
Transfer

14268 kB
Size

163
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 57
  • http://a4p.adpartner.pro/branding?id=1550&0.35508495829612663 HTTP 301
  • https://a4p.adpartner.pro/branding?id=1550&0.35508495829612663
Request Chain 58
  • http://www.google-analytics.com/ga.js HTTP 307
  • https://www.google-analytics.com/ga.js
Request Chain 59
  • http://counter.yadro.ru/hit?r;s1600*1200*24;uhttp%3A//zdorovia.com.ua/;h%u041D%u043E%u0432%u0438%u043D%u0438%20%u0437%u0434%u043E%u0440%u043E%u0432%27%u044F%2C%20%u043B%u0456%u043A%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u0437%u0434%u043E%u0440%u043E%u0432%u043E%u0433%u043E%20%u0445%u0430%u0440%u0447%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u043E%u0447%u0438%u0449%u0435%u043D%u043D%u044F;0.14831613330983773 HTTP 302
  • https://counter.yadro.ru/hit?r;s1600*1200*24;uhttp%3A//zdorovia.com.ua/;h%u041D%u043E%u0432%u0438%u043D%u0438%20%u0437%u0434%u043E%u0440%u043E%u0432%27%u044F%2C%20%u043B%u0456%u043A%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u0437%u0434%u043E%u0440%u043E%u0432%u043E%u0433%u043E%20%u0445%u0430%u0440%u0447%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u043E%u0447%u0438%u0449%u0435%u043D%u043D%u044F;0.14831613330983773 HTTP 302
  • https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttp%3A//zdorovia.com.ua/;h%u041D%u043E%u0432%u0438%u043D%u0438%20%u0437%u0434%u043E%u0440%u043E%u0432%27%u044F%2C%20%u043B%u0456%u043A%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u0437%u0434%u043E%u0440%u043E%u0432%u043E%u0433%u043E%20%u0445%u0430%u0440%u0447%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u043E%u0447%u0438%u0449%u0435%u043D%u043D%u044F;0.14831613330983773
Request Chain 67
  • http://c.bigmir.net/?v16918126&s16916513&t1&c1&n205443&w0&y0&d24&r1600 HTTP 302
  • http://i.bigmir.net/cnt/01.png
Request Chain 70
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1847303767&utmhn=zdorovia.com.ua&utmcs=windows-1251&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%27%D1%8F%2C%20%D0%BB%D1%96%D0%BA%D1%83%D0%B2%D0%B0%D0%BD%D0%BD%D1%8F%20%D1%82%D0%B0%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D1%85%D0%B0%D1%80%D1%87%D1%83%D0%B2%D0%B0%D0%BD%D0%BD%D1%8F%20%D1%82%D0%B0%20%D0%BE%D1%87%D0%B8%D1%89%D0%B5%D0%BD%D0%BD%D1%8F&utmhid=840456366&utmr=-&utmp=%2F&utmht=1669172090176&utmac=UA-37123827-1&utmcc=__utma%3D148597372.1022265231.1669172090.1669172090.1669172090.1%3B%2B__utmz%3D148597372.1669172090.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=2010572012&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1847303767&utmhn=zdorovia.com.ua&utmcs=windows-1251&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%27%D1%8F%2C%20%D0%BB%D1%96%D0%BA%D1%83%D0%B2%D0%B0%D0%BD%D0%BD%D1%8F%20%D1%82%D0%B0%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D1%85%D0%B0%D1%80%D1%87%D1%83%D0%B2%D0%B0%D0%BD%D0%BD%D1%8F%20%D1%82%D0%B0%20%D0%BE%D1%87%D0%B8%D1%89%D0%B5%D0%BD%D0%BD%D1%8F&utmhid=840456366&utmr=-&utmp=%2F&utmht=1669172090176&utmac=UA-37123827-1&utmcc=__utma%3D148597372.1022265231.1669172090.1669172090.1669172090.1%3B%2B__utmz%3D148597372.1669172090.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=2010572012&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-37123827-1&cid=1022265231.1669172090&jid=2010572012&_v=5.7.2&z=1847303767 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37123827-1&cid=1022265231.1669172090&jid=2010572012&_v=5.7.2&z=1847303767 HTTP 302
  • https://www.google.co.uk/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37123827-1&cid=1022265231.1669172090&jid=2010572012&_v=5.7.2&z=1847303767&slf_rd=1&random=2981487750
Request Chain 96
  • https://ib.adnxs.com/setuid?entity=533&code=d364e212501d4e3d804c2267b01abaeb HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D533%26code%3Dd364e212501d4e3d804c2267b01abaeb
Request Chain 97
  • https://creativecdn.com/cm-notify?pi=admixer HTTP 302
  • https://creativecdn.com/cm-notify?pi=admixer&tc=1
Request Chain 98
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160846&gdpr={gdpr}&gdpr_consent={consent}&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D160846%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Finv-nets.admixer.net%252Fadxcm.aspx%253Fssp%253D8B7CB874-411E-4307-9BD3-661F1CB0A0E6%2526id%253D%2523PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160846&gdpr={gdpr}&gdpr_consent={consent}&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D160846%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Finv-nets.admixer.net%252Fadxcm.aspx%253Fssp%253D8B7CB874-411E-4307-9BD3-661F1CB0A0E6%2526id%253D%2523PMUID&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MTU0MEVBNzctQUIxOS00M0VDLUFEMjItOUE4RDQzRjNDOERF&gdpr=0&gdpr_consent={consent} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MTU0MEVBNzctQUIxOS00M0VDLUFEMjItOUE4RDQzRjNDOERF&gdpr=0&gdpr_consent={consent}&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent={consent} HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent={consent} HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=160846&pmc=1&pr=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D8B7CB874-411E-4307-9BD3-661F1CB0A0E6%26id%3D1540EA77-AB19-43EC-AD22-9A8D43F3C8DE HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=8B7CB874-411E-4307-9BD3-661F1CB0A0E6&id=1540EA77-AB19-43EC-AD22-9A8D43F3C8DE
Request Chain 99
  • https://adx.adform.net/adx/?rp=4&bWlkPTMyMzA0Mw&callback=globalAml.oid_126106&url=http%3A%2F%2Fzdorovia.com.ua%2F HTTP 302
  • https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTMyMzA0Mw&callback=globalAml.oid_126106&url=http%3A%2F%2Fzdorovia.com.ua%2F
Request Chain 101
  • https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID HTTP 302
  • https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Request Chain 106
  • https://ups.analytics.yahoo.com/ups/58613/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58613/occ?verify=true HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=C08DEACC-8D75-434A-AEB2-F33238E285A8&id=y-zq9wkTZE2uHhrv1qu1YmLe9KLMQ5jm58MDcPDTI-~A
Request Chain 107
  • https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID} HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}&crf=1 HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=bc75d50b-8dab-5247-a8a3-d173cbde5a08
Request Chain 108
  • https://x.bidswitch.net/sync?ssp=admixer&user_id=d364e212501d4e3d804c2267b01abaeb&gdpr=&gdpr_consent=&us_privacy=[usPrivacy] HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=admixer&user_id=d364e212501d4e3d804c2267b01abaeb&gdpr=&gdpr_consent=&us_privacy=[usPrivacy] HTTP 302
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=admixer HTTP 302
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=admixer HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=bf160c69-9d66-4d7b-9c0f-dbedc0395ec2&ssp=admixer HTTP 302
  • https://inv-nets.admixer.net/bs/cm.aspx?id=9e649be7-33c8-4031-a1f7-94900454b0f2&gdpr=&consent=&gdpr_pd=
Request Chain 109
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160321&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11576%26id%3Dd364e212501d4e3d804c2267b01abaeb HTTP 302
  • https://cs.yellowblue.io/cs?aid=11576&id=d364e212501d4e3d804c2267b01abaeb
Request Chain 110
  • https://exchange.buzzoola.com/cookiesync/ssp/admixer?uid=d364e212501d4e3d804c2267b01abaeb HTTP 307
  • https://exchange.buzzoola.com/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=d364e212501d4e3d804c2267b01abaeb
Request Chain 112
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D5BDCF84A-C9CB-4519-8A23-C01743D4AC38%26id%3D%7Buser_id%7D HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5BDCF84A-C9CB-4519-8A23-C01743D4AC38&id=b396dead-d407-4521-bd1c-20b0ee5894fe
Request Chain 114
  • https://rtb.com.ru/admixer-sync?uid=d364e212501d4e3d804c2267b01abaeb HTTP 302
  • https://rtb.com.ru/sync?noRedirect=&sspKey=36&sspUserID=d364e212501d4e3d804c2267b01abaeb HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adspend&google_cm&google_hm=637d8b7b05f70871e6834211&r=https%3A%2F%2Fprodmp.ru%2Frefocus.gif%3Fdsp_provider_id%3D2%26uid%3D637d8b7b05f70871e6834211%26duid%3Dd364e212501d4e3d804c2267b01abaeb%26r%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253D6472613%2526id%253D637d8b7b05f70871e6834211%2526dest%253Dhttps%25253A%25252F%25252Fdmg.digitaltarget.ru%25252F1%25252F224%25252Fi%25252Fi%25253Fa%25253D224%252526e%25253D637d8b7b05f70871e6834211%252526i%25253D1588572724668968874%252526r%25253Dhttps%2525253A%2525252F%2525252Fsync.1dmp.io%2525252Fpixel.gif%2525253Fcid%2525253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%25252526pid%2525253Dw%25252526uid%2525253D637d8b7b05f70871e6834211%25252526ru%2525253Dhttps%252525253A%252525252F%252525252Fcm.p.altergeo.ru%252525252Fspnd%252525253Faid%252525253D637d8b7b05f70871e6834211%2525252526nc%252525253D2226515579124781670%2525252526url%252525253Dhttps%25252525253A%25252525252F%25252525252Fadx.com.ru%25252525252Fadspend-sync%25252525253Fuid%25252525253D637d8b7b05f70871e6834211%252525252526r%25252525253Dhttps%2525252525253A%2525252525252F%2525252525252Fan.yandex.ru%2525252525252Fsetud%2525252525252Fadspend%2525252525252FX78iaYfnPGSuvewK8yPYGH%2525252525253Fsign%2525252525253D190296490%25252525252526location%2525252525253Dhttps%252525252525253A%252525252525252F%252525252525252Fmc.yandex.ru%252525252525252Fwatch%252525252525252F65195605
Request Chain 116
  • https://sync.lemmatechnologies.com/setuid?publisher=144&gdpr=&gdpr_consent=&redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D5EB91493-F210-4EA3-B3C6-1AE3BD948878%26id%3Dd364e212501d4e3d804c2267b01abaeb HTTP 302
  • https://x.bidswitch.net/sync?ssp=lemma&user_id=3381dc13-6ada-11ed-b3f8-801844df0ab8 HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dlemma%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D%26gdpr_consent%3D HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=bc75d50b-8dab-5247-a8a3-d173cbde5a08&ssp=lemma&expires=30&user_group=1&gdpr=&gdpr_consent= HTTP 302
  • https://sync.lemmatechnologies.com/setuid?bidder=bidswitch&uid=9e649be7-33c8-4031-a1f7-94900454b0f2 HTTP 302
  • https://x.bidswitch.net/sync?ssp=lemma&user_id=3381dc13-6ada-11ed-b3f8-801844df0ab8 HTTP 302
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=lemma&bsw_custom_parameter=9e649be7-33c8-4031-a1f7-94900454b0f2&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=589c8d80-bc6f-4a24-9155-6b69c32c5d85&expires=1&user_group=5&ssp=lemma&bsw_param=9e649be7-33c8-4031-a1f7-94900454b0f2 HTTP 302
  • https://sync.lemmatechnologies.com/setuid?bidder=bidswitch&uid=9e649be7-33c8-4031-a1f7-94900454b0f2 HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5EB91493-F210-4EA3-B3C6-1AE3BD948878&id=d364e212501d4e3d804c2267b01abaeb3381dc13-6ada-11ed-b3f8-801844df0ab8
Request Chain 118
  • https://pa.tns-ua.com/bug/pic.gif?tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=d364e212501d4e3d804c2267b01abaeb HTTP 302
  • https://pa.tns-ua.com/bug/pic.gif?cookie_detect=ZF2D8EBCEF664007890F3520B12A7E92&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=d364e212501d4e3d804c2267b01abaeb
Request Chain 120
  • https://ssum-sec.casalemedia.com/usermatchredir?s=197200&cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D&s=197200&C=1
Request Chain 130
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3Db2fa57c77b829b93%26uid%3D%24UID HTTP 302
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=b2fa57c77b829b93&uid=3740268398524048266
Request Chain 135
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_eu&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Request Chain 140
  • http://a4p.adpartner.pro/media?site_id=444&unit_id=7434 HTTP 301
  • https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Request Chain 155
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da62ab6c8-fec4-4a23-5437-6d3421c0e7d2%26reqId%3De6dcd8ce-093b-46e1-4464-c6c2a433e59a%26zdid%3D1361 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da62ab6c8-fec4-4a23-5437-6d3421c0e7d2%26reqId%3De6dcd8ce-093b-46e1-4464-c6c2a433e59a%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=aa0c1ee7-0a31-45de-aed6-81240d8b4d73&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&reqId=e6dcd8ce-093b-46e1-4464-c6c2a433e59a&zdid=1361
Request Chain 160
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da62ab6c8-fec4-4a23-5437-6d3421c0e7d2%26reqId%3De6dcd8ce-093b-46e1-4464-c6c2a433e59a%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&cid=1540EA77-AB19-43EC-AD22-9A8D43F3C8DE&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&reqId=e6dcd8ce-093b-46e1-4464-c6c2a433e59a&zdid=1361
Request Chain 161
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&reqId=e6dcd8ce-093b-46e1-4464-c6c2a433e59a&zdid=1361 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&reqId=e6dcd8ce-093b-46e1-4464-c6c2a433e59a&zdid=1361&s_h=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=dab3b1b2-2ac2-42a9-a26e-a62a2a3e5af4&zpartnerid=317&gdpr=1&gdpr_consent=
Request Chain 162
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da62ab6c8-fec4-4a23-5437-6d3421c0e7d2%26reqId%3De6dcd8ce-093b-46e1-4464-c6c2a433e59a%26zdid%3D1361 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da62ab6c8-fec4-4a23-5437-6d3421c0e7d2%26reqId%3De6dcd8ce-093b-46e1-4464-c6c2a433e59a%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=69322004840513710122150382449058956049&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&reqId=e6dcd8ce-093b-46e1-4464-c6c2a433e59a&zdid=1361
Request Chain 164
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da62ab6c8-fec4-4a23-5437-6d3421c0e7d2%26reqId%3De6dcd8ce-093b-46e1-4464-c6c2a433e59a%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=7169039542254237838&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&reqId=e6dcd8ce-093b-46e1-4464-c6c2a433e59a&zdid=1361
Request Chain 165
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2
Request Chain 166
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da62ab6c8-fec4-4a23-5437-6d3421c0e7d2%26reqId%3De6dcd8ce-093b-46e1-4464-c6c2a433e59a%26zdid%3D1361 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da62ab6c8-fec4-4a23-5437-6d3421c0e7d2%26reqId%3De6dcd8ce-093b-46e1-4464-c6c2a433e59a%26zdid%3D1361&bounce=1&random=801022954 HTTP 302
  • https://mwzeom.zeotap.com/mw?webouuid=B1jQj/7QPowGdWhsIKT5/e&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&reqId=e6dcd8ce-093b-46e1-4464-c6c2a433e59a&zdid=1361
Request Chain 167
  • https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D[sas_uid]%26zpartnerid%3D592%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da62ab6c8-fec4-4a23-5437-6d3421c0e7d2%26reqId%3De6dcd8ce-093b-46e1-4464-c6c2a433e59a%26zdid%3D1361 HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https://mwzeom.zeotap.com/mw?cid=[sas_uid]&zpartnerid=592&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&reqId=e6dcd8ce-093b-46e1-4464-c6c2a433e59a&zdid=1361&cklb=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=
Request Chain 169
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=y-Xvo5ZE5E2opGmVCzm4yULYb8eQhL4NvtWA--~A&zpartnerid=570&env=mWeb
Request Chain 170
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=GBR&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&reqId=e6dcd8ce-093b-46e1-4464-c6c2a433e59a&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=In0q0dN0j7amaDMYkbziUhGD46KFgE7%2F%2BS41iYitP1U%3D
Request Chain 174
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da62ab6c8-fec4-4a23-5437-6d3421c0e7d2%26reqId%3De6dcd8ce-093b-46e1-4464-c6c2a433e59a%26zdid%3D1361 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da62ab6c8-fec4-4a23-5437-6d3421c0e7d2%26reqId%3De6dcd8ce-093b-46e1-4464-c6c2a433e59a%26zdid%3D1361&_test=Y32LfAAKFdI0aAA7 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Y32LfAAKFdI0aAA7&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&reqId=e6dcd8ce-093b-46e1-4464-c6c2a433e59a&zdid=1361&_test=Y32LfAAKFdI0aAA7
Request Chain 175
  • https://engine.widespace.com/map/ext/api/trackingcallback/v1?accessToken=zeotap-user-sync&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&reqId=e6dcd8ce-093b-46e1-4464-c6c2a433e59a&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=395&ws_uid=ck.36f07513-a644-4c26-9504-9de2f35fbe24&zdid=1361
Request Chain 176
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&reqId=e6dcd8ce-093b-46e1-4464-c6c2a433e59a&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=768&cid=PNxge8NR&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&reqId=e6dcd8ce-093b-46e1-4464-c6c2a433e59a&zdid=1361 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2
Request Chain 177
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&reqId=e6dcd8ce-093b-46e1-4464-c6c2a433e59a&zdid=1361 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&reqId=e6dcd8ce-093b-46e1-4464-c6c2a433e59a&zdid=1361&dcc=t
Request Chain 179
  • https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da62ab6c8-fec4-4a23-5437-6d3421c0e7d2%26reqId%3De6dcd8ce-093b-46e1-4464-c6c2a433e59a%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&reqId=e6dcd8ce-093b-46e1-4464-c6c2a433e59a&zdid=1361
Request Chain 181
  • https://x.bidswitch.net/syncd?dsp_id=461&user_group=1&expires=5&user_id=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BBSW_UID%7D%26env%3DmWeb%26zpartnerid%3D1771%26gdpr%3D1%26gdpr_consent%3D%7Bconsent_string%7D%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da62ab6c8-fec4-4a23-5437-6d3421c0e7d2%26reqId%3De6dcd8ce-093b-46e1-4464-c6c2a433e59a%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=9e649be7-33c8-4031-a1f7-94900454b0f2&env=mWeb&zpartnerid=1771&gdpr=1&gdpr_consent={consent_string}&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&reqId=e6dcd8ce-093b-46e1-4464-c6c2a433e59a&zdid=1361
Request Chain 200
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D HTTP 302
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D&ox_sc=1 HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=8e0db42b-48a4-4297-b1d5-34643276e1d1
Request Chain 201
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=b396dead-d407-4521-bd1c-20b0ee5894fe
Request Chain 202
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=3740268398524048266
Request Chain 203
  • https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=88369634-aa65-40f3-8724-867f5258950b
Request Chain 204
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=3740268398524048266
Request Chain 205
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent&zcc=1&cb=1669172091814 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2655457274
Request Chain 206
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D537e6283-e085-4397-a301-d96a66c270aa%26redir%3D1 HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=537e6283-e085-4397-a301-d96a66c270aa&redir=1 HTTP 302
  • https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=d364e212501d4e3d804c2267b01abaeb
Request Chain 216
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3Db2fa57c77b829b93%26uid%3D%24UID HTTP 302
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=b2fa57c77b829b93&uid=3740268398524048266
Request Chain 218
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_eu&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Request Chain 239
  • https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da62ab6c8-fec4-4a23-5437-6d3421c0e7d2%26reqId%3Df1791c92-fe18-4844-6685-fae335a700bc%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&reqId=f1791c92-fe18-4844-6685-fae335a700bc&zdid=1361
Request Chain 249
  • https://creativecdn.com/cm-notify?pi=admatic HTTP 302
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=wTexWmdAG4YFBWa8Ajjx&pi=admatic
Request Chain 252
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID HTTP 303
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=8510913750865436768
Request Chain 253
  • https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=f88ebb0c6ebd2ec3
Request Chain 264
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:36e6637d-8b7c-4200-b477-a05274394952&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11576&id=d364e212501d4e3d804c2267b01abaeb
Request Chain 265
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7141305549775566278 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11576&id=d364e212501d4e3d804c2267b01abaeb
Request Chain 267
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=1540EA77-AB19-43EC-AD22-9A8D43F3C8DE&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=1540EA77-AB19-43EC-AD22-9A8D43F3C8DE&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 268
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3740268398524048266&gdpr=0&gdpr_consent=
Request Chain 269
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=rUDV3qMR1dm2R9qDq0DPg_lC19y2EdrZrhIHq_5n HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/pubmatic/1540EA77-AB19-43EC-AD22-9A8D43F3C8DE?gdpr=0&gdpr_consent=
Request Chain 271
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FUDqd6sZQ-ytIpqNQ_PI3g%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 272
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=9cce637d-8b7c-4800-ae67-3b9c2047dcda
Request Chain 273
  • https://pixel.onaudience.com/?partner=214&mapped=1540EA77-AB19-43EC-AD22-9A8D43F3C8DE&gdpr=0&gdpr_consent= HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=01a4233b05c4fe2e1b237b7eab4f6afa&gdpr=0 HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=d3ac1de4f69aa85b
Request Chain 274
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFdZnj6DEk_DXw2CJZHfttM&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=1540EA77-AB19-43EC-AD22-9A8D43F3C8DE&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-uTkJ1TtE2uVfGsOPt8yrIPNJvntLNXc-~A&gdpr=0&gdpr_consent=
Request Chain 276
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8510913750865436768 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=1540EA77-AB19-43EC-AD22-9A8D43F3C8DE&gdpr=0&gdpr_consent=
Request Chain 278
  • http://a4p.adpartner.pro/media?site_id=444&unit_id=7434 HTTP 301
  • https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Request Chain 292
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160321&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11576%26id%3Dd364e212501d4e3d804c2267b01abaeb HTTP 302
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=0 HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=9e649be7-33c8-4031-a1f7-94900454b0f2 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=9e649be7-33c8-4031-a1f7-94900454b0f2 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=339cf93d-b6a4-48d7-b9b9-ae93c2e389eb&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=9e649be7-33c8-4031-a1f7-94900454b0f2&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 308
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D7a666ecd51ae352c%26uid%3D%24UID HTTP 302
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=7a666ecd51ae352c&uid=3740268398524048266
Request Chain 313
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_eu&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Request Chain 322
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7709510073
Request Chain 324
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=8e0db42b-48a4-4297-b1d5-34643276e1d1
Request Chain 326
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=3740268398524048266
Request Chain 327
  • https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=88369634-aa65-40f3-8724-867f5258950b
Request Chain 329
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D537e6283-e085-4397-a301-d96a66c270aa%26redir%3D1 HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=537e6283-e085-4397-a301-d96a66c270aa&redir=1 HTTP 302
  • https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=d364e212501d4e3d804c2267b01abaeb
Request Chain 332
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENKMcH2Y998-u6lVJqzcygg&google_cver=1
Request Chain 333
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y32Lexf10MiJyhZhOhh3aAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENKMcH2Y998-u6lVJqzcygg&google_cver=1
Request Chain 334
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEH2L7AIweyL3OmQvt4UNkKA&google_cver=1
Request Chain 335
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzc0MDI2ODM5ODUyNDA0ODI2Ng%3D%3D
Request Chain 352
  • https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da62ab6c8-fec4-4a23-5437-6d3421c0e7d2%26reqId%3Dc227a723-c118-4609-412d-965f748ab96d%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&reqId=c227a723-c118-4609-412d-965f748ab96d&zdid=1361
Request Chain 356
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D7a666ecd51ae352c%26uid%3D%24UID HTTP 302
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=7a666ecd51ae352c&uid=3740268398524048266
Request Chain 370
  • https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=f88ebb0c6ebd2ec3
Request Chain 378
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_eu&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Request Chain 396
  • https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da62ab6c8-fec4-4a23-5437-6d3421c0e7d2%26reqId%3D63bafef1-fc11-4eb6-57be-401c3912eb64%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&reqId=63bafef1-fc11-4eb6-57be-401c3912eb64&zdid=1361
Request Chain 410
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=27mtjstlEYCRSaaeeLIjlVFGQ&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=27mtjstlEYCRSaaeeLIjlVFGQ&gdpr=0&gdpr_consent=&google_gid=CAESEFX3m4Qoj4vZ4RlTWtcoaW0&google_cver=1 HTTP 302
  • https://a.audrte.com/p
Request Chain 411
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=8510913750865436768 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=&google_gid=CAESEFX3m4Qoj4vZ4RlTWtcoaW0&google_cver=1 HTTP 302
  • https://a.audrte.com/p
Request Chain 412
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=8510913750865436768 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=&google_gid=CAESEFX3m4Qoj4vZ4RlTWtcoaW0&google_cver=1 HTTP 302
  • https://a.audrte.com/p
Request Chain 413
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=27m1joTTsX7SV2yOh-iFTv-VQ&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=27m1joTTsX7SV2yOh-iFTv-VQ&gdpr=0&gdpr_consent=&google_gid=CAESEFX3m4Qoj4vZ4RlTWtcoaW0&google_cver=1 HTTP 302
  • https://a.audrte.com/p
Request Chain 430
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 459
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELX4QUZfew-Q0n8Ii6u6-AM&google_cver=1
Request Chain 461
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESECKdIA1QcsHGdxbzwYEe2VM&google_cver=1
Request Chain 466
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=8510913750865436768 HTTP 302
  • https://a.audrte.com/p
Request Chain 467
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=27m1joTTsX7SV2yOh-iFTv-VQ&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=27m1joTTsX7SV2yOh-iFTv-VQ&gdpr=0&gdpr_consent=&google_gid=CAESEFX3m4Qoj4vZ4RlTWtcoaW0&google_cver=1 HTTP 302
  • https://a.audrte.com/p
Request Chain 475
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=27m1joTTsX7SV2yOh-iFTv-VQ&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=27m1joTTsX7SV2yOh-iFTv-VQ&gdpr=0&gdpr_consent=&google_gid=CAESEFX3m4Qoj4vZ4RlTWtcoaW0&google_cver=1 HTTP 302
  • https://a.audrte.com/p
Request Chain 476
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=8510913750865436768 HTTP 302
  • https://a.audrte.com/p
Request Chain 523
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESED2A47MvZA1OlWaznPTDAGM&google_cver=1&google_push=ASkJ3FabONDSzL2yDOHgjOXzTJ7mZ6pWCXwXRftk7jpVgBVZVKaNaX216dVOVYrbxqaoVbWMrXtX4HvEbUEZ747ME6pN9xc72ZOu HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ASkJ3FabONDSzL2yDOHgjOXzTJ7mZ6pWCXwXRftk7jpVgBVZVKaNaX216dVOVYrbxqaoVbWMrXtX4HvEbUEZ747ME6pN9xc72ZOu&google_hm=lJQenxYqxbPHWEpyQjZK_A
Request Chain 524
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEC_goKkI657rKBAbdkYfGGY&google_cver=1&google_push=ASkJ3FYFpJPFbc6BfY24eCieSr1TdJycdQnyE40zogDFSkKLjOWuoVAP-RI_kl9GK_vuYvmDuLIr1hHFAIoVbs_hW5nwUHKPkeL5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ASkJ3FYFpJPFbc6BfY24eCieSr1TdJycdQnyE40zogDFSkKLjOWuoVAP-RI_kl9GK_vuYvmDuLIr1hHFAIoVbs_hW5nwUHKPkeL5&google_hm=Q0FFU0VDX2dvS2tJNjU3cktCQWJka1lmR0dZ
Request Chain 525
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DASkJ3FYqoAmxR6-OUmjAn7PciP4ZsIHKSg6DdUGwFJLw-B1NgALu496b7dAofI_AAKeTDGWaNeQVuDw30i1wezzkpMeIMQ7AfM8&google_gid=CAESEAIxSdW2F144QKGEgmNOrZw&google_cver=1 HTTP 302
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DASkJ3FYqoAmxR6-OUmjAn7PciP4ZsIHKSg6DdUGwFJLw-B1NgALu496b7dAofI_AAKeTDGWaNeQVuDw30i1wezzkpMeIMQ7AfM8&google_gid=CAESEAIxSdW2F144QKGEgmNOrZw&google_cver=1&rd=Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjExMjMwMjU0NTUwMDA1Nzc3MzYxMjYxOQ%3D%3D&google_push=ASkJ3FYqoAmxR6-OUmjAn7PciP4ZsIHKSg6DdUGwFJLw-B1NgALu496b7dAofI_AAKeTDGWaNeQVuDw30i1wezzkpMeIMQ7AfM8
Request Chain 527
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEFqzCZQ4FCRPQq228bTHN3I&google_cver=1&google_push=ASkJ3FZcOe_ywUCiYj4tj-bPFLVSSDNEBOpkDrreoV-16vSLn1l5_Cj_ERndRDFElRcmA9-tidTyUl_W73pSaCrjmN1gpStvnorT HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FUDqd6sZQ-ytIpqNQ_PI3g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FZcOe_ywUCiYj4tj-bPFLVSSDNEBOpkDrreoV-16vSLn1l5_Cj_ERndRDFElRcmA9-tidTyUl_W73pSaCrjmN1gpStvnorT
Request Chain 528
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJcunONHl2Avp2jRpCs-ne0&google_cver=1&google_push=ASkJ3FY9pUw1H2imCs1C5oSw_McD4dVs1n1sj4r8V059T8OV8FD9wjrXpFYZFSDBKiB3fNBzfkLhpSucgVktAwwjf4XF4fjl9wev HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFUMVlWMzMtMTgtSk5EVA==&google_push=ASkJ3FY9pUw1H2imCs1C5oSw_McD4dVs1n1sj4r8V059T8OV8FD9wjrXpFYZFSDBKiB3fNBzfkLhpSucgVktAwwjf4XF4fjl9wev
Request Chain 529
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAqJsBEL46lwg3-0NOGmDow&google_cver=1&google_push=ASkJ3Fa4TPVSuAyN9BekvNUL4YWxzvKs0Rz9s--Wn74usjZMVC0CCn86AbtHTcY-5aMwuI0EWoTZfXCt6MR_j9C7wIxC5_Cb9ao HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEAqJsBEL46lwg3-0NOGmDow&google_hm=Y32Lexf10MiJyhZhOhh3aAAAAsEAAAIB&google_nid=index&google_push=ASkJ3Fa4TPVSuAyN9BekvNUL4YWxzvKs0Rz9s--Wn74usjZMVC0CCn86AbtHTcY-5aMwuI0EWoTZfXCt6MR_j9C7wIxC5_Cb9ao
Request Chain 578
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESECeZTWnRbWa7mvh8rfVb7eI&google_cver=1&google_push=ASkJ3FamPWPs-xoiR4G9XvsUKruqg2oCIZHXegV0tECoVy7z25EtSHZAs7ZEthGvBb62N3ncExbmTHnZ3tzTrwqKfPwko4yod88 HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ASkJ3FamPWPs-xoiR4G9XvsUKruqg2oCIZHXegV0tECoVy7z25EtSHZAs7ZEthGvBb62N3ncExbmTHnZ3tzTrwqKfPwko4yod88&google_hm=lJQenxYqxbPHWEpyQjZK_A
Request Chain 585
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7169039542254237838&gdpr=0&gdpr_consent=
Request Chain 586
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEV0JrN0cteGNBQUItejY4bk1rQQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Request Chain 587
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=oywzxlZ-TQZkjoxdHLND8NmKxGQ
Request Chain 588
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y32LfAAKFdI0aAA7&gdpr=0&gdpr_consent=
Request Chain 590
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 593
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8548484106
Request Chain 595
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=d3ac1de4f69aa85b/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DEcv7Kmx8QYgjbQnWMURggSVh
Request Chain 597
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A6E0864F3955409AAE0AC8EBB77074AF&gdpr=0&gdpr_consent=
Request Chain 599
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=1540EA77-AB19-43EC-AD22-9A8D43F3C8DE&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=1540EA77-AB19-43EC-AD22-9A8D43F3C8DE&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=1540EA77-AB19-43EC-AD22-9A8D43F3C8DE&addseg=11,34,40
Request Chain 600
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=1540EA77-AB19-43EC-AD22-9A8D43F3C8DE&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=1540EA77-AB19-43EC-AD22-9A8D43F3C8DE&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 602
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=1540EA77-AB19-43EC-AD22-9A8D43F3C8DE HTTP 302
  • https://a.audrte.com/p
Request Chain 604
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3779534352676268122&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 605
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:3de1acb7-13e2-487c-8e9f-0bbd5e2a5344&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 606
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3740268398524048266
Request Chain 607
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=e7e0112f-fd32-488a-b344-d9a20a0a7347&gdpr=0&gdpr_consent=
Request Chain 662
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=1540EA77-AB19-43EC-AD22-9A8D43F3C8DE
Request Chain 670
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=zdorovia.com.ua&sn=ChromeSyncframe&so=0&topUrl=zdorovia.com.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=3_7T73xiTk41Z3IzbS9mMGx1U014TFdPWC8yNWhPaytkaDVoSm9KWlYzdlpnRlhPYW1qNDEzVWVlVExvcE1peEEyL2ZqYnRtckR4cTZ4bDZPakdITVVjMDNwNy9HZHE1RnJZNnBCQTFRcll4V2FzNXBTQlkvNTRtcXJjeUJ4M3BMYkxUaldjOWEvMUZRajcydmIwZGlKdmhVV0ZCZDk2clBuZDB0ODY1K2pvWHo0bzg0QzJkTFozazZLTDBwSW03dTkwUEpiT2k5a05YV0p0YlQ2LzZNaW90dG5qdkw2dTBsRVhVajhlM3Q4ZWhncVVhWkdiajlYaFhMdHB0T1paRGhOelhOS1F3UlNCMjRKUlVMSjZyUHhOdXFBdz09fA&cppv=2

708 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
zdorovia.com.ua/ 		87 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 / PHP/5.4.45-0+deb7u14
Resource Hash
94510223561aeac6e0dbc30e9a6d5fd2c5fe11e800caebd6c4a5d13754c3a710

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=Windows-1251
Date
Wed, 23 Nov 2022 02:54:49 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
nginx/1.12.1
Transfer-Encoding
chunked
X-Powered-By
PHP/5.4.45-0+deb7u14
cache-control
private
video-js.min.css
zdorovia.com.ua/engine/plugins/bb_media/players/videojs/lib/ 		38 KB
39 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://zdorovia.com.ua/engine/plugins/bb_media/players/videojs/lib/video-js.min.css
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
0e1f8ae81889e837e923d788176d1ffb9a5b8b766a45e699326a8d5b6e9a5686

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:49 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-9996"
Content-Type
text/css
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
39318
Expires
Fri, 23 Dec 2022 02:54:49 GMT
videojs-ie8.min.js
zdorovia.com.ua/engine/plugins/bb_media/players/videojs/lib/ie8/ 		27 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://zdorovia.com.ua/engine/plugins/bb_media/players/videojs/lib/ie8/videojs-ie8.min.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
2364e3bf74552def676f1c5086eca57ad57ea116854a53d324d59ae503c4c05b

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:49 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-6a8f"
Content-Type
application/javascript
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27279
Expires
Fri, 23 Dec 2022 02:54:49 GMT
video.min.js
zdorovia.com.ua/engine/plugins/bb_media/players/videojs/lib/ 		267 KB
267 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://zdorovia.com.ua/engine/plugins/bb_media/players/videojs/lib/video.min.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
518044b9079d6b70b8997035cc0d9b69d8e578f1b2ec43c8cc06e819f58857a1

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:49 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-42b5b"
Content-Type
application/javascript
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
273243
Expires
Fri, 23 Dec 2022 02:54:49 GMT
youtube.min.js
zdorovia.com.ua/engine/plugins/bb_media/players/videojs/lib/plugins/youtube/ 		12 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://zdorovia.com.ua/engine/plugins/bb_media/players/videojs/lib/plugins/youtube/youtube.min.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
a5a4d7ec31e1eafeba8c3ab6589cf8b8b2b624b4c1afb7a62428aff04ada249e

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:49 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-30ec"
Content-Type
application/javascript
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12524
Expires
Fri, 23 Dec 2022 02:54:49 GMT
core-mama.css
zdorovia.com.ua/templates/default3/css/ 		64 KB
64 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://zdorovia.com.ua/templates/default3/css/core-mama.css?nc=6758493
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
4ad0a1d9bb20358be18ad374a563021cb030d5d7ef1d1fb52c05a187340bce6d

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:49 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-10047"
Content-Type
text/css
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
65607
Expires
Fri, 23 Dec 2022 02:54:49 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.5.2/ 		84 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js?ver=3.3.2
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f0a19ee8c606b35a10904951e0a27da1896eafe33c6e88cb7bcbe455f05a24a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 20 Nov 2022 00:21:27 GMT
X-Content-Type-Options
nosniff
Age
268402
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy
cross-origin
Content-Length
85925
X-XSS-Protection
0
Last-Modified
Tue, 03 Mar 2020 19:15:00 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="hosted-libraries-pushers"
Vary
Accept-Encoding
Report-To
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Mon, 20 Nov 2023 00:21:27 GMT
jcarousellite_1.0.1_mod.js
zdorovia.com.ua/templates/default3/css/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://zdorovia.com.ua/templates/default3/css/jcarousellite_1.0.1_mod.js?ver=3.3.2
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
548e4669812ab53bae5e50eee71c0d6d951b6dd8e5176cb8c08c36ce3dbf37d3

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:49 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-10d9"
Content-Type
application/javascript
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4313
Expires
Fri, 23 Dec 2022 02:54:49 GMT
scripts.js
zdorovia.com.ua/templates/default3/css/ 		16 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://zdorovia.com.ua/templates/default3/css/scripts.js?ver=3.3.2
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
d57b72eab46863e9c71c04589510c2e4b8e68d928f054421bddc11b8a0102a02

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:49 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-4055"
Content-Type
application/javascript
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16469
Expires
Fri, 23 Dec 2022 02:54:49 GMT
media.js
zdorovia.com.ua/templates/default3/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://zdorovia.com.ua/templates/default3/js/media.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:49 GMT
Content-Encoding
gzip
Server
nginx/1.12.1
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html
functions.js
zdorovia.com.ua/engine/includes/js/ 		13 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://zdorovia.com.ua/engine/includes/js/functions.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
b45c62c7ea907efdd19b2ba950d0a8f261a514e34195a1e3b547ba8876b83862

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:49 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-32f0"
Content-Type
application/javascript
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13040
Expires
Fri, 23 Dec 2022 02:54:49 GMT
ajax.js
zdorovia.com.ua/engine/includes/js/ 		7 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://zdorovia.com.ua/engine/includes/js/ajax.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
99507b31a0efe2b33d28b8eefe8aab9c7a38fb3a22ac8bd5a6732b515ed72c37

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:49 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-1d7d"
Content-Type
application/javascript
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7549
Expires
Fri, 23 Dec 2022 02:54:49 GMT
loader2.js
scripts.go2net.com.ua/scripts3/ 		176 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.go2net.com.ua/scripts3/loader2.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
2ad026871c717783703dfef98742b0c66eaa74c431a4b18015d73988a130fee1

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc33
date
Wed, 23 Nov 2022 02:54:50 GMT
content-encoding
gzip
last-modified
Thu, 17 Nov 2022 09:22:42 GMT
server
nginx
etag
W/"6375fd62-2c101"
x-cached-since
2022-11-22T18:19:22+00:00
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=600
cache
HIT
expires
Fri, 18 Nov 2022 18:28:57 GMT
loader2.js
cdn.admixer.net/scripts3/ 		176 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/loader2.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
2ad026871c717783703dfef98742b0c66eaa74c431a4b18015d73988a130fee1

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc8
date
Wed, 23 Nov 2022 02:54:50 GMT
content-encoding
gzip
last-modified
Thu, 17 Nov 2022 09:22:42 GMT
server
nginx
etag
W/"6375fd62-2c101"
x-cached-since
2022-11-23T02:49:13+00:00
content-type
application/javascript
cache-control
max-age=600
cache
HIT
expires
Thu, 17 Nov 2022 09:34:09 GMT
loading.gif
zdorovia.com.ua/templates/default3/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/templates/default3/images/loading.gif
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
b70c6c2ed793b5c4a9e9a7d543b489f810cfbcfba4fa326fc5730d2291fc5e38

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:49 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-6f7"
Content-Type
image/gif
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1783
Expires
Fri, 23 Dec 2022 02:54:49 GMT
dzhl.jpg
zdorovia.com.ua/uploads/dsn/99/1c/002/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/99/1c/002/dzhl.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
98c633a4d855ceac1290eca1456d279134387f7ec0801385e530ccd9dcb5d866

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:49 GMT
Last-Modified
Tue, 22 Nov 2022 17:35:56 GMT
Server
nginx/1.12.1
ETag
"637d087c-7d8b"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
32139
Expires
Fri, 23 Dec 2022 02:54:49 GMT
uazhclm.jpg
zdorovia.com.ua/uploads/dsn/39/8b/003/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/39/8b/003/uazhclm.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
b795e4fc14556245392afb52171502e7ad56c0c135504cb7d22a1f4f69093f60

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:49 GMT
Last-Modified
Mon, 21 Nov 2022 10:13:00 GMT
Server
nginx/1.12.1
ETag
"637b4f2c-4e64"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20068
Expires
Fri, 23 Dec 2022 02:54:49 GMT
otdzhlzh.jpg
zdorovia.com.ua/uploads/dsn/5e/04/001/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/5e/04/001/otdzhlzh.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
0768a75f86278220d9ada6d37cce84a1e4d03ea55ee56e37d055e0dba59318a9

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:49 GMT
Last-Modified
Sun, 20 Nov 2022 11:41:55 GMT
Server
nginx/1.12.1
ETag
"637a1283-98a7"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
39079
Expires
Fri, 23 Dec 2022 02:54:49 GMT
ai-212344-aux-head-20160707_dieta_t1.jpg
zdorovia.com.ua/uploads/dsn/6d/bd/002/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/6d/bd/002/ai-212344-aux-head-20160707_dieta_t1.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
967f424dab7736bcf334a6c64fa7274abcd3d7709338d363876a3bba9759c2bc

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:49 GMT
Last-Modified
Sun, 20 Nov 2022 00:01:56 GMT
Server
nginx/1.12.1
ETag
"63796e74-4739"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18233
Expires
Fri, 23 Dec 2022 02:54:49 GMT
aux-head-1615560236-20210312_dieta_ryba_yayca_istock_3601.jpg
zdorovia.com.ua/uploads/dsn/03/e7/003/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/03/e7/003/aux-head-1615560236-20210312_dieta_ryba_yayca_istock_3601.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
0726b88fd37009c618df7504905335c47114fb08eb103b8c7c44887cbf6327fc

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:49 GMT
Last-Modified
Thu, 17 Nov 2022 22:03:00 GMT
Server
nginx/1.12.1
ETag
"6376af94-9932"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
39218
Expires
Fri, 23 Dec 2022 02:54:49 GMT
amvifi.jpg
zdorovia.com.ua/uploads/dsn/81/07/002/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/81/07/002/amvifi.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
2c33f09a0d960da54b321cdba6a1bf844d46242c0b62f08f58fc8c35b787f3b7

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:50 GMT
Last-Modified
Wed, 16 Nov 2022 11:11:53 GMT
Server
nginx/1.12.1
ETag
"6374c579-7227"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
29223
Expires
Fri, 23 Dec 2022 02:54:50 GMT
pkvimia.jpg
zdorovia.com.ua/uploads/dsn/ae/d5/001/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/ae/d5/001/pkvimia.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
e945da9e2d2430b58f3d4d6f33a8ea49e0b1c2091f3c044d39fc46176dd08d0b

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:50 GMT
Last-Modified
Tue, 15 Nov 2022 11:34:28 GMT
Server
nginx/1.12.1
ETag
"63737944-bb37"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
47927
Expires
Fri, 23 Dec 2022 02:54:50 GMT
kdcuomt.jpg
zdorovia.com.ua/uploads/dsn/22/c6/001/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/22/c6/001/kdcuomt.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
677a715d4e055c66802a66488cb28d7a0c592e76e617ee16b3fa37deab1db577

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:50 GMT
Last-Modified
Wed, 19 Oct 2022 13:33:56 GMT
Server
nginx/1.12.1
ETag
"634ffcc4-3a07"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14855
Expires
Fri, 23 Dec 2022 02:54:50 GMT
zhulcmaizh.jpg
zdorovia.com.ua/uploads/dsn/5f/1f/004/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/5f/1f/004/zhulcmaizh.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
7946ec35cd8c68b3a830f4e2f33b33d7a549fbf53c0588c0abbad84df24d021b

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:50 GMT
Last-Modified
Tue, 20 Sep 2022 11:42:25 GMT
Server
nginx/1.12.1
ETag
"6329a721-4aef"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19183
Expires
Fri, 23 Dec 2022 02:54:50 GMT
ucsuic.jpg
zdorovia.com.ua/uploads/dsn/63/9d/001/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/63/9d/001/ucsuic.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
d69f9244c8053f228c6e086a4106e1f696bb8ed21fe6e210e76b612cac784733

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:50 GMT
Last-Modified
Mon, 29 Aug 2022 05:56:43 GMT
Server
nginx/1.12.1
ETag
"630c551b-3fa7"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16295
Expires
Fri, 23 Dec 2022 02:54:50 GMT
ulzhcis.jpg
zdorovia.com.ua/uploads/dsn/ea/cb/001/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/ea/cb/001/ulzhcis.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
d8ed748859a20af156216b18113f0837aa9d0ffeb1652af5925c3815a38e2182

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:50 GMT
Last-Modified
Fri, 12 Aug 2022 13:25:59 GMT
Server
nginx/1.12.1
ETag
"62f654e7-638d"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25485
Expires
Fri, 23 Dec 2022 02:54:50 GMT
zhuliasi.jpg
zdorovia.com.ua/uploads/dsn/42/c5/001/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/42/c5/001/zhuliasi.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
f4726e859dd2230293e1d3b48e9432dbb22afd5ee9672b5318258b53803c580f

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:50 GMT
Last-Modified
Mon, 06 Jun 2022 10:12:41 GMT
Server
nginx/1.12.1
ETag
"629dd319-31cd"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12749
Expires
Fri, 23 Dec 2022 02:54:50 GMT
madrid.jpg
zdorovia.com.ua/uploads/dsn/e4/09/003/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/e4/09/003/madrid.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
e760cc70aa82d03ecbb3f7c1a228e2229dbaa94b232c230fcaee2ae2b4aa7e8a

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:50 GMT
Last-Modified
Sun, 27 Feb 2022 11:06:17 GMT
Server
nginx/1.12.1
ETag
"621b5b29-7236"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
29238
Expires
Fri, 23 Dec 2022 02:54:50 GMT
ivzhao.jpg
zdorovia.com.ua/uploads/dsn/d0/d9/001/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/d0/d9/001/ivzhao.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
15b25322c978807eb0a01f7831091fd4b9add03a28f48236d309b42050a1aeac

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:50 GMT
Last-Modified
Sat, 26 Feb 2022 13:02:08 GMT
Server
nginx/1.12.1
ETag
"621a24d0-77ae"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
30638
Expires
Fri, 23 Dec 2022 02:54:50 GMT
ziimaa.jpg
zdorovia.com.ua/uploads/dsn/27/b1/001/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/27/b1/001/ziimaa.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
17cbb5ff7abf82890eacd6dd6cdfaf4ea2e7f6dcd3dea4082d8cd3b290e251ee

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:50 GMT
Last-Modified
Mon, 10 Jan 2022 11:53:19 GMT
Server
nginx/1.12.1
ETag
"61dc1e2f-5fd2"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24530
Expires
Fri, 23 Dec 2022 02:54:50 GMT
poomadi.jpg
zdorovia.com.ua/uploads/dsn/98/11/003/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/98/11/003/poomadi.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
dccaeb8aa4f4c779e6d9f2b0d51445b928b8f3d5275f673ea8f9559348dbe612

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:50 GMT
Last-Modified
Sun, 10 Oct 2021 16:18:32 GMT
Server
nginx/1.12.1
ETag
"61631258-3506"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13574
Expires
Fri, 23 Dec 2022 02:54:50 GMT
ukra.jpg
zdorovia.com.ua/uploads/dsn/d3/8d/001/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/d3/8d/001/ukra.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
641f868e8046a0df91150d538385b89a10efcd41c7da0a8ae180d68f725ab8b1

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:50 GMT
Last-Modified
Wed, 29 Sep 2021 06:17:59 GMT
Server
nginx/1.12.1
ETag
"61540517-560c"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22028
Expires
Fri, 23 Dec 2022 02:54:50 GMT
aux-head-1615201213-20210308_zdorovie_serdca_3601.jpg
zdorovia.com.ua/uploads/dsn/ae/56/055/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/ae/56/055/aux-head-1615201213-20210308_zdorovie_serdca_3601.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
5217a346bfde995972ffbca690e2517db4093be0ac357e5fb7fe7f10a6e6afda

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:50 GMT
Last-Modified
Fri, 16 Sep 2022 09:18:45 GMT
Server
nginx/1.12.1
ETag
"63243f75-3300"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13056
Expires
Fri, 23 Dec 2022 02:54:50 GMT
8a8e43085b0550d25e3865ac22b6dd60fe8e54dd1.jpg
zdorovia.com.ua/uploads/dsn/09/11/001/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/09/11/001/8a8e43085b0550d25e3865ac22b6dd60fe8e54dd1.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
2590c37a8df25d2ec796796a32a393e14a7fa4b5d6edd5529f6c05d4ec0b2692

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:50 GMT
Last-Modified
Mon, 11 Apr 2022 21:30:23 GMT
Server
nginx/1.12.1
ETag
"62549def-2ea4"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11940
Expires
Fri, 23 Dec 2022 02:54:50 GMT
aucmsuicas.jpg
zdorovia.com.ua/uploads/dsn/d4/be/002/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/d4/be/002/aucmsuicas.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
2f477d8c00062b3fca30f847fb80e86ba63e9224848c5f3dd5aed3796c586b07

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:50 GMT
Last-Modified
Thu, 10 Nov 2022 09:27:24 GMT
Server
nginx/1.12.1
ETag
"636cc3fc-589d"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22685
Expires
Fri, 23 Dec 2022 02:54:50 GMT
c99af04251d77ccba2694c784f28943e111ba0702.jpg
zdorovia.com.ua/uploads/dsn/f2/b9/003/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/f2/b9/003/c99af04251d77ccba2694c784f28943e111ba0702.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
140666625531e941e900caa4637eb21c39c9c812865382ca1ee0ceb764901502

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:50 GMT
Last-Modified
Thu, 07 Apr 2022 18:23:42 GMT
Server
nginx/1.12.1
ETag
"624f2c2e-369f"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13983
Expires
Fri, 23 Dec 2022 02:54:50 GMT
zhcaulm.jpg
zdorovia.com.ua/uploads/dsn/34/b4/001/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/34/b4/001/zhcaulm.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
cfc60dd767df46642d486d217f0b5583fcc74aa75c02d397079aaec211d6d0eb

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:50 GMT
Last-Modified
Mon, 14 Nov 2022 11:51:30 GMT
Server
nginx/1.12.1
ETag
"63722bc2-52a2"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21154
Expires
Fri, 23 Dec 2022 02:54:50 GMT
mua.jpg
zdorovia.com.ua/uploads/dsn/2b/0e/002/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/2b/0e/002/mua.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
8e08984827880362adfc91ffa926564622b531b407f35ac60fa4bdaf650f3835

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:50 GMT
Last-Modified
Sun, 06 Nov 2022 19:40:27 GMT
Server
nginx/1.12.1
ETag
"63680dab-6e15"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
28181
Expires
Fri, 23 Dec 2022 02:54:50 GMT
aviyach.jpg
zdorovia.com.ua/uploads/dsn/56/b2/003/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/56/b2/003/aviyach.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
a6a995e2362237e8d60dd5177242713e50fee4a162496ac53fa5b6668f045df6

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:50 GMT
Last-Modified
Mon, 24 Oct 2022 06:53:08 GMT
Server
nginx/1.12.1
ETag
"63563654-3bd8"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15320
Expires
Fri, 23 Dec 2022 02:54:50 GMT
sdorl.jpg
zdorovia.com.ua/uploads/dsn/e5/53/002/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/e5/53/002/sdorl.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
0ae325c13e2db3f0e709853835d0871e975e41b5a089a5393b18897fcf3fa144

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:50 GMT
Last-Modified
Thu, 27 Oct 2022 06:13:55 GMT
Server
nginx/1.12.1
ETag
"635a21a3-a69f"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
42655
Expires
Fri, 23 Dec 2022 02:54:50 GMT
uamifm.jpg
zdorovia.com.ua/uploads/dsn/56/f9/002/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/56/f9/002/uamifm.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
6e14d95b934678236a48b74dd960a9b4084012dd1d8d16262167def06db150ce

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:50 GMT
Last-Modified
Mon, 31 Oct 2022 08:41:57 GMT
Server
nginx/1.12.1
ETag
"635f8a55-5cc3"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23747
Expires
Fri, 23 Dec 2022 02:54:50 GMT
avfi.jpg
zdorovia.com.ua/uploads/dsn/51/da/001/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/51/da/001/avfi.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
bbcd1a424e97e69a4764812daf3e344781dc891f941b0f22ddb46a8b6447987c

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:51 GMT
Last-Modified
Tue, 22 Nov 2022 19:26:32 GMT
Server
nginx/1.12.1
ETag
"637d2268-2baa"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11178
Expires
Fri, 23 Dec 2022 02:54:51 GMT
uazhlfi.jpg
zdorovia.com.ua/uploads/dsn/cb/ef/001/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/cb/ef/001/uazhlfi.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
f717f0ba337be92df13265158cbd189c5a8e45d256775f44b3175f87282449e9

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:51 GMT
Last-Modified
Tue, 22 Nov 2022 17:51:01 GMT
Server
nginx/1.12.1
ETag
"637d0c05-4232"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16946
Expires
Fri, 23 Dec 2022 02:54:51 GMT
azhuclfsizh.jpg
zdorovia.com.ua/uploads/dsn/b9/01/001/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/b9/01/001/azhuclfsizh.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
970dc1781d1e759a9ca2597c7c633b83812a7bd2576eb81b03a43bc25c493d36

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:51 GMT
Last-Modified
Tue, 22 Nov 2022 17:16:06 GMT
Server
nginx/1.12.1
ETag
"637d03d6-6a6d"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27245
Expires
Fri, 23 Dec 2022 02:54:51 GMT
ai-233553-aux-head-20161207_mandariny_t1.jpg
zdorovia.com.ua/uploads/dsn/f0/87/001/ 		86 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/f0/87/001/ai-233553-aux-head-20161207_mandariny_t1.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
3b426975dc79c14d36c3b55e126d204e0e43f2ab4e5a851c52e7b84ec4a80deb

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:51 GMT
Last-Modified
Thu, 17 Nov 2022 22:10:22 GMT
Server
nginx/1.12.1
ETag
"6376b14e-156f6"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
87798
Expires
Fri, 23 Dec 2022 02:54:51 GMT
aumufi.jpg
zdorovia.com.ua/uploads/dsn/da/c9/001/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/da/c9/001/aumufi.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
413da4c8cc5856a5db4fae0f0f3f53465c744acc7381d8e61aba775cac912bcd

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:51 GMT
Last-Modified
Sat, 12 Nov 2022 21:33:22 GMT
Server
nginx/1.12.1
ETag
"63701122-4577"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17783
Expires
Fri, 23 Dec 2022 02:54:51 GMT
pikiimiv.jpg
zdorovia.com.ua/uploads/dsn/48/ef/001/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/48/ef/001/pikiimiv.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
6c6f1489ac1576671d857841cf65a2c136c373d99c3cb48683abaf648e68f438

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:51 GMT
Last-Modified
Sun, 13 Nov 2022 11:17:01 GMT
Server
nginx/1.12.1
ETag
"6370d22d-5ef6"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24310
Expires
Fri, 23 Dec 2022 02:54:51 GMT
uasfuisi.jpg
zdorovia.com.ua/uploads/dsn/43/9e/001/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/43/9e/001/uasfuisi.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
76de0cf400104505200cba6311ac061dfe553c0b37ece8d560c72e967989ede6

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:51 GMT
Last-Modified
Sat, 12 Nov 2022 21:38:50 GMT
Server
nginx/1.12.1
ETag
"6370126a-9fe4"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
40932
Expires
Fri, 23 Dec 2022 02:54:51 GMT
style.css
zdorovia.com.ua/engine/plugins/diseases/style/ 		5 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://zdorovia.com.ua/engine/plugins/diseases/style/style.css
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
306d5342ca0b82a5881ce148bbd99134d736d0fa462a683e56503801e36fdd93

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:49 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-121b"
Content-Type
text/css
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4635
Expires
Fri, 23 Dec 2022 02:54:49 GMT
style.css
zdorovia.com.ua/engine/plugins/medicines/style/ 		5 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://zdorovia.com.ua/engine/plugins/medicines/style/style.css
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
234974ef7ff86c2e11dc738796ccf88501649f864fad7d2d30b45f10211cb8c8

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:49 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-135c"
Content-Type
text/css
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4956
Expires
Fri, 23 Dec 2022 02:54:49 GMT
4630_1.jpg
zdorovia.com.ua/uploads/images/default/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/images/default/4630_1.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
8b2ab6a7fe3ae86fb84fb7cebcf072592cef358bb73db32fdf2acc0758d63539

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:50 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-78ec"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
30956
Expires
Fri, 23 Dec 2022 02:54:50 GMT
7849_vk.jpg
nashamama.com/uploads/images/default/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://nashamama.com/uploads/images/default/7849_vk.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
aa2e6d7260e270393b7b3f3426f0c8217e6eda69d9fbe7bfaf07de071cfc024f

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:49 GMT
Last-Modified
Sun, 21 Dec 2014 01:49:38 GMT
Server
nginx/1.12.1
ETag
"54962732-3463"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13411
Expires
Fri, 23 Dec 2022 02:54:49 GMT
1540_fb.jpg
nashamama.com/uploads/images/default/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://nashamama.com/uploads/images/default/1540_fb.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
eb49762bac0f22b332fc93eb47e3e4799e052b05f07073b8be9f1616baf75162

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:49 GMT
Last-Modified
Sun, 21 Dec 2014 01:49:30 GMT
Server
nginx/1.12.1
ETag
"5496272a-33c2"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13250
Expires
Fri, 23 Dec 2022 02:54:49 GMT
5194_tv.jpg
nashamama.com/uploads/images/default/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://nashamama.com/uploads/images/default/5194_tv.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
b3d07383eaafa1a28161e0d58a2cce46a6adb2836603eea46f3676b54cc0cd49

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:49 GMT
Last-Modified
Sun, 21 Dec 2014 01:49:47 GMT
Server
nginx/1.12.1
ETag
"5496273b-359d"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13725
Expires
Fri, 23 Dec 2022 02:54:49 GMT
3_1_3.png
i.i.ua/r/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://i.i.ua/r/3_1_3.png
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
104.18.2.81 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a46e02aed78b4773f4039ad8807da53fed0c2384a53b5e2afe6ad6ada85d4336

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:49 GMT
CF-Cache-Status
HIT
Last-Modified
Thu, 28 Sep 2006 16:33:08 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
76e69f59aee654bd-MAN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
2143
Expires
Wed, 22 Nov 2023 15:20:52 GMT
logo
counter.yadro.ru/ 		672 B
896 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://counter.yadro.ru/logo?57.1
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
88.212.202.52 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host152.rax.ru
Software
0W/0.8c /
Resource Hash
3e25b0478e495776aeb31dbca4c92a9bffbad68161f91e261ef88aaf4ea2dd71

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
Date
Wed, 23 Nov 2022 02:54:49 GMT
Last-Modified
Sun, 09 Sep 2001 01:46:40 GMT
Server
0W/0.8c
Connection
Close
Content-Length
672
Expires
Wed, 22 Nov 2023 21:00:00 GMT
iframe_api
www.youtube.com/ 		992 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/engine/plugins/bb_media/players/videojs/lib/plugins/youtube/youtube.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7028ce246826b7ed6bb35f54c2cd43b0c851b84278f8b8b64b03b95190e24356
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:50 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type
text/javascript; charset=utf-8
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Wed, 23 Nov 2022 02:54:50 GMT
vast.js
cdn.admixer.net/scripts3/r/ 		136 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.admixer.net/scripts3/r/vast.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
e2cbfcacc9d5d0f8871ee8f217873a4dc579c80403940429af11fbe2ec021b12

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

X-ID
fr5-up-gc12
Date
Wed, 23 Nov 2022 02:54:50 GMT
Content-Encoding
gzip
Last-Modified
Thu, 18 Jan 2018 13:43:44 GMT
Server
nginx
ETag
W/"5a60a490-21e4b"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cached-Since
2022-11-17T09:30:55+00:00
Cache-Control
max-age=31622400
Cache
HIT
Connection
keep-alive
Expires
Sat, 18 Nov 2023 09:30:55 GMT
branding
a4p.adpartner.pro/
Redirect Chain
  • http://a4p.adpartner.pro/branding?id=1550&0.35508495829612663
  • https://a4p.adpartner.pro/branding?id=1550&0.35508495829612663
11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/branding?id=1550&0.35508495829612663
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
0617bbce3914f05b57fc72a666965510b62cabdafa8e75037dde6ffdfbe2e513

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:50 GMT
cache-control
no-store no-transform
content-encoding
br
server
nginx
content-type
text/html; charset=utf-8

Redirect headers

Location
https://a4p.adpartner.pro/branding?id=1550&0.35508495829612663
Date
Wed, 23 Nov 2022 02:54:50 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=20
Content-Length
162
Content-Type
text/html
ga.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/ga.js
  • https://www.google-analytics.com/ga.js
45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/ga.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 23 Nov 2022 02:39:05 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
945
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Wed, 23 Nov 2022 04:39:05 GMT

Redirect headers

Location
https://www.google-analytics.com/ga.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
hit
counter.yadro.ru/
Redirect Chain
  • http://counter.yadro.ru/hit?r;s1600*1200*24;uhttp%3A//zdorovia.com.ua/;h%u041D%u043E%u0432%u0438%u043D%u0438%20%u0437%u0434%u043E%u0440%u043E%u0432%27%u044F%2C%20%u043B%u0456%u043A%u0443%u0432%u043...
  • https://counter.yadro.ru/hit?r;s1600*1200*24;uhttp%3A//zdorovia.com.ua/;h%u041D%u043E%u0432%u0438%u043D%u0438%20%u0437%u0434%u043E%u0440%u043E%u0432%27%u044F%2C%20%u043B%u0456%u043A%u0443%u0432%u04...
  • https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttp%3A//zdorovia.com.ua/;h%u041D%u043E%u0432%u0438%u043D%u0438%20%u0437%u0434%u043E%u0440%u043E%u0432%27%u044F%2C%20%u043B%u0456%u043A%u0443%u0432%u...
43 B
528 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttp%3A//zdorovia.com.ua/;h%u041D%u043E%u0432%u0438%u043D%u0438%20%u0437%u0434%u043E%u0440%u043E%u0432%27%u044F%2C%20%u043B%u0456%u043A%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u0437%u0434%u043E%u0440%u043E%u0432%u043E%u0433%u043E%20%u0445%u0430%u0440%u0447%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u043E%u0447%u0438%u0449%u0435%u043D%u043D%u044F;0.14831613330983773
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host198.rax.ru
Software
nginx/1.17.9 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 02:54:50 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
image/gif
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin
*
Cache-control
no-cache
Connection
keep-alive
Content-Length
43
Expires
Mon, 22 Nov 2021 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 02:54:50 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
text/html
Location
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttp%3A//zdorovia.com.ua/;h%u041D%u043E%u0432%u0438%u043D%u0438%20%u0437%u0434%u043E%u0440%u043E%u0432%27%u044F%2C%20%u043B%u0456%u043A%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u0437%u0434%u043E%u0440%u043E%u0432%u043E%u0433%u043E%20%u0445%u0430%u0440%u0447%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u043E%u0447%u0438%u0449%u0435%u043D%u043D%u044F;0.14831613330983773
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Cache-control
no-cache
Connection
keep-alive
Content-Length
32
Expires
Mon, 22 Nov 2021 21:00:00 GMT
s
r.i.ua/ 		43 B
852 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://r.i.ua/s?u152465&p0&n0.9254530165136456&c1&d24&w1600&h1200&rzdorovia.com.ua/
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
104.18.2.81 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 02:54:49 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Transfer-Encoding
chunked
P3P
policyref="http://i.i.ua/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Content-Type
image/gif
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
CF-RAY
76e69f598f0b075f-MAN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Expires
0
/
zdorovia.com.ua/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 / PHP/5.4.45-0+deb7u14
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 02:54:50 GMT
Content-Encoding
gzip
Server
nginx/1.12.1
X-Powered-By
PHP/5.4.45-0+deb7u14
Transfer-Encoding
chunked
Content-Type
text/html; charset=Windows-1251
cache-control
private
Connection
keep-alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT
header-searchform-button.png
zdorovia.com.ua/templates/default3/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/templates/default3/img/header-searchform-button.png
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/templates/default3/css/core-mama.css?nc=6758493
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
e58dd6001ec35b05f71949fda9688eaf3a6a9e01a60f07b7bc99dd030485735c

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/templates/default3/css/core-mama.css?nc=6758493
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:49 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-ba5"
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2981
Expires
Fri, 23 Dec 2022 02:54:49 GMT
logo-header.png
zdorovia.com.ua/templates/default3/images/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/templates/default3/images/logo-header.png
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
a29306e7be8b3e743bf8a8431491142e215bf9bb31a004b13f591a4e1c9acc06

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:50 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-67ad"
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
26541
Expires
Fri, 23 Dec 2022 02:54:50 GMT
arrows.png
zdorovia.com.ua/templates/default3/img/ 		251 B
583 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/templates/default3/img/arrows.png
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/templates/default3/css/core-mama.css?nc=6758493
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
d485c4dc543229efe5d97016e8b0efec6824111dbc9aca88d586ece94fa7ab11

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/templates/default3/css/core-mama.css?nc=6758493
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:50 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-fb"
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
251
Expires
Fri, 23 Dec 2022 02:54:50 GMT
link-arrow.png
zdorovia.com.ua/templates/default3/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/templates/default3/img/link-arrow.png
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/templates/default3/css/core-mama.css?nc=6758493
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
1c25aef47c67b97e59beabef6f8710905a2cfa67f9579478ebde8bee5ffb57d3

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/templates/default3/css/core-mama.css?nc=6758493
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:51 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-bcd"
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3021
Expires
Fri, 23 Dec 2022 02:54:51 GMT
page.php
www.facebook.com/plugins/ Frame E391 		15 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FZdoroviacomua%2F&tabs=timeline&width=300&height=600&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=348298842028226
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
700efefca9b33114872cf4050211d697e91f3af4ea592de3bdbdfc5ae17c655f
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
date
Wed, 23 Nov 2022 02:54:50 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
priority
u=3,i
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
RjtCqC+2HLytHHKqLDyhZ7k2b4FucRuP0VK2AiaL0xbOjwRpk38TevJfAYxjmLvnYe94uNDdFTlOCBim1rQvwA==
x-fb-rlafr
0
x-xss-protection
0
01.png
i.bigmir.net/cnt/
Redirect Chain
  • http://c.bigmir.net/?v16918126&s16916513&t1&c1&n205443&w0&y0&d24&r1600
  • http://i.bigmir.net/cnt/01.png
769 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://i.bigmir.net/cnt/01.png
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS
rs.img.com.ua
Software
nginx /
Resource Hash
1dd7796d72b2353ca592f216dca81af1aff9eed564a0c1ed5d7555af6f3bb34d

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:50 GMT
Last-Modified
Sun, 02 Oct 2005 23:04:59 GMT
Server
nginx
ETag
"4340679b-301"
Content-Type
image/png
Cache-Control
max-age=259200
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
769
Expires
Sat, 26 Nov 2022 02:54:50 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 02:54:50 GMT
Server
nginx
Transfer-Encoding
chunked
Location
//i.bigmir.net/cnt/01.png
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=5
Expires
0
www-widgetapi.js
www.youtube.com/s/player/4eb6b35d/www-widgetapi.vflset/ 		161 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/4eb6b35d/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47879e9a46a232ac6fa8931b17f3dbe8a09ea02497c2394abf2e45c431b9b5ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 01:15:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
5964
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54014
x-xss-protection
0
last-modified
Mon, 21 Nov 2022 01:17:16 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 23 Nov 2023 01:15:26 GMT
FOuKsBJTikY.css
static.xx.fbcdn.net/rsrc.php/v3/yB/l/0,cross/ Frame E391 		15 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yB/l/0,cross/FOuKsBJTikY.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FZdoroviacomua%2F&tabs=timeline&width=300&height=600&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=348298842028226
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f080:9:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
14ac4ed00f600dad46a2cd434d5231d9b3037001da185063dc9f9e51b9030d11
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:50 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
jjuYoGQ/Y2aG+b8dhrrMnA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3711
x-fb-rlafr
0
x-fb-debug
Q4Rvb65rRSnsl3okYyJL22veMicjKS3Wp5ZQfuk/ki2/Fii0FqNFzfHIe7WyEA8+dhoN2xcv4X47rkKQamMEyg==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 22 Nov 2023 15:13:52 GMT
ga-audiences
www.google.co.uk/ads/
Redirect Chain
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1847303767&utmhn=zdorovia.com.ua&utmcs=windows-1251&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmd...
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1847303767&utmhn=zdorovia.com.ua&utmcs=windows-1251&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utm...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-37123827-1&cid=1022265231.1669172090&jid=2010572012&_v=5.7.2&z=1847303767
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37123827-1&cid=1022265231.1669172090&jid=2010572012&_v=5.7.2&z=1847303767
  • https://www.google.co.uk/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37123827-1&cid=1022265231.1669172090&jid=2010572012&_v=5.7.2&z=1847303767&slf_rd=1&random=2981487750
42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.uk/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37123827-1&cid=1022265231.1669172090&jid=2010572012&_v=5.7.2&z=1847303767&slf_rd=1&random=2981487750
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:54:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:54:50 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.co.uk/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37123827-1&cid=1022265231.1669172090&jid=2010572012&_v=5.7.2&z=1847303767&slf_rd=1&random=2981487750
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
branding.min.js
a4p.adpartner.pro/apstc/ 		13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/apstc/branding.min.js?v=1.1.428
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/branding?id=1550&0.35508495829612663
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
c9a290d9b6213e394d2d308a9e193b06f2773b1ac247317f41df41211e6bc77a

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:50 GMT
cache-control
no-store no-transform
content-encoding
br
last-modified
Thu, 17 Nov 2022 09:59:21 GMT
server
nginx
etag
W/"637605f9-35bf"
content-type
application/javascript
tt
a4p.adpartner.pro/ Frame D61F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=1&session_id=d983296b-ba03-4194-a396-ebfa56b4b876&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F&referer=
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/branding?id=1550&0.35508495829612663
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store no-transform
date
Wed, 23 Nov 2022 02:54:51 GMT
server
nginx
ls
a4p.adpartner.pro/branding/ Frame 0382 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/branding/ls?branding=1550&bannerNum=92005143690506380&apuid=b396dead-d407-4521-bd1c-20b0ee5894fe&session_pageview=1&session_id=d983296b-ba03-4194-a396-ebfa56b4b876&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/branding?id=1550&0.35508495829612663
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
6c63ede7b64d86ffb873b22c7e3785b1deb13a3aa9a653e47331bb2282a122d2

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store no-transform
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 23 Nov 2022 02:54:50 GMT
server
nginx
analytics.js
www.google-analytics.com/ Frame 0382 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/branding/ls?branding=1550&bannerNum=92005143690506380&apuid=b396dead-d407-4521-bd1c-20b0ee5894fe&session_pageview=1&session_id=d983296b-ba03-4194-a396-ebfa56b4b876&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://a4p.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 23 Nov 2022 01:15:54 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
5936
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Wed, 23 Nov 2022 03:15:54 GMT
branding
a4p.adpartner.pro/ Frame 0382 		1 KB
884 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/branding?id=1550&session_id=d983296b-ba03-4194-a396-ebfa56b4b876&session_pageview=1&site_visited=1
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/branding/ls?branding=1550&bannerNum=92005143690506380&apuid=b396dead-d407-4521-bd1c-20b0ee5894fe&session_pageview=1&session_id=d983296b-ba03-4194-a396-ebfa56b4b876&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
49dc19f45e451a9eda73c012751f5b9ed20764eeb5f584f14b126c7f35b0c67d

Request headers

Referer
https://a4p.adpartner.pro/branding/ls?branding=1550&bannerNum=92005143690506380&apuid=b396dead-d407-4521-bd1c-20b0ee5894fe&session_pageview=1&session_id=d983296b-ba03-4194-a396-ebfa56b4b876&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
text/plain

Response headers

date
Wed, 23 Nov 2022 02:54:50 GMT
cache-control
no-store no-transform
content-encoding
br
server
nginx
content-type
text/html; charset=utf-8
background_empty.jpg
file.adpartner.pro/2297/2297845/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://file.adpartner.pro/2297/2297845/background_empty.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.123.132.42 Kyiv, Ukraine, ASN35680 (VOLIA, UA),
Reverse DNS
42.132.123.77.colo.static.dcvolia.com
Software
nginx /
Resource Hash
86785aca6fc8dddf864d7181f70ccee6f8b23b862ac3f78df065ed909c5b746e

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:50 GMT
last-modified
Fri, 03 Dec 2021 11:35:48 GMT
server
nginx
etag
"61aa0114-3439"
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
no-store
accept-ranges
bytes
content-length
13369
if
a4p.adpartner.pro/tracker/ Frame AEC0 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522b396dead-d407-4521-bd1c-20b0ee5894fe%2522%252C%2522event%2522%253A%2522visible_show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2297845%252C%2522rule_id%2522%253A209963%252C%2522show_id%2522%253A%2522f6294f0f-e729-4bdc-b28f-761c055acf36%2522%257D%255D%252C%2522unit_id%2522%253A1550%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522f6294f0f-e729-4bdc-b28f-761c055acf36%2522%252C%2522url%2522%253A%2522http%25253A%25252F%25252Fzdorovia.com.ua%25252F%2522%257D
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate no-store no-transform
content-length
0
content-type
image/gif
date
Wed, 23 Nov 2022 02:54:50 GMT
expires
0
pragma
no-cache
server
nginx
c.html
cdn.admixer.net/scripts3/51428/ Frame 835F 		738 B
518 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/51428/c.html?b=51428
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache
HIT
cache-control
max-age=31622400
content-encoding
gzip
content-type
text/html
date
Wed, 23 Nov 2022 02:54:50 GMT
etag
W/"6375fd72-2e2"
expires
Sat, 18 Nov 2023 09:24:10 GMT
last-modified
Thu, 17 Nov 2022 09:22:58 GMT
server
nginx
vary
Accept-Encoding
x-cached-since
2022-11-17T09:24:10+00:00
x-id
fr5-up-gc8
a21031c0f6a0994b3314.b.js
scripts.go2net.com.ua/scripts3/51428/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.go2net.com.ua/scripts3/51428/a21031c0f6a0994b3314.b.js
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc33
date
Wed, 23 Nov 2022 02:54:50 GMT
content-encoding
gzip
last-modified
Thu, 17 Nov 2022 09:22:56 GMT
server
nginx
etag
W/"6375fd70-5d41"
vary
Accept-Encoding
x-cached-since
2022-11-22T13:32:56+00:00
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31622400
cache
HIT
expires
Sun, 19 Nov 2023 13:26:41 GMT
0a75d04ce9f53a1a35b6.b.js
scripts.go2net.com.ua/scripts3/51428/ 		75 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.go2net.com.ua/scripts3/51428/0a75d04ce9f53a1a35b6.b.js
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc33
date
Wed, 23 Nov 2022 02:54:50 GMT
content-encoding
gzip
last-modified
Thu, 17 Nov 2022 09:22:47 GMT
server
nginx
etag
W/"6375fd67-12c39"
vary
Accept-Encoding
x-cached-since
2022-11-22T13:32:56+00:00
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31622400
cache
HIT
expires
Sun, 19 Nov 2023 13:26:41 GMT
c.html
cdn.admixer.net/scripts3/51428/ Frame 7896 		738 B
405 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/51428/c.html?b=51428
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache
HIT
cache-control
max-age=31622400
content-encoding
gzip
content-type
text/html
date
Wed, 23 Nov 2022 02:54:50 GMT
etag
W/"6375fd72-2e2"
expires
Sat, 18 Nov 2023 09:24:10 GMT
last-modified
Thu, 17 Nov 2022 09:22:58 GMT
server
nginx
vary
Accept-Encoding
x-cached-since
2022-11-17T09:24:10+00:00
x-id
fr5-up-gc8
zdorovia.com.ua_160x600_br1.html
file.adpartner.pro/2297/2297845/ Frame 3CAA 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://file.adpartner.pro/2297/2297845/zdorovia.com.ua_160x600_br1.html?content_width=980px&background_size=1710.5454545454545&top_padding=0&side_width=310&bg_url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fbackground_empty.jpg&unit_num=1550_92005143690506380&url=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F1550%2F2297845%2Ff6294f0f-e729-4bdc-b28f-761c055acf36%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjY5MTcyMDkwLCJzaG93X2lkIjoiZjYyOTRmMGYtZTcyOS00YmRjLWIyOGYtNzYxYzA1NWFjZjM2IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYjM5NmRlYWQtZDQwNy00NTIxLWJkMWMtMjBiMGVlNTg5NGZlIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%3D%3D%26hash%3D676d187b190c7157f4c37b8beb6ce1b1
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/apstc/branding.min.js?v=1.1.428
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.123.132.42 Kyiv, Ukraine, ASN35680 (VOLIA, UA),
Reverse DNS
42.132.123.77.colo.static.dcvolia.com
Software
nginx /
Resource Hash
8f4b262ea13458af3f7508f3c93ac3589bbc01793104d9bfc041de85fcef79f2

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-store
content-encoding
gzip
content-type
text/html
date
Wed, 23 Nov 2022 02:54:50 GMT
etag
W/"62947f06-cf9"
last-modified
Mon, 30 May 2022 08:23:34 GMT
server
nginx
if
a4p.adpartner.pro/tracker/ Frame 2C66 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522b396dead-d407-4521-bd1c-20b0ee5894fe%2522%252C%2522event%2522%253A%2522load%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2297845%252C%2522rule_id%2522%253A209963%252C%2522show_id%2522%253A%2522f6294f0f-e729-4bdc-b28f-761c055acf36%2522%257D%255D%252C%2522unit_id%2522%253A1550%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522f6294f0f-e729-4bdc-b28f-761c055acf36%2522%252C%2522url%2522%253A%2522http%25253A%25252F%25252Fzdorovia.com.ua%25252F%2522%257D
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate no-store no-transform
content-length
0
content-type
image/gif
date
Wed, 23 Nov 2022 02:54:50 GMT
expires
0
pragma
no-cache
server
nginx
if
a4p.adpartner.pro/tracker/ Frame 6D85 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522b396dead-d407-4521-bd1c-20b0ee5894fe%2522%252C%2522event%2522%253A%2522show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2297845%252C%2522rule_id%2522%253A209963%252C%2522show_id%2522%253A%2522f6294f0f-e729-4bdc-b28f-761c055acf36%2522%257D%255D%252C%2522unit_id%2522%253A1550%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522f6294f0f-e729-4bdc-b28f-761c055acf36%2522%252C%2522url%2522%253A%2522http%25253A%25252F%25252Fzdorovia.com.ua%25252F%2522%257D
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate no-store no-transform
content-length
0
content-type
image/gif
date
Wed, 23 Nov 2022 02:54:50 GMT
expires
0
pragma
no-cache
server
nginx
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 3CAA 		99 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: file.adpartner.pro
URL: https://file.adpartner.pro/2297/2297845/zdorovia.com.ua_160x600_br1.html?content_width=980px&background_size=1710.5454545454545&top_padding=0&side_width=310&bg_url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fbackground_empty.jpg&unit_num=1550_92005143690506380&url=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F1550%2F2297845%2Ff6294f0f-e729-4bdc-b28f-761c055acf36%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjY5MTcyMDkwLCJzaG93X2lkIjoiZjYyOTRmMGYtZTcyOS00YmRjLWIyOGYtNzYxYzA1NWFjZjM2IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYjM5NmRlYWQtZDQwNy00NTIxLWJkMWMtMjBiMGVlNTg5NGZlIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%3D%3D%26hash%3D676d187b190c7157f4c37b8beb6ce1b1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
498d4a8a9610f606c29f97541aa92c90bcf97d91921fa9300316140fe09c788b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34260
x-xss-protection
0
server
cafe
etag
15308440261289487942
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 23 Nov 2022 02:54:50 GMT
dsp.aspx
inv-nets.admixer.net/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=2476404639050455.5&cpv=8f19ecb3-5368-39c6-50e3-a71978a364f6&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%22c6970a78-f860-3177-20db-ee3c5430b119%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fzdorovia.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22411baa6b-3ba6-945d-1c6c-82cde6fb4d82%22%2C%22tagid%22%3A%222d179f8a-367f-49ed-9a1f-d77deb57f009%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_2d179f8a367f49ed9a1fd77deb57f009_zone_2586_sect_360_site_360%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%2C%7B%22id%22%3A%2225501dbf-7591-6d6c-90dc-ed800b9bdddd%22%2C%22tagid%22%3A%22cdadfe55-ba49-47d5-9918-cc04aa357b98%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_cdadfe55ba4947d59918cc04aa357b98_zone_3636_sect_360_site_360%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%2C%7B%22id%22%3A%226f8f23e9-2c4f-5090-104e-5ea7e9fac7ab%22%2C%22tagid%22%3A%2293ae9d99-966b-415b-9964-9dc2489da01f%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_93ae9d99966b415b99649dc2489da01f_zone_6048_sect_360_site_360%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%5D%2C%22allimps%22%3A3%7D&am-uid=null&3rdEnabled=true&3rd=true
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
da7050bb017b5f4c54018984094cf4d8b66a2c68c6b98bdb5d9a30b5a39e3e8c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:51 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
2494
X-Xss-Protection
0
dsp.aspx
ads.go2net.com.ua/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.go2net.com.ua/dsp.aspx?sender=go2net&rct=4&v=2.0&rnd=8681707285725841&cpv=8f19ecb3-5368-39c6-50e3-a71978a364f6&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%227537e8ba-f4bf-d5f2-3258-cb6701e4f78e%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fzdorovia.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2270690a87-b0be-7582-84cd-1e88c33c27ee%22%2C%22tagid%22%3A%22ed2476d6-dc6a-46b4-b1f9-1613392c7015%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_ed2476d6dc6a46b4b1f91613392c7015_zone_13171_sect_3977_site_3547%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22go2net%22%7D%2C%7B%22id%22%3A%22287d22df-a9c0-5c85-f7d3-0aecc2db5739%22%2C%22tagid%22%3A%22211243eb-11ba-464c-a0c6-ba847f55b0ad%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_211243eb11ba464ca0c6ba847f55b0ad_zone_13175_sect_3977_site_3547%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22go2net%22%7D%5D%2C%22allimps%22%3A2%7D&am-uid=null&3rdEnabled=true&3rd=true
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
90efd1fdff3ea28dee1f9eefc4b5a2740f3dbc8043ca9b5d0eac7004c97f30e1
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:51 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
3303
X-Xss-Protection
0
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/ Frame 3CAA 		355 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9707866be52edc480c66c2ba065ba9b9863b5fa86609e3e7eeef94bd4df5bf80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:51 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119605
x-xss-protection
0
server
cafe
etag
1968227315973146227
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 23 Nov 2022 02:54:51 GMT
e1eee23f36481a69453f.b.js
scripts.go2net.com.ua/scripts3/51428/ 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.go2net.com.ua/scripts3/51428/e1eee23f36481a69453f.b.js
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc33
date
Wed, 23 Nov 2022 02:54:51 GMT
content-encoding
gzip
last-modified
Thu, 17 Nov 2022 09:23:01 GMT
server
nginx
etag
W/"6375fd75-702f"
vary
Accept-Encoding
x-cached-since
2022-11-22T10:47:50+00:00
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31622400
cache
HIT
expires
Sun, 19 Nov 2023 09:30:58 GMT
fdabe098f34289659a17.b.js
scripts.go2net.com.ua/scripts3/51428/ 		42 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.go2net.com.ua/scripts3/51428/fdabe098f34289659a17.b.js
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc33
date
Wed, 23 Nov 2022 02:54:51 GMT
content-encoding
gzip
last-modified
Thu, 17 Nov 2022 09:23:02 GMT
server
nginx
etag
W/"6375fd76-a793"
vary
Accept-Encoding
x-cached-since
2022-11-22T10:47:50+00:00
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31622400
cache
HIT
expires
Sun, 19 Nov 2023 09:30:58 GMT
84011c43c3075e543c6d.b.js
scripts.go2net.com.ua/scripts3/51428/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.go2net.com.ua/scripts3/51428/84011c43c3075e543c6d.b.js
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc33
date
Wed, 23 Nov 2022 02:54:51 GMT
content-encoding
gzip
last-modified
Thu, 17 Nov 2022 09:22:54 GMT
server
nginx
etag
W/"6375fd6e-326c"
vary
Accept-Encoding
x-cached-since
2022-11-22T10:47:50+00:00
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31622400
cache
HIT
expires
Sun, 19 Nov 2023 09:30:58 GMT
7103cce7fa6705169441.b.js
scripts.go2net.com.ua/scripts3/51428/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.go2net.com.ua/scripts3/51428/7103cce7fa6705169441.b.js
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
da5a6aaf22887d6be1d6aaf85b1bf31db6372817faeef47bd9f21b89fcb78109

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc33
date
Wed, 23 Nov 2022 02:54:51 GMT
content-encoding
gzip
last-modified
Thu, 17 Nov 2022 09:22:53 GMT
server
nginx
etag
W/"6375fd6d-2a79"
vary
Accept-Encoding
x-cached-since
2022-11-22T10:47:50+00:00
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31622400
cache
HIT
expires
Sun, 19 Nov 2023 09:30:58 GMT
f744d5275c14e0b3b41a.b.js
scripts.go2net.com.ua/scripts3/51428/ 		216 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.go2net.com.ua/scripts3/51428/f744d5275c14e0b3b41a.b.js
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
7dc2f5e7cae7a1e20249f7624c440a190bdc76f3a11ac17e6676cc5acd8eedb4

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc33
date
Wed, 23 Nov 2022 02:54:51 GMT
content-encoding
gzip
last-modified
Thu, 17 Nov 2022 09:23:02 GMT
server
nginx
etag
W/"6375fd76-360b6"
vary
Accept-Encoding
x-cached-since
2022-11-22T10:47:50+00:00
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31622400
cache
HIT
expires
Sun, 19 Nov 2023 09:30:58 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
177 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/51428/a21031c0f6a0994b3314.b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://zdorovia.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://zdorovia.com.ua
date
Wed, 23 Nov 2022 02:54:51 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/51428/a21031c0f6a0994b3314.b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://zdorovia.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://zdorovia.com.ua
date
Wed, 23 Nov 2022 02:54:51 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
bounce
ib.adnxs.com/
Redirect Chain
  • https://ib.adnxs.com/setuid?entity=533&code=d364e212501d4e3d804c2267b01abaeb
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D533%26code%3Dd364e212501d4e3d804c2267b01abaeb
43 B
848 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D533%26code%3Dd364e212501d4e3d804c2267b01abaeb
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 02:54:51 GMT
AN-X-Request-Uuid
d539b677-202c-4396-8acb-1b722b03f8dc
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.138.196.100; 217.138.196.100; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 02:54:51 GMT
AN-X-Request-Uuid
a03edcb0-44ef-467e-841d-e1561c358fe6
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D533%26code%3Dd364e212501d4e3d804c2267b01abaeb
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.138.196.100; 217.138.196.100; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cm-notify
creativecdn.com/
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=admixer
  • https://creativecdn.com/cm-notify?pi=admixer&tc=1
42 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creativecdn.com/cm-notify?pi=admixer&tc=1
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 23 Nov 2022 02:54:51 GMT, Wed, 23 Nov 2022 02:54:51 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
42
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://creativecdn.com/cm-notify?pi=admixer&tc=1
date
Wed, 23 Nov 2022 02:54:51 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160846&gdpr={gdpr}&gdpr_consent={consent}&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D160846%26pmc%3DPM_PMC%26pr%3Dhttps%253A...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160846&gdpr={gdpr}&gdpr_consent={consent}&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D160846%26pmc%3DPM_PMC%26pr%3Dhttps%253A...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MTU0MEVBNzctQUIxOS00M0VDLUFEMjItOUE4RDQzRjNDOERF&gdpr=0&gdpr_consent={consent}
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MTU0MEVBNzctQUIxOS00M0VDLUFEMjItOUE4RDQzRjNDOERF&gdpr=0&gdpr_consent={consent}&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent={consent}
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent={consent}
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=160846&pmc=1&pr=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D8B7CB874-411E-4307-9BD3-661F1CB0A0E6%26id%3D1540EA77-AB19-43EC-AD22-9A8D4...
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=8B7CB874-411E-4307-9BD3-661F1CB0A0E6&id=1540EA77-AB19-43EC-AD22-9A8D43F3C8DE
43 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=8B7CB874-411E-4307-9BD3-661F1CB0A0E6&id=1540EA77-AB19-43EC-AD22-9A8D43F3C8DE
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:52 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

location
https://inv-nets.admixer.net/adxcm.aspx?ssp=8B7CB874-411E-4307-9BD3-661F1CB0A0E6&id=1540EA77-AB19-43EC-AD22-9A8D43F3C8DE
date
Wed, 23 Nov 2022 02:54:51 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
/
adx.adform.net/adx/
Redirect Chain
  • https://adx.adform.net/adx/?rp=4&bWlkPTMyMzA0Mw&callback=globalAml.oid_126106&url=http%3A%2F%2Fzdorovia.com.ua%2F
  • https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTMyMzA0Mw&callback=globalAml.oid_126106&url=http%3A%2F%2Fzdorovia.com.ua%2F
28 B
583 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTMyMzA0Mw&callback=globalAml.oid_126106&url=http%3A%2F%2Fzdorovia.com.ua%2F
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
526f6793ec42dc549644b9af32188bc5e0c54186692b35572ec8a450abfde2a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:54:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
text/javascript
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:54:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
location
https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTMyMzA0Mw&callback=globalAml.oid_126106&url=http%3A%2F%2Fzdorovia.com.ua%2F
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
publishertag.js
static.criteo.net/js/ld/ 		121 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
87f31cded62015a1d11cce6be7a32b77405de2fb36f4b8a7c2c5a4ccabd6a403
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-1e444"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 24 Nov 2022 02:54:51 GMT
55453de97a118ce9
ads.us.e-planning.net/uspd/1/ Frame 71C7
Redirect Chain
  • https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
  • https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
1 KB
992 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Requested by
Host: ads.go2net.com.ua
URL: https://ads.go2net.com.ua/dsp.aspx?sender=go2net&rct=4&v=2.0&rnd=8681707285725841&cpv=8f19ecb3-5368-39c6-50e3-a71978a364f6&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%227537e8ba-f4bf-d5f2-3258-cb6701e4f78e%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fzdorovia.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2270690a87-b0be-7582-84cd-1e88c33c27ee%22%2C%22tagid%22%3A%22ed2476d6-dc6a-46b4-b1f9-1613392c7015%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_ed2476d6dc6a46b4b1f91613392c7015_zone_13171_sect_3977_site_3547%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22go2net%22%7D%2C%7B%22id%22%3A%22287d22df-a9c0-5c85-f7d3-0aecc2db5739%22%2C%22tagid%22%3A%22211243eb-11ba-464c-a0c6-ba847f55b0ad%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_211243eb11ba464ca0c6ba847f55b0ad_zone_13175_sect_3977_site_3547%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22go2net%22%7D%5D%2C%22allimps%22%3A2%7D&am-uid=null&3rdEnabled=true&3rd=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.251 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
ads.us.e-plannning.net
Software
openresty /
Resource Hash
3c514fa9a2ccf695321cd103d47a909f166dc769f849828a0a17c118b92e0123

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Wed, 23 Nov 2022 02:54:51 GMT
expires
Wed, 23 Nov 2022 02:54:51 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-929

Redirect headers

content-type
text/html; charset=iso-8859-1
date
Wed, 23 Nov 2022 02:54:51 GMT
location
/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-929
/
onetag-sys.com/usync/ Frame 4849 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=59d216e971852f2
Requested by
Host: ads.go2net.com.ua
URL: https://ads.go2net.com.ua/dsp.aspx?sender=go2net&rct=4&v=2.0&rnd=8681707285725841&cpv=8f19ecb3-5368-39c6-50e3-a71978a364f6&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%227537e8ba-f4bf-d5f2-3258-cb6701e4f78e%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fzdorovia.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2270690a87-b0be-7582-84cd-1e88c33c27ee%22%2C%22tagid%22%3A%22ed2476d6-dc6a-46b4-b1f9-1613392c7015%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_ed2476d6dc6a46b4b1f91613392c7015_zone_13171_sect_3977_site_3547%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22go2net%22%7D%2C%7B%22id%22%3A%22287d22df-a9c0-5c85-f7d3-0aecc2db5739%22%2C%22tagid%22%3A%22211243eb-11ba-464c-a0c6-ba847f55b0ad%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_211243eb11ba464ca0c6ba847f55b0ad_zone_13175_sect_3977_site_3547%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22go2net%22%7D%5D%2C%22allimps%22%3A2%7D&am-uid=null&3rdEnabled=true&3rd=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
sync.html
s.adtelligent.com/ Frame A136 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=707176
Requested by
Host: ads.go2net.com.ua
URL: https://ads.go2net.com.ua/dsp.aspx?sender=go2net&rct=4&v=2.0&rnd=8681707285725841&cpv=8f19ecb3-5368-39c6-50e3-a71978a364f6&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%227537e8ba-f4bf-d5f2-3258-cb6701e4f78e%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fzdorovia.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2270690a87-b0be-7582-84cd-1e88c33c27ee%22%2C%22tagid%22%3A%22ed2476d6-dc6a-46b4-b1f9-1613392c7015%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_ed2476d6dc6a46b4b1f91613392c7015_zone_13171_sect_3977_site_3547%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22go2net%22%7D%2C%7B%22id%22%3A%22287d22df-a9c0-5c85-f7d3-0aecc2db5739%22%2C%22tagid%22%3A%22211243eb-11ba-464c-a0c6-ba847f55b0ad%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_211243eb11ba464ca0c6ba847f55b0ad_zone_13175_sect_3977_site_3547%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22go2net%22%7D%5D%2C%22allimps%22%3A2%7D&am-uid=null&3rdEnabled=true&3rd=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.172.58 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
47ae74293df7fbda5e9431bd22baa78cc98fb2dbebe81c1d5b59bbe2ab7a4e3a

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
http://zdorovia.com.ua
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
1363
Content-Type
text/html; charset=UTF-8
Date
Wed, 23 Nov 2022 02:54:50 GMT
Server
Adtelligent
X-Robots-Tag
noindex
mmr445.gif
us.ck-ie.com/ 		0
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us.ck-ie.com/mmr445.gif?gdpr=&gdpr_consent=[GDPRConsent]&us_privacy=[USPrivacy]&coppa=[COPPA]&puid=d364e212501d4e3d804c2267b01abaeb
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.108.194 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:51 GMT
Server
nginx
Connection
keep-alive
Content-Type
text/plain
sync
t.adx.opera.com/ 		35 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.adx.opera.com/sync?vendor=60022&uid=d364e212501d4e3d804c2267b01abaeb
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS
n-sysadmin-jumpbox-03.feednews.opera.technology
Software
Tengine /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:54:51 GMT
server
Tengine
access-control-allow-methods
POST, GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58613/occ
  • https://ups.analytics.yahoo.com/ups/58613/occ?verify=true
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=C08DEACC-8D75-434A-AEB2-F33238E285A8&id=y-zq9wkTZE2uHhrv1qu1YmLe9KLMQ5jm58MDcPDTI-~A
43 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=C08DEACC-8D75-434A-AEB2-F33238E285A8&id=y-zq9wkTZE2uHhrv1qu1YmLe9KLMQ5jm58MDcPDTI-~A
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:51 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

location
https://inv-nets.admixer.net/adxcm.aspx?ssp=C08DEACC-8D75-434A-AEB2-F33238E285A8&id=y-zq9wkTZE2uHhrv1qu1YmLe9KLMQ5jm58MDcPDTI-~A
date
Wed, 23 Nov 2022 02:54:51 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}
  • https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}&crf=1
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=bc75d50b-8dab-5247-a8a3-d173cbde5a08
43 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=bc75d50b-8dab-5247-a8a3-d173cbde5a08
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:51 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

location
https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=bc75d50b-8dab-5247-a8a3-d173cbde5a08
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
cm.aspx
inv-nets.admixer.net/bs/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=admixer&user_id=d364e212501d4e3d804c2267b01abaeb&gdpr=&gdpr_consent=&us_privacy=[usPrivacy]
  • https://x.bidswitch.net/ul_cb/sync?ssp=admixer&user_id=d364e212501d4e3d804c2267b01abaeb&gdpr=&gdpr_consent=&us_privacy=[usPrivacy]
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=admixer
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=admixer
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=bf160c69-9d66-4d7b-9c0f-dbedc0395ec2&ssp=admixer
  • https://inv-nets.admixer.net/bs/cm.aspx?id=9e649be7-33c8-4031-a1f7-94900454b0f2&gdpr=&consent=&gdpr_pd=
43 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/bs/cm.aspx?id=9e649be7-33c8-4031-a1f7-94900454b0f2&gdpr=&consent=&gdpr_pd=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:51 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

location
//inv-nets.admixer.net/bs/cm.aspx?id=9e649be7-33c8-4031-a1f7-94900454b0f2&gdpr=&consent=&gdpr_pd=
date
Wed, 23 Nov 2022 02:54:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
cs
cs.yellowblue.io/
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160321&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11576%26id%3Dd364e212501d4e3d804c2267b01abaeb
  • https://cs.yellowblue.io/cs?aid=11576&id=d364e212501d4e3d804c2267b01abaeb
0
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11576&id=d364e212501d4e3d804c2267b01abaeb
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
23.23.180.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-23-180-179.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
http://zdorovia.com.ua/
date
Wed, 23 Nov 2022 02:54:51 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

location
https://cs.yellowblue.io/cs?aid=11576&id=d364e212501d4e3d804c2267b01abaeb
date
Wed, 23 Nov 2022 02:54:50 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
100
content-type
text/html; charset=utf-8
admixer
exchange.buzzoola.com/cookiesync/ssp/
Redirect Chain
  • https://exchange.buzzoola.com/cookiesync/ssp/admixer?uid=d364e212501d4e3d804c2267b01abaeb
  • https://exchange.buzzoola.com/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=d364e212501d4e3d804c2267b01abaeb
43 B
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.buzzoola.com/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=d364e212501d4e3d804c2267b01abaeb
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
144.76.118.200 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.200.118.76.144.clients.your-server.de
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:51 GMT
server
nginx
content-length
43
serverid
TODO
content-type
image/gif

Redirect headers

location
/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=d364e212501d4e3d804c2267b01abaeb
date
Wed, 23 Nov 2022 02:54:51 GMT
server
nginx
etag
W/"c512fd6f993c942396be1a35af3c9f7a07d7ed3d533bd9f0fa97d68efe4fc995"
content-length
122
serverid
TODO
content-type
text/html; charset=utf-8
32f540592c6f5d89e450bc780e487e2a.gif
cs.mobfox.com/ 		42 B
510 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.mobfox.com/32f540592c6f5d89e450bc780e487e2a.gif?puid=d364e212501d4e3d804c2267b01abaeb&redir=[RED]
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.2.110.206 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 02:54:51 GMT
Server
nginx/1.20.1
Transfer-Encoding
chunked
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D5BDCF84A-C9CB-4519-8A23-C01743D4AC38%26id%3D%7Buser_id%7D
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5BDCF84A-C9CB-4519-8A23-C01743D4AC38&id=b396dead-d407-4521-bd1c-20b0ee5894fe
43 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=5BDCF84A-C9CB-4519-8A23-C01743D4AC38&id=b396dead-d407-4521-bd1c-20b0ee5894fe
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:51 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

location
https://inv-nets.admixer.net/adxcm.aspx?ssp=5BDCF84A-C9CB-4519-8A23-C01743D4AC38&id=b396dead-d407-4521-bd1c-20b0ee5894fe
date
Wed, 23 Nov 2022 02:54:51 GMT
cache-control
no-store no-transform
server
nginx
content-length
190
content-type
text/html; charset=utf-8
1px-matching-admixer.gif
m.trafmag.com/images/ 		35 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.trafmag.com/images/1px-matching-admixer.gif?id=d364e212501d4e3d804c2267b01abaeb
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
adforce.team
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
Date
Wed, 23 Nov 2022 02:54:51 GMT
Server
nginx
Connection
keep-alive
Content-Length
35
P3P
CP="NON DSP COR CURa TIA"
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://rtb.com.ru/admixer-sync?uid=d364e212501d4e3d804c2267b01abaeb
  • https://rtb.com.ru/sync?noRedirect=&sspKey=36&sspUserID=d364e212501d4e3d804c2267b01abaeb
  • https://cm.g.doubleclick.net/pixel?google_nid=adspend&google_cm&google_hm=637d8b7b05f70871e6834211&r=https%3A%2F%2Fprodmp.ru%2Frefocus.gif%3Fdsp_provider_id%3D2%26uid%3D637d8b7b05f70871e6834211%26d...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adspend&google_cm&google_hm=637d8b7b05f70871e6834211&r=https%3A%2F%2Fprodmp.ru%2Frefocus.gif%3Fdsp_provider_id%3D2%26uid%3D637d8b7b05f70871e6834211%26duid%3Dd364e212501d4e3d804c2267b01abaeb%26r%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253D6472613%2526id%253D637d8b7b05f70871e6834211%2526dest%253Dhttps%25253A%25252F%25252Fdmg.digitaltarget.ru%25252F1%25252F224%25252Fi%25252Fi%25253Fa%25253D224%252526e%25253D637d8b7b05f70871e6834211%252526i%25253D1588572724668968874%252526r%25253Dhttps%2525253A%2525252F%2525252Fsync.1dmp.io%2525252Fpixel.gif%2525253Fcid%2525253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%25252526pid%2525253Dw%25252526uid%2525253D637d8b7b05f70871e6834211%25252526ru%2525253Dhttps%252525253A%252525252F%252525252Fcm.p.altergeo.ru%252525252Fspnd%252525253Faid%252525253D637d8b7b05f70871e6834211%2525252526nc%252525253D2226515579124781670%2525252526url%252525253Dhttps%25252525253A%25252525252F%25252525252Fadx.com.ru%25252525252Fadspend-sync%25252525253Fuid%25252525253D637d8b7b05f70871e6834211%252525252526r%25252525253Dhttps%2525252525253A%2525252525252F%2525252525252Fan.yandex.ru%2525252525252Fsetud%2525252525252Fadspend%2525252525252FX78iaYfnPGSuvewK8yPYGH%2525252525253Fsign%2525252525253D190296490%25252525252526location%2525252525253Dhttps%252525252525253A%252525252525252F%252525252525252Fmc.yandex.ru%252525252525252Fwatch%252525252525252F65195605
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:54:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 23 Nov 2022 02:54:51 GMT
Server
nginx/1.18.0
P3p
CP="rtb.com.ru does not have a P3P policy"
Location
https://cm.g.doubleclick.net/pixel?google_nid=adspend&google_cm&google_hm=637d8b7b05f70871e6834211&r=https%3A%2F%2Fprodmp.ru%2Frefocus.gif%3Fdsp_provider_id%3D2%26uid%3D637d8b7b05f70871e6834211%26duid%3Dd364e212501d4e3d804c2267b01abaeb%26r%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253D6472613%2526id%253D637d8b7b05f70871e6834211%2526dest%253Dhttps%25253A%25252F%25252Fdmg.digitaltarget.ru%25252F1%25252F224%25252Fi%25252Fi%25253Fa%25253D224%252526e%25253D637d8b7b05f70871e6834211%252526i%25253D1588572724668968874%252526r%25253Dhttps%2525253A%2525252F%2525252Fsync.1dmp.io%2525252Fpixel.gif%2525253Fcid%2525253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%25252526pid%2525253Dw%25252526uid%2525253D637d8b7b05f70871e6834211%25252526ru%2525253Dhttps%252525253A%252525252F%252525252Fcm.p.altergeo.ru%252525252Fspnd%252525253Faid%252525253D637d8b7b05f70871e6834211%2525252526nc%252525253D2226515579124781670%2525252526url%252525253Dhttps%25252525253A%25252525252F%25252525252Fadx.com.ru%25252525252Fadspend-sync%25252525253Fuid%25252525253D637d8b7b05f70871e6834211%252525252526r%25252525253Dhttps%2525252525253A%2525252525252F%2525252525252Fan.yandex.ru%2525252525252Fsetud%2525252525252Fadspend%2525252525252FX78iaYfnPGSuvewK8yPYGH%2525252525253Fsign%2525252525253D190296490%25252525252526location%2525252525253Dhttps%252525252525253A%252525252525252F%252525252525252Fmc.yandex.ru%252525252525252Fwatch%252525252525252F65195605
Content-Type
text/html; charset=utf-8
Cache-Control
max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Length
1464
idsync
idsync.admixer.co.kr/ 		43 B
904 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.admixer.co.kr:4450/idsync?pid=103&uid=d364e212501d4e3d804c2267b01abaeb
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
183.110.238.136 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
/
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 23-Nov-2022 11:54:52 +0900
Content-Type
image/gif;
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP LAW NID PSA ADM OUR IND NAV COM"
Cache-Control
private, max-age=0, no-cache, no-store
Connection
close
Content-Length
43
Expires
Mon, 01 Jan 2000 00:00:00 +0900
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://sync.lemmatechnologies.com/setuid?publisher=144&gdpr=&gdpr_consent=&redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D5EB91493-F210-4EA3-B3C6-1AE3BD948878%26id%3Dd364e212501d...
  • https://x.bidswitch.net/sync?ssp=lemma&user_id=3381dc13-6ada-11ed-b3f8-801844df0ab8
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dlemma%26expires%3D30%26user...
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=bc75d50b-8dab-5247-a8a3-d173cbde5a08&ssp=lemma&expires=30&user_group=1&gdpr=&gdpr_consent=
  • https://sync.lemmatechnologies.com/setuid?bidder=bidswitch&uid=9e649be7-33c8-4031-a1f7-94900454b0f2
  • https://x.bidswitch.net/sync?ssp=lemma&user_id=3381dc13-6ada-11ed-b3f8-801844df0ab8
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=lemma&bsw_custom_parameter=9e649be7-33c8-4031-a1f7-94900454b0f2&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=589c8d80-bc6f-4a24-9155-6b69c32c5d85&expires=1&user_group=5&ssp=lemma&bsw_param=9e649be7-33c8-4031-a1f7-94900454b0f2
  • https://sync.lemmatechnologies.com/setuid?bidder=bidswitch&uid=9e649be7-33c8-4031-a1f7-94900454b0f2
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5EB91493-F210-4EA3-B3C6-1AE3BD948878&id=d364e212501d4e3d804c2267b01abaeb3381dc13-6ada-11ed-b3f8-801844df0ab8
43 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=5EB91493-F210-4EA3-B3C6-1AE3BD948878&id=d364e212501d4e3d804c2267b01abaeb3381dc13-6ada-11ed-b3f8-801844df0ab8
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:53 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:54:53 GMT
vary
Origin
content-type
text/html; charset=utf-8
location
https://inv-nets.admixer.net/adxcm.aspx?ssp=5EB91493-F210-4EA3-B3C6-1AE3BD948878&id=d364e212501d4e3d804c2267b01abaeb3381dc13-6ada-11ed-b3f8-801844df0ab8
cache-control
no-cache, no-store, must-revalidate
content-length
179
expires
0
sync.html
s.console.adtarget.com.tr/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=517350
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.83.70.2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
pic.gif
pa.tns-ua.com/bug/
Redirect Chain
  • https://pa.tns-ua.com/bug/pic.gif?tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=d364e212501d4e3d804c2267b01abaeb
  • https://pa.tns-ua.com/bug/pic.gif?cookie_detect=ZF2D8EBCEF664007890F3520B12A7E92&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=d364e212501d4e3d804c2267b01abaeb
56 B
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pa.tns-ua.com/bug/pic.gif?cookie_detect=ZF2D8EBCEF664007890F3520B12A7E92&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=d364e212501d4e3d804c2267b01abaeb
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 23 Nov 2022 02:54:51 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.13.0
expires
-1

Redirect headers

location
https://pa.tns-ua.com/bug/pic.gif?cookie_detect=ZF2D8EBCEF664007890F3520B12A7E92&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=d364e212501d4e3d804c2267b01abaeb
date
Wed, 23 Nov 2022 02:54:51 GMT
cache-control
no-cache
server
nginx/1.13.0
content-length
0
expires
-1
1px-matching-go2net.gif
m.trafmag.com/images/ 		35 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.trafmag.com/images/1px-matching-go2net.gif?id=d364e212501d4e3d804c2267b01abaeb
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
adforce.team
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
Date
Wed, 23 Nov 2022 02:54:51 GMT
Server
nginx
Connection
keep-alive
Content-Length
35
P3P
CP="NON DSP COR CURa TIA"
usermatchredir
ssum-sec.casalemedia.com/
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=197200&cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D&s=197200&C=1
43 B
877 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D&s=197200&C=1
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Server
104.18.33.19 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:54:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TJZNrvKM8DKSPia9nrMRvPTCu2Z9KJHB0nTZT0lejD2BJPoKiWR7UnGopZPgBhzO0zuANJAgUBkLIxyKaamBNdbuyTNlk0r0JUQ0pmCMNalm8zGMvKOZ46t%2FjCeR%2BcuWWYMXSVY3lLCxGw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
76e69f65af4a549f-MAN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:54:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ydkcdl5J1aBXYKSVSxd0CfHGqbjcl%2FqvRDnN5icrQExahHlglOprGq1pIroHpmtNthJIXzFCxyi%2BcpnFqbst4RaJO2zGrdVTRFM%2Fel%2FnRiOIq5BHJnYTjYZl2jHUo5orNBzCXYOcCM8sWw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/usermatchredir?cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D&s=197200&C=1
cache-control
no-cache
cf-ray
76e69f650a9535ef-MAN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
sfaf25.gif
us.ck-ie.com/ 		0
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us.ck-ie.com/sfaf25.gif?puid=d364e212501d4e3d804c2267b01abaeb
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.108.194 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:51 GMT
Server
nginx
Connection
keep-alive
Content-Type
text/plain
pixel
ap.lijit.com/ 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?gdpr=&gdpr_consent=&redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DA0E94EB6-7943-457A-8B17-9C99C6ADCED2%26id%3D%24UID
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 23 Nov 2022 02:54:51 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
ev_prebid.aspx
inv-nets.admixer.net/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/ev_prebid.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=d364e212501d4e3d804c2267b01abaeb&zone=CDADFE55-BA49-47D5-9918-CC04AA357B98&device=28&rule=ADE861B3-EDBC-4AC5-80B5-66123FFCB502&requestId=439bbd0a-0ec2-45cc-9dae-2228a6ea58c9&hp=1048539382&page=zdorovia.com.ua%2F&segments=1%2C489%2C4&ts=638047688910440860&ap=MA%3D%3D&asign=-825694682&sync=88&bt=3&carr=M247+Europe+SRL&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=5D3CBAA6-D0E0-46E1-BCB3-F86C6C80C2F1&inst=ADS-EU-6&pxl=0&pvid=099ca7e9-8eee-43fc-8e48-e67e2db2a058&ip=217.138.196.100&item=2C5EF17D-B996-4A90-AEDF-0FF46DF1CE39&crid=2C5EF17D-B996-4A90-AEDF-0FF46DF1CE39&size=350x240&profile=A0E4EF3E-1F40-4319-A1CF-B36A82B3ABD5&isopt=0&adv=N%2FA&dsp=Admixer+Display&dstUrl=&cet=18&sw=[e=screen.width]&sh=[e=screen.height]
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 23 Nov 2022 02:54:51 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
ev_prebid.aspx
inv-nets.admixer.net/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/ev_prebid.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=d364e212501d4e3d804c2267b01abaeb&zone=2D179F8A-367F-49ED-9A1F-D77DEB57F009&device=28&rule=AC37E472-A7BC-417C-9557-81E776BB6B82&requestId=8b3e7586-09cf-4169-86b7-7ee44a1e0b09&hp=1048539382&page=zdorovia.com.ua%2F&segments=1%2C489%2C4&ts=638047688910440860&ap=MA%3D%3D&asign=-541192059&sync=88&bt=3&carr=M247+Europe+SRL&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=5D3CBAA6-D0E0-46E1-BCB3-F86C6C80C2F1&inst=ADS-EU-6&pxl=0&pvid=099ca7e9-8eee-43fc-8e48-e67e2db2a058&ip=217.138.196.100&item=2C5EF17D-B996-4A90-AEDF-0FF46DF1CE39&crid=2C5EF17D-B996-4A90-AEDF-0FF46DF1CE39&size=350x240&profile=A0E4EF3E-1F40-4319-A1CF-B36A82B3ABD5&isopt=0&adv=N%2FA&dsp=Admixer+Display&dstUrl=&cet=18&sw=[e=screen.width]&sh=[e=screen.height]
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 23 Nov 2022 02:54:51 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
cdb
bidder.criteo.com/ 		229 B
470 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=132&profileId=184&cb=48384476632
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
0b4f1f20b8a1f326257348655b77d49c76385941f5df5d393dfa73c3f07fd74f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
http://zdorovia.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 23 Nov 2022 02:54:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
http://zdorovia.com.ua
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
201
cdb
bidder.criteo.com/ 		229 B
469 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=132&profileId=184&cb=45301306106
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
9cfaeaebc3d35cd957192c74bad8805c3cc4d2600778b02ef6e3da9f200396dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
http://zdorovia.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 23 Nov 2022 02:54:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
http://zdorovia.com.ua
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
201
cdb
bidder.criteo.com/ 		229 B
469 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=132&profileId=184&cb=40621664132
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
eb6d0bc02b71c902df98ebbffeafa724d0a9b46a1eeb7010e41b1cfb1fe8da1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
http://zdorovia.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 23 Nov 2022 02:54:50 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
http://zdorovia.com.ua
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
201
ptag
a.audrte.com/ Frame 71C7 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.183.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-183-146.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
e4c87115834c3f04ac6e40927af4b0bcf6b839058344964a2eba9c787360ebc6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:51 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1649
lotame20220615.js
s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/ Frame 71C7 		566 B
521 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.250 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:51 GMT
content-encoding
gzip
last-modified
Wed, 15 Jun 2022 16:21:31 GMT
server
openresty
etag
W/"62aa070b-236"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Mon, 22 Nov 2027 02:54:51 GMT
um
u-ams03.e-planning.net/ Frame 71C7
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3Db2fa57c77b829b93%26uid%3D%24UID
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=b2fa57c77b829b93&uid=3740268398524048266
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=b2fa57c77b829b93&uid=3740268398524048266
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
185.172.90.252 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

server
openresty
date
Wed, 23 Nov 2022 02:54:51 GMT
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 02:54:51 GMT
AN-X-Request-Uuid
87fef848-ca3a-4208-9a56-15217c020806
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=b2fa57c77b829b93&uid=3740268398524048266
Connection
keep-alive
X-Proxy-Origin
217.138.196.100; 217.138.196.100; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dtscout20220831.js
s.e-planning.net/esb/4/0/1992d/1cb3be2948515989/ Frame 71C7 		478 B
514 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/1cb3be2948515989/dtscout20220831.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.250 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
bc9316039e195480aa7580b1acd1619b0d1290c164abcd64ce536f15a32f0996

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:51 GMT
content-encoding
gzip
last-modified
Wed, 31 Aug 2022 19:37:37 GMT
server
openresty
etag
W/"630fb881-1de"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Mon, 22 Nov 2027 02:54:51 GMT
integrator.js
adservice.google.co.uk/adsid/ Frame 3CAA 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=file.adpartner.pro
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 3CAA 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=file.adpartner.pro
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame D677 		603 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_1&adk=1620915178&adf=2310543992&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_92005143690506380%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252Ff6294f0f-e729-4bdc-b28f-761c055acf36%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjY5MTcyMDkwLCJzaG93X2lkIjoiZjYyOTRmMGYtZTcyOS00YmRjLWIyOGYtNzYxYzA1NWFjZjM2IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYjM5NmRlYWQtZDQwNy00NTIxLWJkMWMtMjBiMGVlNTg5NGZlIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D676d187b190c7157f4c37b8beb6ce1b1&wgl=1&dt=1669172091077&bpp=14&bdt=197&idt=284&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=2517354019158&frm=22&ife=1&pv=2&ga_vid=1951171059.1669172091&ga_sid=1669172091&ga_hid=1374441472&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=827021184&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44773809%2C42531705%2C44777506%2C44777948&oid=2&pvsid=1336550878665547&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.jjdeic54bucn&fsb=1&xpc=AW8QE0jNoR&p=https%3A//file.adpartner.pro&dtd=312
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 02:54:51 GMT
expires
Wed, 23 Nov 2022 02:54:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
usync.html
eus.rubiconproject.com/ Frame 0085
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_eu&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 23 Nov 2022 02:54:51 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 23 Nov 2022 02:54:51 GMT
location
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
server
AkamaiGHost
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame 5020 		1 KB
1011 B 		Document
General
Check archive.org
Download Go to
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Lovettsville, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=157680000
cf4age
0
cf4ttl
157680000.000
content-encoding
gzip
content-length
624
content-type
text/html
date
Wed, 23 Nov 2022 02:54:51 GMT
etag
W/"61ddbb71-5f5"
expires
Tue, 09 Nov 2027 12:27:06 GMT
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
server
CFS 0215
x-cf-rand
21.090
x-cf-reqid
449e00a086e977f77dc2e22c38e725d5
x-cf-tsc
1668083227
x-cf1
29080:fC.waw1:co:1585621119:cacheN.waw1-01:H
x-cf2
H
x-cf3
M
x-cff
B
/
spl.zeotap.com/ Frame B535 		8 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40331291b51a5ec7e43b6e6c15f61d98fa0e79d2d3171be8c98ed13e0327111f

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
cf-cache-status
DYNAMIC
cf-ray
76e69f63b993730e-LHR
content-encoding
br
content-type
text/html
date
Wed, 23 Nov 2022 02:54:51 GMT
server
cloudflare
vary
Origin
via
1.1 google
ads
googleads.g.doubleclick.net/pagead/ Frame 63E7 		80 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_2&adk=1974494150&adf=162286153&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_92005143690506380%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252Ff6294f0f-e729-4bdc-b28f-761c055acf36%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjY5MTcyMDkwLCJzaG93X2lkIjoiZjYyOTRmMGYtZTcyOS00YmRjLWIyOGYtNzYxYzA1NWFjZjM2IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYjM5NmRlYWQtZDQwNy00NTIxLWJkMWMtMjBiMGVlNTg5NGZlIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D676d187b190c7157f4c37b8beb6ce1b1&wgl=1&dt=1669172091096&bpp=2&bdt=216&idt=306&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&prev_slotnames=zdorovia.com.ua_160x600_br_1&correlator=2517354019158&frm=22&ife=1&pv=1&ga_vid=1951171059.1669172091&ga_sid=1669172091&ga_hid=1374441472&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=827021184&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44773809%2C42531705%2C44777506%2C44777948&oid=2&pvsid=1336550878665547&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.5xw6kjwz6amw&fsb=1&xpc=i7NWMsWpiw&p=https%3A//file.adpartner.pro&dtd=312
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1189596b1e09f2494d07d567cb64761d51be0198a118cc4e951563f87585f345
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
30750
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 02:54:51 GMT
expires
Wed, 23 Nov 2022 02:54:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
loader2.js
scripts.go2net.com.ua/scripts3/ Frame 6681 		176 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.go2net.com.ua/scripts3/loader2.js
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
7728946db189aa5afd0b17d585fd24521909793a688ec2ef72c019a8bf92dc97

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc33
date
Wed, 23 Nov 2022 02:54:51 GMT
content-encoding
gzip
last-modified
Thu, 17 Nov 2022 09:22:42 GMT
server
nginx
etag
W/"6375fd62-2c101"
x-cached-since
2022-11-22T18:19:22+00:00
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=600
cache
HIT
expires
Fri, 18 Nov 2022 18:28:57 GMT
media
a4p.adpartner.pro/ Frame 01CC
Redirect Chain
  • http://a4p.adpartner.pro/media?site_id=444&unit_id=7434
  • https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
82f3fa7c45c7a92732a70cd7185c1a439b0cf6c61119a1323bacb651b1d35301

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:51 GMT
cache-control
no-store no-transform
content-encoding
br
server
nginx
content-type
text/html; charset=utf-8

Redirect headers

Location
https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Date
Wed, 23 Nov 2022 02:54:51 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=20
Content-Length
162
Content-Type
text/html
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 3C9F 		143 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4954ce6c864a98f07a4644ca74ae36f7c5e4afe7cf56526cb03fb589df7a082a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:51 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49175
x-xss-protection
0
server
cafe
etag
14571862032919643952
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 23 Nov 2022 02:54:51 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 9CD1 		143 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
550c9751b35c73d20d0182c4d815d8353c2eb4871b31f4229ba40b0f1874c660
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:51 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49168
x-xss-protection
0
server
cafe
etag
6306121782290928186
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 23 Nov 2022 02:54:51 GMT
ev_view.aspx
inv-nets.admixer.net/ 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/ev_view.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=d364e212501d4e3d804c2267b01abaeb&cet=4&zone=93AE9D99-966B-415B-9964-9DC2489DA01F&rule=F3EF79B2-6D00-49A9-BD57-2DD742B532C5&requestId=f935d309-79a3-42b6-ab7b-a23bdcfacee9&hp=1048539382&page=zdorovia.com.ua%2F&pvid=099ca7e9-8eee-43fc-8e48-e67e2db2a058&inst=ADS-EU-6&ts=638047688910440860&sf=0
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:51 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
ev_view.aspx
ads.go2net.com.ua/ 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.go2net.com.ua/ev_view.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=d364e212501d4e3d804c2267b01abaeb&cet=4&zone=ED2476D6-DC6A-46B4-B1F9-1613392C7015&rule=8CE3A43A-8167-46D4-BBE3-364D0CBC2653&requestId=b628c5af-9f2f-4417-b2ea-381aaa5db9aa&hp=1048539382&page=zdorovia.com.ua%2F&pvid=079e1eff-d776-4bad-bb1a-14d1b9f95baf&inst=ADS-EU-6&ts=638047688911409197&sf=0
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:51 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
ev_view.aspx
inv-nets.admixer.net/ 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/ev_view.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=d364e212501d4e3d804c2267b01abaeb&cet=4&zone=CDADFE55-BA49-47D5-9918-CC04AA357B98&rule=F7CAC5CE-3E5F-4671-95C3-F259A87AC033&requestId=439bbd0a-0ec2-45cc-9dae-2228a6ea58c9&hp=1048539382&page=zdorovia.com.ua%2F&pvid=099ca7e9-8eee-43fc-8e48-e67e2db2a058&inst=ADS-EU-6&ts=638047688910440860&sf=0
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:51 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
ev_view.aspx
inv-nets.admixer.net/ 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/ev_view.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=d364e212501d4e3d804c2267b01abaeb&cet=4&zone=2D179F8A-367F-49ED-9A1F-D77DEB57F009&rule=D1C84BF2-B360-43A6-B9BA-D08AD0CF3C93&requestId=8b3e7586-09cf-4169-86b7-7ee44a1e0b09&hp=1048539382&page=zdorovia.com.ua%2F&pvid=099ca7e9-8eee-43fc-8e48-e67e2db2a058&inst=ADS-EU-6&ts=638047688910440860&sf=0
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:51 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
events
bidder.criteo.com/csm/ 		0
215 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
http://zdorovia.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 23 Nov 2022 02:54:50 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
http://zdorovia.com.ua
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
ev_prebid.aspx
ads.go2net.com.ua/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.go2net.com.ua/ev_prebid.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=d364e212501d4e3d804c2267b01abaeb&zone=211243EB-11BA-464C-A0C6-BA847F55B0AD&device=28&rule=323CA158-54EA-47F4-83D3-BA5C22D4CCE1&requestId=5045f127-d73d-4249-83f8-3bf4845ad160&hp=1048539382&page=zdorovia.com.ua%2F&segments=4%2C1%2C489&ts=638047688911409197&ap=MA%3D%3D&asign=-1272849674&sync=57%2C80%2C3%2C98%2C88%2C96&bt=3&carr=M247+Europe+SRL&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=E4391929-8523-47EC-9B3C-357AB8574452&inst=ADS-EU-6&pxl=0&pvid=079e1eff-d776-4bad-bb1a-14d1b9f95baf&ip=217.138.196.100&item=4AFBC992-727F-4939-8CA8-A11954B7F1F7&crid=4AFBC992-727F-4939-8CA8-A11954B7F1F7&size=300x600&profile=94EE5311-0516-4D72-8091-7984FDECE4E0&isopt=0&adv=Criteo+RU&dsp=Criteo+DE&dstUrl=http%3A%2F%2F&cet=18&sw=[e=screen.width]&sh=[e=screen.height]
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 23 Nov 2022 02:54:51 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
events
bidder.criteo.com/csm/ 		0
215 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
http://zdorovia.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 23 Nov 2022 02:54:51 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
http://zdorovia.com.ua
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
ev_prebid.aspx
ads.go2net.com.ua/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.go2net.com.ua/ev_prebid.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=d364e212501d4e3d804c2267b01abaeb&zone=211243EB-11BA-464C-A0C6-BA847F55B0AD&device=28&rule=323CA158-54EA-47F4-83D3-BA5C22D4CCE1&requestId=5045f127-d73d-4249-83f8-3bf4845ad160&hp=1048539382&page=zdorovia.com.ua%2F&segments=1%2C489%2C4&ts=638047688911409197&ap=MA%3D%3D&asign=-1272849674&sync=57%2C80%2C3%2C98%2C88%2C96&bt=3&carr=M247+Europe+SRL&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=E4391929-8523-47EC-9B3C-357AB8574452&inst=ADS-EU-6&pxl=0&pvid=079e1eff-d776-4bad-bb1a-14d1b9f95baf&ip=217.138.196.100&item=B980198E-7D27-4345-9615-F31943C77F0C&crid=B980198E-7D27-4345-9615-F31943C77F0C&size=240x400&profile=346392F6-218B-4A4F-8151-E8B46F15EB2A&isopt=0&adv=Criteo+RU&dsp=Criteo+DE&dstUrl=http%3A%2F%2F&cet=18&sw=[e=screen.width]&sh=[e=screen.height]
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 23 Nov 2022 02:54:51 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
events
bidder.criteo.com/csm/ 		0
215 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
http://zdorovia.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 23 Nov 2022 02:54:50 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
http://zdorovia.com.ua
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
ev_prebid.aspx
ads.go2net.com.ua/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.go2net.com.ua/ev_prebid.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=d364e212501d4e3d804c2267b01abaeb&zone=211243EB-11BA-464C-A0C6-BA847F55B0AD&device=28&rule=323CA158-54EA-47F4-83D3-BA5C22D4CCE1&requestId=5045f127-d73d-4249-83f8-3bf4845ad160&hp=1048539382&page=zdorovia.com.ua%2F&segments=1%2C489%2C4&ts=638047688911409197&ap=MA%3D%3D&asign=-1272849674&sync=57%2C80%2C3%2C98%2C88%2C96&bt=3&carr=M247+Europe+SRL&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=E4391929-8523-47EC-9B3C-357AB8574452&inst=ADS-EU-6&pxl=0&pvid=079e1eff-d776-4bad-bb1a-14d1b9f95baf&ip=217.138.196.100&item=2AC304DB-8C70-47D9-86D2-B88FCF329D87&crid=2AC304DB-8C70-47D9-86D2-B88FCF329D87&size=300x250&profile=31B0C9C2-24E5-4F12-A50D-F039082E0855&isopt=0&adv=Criteo+RU&dsp=Criteo+DE&dstUrl=http%3A%2F%2F&cet=18&sw=[e=screen.width]&sh=[e=screen.height]
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 23 Nov 2022 02:54:52 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
getuid
ib.adnxs.com/ Frame B535 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&reqId=e6dcd8ce-093b-46e1-4464-c6c2a433e59a&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame B535 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&reqId=e6dcd8ce-093b-46e1-4464-c6c2a433e59a&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:54:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame B535
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
  • https://mwzeom.zeotap.com/mw?cid=aa0c1ee7-0a31-45de-aed6-81240d8b4d73&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&reqId=e6dcd8ce-093b-46e1...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=aa0c1ee7-0a31-45de-aed6-81240d8b4d73&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&reqId=e6dcd8ce-093b-46e1-4464-c6c2a433e59a&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:51 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
76e69f65eb0d730e-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

date
Wed, 23 Nov 2022 02:54:51 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://mwzeom.zeotap.com/mw?cid=aa0c1ee7-0a31-45de-aed6-81240d8b4d73&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&reqId=e6dcd8ce-093b-46e1-4464-c6c2a433e59a&zdid=1361
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
dmp.adform.net/serving/cookie/match/ Frame B535 		0
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&reqId=e6dcd8ce-093b-46e1-4464-c6c2a433e59a&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:54:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame B535 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da62ab6c8-fec4-4a23-5437-6d3421c0e7d2%26reqId%3De6dcd8ce-093b-46e1-4464-c6c2a433e59a%26zdid%3D1361&gdpr=0&gdpr_consent=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 23 Nov 2022 02:54:51 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
cm
trc.taboola.com/sg/zeotap/1/ Frame B535 		0
161 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&reqId=e6dcd8ce-093b-46e1-4464-c6c2a433e59a&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Wed, 23 Nov 2022 02:54:51 GMT
via
1.1 varnish
x-cache-hits
0
server
nginx
x-timer
S1669172092.614096,VS0,VE9
x-cache
MISS
accept-ranges
bytes
content-length
0
x-served-by
cache-lon4245-LON
u
dmp.v.fwmrm.net/ad/ Frame B535 		0
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2607:ae80:128:1::48 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 02:54:51 GMT
Content-Type
text/html
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Keep-Alive
timeout=300
Content-Length
0
Expires
0
mw
mwzeom.zeotap.com/ Frame B535
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&cid=1540EA77-AB19-43EC-AD22-9A8D43F3C8DE&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&reqId=e6dcd8...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&cid=1540EA77-AB19-43EC-AD22-9A8D43F3C8DE&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&reqId=e6dcd8ce-093b-46e1-4464-c6c2a433e59a&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:51 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
76e69f652a70730e-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&cid=1540EA77-AB19-43EC-AD22-9A8D43F3C8DE&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&reqId=e6dcd8ce-093b-46e1-4464-c6c2a433e59a&zdid=1361
date
Wed, 23 Nov 2022 02:54:50 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
mw
mwzeom.zeotap.com/ Frame B535
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&reqId=e6dcd8ce-093b-46e1-4464-c6c2a433e59a&zdid=1361
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&reqId=e6dcd8ce-093b-46e1-4464-c6c2a433e59a&zdid=136...
  • https://mwzeom.zeotap.com/mw?cid=dab3b1b2-2ac2-42a9-a26e-a62a2a3e5af4&zpartnerid=317&gdpr=1&gdpr_consent=
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=dab3b1b2-2ac2-42a9-a26e-a62a2a3e5af4&zpartnerid=317&gdpr=1&gdpr_consent=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:51 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
76e69f66dbd2730e-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=dab3b1b2-2ac2-42a9-a26e-a62a2a3e5af4&zpartnerid=317&gdpr=1&gdpr_consent=
pragma
no-cache
date
Wed, 23 Nov 2022 02:54:51 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
mw
mwzeom.zeotap.com/ Frame B535
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=69322004840513710122150382449058956049&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&reqId=e6dcd8ce-093b-...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=69322004840513710122150382449058956049&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&reqId=e6dcd8ce-093b-46e1-4464-c6c2a433e59a&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:51 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
76e69f65fb1c730e-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

DCS
dcs-prod-irl1-2-v045-08c859e6d.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
qZ0XU838QEw=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://mwzeom.zeotap.com/mw?cid=69322004840513710122150382449058956049&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&reqId=e6dcd8ce-093b-46e1-4464-c6c2a433e59a&zdid=1361
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
loadeu.exelator.com/load/ Frame B535 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&reqId=e6dcd8ce-093b-46e1-4464-c6c2a433e59a&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:51 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
mw
mwzeom.zeotap.com/ Frame B535
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=7169039542254237838&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&reqId=e6dcd8ce-093b-46e1-4464-...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=7169039542254237838&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&reqId=e6dcd8ce-093b-46e1-4464-c6c2a433e59a&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:51 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
76e69f655aa6730e-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=7169039542254237838&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&reqId=e6dcd8ce-093b-46e1-4464-c6c2a433e59a&zdid=1361
Date
Wed, 23 Nov 2022 02:54:51 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
check
pixel.tapad.com/idsync/ex/receive/ Frame B535
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2
95 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H3
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:51 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Wed, 23 Nov 2022 02:54:51 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
mw
mwzeom.zeotap.com/ Frame B535
Redirect Chain
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://mwzeom.zeotap.com/mw?webouuid=B1jQj/7QPowGdWhsIKT5/e&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&reqId=e6dcd8ce-093b-46...
95 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?webouuid=B1jQj/7QPowGdWhsIKT5/e&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&reqId=e6dcd8ce-093b-46e1-4464-c6c2a433e59a&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:52 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
76e69f671bf9730e-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:54:51 GMT
via
1.1 google
last-modified
Wed, 23 Nov 2022 02:54:51 GMT
server
Weborama Collect Frontend
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://mwzeom.zeotap.com/mw?webouuid=B1jQj/7QPowGdWhsIKT5/e&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&reqId=e6dcd8ce-093b-46e1-4464-c6c2a433e59a&zdid=1361
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
mw
mwzeom.zeotap.com/ Frame B535
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D[sas_uid]%26zpartnerid%3D592%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%...
  • https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https://mwzeom.zeotap.com/mw?cid=[sas_uid]&zpartnerid=592&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a62ab6c8-fec4-4a23-5437...
  • https://mwzeom.zeotap.com/mw?cid=
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:52 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
76e69f691d43730e-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=
pragma
no-cache
date
Wed, 23 Nov 2022 02:54:51 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
tpid=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2
bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/ Frame B535 		49 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&reqId=e6dcd8ce-093b-46e1-4464-c6c2a433e59a&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.35.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-35-234.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:54:51 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.21.188
content-length
49
expires
0
mw
mwzeom.zeotap.com/ Frame B535
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP
  • https://mwzeom.zeotap.com/mw?cid=y-Xvo5ZE5E2opGmVCzm4yULYb8eQhL4NvtWA--~A&zpartnerid=570&env=mWeb
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=y-Xvo5ZE5E2opGmVCzm4yULYb8eQhL4NvtWA--~A&zpartnerid=570&env=mWeb
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:52 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
76e69f67dc77730e-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=y-Xvo5ZE5E2opGmVCzm4yULYb8eQhL4NvtWA--~A&zpartnerid=570&env=mWeb
date
Wed, 23 Nov 2022 02:54:52 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
mw
mwzeom.zeotap.com/ Frame B535
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=GBR&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&reqId=e6dcd8ce-093b-46e1-4464-c6c2a433e59a&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=In0q0dN0j7amaDMYkbziUhGD46KFgE7%2F%2BS41iYitP1U%3D
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=In0q0dN0j7amaDMYkbziUhGD46KFgE7%2F%2BS41iYitP1U%3D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:52 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
76e69f672c04730e-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:54:51 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=In0q0dN0j7amaDMYkbziUhGD46KFgE7%2F%2BS41iYitP1U%3D
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires
0
v2
odr.mookie1.com/t/ Frame B535 		43 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&gdpr=0&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&reqId=e6dcd8ce-093b-46e1-4464-c6c2a433e59a&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:54:51 GMT
via
1.1 google
server
Apache
content-type
image/gif;charset=UTF-8
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame B535 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&reqId=e6dcd8ce-093b-46e1-4464-c6c2a433e59a&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.209.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-209-150.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-served-by
beacon-n021-dub-prod.krxd.net
date
Wed, 23 Nov 2022 02:54:51 GMT
cache-control
private, no-cache, no-store
x-request-time
D=35 t=1669172091
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame B535 		95 B
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&reqId=e6dcd8ce-093b-46e1-4464-c6c2a433e59a&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.55.233.29 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.29.233.55.162.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/png
date
Wed, 23 Nov 2022 02:54:51 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
mw
mwzeom.zeotap.com/ Frame B535
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Y32LfAAKFdI0aAA7&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&reqId=e6dcd8ce-093b-46e1-4464-c6c...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Y32LfAAKFdI0aAA7&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&reqId=e6dcd8ce-093b-46e1-4464-c6c2a433e59a&zdid=1361&_test=Y32LfAAKFdI0aAA7
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:52 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
76e69f687ce1730e-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

x-served-by
cache-lcy-eglc8600046-LCY
pragma
no-cache
date
Wed, 23 Nov 2022 02:54:52 GMT
via
1.1 varnish
server
Varnish
x-timer
S1669172092.137971,VS0,VE0
x-cache
HIT
location
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Y32LfAAKFdI0aAA7&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&reqId=e6dcd8ce-093b-46e1-4464-c6c2a433e59a&zdid=1361&_test=Y32LfAAKFdI0aAA7
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
mw
mwzeom.zeotap.com/ Frame B535
Redirect Chain
  • https://engine.widespace.com/map/ext/api/trackingcallback/v1?accessToken=zeotap-user-sync&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&reqId=e6dcd8ce-09...
  • https://mwzeom.zeotap.com/mw?zpartnerid=395&ws_uid=ck.36f07513-a644-4c26-9504-9de2f35fbe24&zdid=1361
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=395&ws_uid=ck.36f07513-a644-4c26-9504-9de2f35fbe24&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:52 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
76e69f67ec7b730e-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:54:52 GMT
via
1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
server
nginx/1.20.1
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront
location
https://mwzeom.zeotap.com/mw?zpartnerid=395&ws_uid=ck.36f07513-a644-4c26-9504-9de2f35fbe24&zdid=1361
cache-control
must-revalidate, no-store, no-cache
content-length
0
x-amz-cf-id
t7iU1K8htE2R1lVu_VnEZRaBAD5A2GqsPIcCIRrqJSJ6rfdfaz2Irg==
expires
-1
usermatch.gif
beacon.krxd.net/ Frame B535
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&reqId=e6dcd8ce-093b-46e1-4464-c6c2a433e59a&zdid=1361
  • https://mwzeom.zeotap.com/mw?zpartnerid=768&cid=PNxge8NR&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&reqId=e6dcd8ce-093b-46e1-4464-c6c2a433e59a&zdid=1361
  • https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
54.229.209.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-209-150.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-served-by
beacon-n013-dub-prod.krxd.net
date
Wed, 23 Nov 2022 02:54:52 GMT
cache-control
private, no-cache, no-store
x-request-time
D=31 t=1669172092
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Wed, 23 Nov 2022 02:54:52 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
text/html; charset=utf-8
location
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
76e69f6a3dec730e-LHR
access-control-allow-headers
*
dcm
aax-eu.amazon-adsystem.com/s/ Frame B535
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a62ab6c8-fec4-4a23-543...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a62ab6c8-fec4-4a23-543...
43 B
568 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&reqId=e6dcd8ce-093b-46e1-4464-c6c2a433e59a&zdid=1361&dcc=t
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Server
54.239.33.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 02:54:52 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
YA5HKDPDY4ZTNCP74576
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 02:54:52 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
WK9PASEVQMXZH19936J2
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&reqId=e6dcd8ce-093b-46e1-4464-c6c2a433e59a&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
87734
tags.bluekai.com/site/ Frame B535 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/87734?id=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&reqId=e6dcd8ce-093b-46e1-4464-c6c2a433e59a&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-219.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:52 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
mw
mwzeom.zeotap.com/ Frame B535
Redirect Chain
  • https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da62ab...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&reqId=e6dcd8ce-093b-46e1-4464-c6c2a433e59a&zdid=1361
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&reqId=e6dcd8ce-093b-46e1-4464-c6c2a433e59a&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:52 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
76e69f684cc7730e-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&reqId=e6dcd8ce-093b-46e1-4464-c6c2a433e59a&zdid=1361
date
Wed, 23 Nov 2022 02:54:52 GMT
cross-origin-resource-policy
cross-origin
content-length
0
token
pixel.rubiconproject.com/ Frame B535 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/token?pid=41544&puid=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&gdpr=0&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&reqId=e6dcd8ce-093b-46e1-4464-c6c2a433e59a&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
mw
mwzeom.zeotap.com/ Frame B535
Redirect Chain
  • https://x.bidswitch.net/syncd?dsp_id=461&user_group=1&expires=5&user_id=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BBSW_UID%7D%26env%3DmWeb%26zpart...
  • https://mwzeom.zeotap.com/mw?cid=9e649be7-33c8-4031-a1f7-94900454b0f2&env=mWeb&zpartnerid=1771&gdpr=1&gdpr_consent={consent_string}&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a62ab6c8-fec...
95 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=9e649be7-33c8-4031-a1f7-94900454b0f2&env=mWeb&zpartnerid=1771&gdpr=1&gdpr_consent={consent_string}&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&reqId=e6dcd8ce-093b-46e1-4464-c6c2a433e59a&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:51 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
76e69f64aa1c730e-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=9e649be7-33c8-4031-a1f7-94900454b0f2&env=mWeb&zpartnerid=1771&gdpr=1&gdpr_consent={consent_string}&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&reqId=e6dcd8ce-093b-46e1-4464-c6c2a433e59a&zdid=1361
date
Wed, 23 Nov 2022 02:54:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
mw
mwzeom.zeotap.com/ Frame B535 		95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1353&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&reqId=e6dcd8ce-093b-46e1-4464-c6c2a433e59a&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:52 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
76e69f677c38730e-LHR
access-control-allow-headers
*
content-length
95
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 787D 		143 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dcc460bac24020747a63b7621ab7b0e94965116029aed92c2f6c6f72c9078349
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:52 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Content-Length
51698
X-XSS-Protection
0
Server
cafe
ETag
13779886968609055589
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=3600
Timing-Allow-Origin
*
Expires
Wed, 23 Nov 2022 02:54:52 GMT
ev_prebid.aspx
ads.go2net.com.ua/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.go2net.com.ua/ev_prebid.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=d364e212501d4e3d804c2267b01abaeb&zone=211243EB-11BA-464C-A0C6-BA847F55B0AD&device=28&rule=323CA158-54EA-47F4-83D3-BA5C22D4CCE1&requestId=5045f127-d73d-4249-83f8-3bf4845ad160&hp=1048539382&page=zdorovia.com.ua%2F&segments=4%2C1%2C489&ts=638047688911409197&ap=MA%3D%3D&asign=-1272849674&sync=57%2C80%2C3%2C98%2C88%2C96&bt=3&carr=M247+Europe+SRL&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=E4391929-8523-47EC-9B3C-357AB8574452&inst=ADS-EU-6&pxl=0&pvid=079e1eff-d776-4bad-bb1a-14d1b9f95baf&ip=217.138.196.100&item=F34E2A12-1873-45CF-A327-13F884B02F8C&crid=F34E2A12-1873-45CF-A327-13F884B02F8C&size=240x350&profile=4C02EB63-7790-4196-82B4-5362F7AB3A87&isopt=0&adv=N%2FA&dsp=Adform&dstUrl=http%3A%2F%2F&cet=18&sw=[e=screen.width]&sh=[e=screen.height]
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 23 Nov 2022 02:54:52 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
ev_view.aspx
ads.go2net.com.ua/ 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.go2net.com.ua/ev_view.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=d364e212501d4e3d804c2267b01abaeb&cet=4&zone=211243EB-11BA-464C-A0C6-BA847F55B0AD&rule=8031EB30-F8BC-4C42-B0CE-47540A4C2D9E&requestId=5045f127-d73d-4249-83f8-3bf4845ad160&hp=1048539382&page=zdorovia.com.ua%2F&pvid=079e1eff-d776-4bad-bb1a-14d1b9f95baf&inst=ADS-EU-6&ts=638047688911409197&sf=0
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:52 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/ Frame 3C9F 		355 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua&bust=31070923
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e413796b28aee3bc574491511981adaeaa6a9eb15b2281d0a8f3b4fc01350d45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:51 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119612
x-xss-protection
0
server
cafe
etag
6508222260637698354
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 23 Nov 2022 02:54:51 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/ Frame 3064 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
51261
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 22 Nov 2022 12:40:30 GMT
etag
10353107486223812946
expires
Tue, 06 Dec 2022 12:40:30 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
c.html
cdn.admixer.net/scripts3/51428/ Frame E2F7 		738 B
428 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/51428/c.html?b=51428
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache
HIT
cache-control
max-age=31622400
content-encoding
gzip
content-type
text/html
date
Wed, 23 Nov 2022 02:54:51 GMT
etag
W/"6375fd72-2e2"
expires
Sat, 18 Nov 2023 09:24:10 GMT
last-modified
Thu, 17 Nov 2022 09:22:58 GMT
server
nginx
vary
Accept-Encoding
x-cached-since
2022-11-17T09:24:10+00:00
x-id
fr5-up-gc8
loader2.js
scripts.go2net.com.ua/scripts3/ 		176 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.go2net.com.ua/scripts3/loader2.js
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
2ad026871c717783703dfef98742b0c66eaa74c431a4b18015d73988a130fee1

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc33
date
Wed, 23 Nov 2022 02:54:51 GMT
content-encoding
gzip
last-modified
Thu, 17 Nov 2022 09:22:42 GMT
server
nginx
etag
W/"6375fd62-2c101"
x-cached-since
2022-11-22T18:19:22+00:00
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=600
cache
HIT
expires
Fri, 18 Nov 2022 18:28:57 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/ Frame 9CD1 		355 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
221812a355ad9cfabb4c40792a5cbfe039935441f0278ec46005abaea2c63b01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:51 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119606
x-xss-protection
0
server
cafe
etag
3260633503096173675
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 23 Nov 2022 02:54:51 GMT
/
onetag-sys.com/usync/ Frame A800 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
/
ads.us.e-planning.net/uspd/1/ Frame D981 		1 KB
872 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.251 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
ads.us.e-plannning.net
Software
openresty /
Resource Hash
c8aaca53e33884fc56290823e191ce81c25c4fff391fc98d023105b5ecdacfe7

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Wed, 23 Nov 2022 02:54:51 GMT
expires
Wed, 23 Nov 2022 02:54:51 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-929
d
ic.tynt.com/r/ Frame 6DFC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
date
Wed, 23 Nov 2022 02:54:52 GMT
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
server
nginx/1.16.1
sync.html
s.console.adtarget.com.tr/ Frame E939 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=755289
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.83.70.2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
7488095254184c79f6f35f2f57dc737d1fb49871bc37b05955f7d9b8aa36fec6

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://s.adtelligent.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
800
Content-Type
text/html; charset=UTF-8
Date
Wed, 23 Nov 2022 02:54:51 GMT
Server
Adtelligent
X-Robots-Tag
noindex
/
csync.loopme.me/ Frame EB1C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.loopme.me/?pubid=11378&gdpr=$0&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bviewer_token%7D
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.214.223.115 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
115.223.214.35.bc.googleusercontent.com
Software
_ /
Resource Hash

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

date
Wed, 23 Nov 2022 02:54:51 GMT
server
_
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C279 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=41970
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Wed, 23 Nov 2022 02:54:51 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Wed, 23 Nov 2022 14:34:21 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync.html
s.adtelligent.com/ Frame 6DA8 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=651796
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.172.58 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
f11a61f03ad744fcf390f6ce8e6963a91574b4fea728283b343a6f8c70a2dffa

Request headers

Referer
https://s.adtelligent.com/sync.html?aid=707176
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://s.adtelligent.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
854
Content-Type
text/html; charset=UTF-8
Date
Wed, 23 Nov 2022 02:54:51 GMT
Server
Adtelligent
X-Robots-Tag
noindex
pixel
ap.lijit.com/ Frame A136 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 23 Nov 2022 02:54:51 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
sync
vid.vidoomy.com/ Frame A136 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid.vidoomy.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D556847%26extuid%3D%7B%7BVID%7D%7D
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
csync
sync.adtelligent.com/ Frame A136
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D&ox_sc=1
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=8e0db42b-48a4-4297-b1d5-34643276e1d1
0
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=8e0db42b-48a4-4297-b1d5-34643276e1d1
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
62.149.1.122 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:51 GMT
Server
Adtelligent
Etag
10aebe5b331045ba
Content-Length
0

Redirect headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:54:51 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
location
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=8e0db42b-48a4-4297-b1d5-34643276e1d1
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
usmsuk6u1dlv4ih3ifv8alhjefd5k54e
csync
sync.adtelligent.com/ Frame A136
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=b396dead-d407-4521-bd1c-20b0ee5894fe
0
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=b396dead-d407-4521-bd1c-20b0ee5894fe
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
62.149.1.122 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:51 GMT
Server
Adtelligent
Etag
10aebe5b331045ba
Content-Length
0

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=b396dead-d407-4521-bd1c-20b0ee5894fe
date
Wed, 23 Nov 2022 02:54:51 GMT
cache-control
no-store no-transform
server
nginx
content-length
166
content-type
text/html; charset=utf-8
csync
sync.adtelligent.com/ Frame A136
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
  • https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=3740268398524048266
0
387 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=3740268398524048266
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
62.149.1.122 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:51 GMT
Server
Adtelligent
Etag
10aebe5b331045ba
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 02:54:51 GMT
AN-X-Request-Uuid
f9e6ad31-c2e9-4630-8c05-be21306aa46e
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=3740268398524048266
Connection
keep-alive
X-Proxy-Origin
217.138.196.100; 217.138.196.100; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
csync
sync.adtelligent.com/ Frame A136
Redirect Chain
  • https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D
  • https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=88369634-aa65-40f3-8724-867f5258950b
0
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=88369634-aa65-40f3-8724-867f5258950b
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
62.149.1.122 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:51 GMT
Server
Adtelligent
Etag
10aebe5b331045ba
Content-Length
0

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=88369634-aa65-40f3-8724-867f5258950b
access-control-allow-origin
*
date
Wed, 23 Nov 2022 02:54:51 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
csync
sync.adtelligent.com/ Frame A136
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=3740268398524048266
0
387 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=3740268398524048266
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
62.149.1.122 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:51 GMT
Server
Adtelligent
Etag
10aebe5b331045ba
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 02:54:51 GMT
AN-X-Request-Uuid
f8cd3661-5558-43d5-a8ee-99c62e9ef3fa
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=3740268398524048266
Connection
keep-alive
X-Proxy-Origin
217.138.196.100; 217.138.196.100; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame A136
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent&zcc=1&cb=1669172091814
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2655457274
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2655457274
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 23 Nov 2022 02:54:52 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:54:51 GMT
etag
RXbf471198dec9463f89a0347329157e9e003
content-type
text/html
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2655457274
cache-control
no-store, no-cache, must-revalidate
expires
0
csync
sync.adtelligent.com/ Frame A136
Redirect Chain
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D537e6283-e085-4397-a301-d96a66c270aa%26redir%3D1
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=537e6283-e085-4397-a301-d96a66c270aa&redir=1
  • https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=d364e212501d4e3d804c2267b01abaeb
0
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=d364e212501d4e3d804c2267b01abaeb
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
62.149.1.122 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:51 GMT
Server
Adtelligent
Etag
10aebe5b331045ba
Content-Length
0

Redirect headers

Date
Wed, 23 Nov 2022 02:54:52 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Location
https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=d364e212501d4e3d804c2267b01abaeb
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
0
X-Xss-Protection
0
dsp.aspx
ads.go2net.com.ua/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.go2net.com.ua/dsp.aspx?sender=go2net&rct=4&v=2.0&rnd=4169434862177101.5&cpv=8f19ecb3-5368-39c6-50e3-a71978a364f6&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%22ec7fc08b-19a8-6946-195d-61d97cf2b8f8%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fzdorovia.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2255c0c460-3eea-aa2f-452a-965c595cbc45%22%2C%22tagid%22%3A%22ed2476d6-dc6a-46b4-b1f9-1613392c7015%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_async_793069447%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22sender%22%3A%22go2net%22%2C%22responseType%22%3Anull%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
66af72ac1444896ce2702d7c4234d363c53a7194b53de5e762a202ae900bb038
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:52 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
2070
X-Xss-Protection
0
usync.js
eus.rubiconproject.com/ Frame 0085 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
72d15234d6dde5fbdb7b89852408b3223101eff94b68d8d8eae1616290d2418f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:51 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 Nov 2022 20:06:56 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=61937
Connection
keep-alive
Content-Length
10066
Expires
Wed, 23 Nov 2022 20:07:08 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 3C9F 		397 B
698 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=zdorovia.com.ua&callback=_gfp_s_&client=ca-pub-4577254435597104&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua&bust=31070923
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0026543d44ddf1980bebbafaef0fe9e3af71abd168ac6307647f2677d805678d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
253
x-xss-protection
0
integrator.js
adservice.google.co.uk/adsid/ Frame 3C9F 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=zdorovia.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua&bust=31070923
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 3C9F 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=zdorovia.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua&bust=31070923
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame ADBF 		30 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417939&pi=t.ma~as.7553037928&w=728&lmt=1669172091&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1669172091570&bpp=7&bdt=106&idt=190&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&correlator=4639092018766&frm=23&ife=5&pv=2&ga_vid=1022265231.1669172090&ga_sid=1669172090&ga_hid=52432709&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531705%2C31070923&oid=2&pvsid=417168342558042&tmod=1518457775&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.f1jdbaqguy4t&fsb=1&dtd=214
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua&bust=31070923
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78402b5c67996f9578809ef785810366f4da8c213b7bde00fc305a6ba68d416f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
12940
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 02:54:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 3C9F 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua&bust=31070923
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bd6940b01e8f16e98a67c6bee5e18114ea82e5405718d3d74ebec84551afcb12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:51 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10992
x-xss-protection
0
ptag
a.audrte.com/ Frame D981 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.183.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-183-146.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
e4c87115834c3f04ac6e40927af4b0bcf6b839058344964a2eba9c787360ebc6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:51 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1649
lotame20220615.js
s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/ Frame D981 		566 B
520 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.250 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:51 GMT
content-encoding
gzip
last-modified
Wed, 15 Jun 2022 16:21:31 GMT
server
openresty
etag
W/"62aa070b-236"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Mon, 22 Nov 2027 02:54:51 GMT
um
u-ams03.e-planning.net/ Frame D981
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3Db2fa57c77b829b93%26uid%3D%24UID
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=b2fa57c77b829b93&uid=3740268398524048266
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=b2fa57c77b829b93&uid=3740268398524048266
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
185.172.90.252 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

server
openresty
date
Wed, 23 Nov 2022 02:54:52 GMT
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 02:54:51 GMT
AN-X-Request-Uuid
b9187e72-c7cd-4ca1-a413-3340105efead
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=b2fa57c77b829b93&uid=3740268398524048266
Connection
keep-alive
X-Proxy-Origin
217.138.196.100; 217.138.196.100; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dtscout20220831.js
s.e-planning.net/esb/4/0/1992d/1cb3be2948515989/ Frame D981 		478 B
514 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/1cb3be2948515989/dtscout20220831.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.250 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
bc9316039e195480aa7580b1acd1619b0d1290c164abcd64ce536f15a32f0996

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:51 GMT
content-encoding
gzip
last-modified
Wed, 31 Aug 2022 19:37:37 GMT
server
openresty
etag
W/"630fb881-1de"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Mon, 22 Nov 2027 02:54:51 GMT
usync.html
eus.rubiconproject.com/ Frame 6F06
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_eu&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 23 Nov 2022 02:54:51 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 23 Nov 2022 02:54:51 GMT
location
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
server
AkamaiGHost
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame D84D 		1 KB
1011 B 		Document
General
Check archive.org
Download Go to
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Lovettsville, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=157680000
cf4age
0
cf4ttl
157680000.000
content-encoding
gzip
content-length
624
content-type
text/html
date
Wed, 23 Nov 2022 02:54:51 GMT
etag
W/"61ddbb71-5f5"
expires
Tue, 09 Nov 2027 12:27:06 GMT
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
server
CFS 0215
x-cf-rand
21.090
x-cf-reqid
61e5b990aabe547392ca731089b3922b
x-cf-tsc
1668083227
x-cf1
29080:fC.waw1:co:1585621119:cacheN.waw1-01:H
x-cf2
H
x-cf3
M
x-cff
B
/
spl.zeotap.com/ Frame 4E68 		552 B
743 B 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c00acd1fc5308370f9b4774559fabfa6a6ab8cbb20977775b9c8ef82a2d87f3

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
cf-cache-status
DYNAMIC
cf-ray
76e69f660b26730e-LHR
content-encoding
br
content-type
text/html
date
Wed, 23 Nov 2022 02:54:51 GMT
server
cloudflare
vary
Origin
via
1.1 google
/
onetag-sys.com/usync/ Frame 5E78 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=75a1922f904cc20
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C241 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=41970
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Wed, 23 Nov 2022 02:54:51 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Wed, 23 Nov 2022 14:34:21 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync.php
pixel.rubiconproject.com/exchange/ Frame 6DA8 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=17184-d&gdpr=0&gdpr_consent={gdpr_onsent}&us_privacy=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
csync
sync.adtelligent.com/ Frame 6DA8 		43 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?redir=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.1.122 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:51 GMT
Server
Adtelligent
Etag
10aebe5b331045ba
Content-Length
43
Content-Type
image/gif
khaos.jpg
token.rubiconproject.com/ Frame 0085 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cookie.js
partner.googleadservices.com/gampad/ Frame 9CD1 		397 B
325 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=zdorovia.com.ua&callback=_gfp_s_&client=ca-pub-4577254435597104&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
77305f658ab5c2aa938f50f54169181315668de2fb1494698573db1c7e30caca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
256
x-xss-protection
0
integrator.js
adservice.google.co.uk/adsid/ Frame 9CD1 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=zdorovia.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 9CD1 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=zdorovia.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame AAFE 		139 KB
45 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417948&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1669172091&rafmt=1&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1669172091668&bpp=5&bdt=190&idt=191&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&correlator=4639092018766&frm=23&ife=5&pv=1&ga_vid=1022265231.1669172090&ga_sid=1669172090&ga_hid=927732058&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44768832%2C44773614%2C44779076&oid=2&pvsid=1045003748251155&tmod=523807073&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.maxf71wxo28k&fsb=1&dtd=217
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
20bef4dcdad4a8b5b396910455695581c6abaa15d2a57c6fc0fe8c003621a33d
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/871407110805838366/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/871407110805838366/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMHl7symw_sCFZWFgwcdIXMBoQ&gqi=e4t9Y6vpN_C79u8P4_mq8A4&layout=/sadbundle/%24csp%253Der3%24/871407110805838366/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46359
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/871407110805838366/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/871407110805838366/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMHl7symw_sCFZWFgwcdIXMBoQ&gqi=e4t9Y6vpN_C79u8P4_mq8A4&layout=/sadbundle/%24csp%253Der3%24/871407110805838366/index.html
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 02:54:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 9CD1 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c8c4b37f1b71adfb6ac9540af3d5e8a896b78e182de8533ec375fbb121769729
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:51 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11175
x-xss-protection
0
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 63E7 		2 KB
818 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_2&adk=1974494150&adf=162286153&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_92005143690506380%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252Ff6294f0f-e729-4bdc-b28f-761c055acf36%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjY5MTcyMDkwLCJzaG93X2lkIjoiZjYyOTRmMGYtZTcyOS00YmRjLWIyOGYtNzYxYzA1NWFjZjM2IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYjM5NmRlYWQtZDQwNy00NTIxLWJkMWMtMjBiMGVlNTg5NGZlIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D676d187b190c7157f4c37b8beb6ce1b1&wgl=1&dt=1669172091096&bpp=2&bdt=216&idt=306&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&prev_slotnames=zdorovia.com.ua_160x600_br_1&correlator=2517354019158&frm=22&ife=1&pv=1&ga_vid=1951171059.1669172091&ga_sid=1669172091&ga_hid=1374441472&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=827021184&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44773809%2C42531705%2C44777506%2C44777948&oid=2&pvsid=1336550878665547&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.5xw6kjwz6amw&fsb=1&xpc=i7NWMsWpiw&p=https%3A//file.adpartner.pro&dtd=312
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 10:41:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
58406
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Dec 2022 10:41:26 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 63E7 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_2&adk=1974494150&adf=162286153&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_92005143690506380%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252Ff6294f0f-e729-4bdc-b28f-761c055acf36%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjY5MTcyMDkwLCJzaG93X2lkIjoiZjYyOTRmMGYtZTcyOS00YmRjLWIyOGYtNzYxYzA1NWFjZjM2IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYjM5NmRlYWQtZDQwNy00NTIxLWJkMWMtMjBiMGVlNTg5NGZlIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D676d187b190c7157f4c37b8beb6ce1b1&wgl=1&dt=1669172091096&bpp=2&bdt=216&idt=306&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&prev_slotnames=zdorovia.com.ua_160x600_br_1&correlator=2517354019158&frm=22&ife=1&pv=1&ga_vid=1951171059.1669172091&ga_sid=1669172091&ga_hid=1374441472&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=827021184&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44773809%2C42531705%2C44777506%2C44777948&oid=2&pvsid=1336550878665547&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.5xw6kjwz6amw&fsb=1&xpc=i7NWMsWpiw&p=https%3A//file.adpartner.pro&dtd=312
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 10:41:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
58406
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9428
x-xss-protection
0
server
cafe
etag
246362764157784863
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Dec 2022 10:41:26 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 63E7 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_2&adk=1974494150&adf=162286153&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_92005143690506380%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252Ff6294f0f-e729-4bdc-b28f-761c055acf36%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjY5MTcyMDkwLCJzaG93X2lkIjoiZjYyOTRmMGYtZTcyOS00YmRjLWIyOGYtNzYxYzA1NWFjZjM2IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYjM5NmRlYWQtZDQwNy00NTIxLWJkMWMtMjBiMGVlNTg5NGZlIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D676d187b190c7157f4c37b8beb6ce1b1&wgl=1&dt=1669172091096&bpp=2&bdt=216&idt=306&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&prev_slotnames=zdorovia.com.ua_160x600_br_1&correlator=2517354019158&frm=22&ife=1&pv=1&ga_vid=1951171059.1669172091&ga_sid=1669172091&ga_hid=1374441472&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=827021184&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44773809%2C42531705%2C44777506%2C44777948&oid=2&pvsid=1336550878665547&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.5xw6kjwz6amw&fsb=1&xpc=i7NWMsWpiw&p=https%3A//file.adpartner.pro&dtd=312
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 21:35:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
19182
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Dec 2022 21:35:10 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 63E7 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_2&adk=1974494150&adf=162286153&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_92005143690506380%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252Ff6294f0f-e729-4bdc-b28f-761c055acf36%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjY5MTcyMDkwLCJzaG93X2lkIjoiZjYyOTRmMGYtZTcyOS00YmRjLWIyOGYtNzYxYzA1NWFjZjM2IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYjM5NmRlYWQtZDQwNy00NTIxLWJkMWMtMjBiMGVlNTg5NGZlIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D676d187b190c7157f4c37b8beb6ce1b1&wgl=1&dt=1669172091096&bpp=2&bdt=216&idt=306&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&prev_slotnames=zdorovia.com.ua_160x600_br_1&correlator=2517354019158&frm=22&ife=1&pv=1&ga_vid=1951171059.1669172091&ga_sid=1669172091&ga_hid=1374441472&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=827021184&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44773809%2C42531705%2C44777506%2C44777948&oid=2&pvsid=1336550878665547&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.5xw6kjwz6amw&fsb=1&xpc=i7NWMsWpiw&p=https%3A//file.adpartner.pro&dtd=312
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 10:41:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
58405
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Dec 2022 10:41:27 GMT
l
www.google.com/ads/measurement/ Frame 63E7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQN_lpSvZ064wKchy8X_OqKgWaHbNcONA8cF9iuqAfO1gdV1o2r55qBj5FqOsNKHXV6nWNeA43wkRil2xO7y0KtZnzJGA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_2&adk=1974494150&adf=162286153&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_92005143690506380%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252Ff6294f0f-e729-4bdc-b28f-761c055acf36%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjY5MTcyMDkwLCJzaG93X2lkIjoiZjYyOTRmMGYtZTcyOS00YmRjLWIyOGYtNzYxYzA1NWFjZjM2IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYjM5NmRlYWQtZDQwNy00NTIxLWJkMWMtMjBiMGVlNTg5NGZlIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D676d187b190c7157f4c37b8beb6ce1b1&wgl=1&dt=1669172091096&bpp=2&bdt=216&idt=306&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&prev_slotnames=zdorovia.com.ua_160x600_br_1&correlator=2517354019158&frm=22&ife=1&pv=1&ga_vid=1951171059.1669172091&ga_sid=1669172091&ga_hid=1374441472&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=827021184&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44773809%2C42531705%2C44777506%2C44777948&oid=2&pvsid=1336550878665547&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.5xw6kjwz6amw&fsb=1&xpc=i7NWMsWpiw&p=https%3A//file.adpartner.pro&dtd=312
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 63E7 		154 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_2&adk=1974494150&adf=162286153&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_92005143690506380%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252Ff6294f0f-e729-4bdc-b28f-761c055acf36%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjY5MTcyMDkwLCJzaG93X2lkIjoiZjYyOTRmMGYtZTcyOS00YmRjLWIyOGYtNzYxYzA1NWFjZjM2IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYjM5NmRlYWQtZDQwNy00NTIxLWJkMWMtMjBiMGVlNTg5NGZlIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D676d187b190c7157f4c37b8beb6ce1b1&wgl=1&dt=1669172091096&bpp=2&bdt=216&idt=306&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&prev_slotnames=zdorovia.com.ua_160x600_br_1&correlator=2517354019158&frm=22&ife=1&pv=1&ga_vid=1951171059.1669172091&ga_sid=1669172091&ga_hid=1374441472&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=827021184&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44773809%2C42531705%2C44777506%2C44777948&oid=2&pvsid=1336550878665547&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.5xw6kjwz6amw&fsb=1&xpc=i7NWMsWpiw&p=https%3A//file.adpartner.pro&dtd=312
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 23 Nov 2022 02:54:52 GMT
f7733d2b54a65c984752ab0a98c7def9.js
www.gstatic.com/mysidia/ Frame 63E7 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f7733d2b54a65c984752ab0a98c7def9.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_2&adk=1974494150&adf=162286153&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_92005143690506380%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252Ff6294f0f-e729-4bdc-b28f-761c055acf36%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjY5MTcyMDkwLCJzaG93X2lkIjoiZjYyOTRmMGYtZTcyOS00YmRjLWIyOGYtNzYxYzA1NWFjZjM2IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYjM5NmRlYWQtZDQwNy00NTIxLWJkMWMtMjBiMGVlNTg5NGZlIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D676d187b190c7157f4c37b8beb6ce1b1&wgl=1&dt=1669172091096&bpp=2&bdt=216&idt=306&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&prev_slotnames=zdorovia.com.ua_160x600_br_1&correlator=2517354019158&frm=22&ife=1&pv=1&ga_vid=1951171059.1669172091&ga_sid=1669172091&ga_hid=1374441472&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=827021184&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44773809%2C42531705%2C44777506%2C44777948&oid=2&pvsid=1336550878665547&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.5xw6kjwz6amw&fsb=1&xpc=i7NWMsWpiw&p=https%3A//file.adpartner.pro&dtd=312
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 11:55:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
53977
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14118
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 13:59:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 20 Feb 2023 11:55:15 GMT
c.html
cdn.admixer.net/scripts3/51428/ Frame 5E89 		738 B
428 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/51428/c.html?b=51428
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache
HIT
cache-control
max-age=31622400
content-encoding
gzip
content-type
text/html
date
Wed, 23 Nov 2022 02:54:52 GMT
etag
W/"6375fd72-2e2"
expires
Sat, 18 Nov 2023 09:24:10 GMT
last-modified
Thu, 17 Nov 2022 09:22:58 GMT
server
nginx
vary
Accept-Encoding
x-cached-since
2022-11-17T09:24:10+00:00
x-id
fr5-up-gc8
mw
mwzeom.zeotap.com/ Frame 4E68
Redirect Chain
  • https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da62ab...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&reqId=f1791c92-fe18-4844-6685-fae335a700bc&zdid=1361
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&reqId=f1791c92-fe18-4844-6685-fae335a700bc&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:52 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
76e69f684cc5730e-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&reqId=f1791c92-fe18-4844-6685-fae335a700bc&zdid=1361
date
Wed, 23 Nov 2022 02:54:52 GMT
cross-origin-resource-policy
cross-origin
content-length
0
mw
mwzeom.zeotap.com/ Frame 4E68 		95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1353&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&reqId=f1791c92-fe18-4844-6685-fae335a700bc&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:51 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
76e69f66dbd1730e-LHR
access-control-allow-headers
*
content-length
95
lt.min.js
tags.crwdcntrl.net/lt/c/15238/ Frame 71C7 		52 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-97.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6a3d04874e62000c66bf4ca845fbde04ecb011a85bb4cb54f0cdf5598529709a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 19:00:22 GMT
content-encoding
gzip
via
1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront)
last-modified
Mon, 21 Nov 2022 18:31:37 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
28471
x-amz-server-side-encryption
AES256
etag
W/"b3509b007a9d747642c6a762ce4aed79"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age: 86400
x-amz-cf-id
FTF4dI9m6yTaOn0X9wwPZiHjLZ3d1Mh4ZGUPiy77g98CA_8EgSE0qA==
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame BE63 		636 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.250 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=157680000
content-encoding
gzip
content-type
text/html
date
Wed, 23 Nov 2022 02:54:52 GMT
etag
W/"601b131c-27c"
expires
Mon, 22 Nov 2027 02:54:52 GMT
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
server
openresty
sync
vid.vidoomy.com/ Frame 1D0D 		49 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vid.vidoomy.com/sync?gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D3ab023ac29ea5990%26fi%3Db2fa57c77b829b93%26uid%3D%7B%7BVID%7D%7D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
acff2f7ced83945dfb1b2227c926ec6a29d4c9ef436b6cd78a0d0d7447286a09

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
br
content-type
text/html
date
Wed, 23 Nov 2022 02:54:52 GMT
etag
W/"61c991db-c5bc"
last-modified
Mon, 27 Dec 2021 10:13:47 GMT
server
CDN77-Turbo
x-77-cache
MISS
x-77-nzt
Abk73BAHWKih
x-77-nzt-ray
908339306af5b9947c8b7d6310ea8500
x-77-pop
frankfurtDE
x-accel-expires
@1670208892
x-cache
MISS
adxcm.aspx
inv-nets.admixer.net/ Frame BD80 		43 B
463 B 		Document
General
Check archive.org
Download Go to
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=D56DC09D-C39C-4BD6-BD73-03CAB4DA9C50&id=ADAxld9Q1WPJ3fmG
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 23 Nov 2022 02:54:52 GMT
Keep-Alive
timeout=25
P3p
CP="NID DSP ALL COR"
Server
nginx
X-Xss-Protection
0
usync.js
eus.rubiconproject.com/ Frame 6F06 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
72d15234d6dde5fbdb7b89852408b3223101eff94b68d8d8eae1616290d2418f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:52 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 Nov 2022 20:06:56 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=61936
Connection
keep-alive
Content-Length
10066
Expires
Wed, 23 Nov 2022 20:07:08 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 3C9F 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua&bust=31070923
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 23 Nov 2022 02:54:52 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame C279 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=21961906&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr={gdpr]&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
1633363f53f8462023366ad43d16ea13269168a1d8622eba216e287527f45bee

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Wed, 23 Nov 2022 02:54:51 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 9CD1 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 23 Nov 2022 02:54:52 GMT
csync
sync.console.adtarget.com.tr/ Frame B2F4
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=admatic
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=wTexWmdAG4YFBWa8Ajjx&pi=admatic
0
404 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=wTexWmdAG4YFBWa8Ajjx&pi=admatic
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.1.122 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
0
Date
Wed, 23 Nov 2022 02:54:51 GMT
Etag
f88ebb0c6ebd2ec3
Server
Adtelligent

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Wed, 23 Nov 2022 02:54:52 GMT Wed, 23 Nov 2022 02:54:52 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=wTexWmdAG4YFBWa8Ajjx&pi=admatic
pragma
no-cache
csync
sync.console.adtarget.com.tr/ Frame 4E7A 		0
390 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=738101&extuid=${UID}
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.1.122 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
0
Date
Wed, 23 Nov 2022 02:54:51 GMT
Etag
f88ebb0c6ebd2ec3
Server
Adtelligent
csync
sync.console.adtarget.com.tr/ Frame 6958 		0
390 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307565&extuid=${UID}
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.1.122 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
0
Date
Wed, 23 Nov 2022 02:54:51 GMT
Etag
f88ebb0c6ebd2ec3
Server
Adtelligent
csync
sync.console.adtarget.com.tr/ Frame 3A03
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=8510913750865436768
0
403 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=8510913750865436768
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.1.122 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
0
Date
Wed, 23 Nov 2022 02:54:51 GMT
Etag
f88ebb0c6ebd2ec3
Server
Adtelligent

Redirect headers

content-length
0
content-type
text/plain
date
Wed, 23 Nov 2022 02:54:52 GMT
location
https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=8510913750865436768
server
nginx
csync
sync.adtelligent.com/ Frame E939
Redirect Chain
  • https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D
  • https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=f88ebb0c6ebd2ec3
0
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=f88ebb0c6ebd2ec3
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
HTTP/1.1
Server
62.149.1.122 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.console.adtarget.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:51 GMT
Server
Adtelligent
Etag
10aebe5b331045ba
Content-Length
0

Redirect headers

Location
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=f88ebb0c6ebd2ec3
Date
Wed, 23 Nov 2022 02:54:51 GMT
Server
Adtelligent
Etag
f88ebb0c6ebd2ec3
Content-Length
0
lt.min.js
tags.crwdcntrl.net/lt/c/15238/ Frame D981 		52 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-97.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6a3d04874e62000c66bf4ca845fbde04ecb011a85bb4cb54f0cdf5598529709a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 19:00:22 GMT
content-encoding
gzip
via
1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront)
last-modified
Mon, 21 Nov 2022 18:31:37 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
28471
x-amz-server-side-encryption
AES256
etag
W/"b3509b007a9d747642c6a762ce4aed79"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age: 86400
x-amz-cf-id
f0TRhRAAQa05hGK9ur9OGztKlqEHlRT-ujq93t1ABUvzJojhDhzuHQ==
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame 3926 		636 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.250 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=157680000
content-encoding
gzip
content-type
text/html
date
Wed, 23 Nov 2022 02:54:52 GMT
etag
W/"601b131c-27c"
expires
Mon, 22 Nov 2027 02:54:52 GMT
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
server
openresty
sync
vid.vidoomy.com/ Frame 5B93 		49 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vid.vidoomy.com/sync?gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D3ab023ac29ea5990%26fi%3Db2fa57c77b829b93%26uid%3D%7B%7BVID%7D%7D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
acff2f7ced83945dfb1b2227c926ec6a29d4c9ef436b6cd78a0d0d7447286a09

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
br
content-type
text/html
date
Wed, 23 Nov 2022 02:54:52 GMT
etag
W/"61c991db-c5bc"
last-modified
Mon, 27 Dec 2021 10:13:47 GMT
server
CDN77-Turbo
x-77-cache
MISS
x-77-nzt
Abk73BCynOjB
x-77-nzt-ray
908339306af5b9947c8b7d63bb78b207
x-77-pop
frankfurtDE
x-accel-expires
@1670208892
x-cache
MISS
csync
sync.adtelligent.com/ Frame 9575 		0
384 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=ADAxld9Q1WPJ3fmG
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.1.122 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
0
Date
Wed, 23 Nov 2022 02:54:51 GMT
Etag
10aebe5b331045ba
Server
Adtelligent
GS.d
js.cookieless-data.com/ Frame BE63 		0
535 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1669172092107
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.83.160.162 Mairieux, France, ASN12876 (Online SAS, FR),
Reverse DNS
212-83-160-162.rev.poneytelecom.eu
Software
nginx/1.20.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 02:54:52 GMT
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
Server
nginx/1.20.2
P3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-Xss-Protection
0
Expires
Tue, 01 Jan 2000 00:00:00 GMT
media.min.js
a4p.adpartner.pro/apstc/ Frame 01CC 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/apstc/media.min.js?v=1.1.428
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
71849c671a5e607e906ff0d436236bdf6b14950397ad37e5daf0540eb9c84f58

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:52 GMT
cache-control
no-store no-transform
content-encoding
br
last-modified
Thu, 17 Nov 2022 09:59:21 GMT
server
nginx
etag
W/"637605f9-3ac0"
content-type
application/javascript
tt
a4p.adpartner.pro/ Frame 42F7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=2&session_id=d983296b-ba03-4194-a396-ebfa56b4b876&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F&referer=http%3A%2F%2Fzdorovia.com.ua%2F
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store no-transform
date
Wed, 23 Nov 2022 02:54:53 GMT
server
nginx
ls
a4p.adpartner.pro/media/ Frame 3BE4 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/media/ls?mediaunit=7434&apuid=b396dead-d407-4521-bd1c-20b0ee5894fe&session_pageview=2&session_id=d983296b-ba03-4194-a396-ebfa56b4b876&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
768a5e633568495ef3dadd6942b13471de2d77b42362d0d249b2f0b77f88026f

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store no-transform
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 23 Nov 2022 02:54:52 GMT
server
nginx
khaos.jpg
token.rubiconproject.com/ Frame 6F06 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
match
c1.adform.net/serving/cookie/ Frame 6282 		35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=1540EA77-AB19-43EC-AD22-9A8D43F3C8DE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Wed, 23 Nov 2022 02:54:52 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
cs
cs.yellowblue.io/ Frame 0E56
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:36e6637d-8b7c-4200-b477-a05274394952&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11576&id=d364e212501d4e3d804c2267b01abaeb
0
280 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.yellowblue.io/cs?aid=11576&id=d364e212501d4e3d804c2267b01abaeb
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.23.180.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-23-180-179.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://ads.pubmatic.com/
content-length
0
content-type
application/javascript
date
Wed, 23 Nov 2022 02:54:52 GMT

Redirect headers

content-length
100
content-type
text/html; charset=utf-8
date
Wed, 23 Nov 2022 02:54:52 GMT
location
https://cs.yellowblue.io/cs?aid=11576&id=d364e212501d4e3d804c2267b01abaeb
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cs
cs.yellowblue.io/ Frame 1F55
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7141305549775566278
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11576&id=d364e212501d4e3d804c2267b01abaeb
0
280 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.yellowblue.io/cs?aid=11576&id=d364e212501d4e3d804c2267b01abaeb
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.23.180.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-23-180-179.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://ads.pubmatic.com/
content-length
0
content-type
application/javascript
date
Wed, 23 Nov 2022 02:54:52 GMT

Redirect headers

content-length
100
content-type
text/html; charset=utf-8
date
Wed, 23 Nov 2022 02:54:52 GMT
location
https://cs.yellowblue.io/cs?aid=11576&id=d364e212501d4e3d804c2267b01abaeb
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usersync.aspx
dis.criteo.com/dis/ Frame EBEB 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 02:54:51 GMT
expires
Wed, 23 Nov 2022 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
440570
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 5BA6
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=1540EA77-AB19-43EC-AD22-9A8D43F3C8DE&redir=true&gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=1540EA77-AB19-43EC-AD22-9A8D43F3C8DE&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=1540EA77-AB19-43EC-AD22-9A8D43F3C8DE&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.239.33.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 23 Nov 2022 02:54:52 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
WWE62G6K9MQMGBR0KC1V

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Wed, 23 Nov 2022 02:54:52 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=1540EA77-AB19-43EC-AD22-9A8D43F3C8DE&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
JS8YG5P4ACN06RQXJJJH
Pug
simage2.pubmatic.com/AdServer/ Frame 88B7
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3740268398524048266&gdpr=0&gdpr_consent=
42 B
447 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3740268398524048266&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 23 Nov 2022 02:54:51 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
6fea2643-1e3e-416e-bb77-d326782cdf40
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Wed, 23 Nov 2022 02:54:52 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3740268398524048266&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
217.138.196.100; 217.138.196.100; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
1540EA77-AB19-43EC-AD22-9A8D43F3C8DE
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 6BE4
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=rUDV3qMR1dm2R9qDq0DPg_lC19y2EdrZrhIHq_5n
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://pr-bh.ybp.yahoo.com/sync/pubmatic/1540EA77-AB19-43EC-AD22-9A8D43F3C8DE?gdpr=0&gdpr_consent=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/1540EA77-AB19-43EC-AD22-9A8D43F3C8DE?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:2c64:3412:9e4:7e3a Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
0
content-length
43
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
content-type
image/gif
date
Wed, 23 Nov 2022 02:54:52 GMT
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
referrer-policy
strict-origin-when-cross-origin
server
ATS
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-frame-options
DENY

Redirect headers

content-length
126
content-type
text/html; charset=utf-8
date
Wed, 23 Nov 2022 02:54:51 GMT
location
https://pr-bh.ybp.yahoo.com/sync/pubmatic/1540EA77-AB19-43EC-AD22-9A8D43F3C8DE?gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
csync
sync.adtelligent.com/ Frame 1843 		0
404 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=558003&extuid=1540EA77-AB19-43EC-AD22-9A8D43F3C8DE
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.1.122 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
0
Date
Wed, 23 Nov 2022 02:54:51 GMT
Etag
10aebe5b331045ba
Server
Adtelligent
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C279
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FUDqd6sZQ-ytIpqNQ_PI3g%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:52 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=41969
accept-ranges
bytes
content-length
5549
expires
Wed, 23 Nov 2022 14:34:21 GMT

Redirect headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:54:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame C279
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=9cce637d-8b7c-4800-ae67-3b9c2047dcda
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=9cce637d-8b7c-4800-ae67-3b9c2047dcda
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:51 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Wed, 23 Nov 2022 02:54:52 GMT
Server
MT3 169 32252b7 master cdg-pixel-x35 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=9cce637d-8b7c-4800-ae67-3b9c2047dcda
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 23 Nov 2022 02:54:51 GMT
/
spl.zeotap.com/ Frame C279
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=1540EA77-AB19-43EC-AD22-9A8D43F3C8DE&gdpr=0&gdpr_consent=
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=01a4233b05c4fe2e1b237b7eab4f6afa&gdpr=0
  • https://spl.zeotap.com/?zdid=1332&zcluid=d3ac1de4f69aa85b
95 B
593 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://spl.zeotap.com/?zdid=1332&zcluid=d3ac1de4f69aa85b
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:53 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
76e69f6f1937730e-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://spl.zeotap.com?zdid=1332&zcluid=d3ac1de4f69aa85b
content-length
0
SPug
image4.pubmatic.com/AdServer/ Frame C279
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFdZnj6DEk_DXw2CJZHfttM&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=1540EA77-AB19-43EC-AD22-9A8D43F3C8DE&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-uTkJ1TtE2uVfGsOPt8yrIPNJvntLNXc-~A&gdpr=0&gdpr_consent=
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-uTkJ1TtE2uVfGsOPt8yrIPNJvntLNXc-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:51 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-uTkJ1TtE2uVfGsOPt8yrIPNJvntLNXc-~A&gdpr=0&gdpr_consent=
date
Wed, 23 Nov 2022 02:54:52 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pubmatic
um.simpli.fi/ Frame C279 		43 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.62.91.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:52 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Tue, 22 Nov 2022 02:54:52 GMT
current
pubmatic-match.dotomi.com/match/bounce/ Frame C279
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8510913750865436768
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=1540EA77-AB19-43EC-AD22-9A8D43F3C8DE&gdpr=0&gdpr_consent=
0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=1540EA77-AB19-43EC-AD22-9A8D43F3C8DE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Server
2a02:fa8:8806:12::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:54:52 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0

Redirect headers

location
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=1540EA77-AB19-43EC-AD22-9A8D43F3C8DE&gdpr=0&gdpr_consent=
date
Wed, 23 Nov 2022 02:54:52 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
182
content-type
text/html; charset=utf-8
generic
match.adsrvr.org/track/cmf/ Frame C279 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 23 Nov 2022 02:54:52 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
media
a4p.adpartner.pro/ Frame 7C46
Redirect Chain
  • http://a4p.adpartner.pro/media?site_id=444&unit_id=7434
  • https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
82f3fa7c45c7a92732a70cd7185c1a439b0cf6c61119a1323bacb651b1d35301

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:52 GMT
cache-control
no-store no-transform
content-encoding
br
server
nginx
content-type
text/html; charset=utf-8

Redirect headers

Location
https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Date
Wed, 23 Nov 2022 02:54:52 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=20
Content-Length
162
Content-Type
text/html
cm-notify
creativecdn.com/ 		42 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creativecdn.com/cm-notify?pi=admixer
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 23 Nov 2022 02:54:52 GMT, Wed, 23 Nov 2022 02:54:52 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
42
expires
Thu, 01 Jan 1970 00:00:00 GMT
setuid
ib.adnxs.com/ 		43 B
776 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=533&code=d364e212501d4e3d804c2267b01abaeb
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 02:54:52 GMT
AN-X-Request-Uuid
82688aca-4d73-4170-acde-1dd5ffa53063
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.138.196.100; 217.138.196.100; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
32f540592c6f5d89e450bc780e487e2a.gif
cs.mobfox.com/ 		42 B
510 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.mobfox.com/32f540592c6f5d89e450bc780e487e2a.gif?puid=d364e212501d4e3d804c2267b01abaeb&redir=[RED]
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.2.110.206 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 02:54:52 GMT
Server
nginx/1.20.1
Transfer-Encoding
chunked
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
sync
t.adx.opera.com/ 		35 B
375 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.adx.opera.com/sync?vendor=60022&uid=d364e212501d4e3d804c2267b01abaeb
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS
n-sysadmin-jumpbox-03.feednews.opera.technology
Software
Tengine /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:54:52 GMT
server
Tengine
access-control-allow-methods
POST, GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
pic.gif
pa.tns-ua.com/bug/ 		56 B
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pa.tns-ua.com/bug/pic.gif?tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=d364e212501d4e3d804c2267b01abaeb
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 23 Nov 2022 02:54:52 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.13.0
expires
-1
55453de97a118ce9
ads.us.e-planning.net/uspd/1/ Frame 9408 		1 KB
899 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Requested by
Host: ads.go2net.com.ua
URL: https://ads.go2net.com.ua/dsp.aspx?sender=go2net&rct=4&v=2.0&rnd=4169434862177101.5&cpv=8f19ecb3-5368-39c6-50e3-a71978a364f6&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%22ec7fc08b-19a8-6946-195d-61d97cf2b8f8%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fzdorovia.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2255c0c460-3eea-aa2f-452a-965c595cbc45%22%2C%22tagid%22%3A%22ed2476d6-dc6a-46b4-b1f9-1613392c7015%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_async_793069447%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22sender%22%3A%22go2net%22%2C%22responseType%22%3Anull%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.251 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
ads.us.e-plannning.net
Software
openresty /
Resource Hash
4c25be0fe1ccdf4a63cae780de73a5c876aff58bc779fb6b5cd97f777318d2b0

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Wed, 23 Nov 2022 02:54:52 GMT
expires
Wed, 23 Nov 2022 02:54:52 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-929
/
onetag-sys.com/usync/ Frame 1C34 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=59d216e971852f2
Requested by
Host: ads.go2net.com.ua
URL: https://ads.go2net.com.ua/dsp.aspx?sender=go2net&rct=4&v=2.0&rnd=4169434862177101.5&cpv=8f19ecb3-5368-39c6-50e3-a71978a364f6&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%22ec7fc08b-19a8-6946-195d-61d97cf2b8f8%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fzdorovia.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2255c0c460-3eea-aa2f-452a-965c595cbc45%22%2C%22tagid%22%3A%22ed2476d6-dc6a-46b4-b1f9-1613392c7015%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_async_793069447%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22sender%22%3A%22go2net%22%2C%22responseType%22%3Anull%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
sync.html
s.adtelligent.com/ Frame D786 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=707176
Requested by
Host: ads.go2net.com.ua
URL: https://ads.go2net.com.ua/dsp.aspx?sender=go2net&rct=4&v=2.0&rnd=4169434862177101.5&cpv=8f19ecb3-5368-39c6-50e3-a71978a364f6&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%22ec7fc08b-19a8-6946-195d-61d97cf2b8f8%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fzdorovia.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2255c0c460-3eea-aa2f-452a-965c595cbc45%22%2C%22tagid%22%3A%22ed2476d6-dc6a-46b4-b1f9-1613392c7015%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_async_793069447%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22sender%22%3A%22go2net%22%2C%22responseType%22%3Anull%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.172.58 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
468ea5692c104ef27d3ee52b0816083447e4d34acf2b272039a0f5d8809fbc80

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
http://zdorovia.com.ua
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
1325
Content-Type
text/html; charset=UTF-8
Date
Wed, 23 Nov 2022 02:54:51 GMT
Server
Adtelligent
X-Robots-Tag
noindex
ev_view.aspx
ads.go2net.com.ua/ 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.go2net.com.ua/ev_view.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=d364e212501d4e3d804c2267b01abaeb&cet=4&zone=ED2476D6-DC6A-46B4-B1F9-1613392C7015&rule=8CE3A43A-8167-46D4-BBE3-364D0CBC2653&requestId=c454c14f-5071-4d14-9752-6f0395902285&hp=1048539382&page=zdorovia.com.ua%2F&pvid=079e1eff-d776-4bad-bb1a-14d1b9f95baf&inst=ADS-EU-6&ts=638047688920583351&sf=0
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:52 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
mmr445.gif
us.ck-ie.com/ 		0
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us.ck-ie.com/mmr445.gif?gdpr=&gdpr_consent=[GDPRConsent]&us_privacy=[USPrivacy]&coppa=[COPPA]&puid=d364e212501d4e3d804c2267b01abaeb
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.108.194 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:52 GMT
Server
nginx
Connection
keep-alive
Content-Type
text/plain
sync.html
s.console.adtarget.com.tr/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=517350
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.83.70.2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
sfaf25.gif
us.ck-ie.com/ 		0
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us.ck-ie.com/sfaf25.gif?puid=d364e212501d4e3d804c2267b01abaeb
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.108.194 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:52 GMT
Server
nginx
Connection
keep-alive
Content-Type
text/plain
pixel
ap.lijit.com/ 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?gdpr=&gdpr_consent=&redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DA0E94EB6-7943-457A-8B17-9C99C6ADCED2%26id%3D%24UID
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 23 Nov 2022 02:54:52 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
ImgSync
image8.pubmatic.com/AdServer/
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160321&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11576%26id%3Dd364e212501d4e3d804c2267b01abaeb
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=0
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=9e649be7-33c8-4031-a1f7-94900454b0f2
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=9e649be7-33c8-4031-a1f7-94900454b0f2
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=339cf93d-b6a4-48d7-b9b9-ae93c2e389eb&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=9e649be7-33c8-4031-a1f7-94900454b0f2&gdpr=&gdpr_consent=&gdpr_pd=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:52 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Wed, 23 Nov 2022 02:54:52 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 55BE 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
6690
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 01:03:22 GMT
expires
Thu, 23 Nov 2023 01:03:22 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 300C 		783 B
532 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c81fbf2b06f6326c32e87ba241cfe1896ba100116a79c3d0727bd981dbb13597
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-NoQhTDtRnySooHpoLZiYjQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
510
content-security-policy
script-src 'report-sample' 'nonce-NoQhTDtRnySooHpoLZiYjQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 02:54:52 GMT
expires
Wed, 23 Nov 2022 02:54:52 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
GS.d
js.cookieless-data.com/ Frame 3926 		0
535 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1669172092231
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.83.160.162 Mairieux, France, ASN12876 (Online SAS, FR),
Reverse DNS
212-83-160-162.rev.poneytelecom.eu
Software
nginx/1.20.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 02:54:52 GMT
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
Server
nginx/1.20.2
P3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-Xss-Protection
0
Expires
Tue, 01 Jan 2000 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame ADBF 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D77LOCXlBAYEAA5e3qohg1prCpCpFahMvMJFh6iyvlOIrSwusV4v0RpnKMRNPpCSDuif04bNymPCtinQD65FqQhziJTG5xkzt2TLKqykCLSJ1CCow
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417939&pi=t.ma~as.7553037928&w=728&lmt=1669172091&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1669172091570&bpp=7&bdt=106&idt=190&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&correlator=4639092018766&frm=23&ife=5&pv=2&ga_vid=1022265231.1669172090&ga_sid=1669172090&ga_hid=52432709&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531705%2C31070923&oid=2&pvsid=417168342558042&tmod=1518457775&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.f1jdbaqguy4t&fsb=1&dtd=214
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:54:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dvbs_src.js
cdn.doubleverify.com/ Frame ADBF 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx=25334725&cmp=27853577&plc=337476919&sid=6688358&aufilter1=4845432&prr=1&ppid=103&autt=1&auevent=ABAjH0gc7_5FgGhEXZyKZA4jGmGO&c1=4845432&auorder=1008774246&aucmp=18133645195&aucrtv=426657690&auxch=1&pltfrm=1&ausite=52321546355&turl=http://zdorovia.com.ua/&aubndl=&dvregion=0&unit=728x90
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417939&pi=t.ma~as.7553037928&w=728&lmt=1669172091&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1669172091570&bpp=7&bdt=106&idt=190&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&correlator=4639092018766&frm=23&ife=5&pv=2&ga_vid=1022265231.1669172090&ga_sid=1669172090&ga_hid=52432709&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531705%2C31070923&oid=2&pvsid=417168342558042&tmod=1518457775&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.f1jdbaqguy4t&fsb=1&dtd=214
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:d::1732:83c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
54e51249021fabff65b4ca7eb728f0a56cff080a37d9b0b13d1c401d5b9e6184

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:52 GMT
Content-Encoding
gzip
Last-Modified
Sun, 30 Oct 2022 09:55:21 GMT
Server
Microsoft-IIS/10.0
ETag
"42b02eb945ecd81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
1170
dvtp_src.js
cdn.doubleverify.com/ Frame ADBF 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417939&pi=t.ma~as.7553037928&w=728&lmt=1669172091&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1669172091570&bpp=7&bdt=106&idt=190&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&correlator=4639092018766&frm=23&ife=5&pv=2&ga_vid=1022265231.1669172090&ga_sid=1669172090&ga_hid=52432709&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531705%2C31070923&oid=2&pvsid=417168342558042&tmod=1518457775&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.f1jdbaqguy4t&fsb=1&dtd=214
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:d::1732:83c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
79a78139d71522672ff7ac53d27d942533511ed7eb7a83dc08a6e33d4b7dc6b0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:52 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 Nov 2022 11:10:24 GMT
Server
Microsoft-IIS/10.0
ETag
"0509c463fed81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3314
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame ADBF 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417939&pi=t.ma~as.7553037928&w=728&lmt=1669172091&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1669172091570&bpp=7&bdt=106&idt=190&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&correlator=4639092018766&frm=23&ife=5&pv=2&ga_vid=1022265231.1669172090&ga_sid=1669172090&ga_hid=52432709&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531705%2C31070923&oid=2&pvsid=417168342558042&tmod=1518457775&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.f1jdbaqguy4t&fsb=1&dtd=214
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 21:35:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
19182
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Dec 2022 21:35:10 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame ADBF 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417939&pi=t.ma~as.7553037928&w=728&lmt=1669172091&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1669172091570&bpp=7&bdt=106&idt=190&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&correlator=4639092018766&frm=23&ife=5&pv=2&ga_vid=1022265231.1669172090&ga_sid=1669172090&ga_hid=52432709&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531705%2C31070923&oid=2&pvsid=417168342558042&tmod=1518457775&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.f1jdbaqguy4t&fsb=1&dtd=214
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 10:41:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
58405
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Dec 2022 10:41:27 GMT
l
www.google.com/ads/measurement/ Frame ADBF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRCkPNgzC49bzdXS45sQeKfkW2JxvszK7RxzX5sMiDVaQA98u5BDDsGiy6oFuBgCzsGGmbt9Q8DDumH_UENxVEhgxPmFQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417939&pi=t.ma~as.7553037928&w=728&lmt=1669172091&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1669172091570&bpp=7&bdt=106&idt=190&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&correlator=4639092018766&frm=23&ife=5&pv=2&ga_vid=1022265231.1669172090&ga_sid=1669172090&ga_hid=52432709&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531705%2C31070923&oid=2&pvsid=417168342558042&tmod=1518457775&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.f1jdbaqguy4t&fsb=1&dtd=214
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame ADBF 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417939&pi=t.ma~as.7553037928&w=728&lmt=1669172091&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1669172091570&bpp=7&bdt=106&idt=190&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&correlator=4639092018766&frm=23&ife=5&pv=2&ga_vid=1022265231.1669172090&ga_sid=1669172090&ga_hid=52432709&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531705%2C31070923&oid=2&pvsid=417168342558042&tmod=1518457775&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.f1jdbaqguy4t&fsb=1&dtd=214
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 23 Nov 2022 02:54:52 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/ Frame 787D 		354 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua&bust=31070968
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a10cb2ee7fa86e617b49c012524c9a3fbefc08818fa6dff0062cc6a99278311
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:52 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119225
x-xss-protection
0
server
cafe
etag
10706163601467900798
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 23 Nov 2022 02:54:52 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame C1E1 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjepwIQ67KGuwIYmo-5ywEwAQ&v=APEucNXVJR96VV_0DMpdMZJA1SYmw1wCMLTNPTOIt5KHQ8ySRhCc1XnyWM9Pn9XDuXROobDGOoOe8O6YxfdOn4-HL_myt52oAJBk7kecbw4ViTd3DNSILuWbLWr77Sys_Xd4RYnMinihfNyWsGHax0l1PCbWDuw0-lpF9wiVBqWkekHwo4UCHbU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417939&pi=t.ma~as.7553037928&w=728&lmt=1669172091&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1669172091570&bpp=7&bdt=106&idt=190&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&correlator=4639092018766&frm=23&ife=5&pv=2&ga_vid=1022265231.1669172090&ga_sid=1669172090&ga_hid=52432709&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531705%2C31070923&oid=2&pvsid=417168342558042&tmod=1518457775&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.f1jdbaqguy4t&fsb=1&dtd=214
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417939&pi=t.ma~as.7553037928&w=728&lmt=1669172091&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1669172091570&bpp=7&bdt=106&idt=190&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&correlator=4639092018766&frm=23&ife=5&pv=2&ga_vid=1022265231.1669172090&ga_sid=1669172090&ga_hid=52432709&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531705%2C31070923&oid=2&pvsid=417168342558042&tmod=1518457775&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.f1jdbaqguy4t&fsb=1&dtd=214
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 02:54:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame ADBF 		15 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CsmV4wIWU_kQsnQdzQcR9dPm-r6bOF99MqeZ3NOb-BvWj5qgOQw0_RZ4Gi1cmu-JO6hwi8yY7Ps9E2ELAu7bL33tBGAaAsVGBnUG8M6PZMfUfuBli_YaOpPQWsG2TTtr60VK9q4wVSHd_FMohh29YvNdAPww_ELBvth0y69h-jNuPxPgA&cry=1&dbm_d=AKAmf-CrsjmOtvU8e5xKKrKyF4n5h-R-m4v5jTbxqkq02Fk8v4JCn-6HHNFmWrU6Iwt55j0Utg3rVgAaThSlO6AXHxY7CPO3LWlaTV7m3xG59QNuYJu1AF1ivwrI8tIPE8d7nkg0vhLccmgCNC3yGJj0R5-Hkjb5Ts7SLdTy3KWjVV52_30kKS8JAikDklNWKAF_TIY_LNeiDZIiZGU1WBKDcZqROlwaId1uATTmnYuBZDNLuPIP1LhQIbU1C6IU_Ap2Ya9jZOiVRFhhdQvPGIsM15o_HSo9aY4EmTGttiKytS5tsXRmn8wutG8XTyKHW8q1608yHKMJRpnqEIMgjs7lmwQ3E8mAcJF-ghRiO1WjYMy57ajTTHXwoOv7bPZ3jJNqt1SdNbTUJlNvCVhw2HQi4bDxM8WwCMvPSZq_I2n9g_a7uLEiq4-dc2cGyONnEdKUIQZMLtfTuak0sK_CGIEhV-o-25zU_U0FvQHEQd0baWzdWcodK8ku_avsfUqohS-TXrQ6Djkb4GhwPvPrh4NICeQet7mZZ70pKyiad-gydYRAM15QERYuaAt_P25xGDdkElVyVgZanOHxUort6CVsQZKmA9JYalB2VIGtiH4QDfWbtjlQfayQRfLAYbejfLDYZG3Ix83Zr9tdfAq23ln71x4x9OZJ5dp5kbHedQDtkkWOTnoSIrVYFh3b4ptgh2MwQg2h0oY4WUK0mJK0_0oS1Jdwj9uVI45UylFUsSS9HmkhxNzOhv0bNrhL-i_CsZjlPUbcWmfZdvnonA-BEcMpssicA5BIXnJLdcA-qWXaKB5oGZZdQNFjnELira1dyUHmfEjLp_UrDILKyIGrHa-rGvcCvY1Gi-CnM2fQ4ssWVbWrN2IuPvZtmcQ8w-J888h54sI2MkoOkQlssH_3i3bNEtT2hBGr9bEKokby0vG02V9JQ84BdDdwUuInwFzBeirmcQm2HuR1_FBjsMCjGqHbInc0QCS9exzh-_KzMH7kOzTyKTmeyxeG0C7bnjSA1V7gSLlG0uRkx3-XPSw6k5FaDuVG2BCdd2eWEqgY79lyapT8W6_8-9KY3QMJudWMjkEJ4Woyt0800mN-lOBk8NqBUKX4XCer1-3ERuLdtOgApgSStUClrLnr2cdHyB1p4L1xMSSk4mDSm4X1Vr8g9D1-D4VT59jf65Hpsk_yyMM0xjMfuxTLQ780Ng8vQnCQUmEJBRFhSYWRYWyOpy85KXGX0gRbEGUtfxmjJDk_PWXifnHf2YORNcM705sK448_xuAGy15--bJ68juUmtqgDRh1297HsmAE52bWYt5Eoc72JAA9f8t0eojapmY2PIQ-eP0SY97iHQi114TSDSrVdtPEdibPBfohJS_NhqB5n6I51S-P6PJ-sFQACvH4LKM1_falCmy3TeNWnSQq2SQXPUbGbpn2JctSq72TIkDoEb2F1N7UNJhUqrNqp-NbwerIfbm9Yy4uxmPgVkcPmsreyoWM8e0gAs7afoPn1ajcw-hUpHSVsHkU-rIpAfOmDehYqmQZNFLkJsVi2vLCnCefwdIOIkKLl3flPhOyhXuYojKmH8Pj7N0W34jREDqK7v1JsBR-4gtw45yXXYWsWA-uLZWonZ7FSa4Pjl-iqOVSw6xNkjJz2hLAvmn2TbtrxaunexvhKWdqElxlSPhjdO870mf4ISXt59hV7Kx7D52d_b7AZcvQfZWebjhPG7hOGR9lPJ6eaoC92qKrmg9MY29zrdUt_qPlVv7_ImIJsyssgkWIMwPgJsEgfMSkUDaZtQELtBtCBU_Svjp-_ZghsvonXGPPM2Jwjlv4hh-5922YvAIIwRaGAlQZjCkzNf94sXI0lm815iHoxEbnQTKUwSIultMwrScXpR3C2nwGg7vcI6DZTP5EabAmzphFiammlILm1YoWnoP24osKD4hB_0oNc7ngpIgpOi8tJu43CwAzAvzlh4e7Yi9JcKxD9zLhh_uQHS77epcO2NjmEeQ2bsQeYGIO1XbcKHm_SaQAtnvBXd812lJ5Ld_1cNWzRIzAWcKufvBQ3XXYMIEVv9ci1aG994n3Rssw9W5NcvOeMtdYF7TBcxgWboplJ0eNPUAZp4Xi6AScO5UlZQIl4mIqr7O3qP4X3JChpV0pmxG8ovNUMJkPkzb0DXHAfTsZwNrXYoIObCaimbcmsMStrURYmJtVwUuFswF1ivRvchIJeNaXNBIQ8DD-shDwD88BYmuOYyGeq7A7otSxlsz_71bKEpJNAV-LkYddcbtWmyCsB2hCsOeboekEyZ98qHLHr7prGJU4xBmSXz7lVHPxlh4ioObU8FCLPpDon5zOHt_9SoGeyZjoipn6Des9KyyK_D1m3yNe1zSYSZylh5oW9T7-6va-P3jCWVDLq8ib1WoDh92CIchYNojdtHUfZpWHuBGHevGx5pzruUCd2Cs7G12-g2aqRZHL3gQaVHI5n1wp9ykXRa63fKj8pci4xEtEg-ZVDl79lghkRS9C4nZbYY5UVui_BNjZN--So8G80WTHvhkKXod3tcZ-z0GvyWGuN81Utj-ObjiMc_jAfn4jxOBADp1AeVIWzJVXjGjuqkabFsENVVan7h7cy0VrcBPN5s6PnmNCrJqj43bL35gPxVDRn14bABN_n4obxQrJiB1hX5EoMXXrb7wODL_7NAXLGX__P-PvbiIczoMCpU6ROoaks9NUBDHEM0YOCyF0p-XgLe3mcisQc2cGZquwKoX9H8AsZaZcQ-Xf__zIfwlLq-BxiO-5bdoiA6Hb608vyhqwsiDU-D9h_25_i73ICC8&cid=CAQSKQDq26N9Ni3m6SfWZCrN2pNHMSnUFYGEMZgQpZyMd6cbEvdLBzeDBAjDGAEgEw&rfl=2%2Chttp%253A%252F%252Fzdorovia.com.ua%242%2Chttp%253A%252F%252Fzdorovia.com.ua%252F%240
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417939&pi=t.ma~as.7553037928&w=728&lmt=1669172091&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1669172091570&bpp=7&bdt=106&idt=190&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&correlator=4639092018766&frm=23&ife=5&pv=2&ga_vid=1022265231.1669172090&ga_sid=1669172090&ga_hid=52432709&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531705%2C31070923&oid=2&pvsid=417168342558042&tmod=1518457775&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.f1jdbaqguy4t&fsb=1&dtd=214
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6f0eb6f25c2c4efbe507a5ca728d9e786fdf949694d77ff288f2eacfa5284c91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417939&pi=t.ma~as.7553037928&w=728&lmt=1669172091&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1669172091570&bpp=7&bdt=106&idt=190&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&correlator=4639092018766&frm=23&ife=5&pv=2&ga_vid=1022265231.1669172090&ga_sid=1669172090&ga_hid=52432709&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531705%2C31070923&oid=2&pvsid=417168342558042&tmod=1518457775&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.f1jdbaqguy4t&fsb=1&dtd=214
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:54:52 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11250
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ptag
a.audrte.com/ Frame 9408 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.183.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-183-146.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
e4c87115834c3f04ac6e40927af4b0bcf6b839058344964a2eba9c787360ebc6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:52 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1649
lotame20220615.js
s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/ Frame 9408 		566 B
520 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.250 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:52 GMT
content-encoding
gzip
last-modified
Wed, 15 Jun 2022 16:21:31 GMT
server
openresty
etag
W/"62aa070b-236"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Mon, 22 Nov 2027 02:54:52 GMT
um
u-ams03.e-planning.net/ Frame 9408
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D7a666ecd51ae352c%26uid%3D%24UID
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=7a666ecd51ae352c&uid=3740268398524048266
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=7a666ecd51ae352c&uid=3740268398524048266
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
185.172.90.252 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

server
openresty
date
Wed, 23 Nov 2022 02:54:52 GMT
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 02:54:52 GMT
AN-X-Request-Uuid
dd6cc18e-e802-4880-8840-fda18d30acd1
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=7a666ecd51ae352c&uid=3740268398524048266
Connection
keep-alive
X-Proxy-Origin
217.138.196.100; 217.138.196.100; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dtscout20220831.js
s.e-planning.net/esb/4/0/1992d/1cb3be2948515989/ Frame 9408 		478 B
514 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/1cb3be2948515989/dtscout20220831.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.250 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
bc9316039e195480aa7580b1acd1619b0d1290c164abcd64ce536f15a32f0996

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:52 GMT
content-encoding
gzip
last-modified
Wed, 31 Aug 2022 19:37:37 GMT
server
openresty
etag
W/"630fb881-1de"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Mon, 22 Nov 2027 02:54:52 GMT
logcz.aspx
inv-nets.admixer.net/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/logcz.aspx?zone=cdadfe55-ba49-47d5-9918-cc04aa357b98
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 23 Nov 2022 02:54:52 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 6F06 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=eplanning_eu
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
media
a4p.adpartner.pro/ Frame 3BE4 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/media?id=7434&session_id=d983296b-ba03-4194-a396-ebfa56b4b876&session_pageview=2&site_visited=1
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/media/ls?mediaunit=7434&apuid=b396dead-d407-4521-bd1c-20b0ee5894fe&session_pageview=2&session_id=d983296b-ba03-4194-a396-ebfa56b4b876&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
f9cfea25d2790d45520c5c94c8bd182da470a1fc903009f539d996a6ec324ae8

Request headers

Referer
https://a4p.adpartner.pro/media/ls?mediaunit=7434&apuid=b396dead-d407-4521-bd1c-20b0ee5894fe&session_pageview=2&session_id=d983296b-ba03-4194-a396-ebfa56b4b876&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
text/plain

Response headers

date
Wed, 23 Nov 2022 02:54:52 GMT
cache-control
no-store no-transform
content-encoding
br
server
nginx
content-type
text/html; charset=utf-8
usync.html
eus.rubiconproject.com/ Frame 0C1C
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_eu&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 23 Nov 2022 02:54:52 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 23 Nov 2022 02:54:52 GMT
location
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
server
AkamaiGHost
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame 3AAC 		1 KB
1012 B 		Document
General
Check archive.org
Download Go to
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Lovettsville, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=157680000
cf4age
0
cf4ttl
157680000.000
content-encoding
gzip
content-length
624
content-type
text/html
date
Wed, 23 Nov 2022 02:54:52 GMT
etag
W/"61ddbb71-5f5"
expires
Tue, 09 Nov 2027 12:27:06 GMT
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
server
CFS 0215
x-cf-rand
21.090
x-cf-reqid
7d77b6aff29b580fe61da35eb48b5573
x-cf-tsc
1668083227
x-cf1
29080:fC.waw1:co:1585621119:cacheN.waw1-01:H
x-cf2
H
x-cf3
M
x-cff
B
/
spl.zeotap.com/ Frame 45F5 		552 B
741 B 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77f5cc8d5212bbee762ef1891eb721aaff6c67aef7137a802f4f4d86555b82c5

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
cf-cache-status
DYNAMIC
cf-ray
76e69f6a5e01730e-LHR
content-encoding
br
content-type
text/html
date
Wed, 23 Nov 2022 02:54:52 GMT
server
cloudflare
vary
Origin
via
1.1 google
sync.html
s.console.adtarget.com.tr/ Frame C257 		1 KB
959 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=755289
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.83.70.2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
d9ffbda85f08bf40579c3ac519a6267284db79f2796e541fcdf9fd85221cc0ea

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://s.adtelligent.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
654
Content-Type
text/html; charset=UTF-8
Date
Wed, 23 Nov 2022 02:54:51 GMT
Server
Adtelligent
X-Robots-Tag
noindex
/
csync.loopme.me/ Frame E926 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.loopme.me/?pubid=11378&gdpr=$0&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bviewer_token%7D
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.214.223.115 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
115.223.214.35.bc.googleusercontent.com
Software
_ /
Resource Hash

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

date
Wed, 23 Nov 2022 02:54:52 GMT
server
_
sync.html
s.adtelligent.com/ Frame B3D5 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=651796
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.172.58 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
9d9f69b458097c709f4c00bebf9040036f09ac49fb8f6543755dbb36227a7041

Request headers

Referer
https://s.adtelligent.com/sync.html?aid=707176
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://s.adtelligent.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
856
Content-Type
text/html; charset=UTF-8
Date
Wed, 23 Nov 2022 02:54:51 GMT
Server
Adtelligent
X-Robots-Tag
noindex
/
onetag-sys.com/usync/ Frame EE8F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
/
ads.us.e-planning.net/uspd/1/ Frame 7CDE 		1 KB
872 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.251 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
ads.us.e-plannning.net
Software
openresty /
Resource Hash
60c2457717b7a343e504f867029e4ef086ca66e324eda44dd72fe5ee89f9ebb7

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Wed, 23 Nov 2022 02:54:52 GMT
expires
Wed, 23 Nov 2022 02:54:52 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-929
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1742 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=41969
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Wed, 23 Nov 2022 02:54:52 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Wed, 23 Nov 2022 14:34:21 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame D786
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7709510073
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7709510073
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 23 Nov 2022 02:54:52 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:54:52 GMT
etag
RXbf471198dec9463f89a0347329157e9e003
content-type
text/html
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7709510073
cache-control
no-store, no-cache, must-revalidate
expires
0
d
ic.tynt.com/r/ Frame 15D1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
date
Wed, 23 Nov 2022 02:54:52 GMT
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
server
nginx/1.16.1
csync
sync.adtelligent.com/ Frame D786
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=8e0db42b-48a4-4297-b1d5-34643276e1d1
0
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=8e0db42b-48a4-4297-b1d5-34643276e1d1
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
62.149.1.122 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:52 GMT
Server
Adtelligent
Etag
10aebe5b331045ba
Content-Length
0

Redirect headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:54:51 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
location
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=8e0db42b-48a4-4297-b1d5-34643276e1d1
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
mcdghlmj8i4j3fda2vmo7m4ane52eubc
pixel
ap.lijit.com/ Frame D786 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 23 Nov 2022 02:54:52 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
csync
sync.adtelligent.com/ Frame D786
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=3740268398524048266
0
387 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=3740268398524048266
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
62.149.1.122 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:52 GMT
Server
Adtelligent
Etag
10aebe5b331045ba
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 02:54:52 GMT
AN-X-Request-Uuid
0a78ee48-83e5-4aa0-905a-c988e418739d
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=3740268398524048266
Connection
keep-alive
X-Proxy-Origin
217.138.196.100; 217.138.196.100; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
csync
sync.adtelligent.com/ Frame D786
Redirect Chain
  • https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D
  • https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=88369634-aa65-40f3-8724-867f5258950b
0
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=88369634-aa65-40f3-8724-867f5258950b
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
62.149.1.122 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:52 GMT
Server
Adtelligent
Etag
10aebe5b331045ba
Content-Length
0

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=88369634-aa65-40f3-8724-867f5258950b
access-control-allow-origin
*
date
Wed, 23 Nov 2022 02:54:52 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sync
vid.vidoomy.com/ Frame D786 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid.vidoomy.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D556847%26extuid%3D%7B%7BVID%7D%7D
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
csync
sync.adtelligent.com/ Frame D786
Redirect Chain
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D537e6283-e085-4397-a301-d96a66c270aa%26redir%3D1
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=537e6283-e085-4397-a301-d96a66c270aa&redir=1
  • https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=d364e212501d4e3d804c2267b01abaeb
0
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=d364e212501d4e3d804c2267b01abaeb
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
62.149.1.122 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:52 GMT
Server
Adtelligent
Etag
10aebe5b331045ba
Content-Length
0

Redirect headers

Date
Wed, 23 Nov 2022 02:54:52 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Location
https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=d364e212501d4e3d804c2267b01abaeb
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
0
X-Xss-Protection
0
ev_view.aspx
inv-nets.admixer.net/ 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/ev_view.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=d364e212501d4e3d804c2267b01abaeb&cet=9&zone=CDADFE55-BA49-47D5-9918-CC04AA357B98&rule=F7CAC5CE-3E5F-4671-95C3-F259A87AC033&requestId=439bbd0a-0ec2-45cc-9dae-2228a6ea58c9&hp=1048539382&page=zdorovia.com.ua%2F&pvid=099ca7e9-8eee-43fc-8e48-e67e2db2a058&inst=ADS-EU-6&ts=638047688910440860&sf=0
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:52 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
ev_view.aspx
inv-nets.admixer.net/ 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/ev_view.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=d364e212501d4e3d804c2267b01abaeb&cet=9&zone=2D179F8A-367F-49ED-9A1F-D77DEB57F009&rule=D1C84BF2-B360-43A6-B9BA-D08AD0CF3C93&requestId=8b3e7586-09cf-4169-86b7-7ee44a1e0b09&hp=1048539382&page=zdorovia.com.ua%2F&pvid=099ca7e9-8eee-43fc-8e48-e67e2db2a058&inst=ADS-EU-6&ts=638047688910440860&sf=0
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:52 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
rum
dsum-sec.casalemedia.com/ Frame C1E1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENKMcH2Y998-u6lVJqzcygg&google_cver=1
43 B
765 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENKMcH2Y998-u6lVJqzcygg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjepwIQ67KGuwIYmo-5ywEwAQ&v=APEucNXVJR96VV_0DMpdMZJA1SYmw1wCMLTNPTOIt5KHQ8ySRhCc1XnyWM9Pn9XDuXROobDGOoOe8O6YxfdOn4-HL_myt52oAJBk7kecbw4ViTd3DNSILuWbLWr77Sys_Xd4RYnMinihfNyWsGHax0l1PCbWDuw0-lpF9wiVBqWkekHwo4UCHbU
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 02:54:52 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:54:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENKMcH2Y998-u6lVJqzcygg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame C1E1
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y32Lexf10MiJyhZhOhh3aAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENKMcH2Y998-u6lVJqzcygg&google_cver=1
43 B
765 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENKMcH2Y998-u6lVJqzcygg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjepwIQ67KGuwIYmo-5ywEwAQ&v=APEucNXVJR96VV_0DMpdMZJA1SYmw1wCMLTNPTOIt5KHQ8ySRhCc1XnyWM9Pn9XDuXROobDGOoOe8O6YxfdOn4-HL_myt52oAJBk7kecbw4ViTd3DNSILuWbLWr77Sys_Xd4RYnMinihfNyWsGHax0l1PCbWDuw0-lpF9wiVBqWkekHwo4UCHbU
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 02:54:52 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:54:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENKMcH2Y998-u6lVJqzcygg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame C1E1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEH2L7AIweyL3OmQvt4UNkKA&google_cver=1
43 B
1020 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEH2L7AIweyL3OmQvt4UNkKA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjepwIQ67KGuwIYmo-5ywEwAQ&v=APEucNXVJR96VV_0DMpdMZJA1SYmw1wCMLTNPTOIt5KHQ8ySRhCc1XnyWM9Pn9XDuXROobDGOoOe8O6YxfdOn4-HL_myt52oAJBk7kecbw4ViTd3DNSILuWbLWr77Sys_Xd4RYnMinihfNyWsGHax0l1PCbWDuw0-lpF9wiVBqWkekHwo4UCHbU
Protocol
HTTP/1.1
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 02:54:52 GMT
AN-X-Request-Uuid
1df87e50-4999-4bcf-abf0-52968a3bda3c
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.138.196.100; 217.138.196.100; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:54:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEH2L7AIweyL3OmQvt4UNkKA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C1E1
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzc0MDI2ODM5ODUyNDA0ODI2Ng%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzc0MDI2ODM5ODUyNDA0ODI2Ng%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjepwIQ67KGuwIYmo-5ywEwAQ&v=APEucNXVJR96VV_0DMpdMZJA1SYmw1wCMLTNPTOIt5KHQ8ySRhCc1XnyWM9Pn9XDuXROobDGOoOe8O6YxfdOn4-HL_myt52oAJBk7kecbw4ViTd3DNSILuWbLWr77Sys_Xd4RYnMinihfNyWsGHax0l1PCbWDuw0-lpF9wiVBqWkekHwo4UCHbU
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:54:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 02:54:52 GMT
AN-X-Request-Uuid
21a78786-c080-4fcc-b4c0-52a4c1fdcfd4
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzc0MDI2ODM5ODUyNDA0ODI2Ng%3D%3D
Connection
keep-alive
X-Proxy-Origin
217.138.196.100; 217.138.196.100; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
logcz.aspx
ads.go2net.com.ua/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.go2net.com.ua/logcz.aspx?zone=211243eb-11ba-464c-a0c6-ba847f55b0ad
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 23 Nov 2022 02:54:52 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
logcz.aspx
inv-nets.admixer.net/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/logcz.aspx?zone=93ae9d99-966b-415b-9964-9dc2489da01f
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 23 Nov 2022 02:54:52 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
logcz.aspx
ads.go2net.com.ua/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.go2net.com.ua/logcz.aspx?zone=ed2476d6-dc6a-46b4-b1f9-1613392c7015
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 23 Nov 2022 02:54:52 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
logcz.aspx
inv-nets.admixer.net/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/logcz.aspx?zone=2d179f8a-367f-49ed-9a1f-d77deb57f009
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 23 Nov 2022 02:54:52 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 513A 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
6690
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 01:03:22 GMT
expires
Thu, 23 Nov 2023 01:03:22 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 167A 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c50ba511be87bc42f2ae747b074bb99131a090377b74d7902af06b8f55bbeb9c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-kL6N0Yze5S9tthp9NpZEJg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-kL6N0Yze5S9tthp9NpZEJg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 02:54:52 GMT
expires
Wed, 23 Nov 2022 02:54:52 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/871407110805838366/ Frame F2E6 		85 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/871407110805838366/index.html
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
57f8071d567a6a442c542d105766d3afb6f57214807c19d8a9aec5586b88a2b8
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
8563
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
16924
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 00:32:09 GMT
expires
Thu, 23 Nov 2023 00:32:09 GMT
last-modified
Wed, 17 Jan 2018 10:47:59 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame 0672 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cv3nGe4t9Y4G8OJWLjuwPoeaFiAqblqHNaYjqm9zwBtzLqPzoChABIKzk9ghgu4aAgNAKoAGF2YbSA8gBCakCp9rtKcPxsz6oAwHIA0iqBMwBT9BL0cPQnt-pF7KNAbRBNrk0sBt1FcVY5UT3e0EHA6hgCrcbJ1PN4HplJufHiYkR_60_bNb6-n81txg42gmaevdHHz_rrxRPiTJbLe9iokEMttn_euzvjId6DEZ0jN0ZXE8MAPTAxK5O8fvqwsvAQrCwb69KJgVTfB7DX8R9thZPCXRXvxPxSx4m_J7zJZQuiSINEDam64fIi-NjxeHgSSNz-QYKLOu5DB7oxTWEu1KOMEtsKSlNTvhD56Pb8peM211i8enDcgy1i302wASVyuudoQGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH46b5LagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEITEDdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMC0BUBgBcBshccChoIABIUcHViLTQ1NzcyNTQ0MzU1OTcxMDQYAA&sigh=PZrsLv361FU&uach_m=[UACH]&cid=CAQSKQDq26N9sfDzHRxk7XfVC-8GpQjZxAJcmjd8sS0FncdEAG7LQUTZorctGAEgEw&template_id=419
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417948&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1669172091&rafmt=1&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1669172091668&bpp=5&bdt=190&idt=191&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&correlator=4639092018766&frm=23&ife=5&pv=1&ga_vid=1022265231.1669172090&ga_sid=1669172090&ga_hid=927732058&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44768832%2C44773614%2C44779076&oid=2&pvsid=1045003748251155&tmod=523807073&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.maxf71wxo28k&fsb=1&dtd=217
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 23 Nov 2022 02:54:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 0672 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417948&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1669172091&rafmt=1&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1669172091668&bpp=5&bdt=190&idt=191&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&correlator=4639092018766&frm=23&ife=5&pv=1&ga_vid=1022265231.1669172090&ga_sid=1669172090&ga_hid=927732058&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44768832%2C44773614%2C44779076&oid=2&pvsid=1045003748251155&tmod=523807073&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.maxf71wxo28k&fsb=1&dtd=217
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 10:41:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
58406
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9428
x-xss-protection
0
server
cafe
etag
246362764157784863
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Dec 2022 10:41:26 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 0672 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417948&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1669172091&rafmt=1&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1669172091668&bpp=5&bdt=190&idt=191&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&correlator=4639092018766&frm=23&ife=5&pv=1&ga_vid=1022265231.1669172090&ga_sid=1669172090&ga_hid=927732058&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44768832%2C44773614%2C44779076&oid=2&pvsid=1045003748251155&tmod=523807073&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.maxf71wxo28k&fsb=1&dtd=217
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 21:35:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
19182
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Dec 2022 21:35:10 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 0672 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417948&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1669172091&rafmt=1&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1669172091668&bpp=5&bdt=190&idt=191&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&correlator=4639092018766&frm=23&ife=5&pv=1&ga_vid=1022265231.1669172090&ga_sid=1669172090&ga_hid=927732058&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44768832%2C44773614%2C44779076&oid=2&pvsid=1045003748251155&tmod=523807073&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.maxf71wxo28k&fsb=1&dtd=217
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 10:41:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
58405
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Dec 2022 10:41:27 GMT
l
www.google.com/ads/measurement/ Frame 0672 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRiqqYV2klPKtCnj4don_0uksa9R0KMJLLh-3xC4kRPxcy5E6gtfFAvoCriDagfShfGs5q1SqSycRk041L2AwVgrY6XQA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417948&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1669172091&rafmt=1&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1669172091668&bpp=5&bdt=190&idt=191&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&correlator=4639092018766&frm=23&ife=5&pv=1&ga_vid=1022265231.1669172090&ga_sid=1669172090&ga_hid=927732058&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44768832%2C44773614%2C44779076&oid=2&pvsid=1045003748251155&tmod=523807073&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.maxf71wxo28k&fsb=1&dtd=217
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0672 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417948&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1669172091&rafmt=1&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1669172091668&bpp=5&bdt=190&idt=191&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&correlator=4639092018766&frm=23&ife=5&pv=1&ga_vid=1022265231.1669172090&ga_sid=1669172090&ga_hid=927732058&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44768832%2C44773614%2C44779076&oid=2&pvsid=1045003748251155&tmod=523807073&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.maxf71wxo28k&fsb=1&dtd=217
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 23 Nov 2022 02:54:52 GMT
ev_view.aspx
ads.go2net.com.ua/ 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.go2net.com.ua/ev_view.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=d364e212501d4e3d804c2267b01abaeb&cet=9&zone=211243EB-11BA-464C-A0C6-BA847F55B0AD&rule=8031EB30-F8BC-4C42-B0CE-47540A4C2D9E&requestId=5045f127-d73d-4249-83f8-3bf4845ad160&hp=1048539382&page=zdorovia.com.ua%2F&pvid=079e1eff-d776-4bad-bb1a-14d1b9f95baf&inst=ADS-EU-6&ts=638047688911409197&sf=0
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:52 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 3CAA 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4da97fe7ca853891147c5eb703ae1c9b27f97ae26e6f8f1ec4d1030546d990e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:52 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11060
x-xss-protection
0
background_empty.jpg
file.adpartner.pro/2297/2297845/ Frame 3CAA 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://file.adpartner.pro/2297/2297845/background_empty.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.123.132.42 Kyiv, Ukraine, ASN35680 (VOLIA, UA),
Reverse DNS
42.132.123.77.colo.static.dcvolia.com
Software
nginx /
Resource Hash
86785aca6fc8dddf864d7181f70ccee6f8b23b862ac3f78df065ed909c5b746e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/2297/2297845/zdorovia.com.ua_160x600_br1.html?content_width=980px&background_size=1710.5454545454545&top_padding=0&side_width=310&bg_url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fbackground_empty.jpg&unit_num=1550_92005143690506380&url=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F1550%2F2297845%2Ff6294f0f-e729-4bdc-b28f-761c055acf36%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjY5MTcyMDkwLCJzaG93X2lkIjoiZjYyOTRmMGYtZTcyOS00YmRjLWIyOGYtNzYxYzA1NWFjZjM2IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYjM5NmRlYWQtZDQwNy00NTIxLWJkMWMtMjBiMGVlNTg5NGZlIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%3D%3D%26hash%3D676d187b190c7157f4c37b8beb6ce1b1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:52 GMT
last-modified
Fri, 03 Dec 2021 11:35:48 GMT
server
nginx
etag
"61aa0114-3439"
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
no-store
accept-ranges
bytes
content-length
13369
mw
mwzeom.zeotap.com/ Frame 45F5
Redirect Chain
  • https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da62ab...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&reqId=c227a723-c118-4609-412d-965f748ab96d&zdid=1361
95 B
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&reqId=c227a723-c118-4609-412d-965f748ab96d&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:52 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
76e69f6c9f8e730e-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&reqId=c227a723-c118-4609-412d-965f748ab96d&zdid=1361
date
Wed, 23 Nov 2022 02:54:52 GMT
cross-origin-resource-policy
cross-origin
content-length
0
mw
mwzeom.zeotap.com/ Frame 45F5 		95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1353&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&reqId=c227a723-c118-4609-412d-965f748ab96d&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:52 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
76e69f6b8eac730e-LHR
access-control-allow-headers
*
content-length
95
ptag
a.audrte.com/ Frame 7CDE 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.183.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-183-146.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
e4c87115834c3f04ac6e40927af4b0bcf6b839058344964a2eba9c787360ebc6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:52 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1649
lotame20220615.js
s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/ Frame 7CDE 		566 B
520 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.250 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:52 GMT
content-encoding
gzip
last-modified
Wed, 15 Jun 2022 16:21:31 GMT
server
openresty
etag
W/"62aa070b-236"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Mon, 22 Nov 2027 02:54:52 GMT
um
u-ams03.e-planning.net/ Frame 7CDE
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D7a666ecd51ae352c%26uid%3D%24UID
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=7a666ecd51ae352c&uid=3740268398524048266
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=7a666ecd51ae352c&uid=3740268398524048266
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
185.172.90.252 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

server
openresty
date
Wed, 23 Nov 2022 02:54:52 GMT
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 02:54:52 GMT
AN-X-Request-Uuid
b06d7e33-30c8-4694-9d15-c6f579a9e8bc
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=7a666ecd51ae352c&uid=3740268398524048266
Connection
keep-alive
X-Proxy-Origin
217.138.196.100; 217.138.196.100; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dtscout20220831.js
s.e-planning.net/esb/4/0/1992d/1cb3be2948515989/ Frame 7CDE 		478 B
514 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/1cb3be2948515989/dtscout20220831.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.250 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
bc9316039e195480aa7580b1acd1619b0d1290c164abcd64ce536f15a32f0996

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:52 GMT
content-encoding
gzip
last-modified
Wed, 31 Aug 2022 19:37:37 GMT
server
openresty
etag
W/"630fb881-1de"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Mon, 22 Nov 2027 02:54:52 GMT
3408637188147976689
tpc.googlesyndication.com/daca_images/simgad/ Frame 63E7 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/3408637188147976689?w=180&h=360
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80a5b042b9ee82093acbdff9c732d2ea7d65435e2f9dfa9a67757542f94db573
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:52 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12209
x-xss-protection
0
last-modified
Thu, 17 Nov 2022 20:34:32 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 30 Nov 2022 02:54:52 GMT
truncated
/ Frame 63E7 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
16a23676970d407855056fe902bb769a180883b45db16e63247d0a8419931af0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
usync.js
eus.rubiconproject.com/ Frame 0C1C 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
72d15234d6dde5fbdb7b89852408b3223101eff94b68d8d8eae1616290d2418f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:52 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 Nov 2022 20:06:56 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=61936
Connection
keep-alive
Content-Length
10066
Expires
Wed, 23 Nov 2022 20:07:08 GMT
api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
pagead2.googlesyndication.com/bg/ Frame CBBF 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_2&adk=1974494150&adf=162286153&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_92005143690506380%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252Ff6294f0f-e729-4bdc-b28f-761c055acf36%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjY5MTcyMDkwLCJzaG93X2lkIjoiZjYyOTRmMGYtZTcyOS00YmRjLWIyOGYtNzYxYzA1NWFjZjM2IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYjM5NmRlYWQtZDQwNy00NTIxLWJkMWMtMjBiMGVlNTg5NGZlIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D676d187b190c7157f4c37b8beb6ce1b1&wgl=1&dt=1669172091096&bpp=2&bdt=216&idt=306&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&prev_slotnames=zdorovia.com.ua_160x600_br_1&correlator=2517354019158&frm=22&ife=1&pv=1&ga_vid=1951171059.1669172091&ga_sid=1669172091&ga_hid=1374441472&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=827021184&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44773809%2C42531705%2C44777506%2C44777948&oid=2&pvsid=1336550878665547&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.5xw6kjwz6amw&fsb=1&xpc=i7NWMsWpiw&p=https%3A//file.adpartner.pro&dtd=312
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 00:22:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9154
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 23 Nov 2023 00:22:18 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 787D 		12 B
53 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=zdorovia.com.ua&callback=_gfp_s_&client=ca-pub-4577254435597104&cookie=ID%3Df966468c1f21bd2a-22b3fecf76d700fd%3AT%3D1669172092%3ART%3D1669172092%3AS%3DALNI_MbxLjDH9BsH-ncOtlGFqPmHIHUxvQ&gpic=UID%3D00000b86211eed53%3AT%3D1669172092%3ART%3D1669172092%3AS%3DALNI_MaxgCLLG6BrkRDm3aXhGq6BAbnv-Q&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua&bust=31070968
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32
x-xss-protection
0
integrator.js
adservice.google.co.uk/adsid/ Frame 787D 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=zdorovia.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua&bust=31070968
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 787D 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=zdorovia.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua&bust=31070968
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame D456 		27 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417949&pi=t.ma~as.6208660382&w=300&lmt=1669172092&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1669172092258&bpp=4&bdt=728&idt=555&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&cookie=ID%3Df966468c1f21bd2a-22b3fecf76d700fd%3AT%3D1669172092%3ART%3D1669172092%3AS%3DALNI_MbxLjDH9BsH-ncOtlGFqPmHIHUxvQ&gpic=UID%3D00000b86211eed53%3AT%3D1669172092%3ART%3D1669172092%3AS%3DALNI_MaxgCLLG6BrkRDm3aXhGq6BAbnv-Q&correlator=4639092018766&frm=23&ife=5&pv=1&ga_vid=1022265231.1669172090&ga_sid=1669172090&ga_hid=663377632&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=910&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44777506%2C31070968%2C44770881&oid=2&pvsid=2843744206474669&tmod=1440526577&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.6ul7w0abq8ea&fsb=1&dtd=572
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua&bust=31070968
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ce26367d20022f13f017e45972a6e3c87024e9e7612c2231c38c9516251af2c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
11394
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 02:54:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 787D 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua&bust=31070968
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0eee0e9b3d32388a0e9c0a4a52b5aa73a9b1528e34c60f42f83a5266899aaddb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:52 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11238
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 300C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221110&jk=417168342558042&rc=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
Enabler.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame F2E6 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/871407110805838366/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 10:31:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
58977
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5866
x-xss-protection
0
server
cafe
etag
544157900006238945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 23 Nov 2022 10:31:55 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame F2E6 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/871407110805838366/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 09:40:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
62034
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 23 Nov 2022 09:40:58 GMT
csync
sync.adtelligent.com/ Frame C257
Redirect Chain
  • https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D
  • https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=f88ebb0c6ebd2ec3
0
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=f88ebb0c6ebd2ec3
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
HTTP/1.1
Server
62.149.1.122 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.console.adtarget.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:52 GMT
Server
Adtelligent
Etag
10aebe5b331045ba
Content-Length
0

Redirect headers

Location
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=f88ebb0c6ebd2ec3
Date
Wed, 23 Nov 2022 02:54:52 GMT
Server
Adtelligent
Etag
f88ebb0c6ebd2ec3
Content-Length
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6CCE 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=41969
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Wed, 23 Nov 2022 02:54:52 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Wed, 23 Nov 2022 14:34:21 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 96B3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=75a1922f904cc20
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
csync
sync.adtelligent.com/ Frame B3D5 		43 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?redir=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.1.122 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:52 GMT
Server
Adtelligent
Etag
10aebe5b331045ba
Content-Length
43
Content-Type
image/gif
sync.php
pixel.rubiconproject.com/exchange/ Frame B3D5 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=17184-d&gdpr=0&gdpr_consent={gdpr_onsent}&us_privacy=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
media.min.js
a4p.adpartner.pro/apstc/ Frame 7C46 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/apstc/media.min.js?v=1.1.428
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
71849c671a5e607e906ff0d436236bdf6b14950397ad37e5daf0540eb9c84f58

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:52 GMT
cache-control
no-store no-transform
content-encoding
br
last-modified
Thu, 17 Nov 2022 09:59:21 GMT
server
nginx
etag
W/"637605f9-3ac0"
content-type
application/javascript
tt
a4p.adpartner.pro/ Frame 120F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=3&session_id=d983296b-ba03-4194-a396-ebfa56b4b876&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F&referer=http%3A%2F%2Fzdorovia.com.ua%2F
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store no-transform
date
Wed, 23 Nov 2022 02:54:53 GMT
server
nginx
ls
a4p.adpartner.pro/media/ Frame CC40 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/media/ls?mediaunit=7434&apuid=b396dead-d407-4521-bd1c-20b0ee5894fe&session_pageview=3&session_id=d983296b-ba03-4194-a396-ebfa56b4b876&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
5709a58c62c296dfe2a5a7180ad302bad4667be33a9088a991dbe90aa51d5a84

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store no-transform
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 23 Nov 2022 02:54:52 GMT
server
nginx
usync.html
eus.rubiconproject.com/ Frame 6BE8
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_eu&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 23 Nov 2022 02:54:52 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 23 Nov 2022 02:54:52 GMT
location
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
server
AkamaiGHost
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame 6D06 		1 KB
1011 B 		Document
General
Check archive.org
Download Go to
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Lovettsville, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=157680000
cf4age
0
cf4ttl
157680000.000
content-encoding
gzip
content-length
624
content-type
text/html
date
Wed, 23 Nov 2022 02:54:52 GMT
etag
W/"61ddbb71-5f5"
expires
Tue, 09 Nov 2027 12:27:06 GMT
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
server
CFS 0215
x-cf-rand
21.090
x-cf-reqid
9d5ae9a571def601f80634ee52482f44
x-cf-tsc
1668083227
x-cf1
29080:fC.waw1:co:1585621119:cacheN.waw1-01:H
x-cf2
H
x-cf3
M
x-cff
B
/
spl.zeotap.com/ Frame FA7E 		552 B
738 B 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
240648823141e6beb3209a62567668f5566835ed5718f6ae9e404acd8c636d30

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
cf-cache-status
DYNAMIC
cf-ray
76e69f6c8f87730e-LHR
content-encoding
br
content-type
text/html
date
Wed, 23 Nov 2022 02:54:52 GMT
server
cloudflare
vary
Origin
via
1.1 google
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 3CAA 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 23 Nov 2022 02:54:52 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame ADBF 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CsmV4wIWU_kQsnQdzQcR9dPm-r6bOF99MqeZ3NOb-BvWj5qgOQw0_RZ4Gi1cmu-JO6hwi8yY7Ps9E2ELAu7bL33tBGAaAsVGBnUG8M6PZMfUfuBli_YaOpPQWsG2TTtr60VK9q4wVSHd_FMohh29YvNdAPww_ELBvth0y69h-jNuPxPgA&cry=1&dbm_d=AKAmf-CrsjmOtvU8e5xKKrKyF4n5h-R-m4v5jTbxqkq02Fk8v4JCn-6HHNFmWrU6Iwt55j0Utg3rVgAaThSlO6AXHxY7CPO3LWlaTV7m3xG59QNuYJu1AF1ivwrI8tIPE8d7nkg0vhLccmgCNC3yGJj0R5-Hkjb5Ts7SLdTy3KWjVV52_30kKS8JAikDklNWKAF_TIY_LNeiDZIiZGU1WBKDcZqROlwaId1uATTmnYuBZDNLuPIP1LhQIbU1C6IU_Ap2Ya9jZOiVRFhhdQvPGIsM15o_HSo9aY4EmTGttiKytS5tsXRmn8wutG8XTyKHW8q1608yHKMJRpnqEIMgjs7lmwQ3E8mAcJF-ghRiO1WjYMy57ajTTHXwoOv7bPZ3jJNqt1SdNbTUJlNvCVhw2HQi4bDxM8WwCMvPSZq_I2n9g_a7uLEiq4-dc2cGyONnEdKUIQZMLtfTuak0sK_CGIEhV-o-25zU_U0FvQHEQd0baWzdWcodK8ku_avsfUqohS-TXrQ6Djkb4GhwPvPrh4NICeQet7mZZ70pKyiad-gydYRAM15QERYuaAt_P25xGDdkElVyVgZanOHxUort6CVsQZKmA9JYalB2VIGtiH4QDfWbtjlQfayQRfLAYbejfLDYZG3Ix83Zr9tdfAq23ln71x4x9OZJ5dp5kbHedQDtkkWOTnoSIrVYFh3b4ptgh2MwQg2h0oY4WUK0mJK0_0oS1Jdwj9uVI45UylFUsSS9HmkhxNzOhv0bNrhL-i_CsZjlPUbcWmfZdvnonA-BEcMpssicA5BIXnJLdcA-qWXaKB5oGZZdQNFjnELira1dyUHmfEjLp_UrDILKyIGrHa-rGvcCvY1Gi-CnM2fQ4ssWVbWrN2IuPvZtmcQ8w-J888h54sI2MkoOkQlssH_3i3bNEtT2hBGr9bEKokby0vG02V9JQ84BdDdwUuInwFzBeirmcQm2HuR1_FBjsMCjGqHbInc0QCS9exzh-_KzMH7kOzTyKTmeyxeG0C7bnjSA1V7gSLlG0uRkx3-XPSw6k5FaDuVG2BCdd2eWEqgY79lyapT8W6_8-9KY3QMJudWMjkEJ4Woyt0800mN-lOBk8NqBUKX4XCer1-3ERuLdtOgApgSStUClrLnr2cdHyB1p4L1xMSSk4mDSm4X1Vr8g9D1-D4VT59jf65Hpsk_yyMM0xjMfuxTLQ780Ng8vQnCQUmEJBRFhSYWRYWyOpy85KXGX0gRbEGUtfxmjJDk_PWXifnHf2YORNcM705sK448_xuAGy15--bJ68juUmtqgDRh1297HsmAE52bWYt5Eoc72JAA9f8t0eojapmY2PIQ-eP0SY97iHQi114TSDSrVdtPEdibPBfohJS_NhqB5n6I51S-P6PJ-sFQACvH4LKM1_falCmy3TeNWnSQq2SQXPUbGbpn2JctSq72TIkDoEb2F1N7UNJhUqrNqp-NbwerIfbm9Yy4uxmPgVkcPmsreyoWM8e0gAs7afoPn1ajcw-hUpHSVsHkU-rIpAfOmDehYqmQZNFLkJsVi2vLCnCefwdIOIkKLl3flPhOyhXuYojKmH8Pj7N0W34jREDqK7v1JsBR-4gtw45yXXYWsWA-uLZWonZ7FSa4Pjl-iqOVSw6xNkjJz2hLAvmn2TbtrxaunexvhKWdqElxlSPhjdO870mf4ISXt59hV7Kx7D52d_b7AZcvQfZWebjhPG7hOGR9lPJ6eaoC92qKrmg9MY29zrdUt_qPlVv7_ImIJsyssgkWIMwPgJsEgfMSkUDaZtQELtBtCBU_Svjp-_ZghsvonXGPPM2Jwjlv4hh-5922YvAIIwRaGAlQZjCkzNf94sXI0lm815iHoxEbnQTKUwSIultMwrScXpR3C2nwGg7vcI6DZTP5EabAmzphFiammlILm1YoWnoP24osKD4hB_0oNc7ngpIgpOi8tJu43CwAzAvzlh4e7Yi9JcKxD9zLhh_uQHS77epcO2NjmEeQ2bsQeYGIO1XbcKHm_SaQAtnvBXd812lJ5Ld_1cNWzRIzAWcKufvBQ3XXYMIEVv9ci1aG994n3Rssw9W5NcvOeMtdYF7TBcxgWboplJ0eNPUAZp4Xi6AScO5UlZQIl4mIqr7O3qP4X3JChpV0pmxG8ovNUMJkPkzb0DXHAfTsZwNrXYoIObCaimbcmsMStrURYmJtVwUuFswF1ivRvchIJeNaXNBIQ8DD-shDwD88BYmuOYyGeq7A7otSxlsz_71bKEpJNAV-LkYddcbtWmyCsB2hCsOeboekEyZ98qHLHr7prGJU4xBmSXz7lVHPxlh4ioObU8FCLPpDon5zOHt_9SoGeyZjoipn6Des9KyyK_D1m3yNe1zSYSZylh5oW9T7-6va-P3jCWVDLq8ib1WoDh92CIchYNojdtHUfZpWHuBGHevGx5pzruUCd2Cs7G12-g2aqRZHL3gQaVHI5n1wp9ykXRa63fKj8pci4xEtEg-ZVDl79lghkRS9C4nZbYY5UVui_BNjZN--So8G80WTHvhkKXod3tcZ-z0GvyWGuN81Utj-ObjiMc_jAfn4jxOBADp1AeVIWzJVXjGjuqkabFsENVVan7h7cy0VrcBPN5s6PnmNCrJqj43bL35gPxVDRn14bABN_n4obxQrJiB1hX5EoMXXrb7wODL_7NAXLGX__P-PvbiIczoMCpU6ROoaks9NUBDHEM0YOCyF0p-XgLe3mcisQc2cGZquwKoX9H8AsZaZcQ-Xf__zIfwlLq-BxiO-5bdoiA6Hb608vyhqwsiDU-D9h_25_i73ICC8&cid=CAQSKQDq26N9Ni3m6SfWZCrN2pNHMSnUFYGEMZgQpZyMd6cbEvdLBzeDBAjDGAEgEw&rfl=2%2Chttp%253A%252F%252Fzdorovia.com.ua%242%2Chttp%253A%252F%252Fzdorovia.com.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 12:06:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
398892
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Nov 2023 12:06:40 GMT
lt.min.js
tags.crwdcntrl.net/lt/c/15238/ Frame 9408 		52 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-97.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6a3d04874e62000c66bf4ca845fbde04ecb011a85bb4cb54f0cdf5598529709a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 19:00:22 GMT
content-encoding
gzip
via
1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront)
last-modified
Mon, 21 Nov 2022 18:31:37 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
28471
x-amz-server-side-encryption
AES256
etag
W/"b3509b007a9d747642c6a762ce4aed79"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age: 86400
x-amz-cf-id
czJWdJgRNSa-jTWQylqdAf-CQzN2ndh8GIOhOd0LFGO5V182QIeUDg==
ptrack
a.audrte.com/ Frame D981 		368 B
899 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptrack?arlocation=217.138.196.100&p=M1353665098&artime=2022-11-23T02:54:52.899Z&arlocation=YWRzLnVzLmUtcGxhbm5pbmcubmV0L3VzcGQvMT9kdT1odHRwcyUzQSUyRiUyRnN5bmMuYWR0ZWxsaWdlbnQuY29tJTJGY3N5bmMlM0Z0JTNEYSUyNmVwJTNEMzA3OTcxJTI2ZXh0dWlkJTNEJTI0VUlE&gdpr=0&gdpr_consent=null&gdpr_version=1&arreferer=cy5hZHRlbGxpZ2VudC5jb20v
Requested by
Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.183.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-183-146.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
35e6db1c906dc81d695a6264be5cebf8df0d5451b97c3b39bfe1e3849517cf71

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:52 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
https://ads.us.e-planning.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
263
optimus_rules.json
tags.crwdcntrl.net/lt/c/15238/ Frame D981 		155 B
642 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-97.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 22 Nov 2022 19:00:23 GMT
via
1.1 7e513424eee237ee26467e8fd5656ec0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
age
28472
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
155
last-modified
Mon, 21 Nov 2022 18:31:37 GMT
server
AmazonS3
etag
"1a1722e9cedbdc8af0dcd3345e46c73a"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age: 86400
accept-ranges
bytes
x-amz-cf-id
J-sIZ9CObmMidS0VCaIWBmlewT9PIpkliB9a-t8-hVlcc488mh8hWg==
s
googleads.g.doubleclick.net/pagead/drt/ Frame 1ADE 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417948&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1669172091&rafmt=1&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1669172091668&bpp=5&bdt=190&idt=191&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&correlator=4639092018766&frm=23&ife=5&pv=1&ga_vid=1022265231.1669172090&ga_sid=1669172090&ga_hid=927732058&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44768832%2C44773614%2C44779076&oid=2&pvsid=1045003748251155&tmod=523807073&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.maxf71wxo28k&fsb=1&dtd=217
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417948&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1669172091&rafmt=1&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1669172091668&bpp=5&bdt=190&idt=191&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&correlator=4639092018766&frm=23&ife=5&pv=1&ga_vid=1022265231.1669172090&ga_sid=1669172090&ga_hid=927732058&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44768832%2C44773614%2C44779076&oid=2&pvsid=1045003748251155&tmod=523807073&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.maxf71wxo28k&fsb=1&dtd=217
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
3544
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 01:55:48 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ptrack
a.audrte.com/ Frame 71C7 		368 B
900 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptrack?arlocation=217.138.196.100&p=M1353665098&artime=2022-11-23T02:54:52.912Z&arlocation=YWRzLnVzLmUtcGxhbm5pbmcubmV0L3VzcGQvMS81NTQ1M2RlOTdhMTE4Y2U5P2N0PTEmcnVpbWQ9MSZkdT1odHRwcyUzQSUyRiUyRmludi1uZXRzLmFkbWl4ZXIubmV0JTJGYWR4Y20uYXNweCUzRnNzcCUzREQ1NkRDMDlELUMzOUMtNEJENi1CRDczLTAzQ0FCNERBOUM1MCUyNmlkJTNEJTI0VUlE&gdpr=0&gdpr_consent=null&gdpr_version=1&arreferer=emRvcm92aWEuY29tLnVhLw==
Requested by
Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.183.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-183-146.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
348cad7c72440a6caa303509a97103d8460a4aba619211bcc5f9b81003e11a04

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:52 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
https://ads.us.e-planning.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
264
optimus_rules.json
tags.crwdcntrl.net/lt/c/15238/ Frame 71C7 		155 B
642 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-97.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 22 Nov 2022 19:00:23 GMT
via
1.1 7e513424eee237ee26467e8fd5656ec0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
age
28472
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
155
last-modified
Mon, 21 Nov 2022 18:31:37 GMT
server
AmazonS3
etag
"1a1722e9cedbdc8af0dcd3345e46c73a"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age: 86400
accept-ranges
bytes
x-amz-cf-id
h3GD6Ep_mIlpwn5alZi8-xnsgURjJyi3s7GUKeBTN6qtR-FfD7MHoA==
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame F114 		636 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.250 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=157680000
content-encoding
gzip
content-type
text/html
date
Wed, 23 Nov 2022 02:54:52 GMT
etag
W/"601b131c-27c"
expires
Mon, 22 Nov 2027 02:54:52 GMT
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
server
openresty
sync
vid.vidoomy.com/ Frame E8AF 		49 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vid.vidoomy.com/sync?gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D3ab023ac29ea5990%26fi%3D7a666ecd51ae352c%26uid%3D%7B%7BVID%7D%7D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
acff2f7ced83945dfb1b2227c926ec6a29d4c9ef436b6cd78a0d0d7447286a09

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
br
content-type
text/html
date
Wed, 23 Nov 2022 02:54:52 GMT
etag
W/"61c991db-c5bc"
last-modified
Mon, 27 Dec 2021 10:13:47 GMT
server
CDN77-Turbo
x-77-cache
MISS
x-77-nzt
Abk73BDDsK6h
x-77-nzt-ray
908339306af5b9947c8b7d63d6d25438
x-77-pop
frankfurtDE
x-accel-expires
@1670208892
x-cache
MISS
dvbs_src_internal113.js
cdn.doubleverify.com/ Frame ADBF 		59 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src_internal113.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=25334725&cmp=27853577&plc=337476919&sid=6688358&aufilter1=4845432&prr=1&ppid=103&autt=1&auevent=ABAjH0gc7_5FgGhEXZyKZA4jGmGO&c1=4845432&auorder=1008774246&aucmp=18133645195&aucrtv=426657690&auxch=1&pltfrm=1&ausite=52321546355&turl=http://zdorovia.com.ua/&aubndl=&dvregion=0&unit=728x90
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:d::1732:83c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
c2da1bde386dc1e71e6f0cf3ddcce6650ba703109c5194f52c991f48755ad806

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:52 GMT
Content-Encoding
gzip
Last-Modified
Sun, 30 Oct 2022 09:56:00 GMT
Server
Microsoft-IIS/10.0
ETag
"0b85bd045ecd81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19448
khaos.jpg
token.rubiconproject.com/ Frame 0C1C 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
pagead2.googlesyndication.com/bg/ Frame 55BE 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 00:22:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9154
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 23 Nov 2023 00:22:18 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 787D 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua&bust=31070968
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 23 Nov 2022 02:54:52 GMT
gen_csp
pagead2.googlesyndication.com/pagead/ Frame 0672 		0
20 B 		Other
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMHl7symw_sCFZWFgwcdIXMBoQ&gqi=e4t9Y6vpN_C79u8P4_mq8A4&layout=/sadbundle/%24csp%253Der3%24/871407110805838366/index.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417948&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1669172091&rafmt=1&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1669172091668&bpp=5&bdt=190&idt=191&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&correlator=4639092018766&frm=23&ife=5&pv=1&ga_vid=1022265231.1669172090&ga_sid=1669172090&ga_hid=927732058&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44768832%2C44773614%2C44779076&oid=2&pvsid=1045003748251155&tmod=523807073&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.maxf71wxo28k&fsb=1&dtd=217
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:54:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame FA7E
Redirect Chain
  • https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da62ab...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&reqId=63bafef1-fc11-4eb6-57be-401c3912eb64&zdid=1361
95 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&reqId=63bafef1-fc11-4eb6-57be-401c3912eb64&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:53 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
76e69f6e2889730e-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&reqId=63bafef1-fc11-4eb6-57be-401c3912eb64&zdid=1361
date
Wed, 23 Nov 2022 02:54:52 GMT
cross-origin-resource-policy
cross-origin
content-length
0
mw
mwzeom.zeotap.com/ Frame FA7E 		95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1353&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&reqId=63bafef1-fc11-4eb6-57be-401c3912eb64&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:52 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
76e69f6d1fe5730e-LHR
access-control-allow-headers
*
content-length
95
sodar
pagead2.googlesyndication.com/pagead/ Frame 167A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221110&jk=1045003748251155&rc=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
adxcm.aspx
inv-nets.admixer.net/ Frame DEFA 		43 B
463 B 		Document
General
Check archive.org
Download Go to
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=D56DC09D-C39C-4BD6-BD73-03CAB4DA9C50&id=ADAxld9Q1WPJ3fmG
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 23 Nov 2022 02:54:52 GMT
Keep-Alive
timeout=25
P3p
CP="NID DSP ALL COR"
Server
nginx
X-Xss-Protection
0
truncated
/ Frame 0672 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
73beea82cfc9c82edd5827d4406d003f3dedc875cf5645345dba95607ff2ff9b

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
zdorovia.com.ua_970x250_ruslan1.html
file.adpartner.pro/2085/2085828/ Frame 9470 		668 B
585 B 		Document
General
Check archive.org
Download Go to
Full URL
https://file.adpartner.pro/2085/2085828/zdorovia.com.ua_970x250_ruslan1.html?adId=2085828&unitId=7434&link=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F7434%2F2085828%2F3a5a9d6d-9e9a-4529-a22b-82af7384ba38%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjY5MTcyMDkyLCJzaG93X2lkIjoiM2E1YTlkNmQtOWU5YS00NTI5LWEyMmItODJhZjczODRiYTM4IiwiYWRfdW5pdF9pZCI6NzQzNCwicnVsZV9pZCI6MTg0MzIzLCJhZF9pZCI6MjA4NTgyOCwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYjM5NmRlYWQtZDQwNy00NTIxLWJkMWMtMjBiMGVlNTg5NGZlIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%3D%3D%26hash%3Def83b6bc83581b1315c4e4c643ce8f72&showId=3a5a9d6d-9e9a-4529-a22b-82af7384ba38&apuid=b396dead-d407-4521-bd1c-20b0ee5894fe
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/apstc/media.min.js?v=1.1.428
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.123.132.42 Kyiv, Ukraine, ASN35680 (VOLIA, UA),
Reverse DNS
42.132.123.77.colo.static.dcvolia.com
Software
nginx /
Resource Hash
4803ca05bf5d01dbd812e758881dc7cae6344da06c0fd9d19d42a341409a61e6

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-store
content-encoding
gzip
content-type
text/html
date
Wed, 23 Nov 2022 02:54:53 GMT
etag
W/"62947e8b-29c"
last-modified
Mon, 30 May 2022 08:21:31 GMT
server
nginx
lt.min.js
tags.crwdcntrl.net/lt/c/15238/ Frame 7CDE 		52 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-97.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6a3d04874e62000c66bf4ca845fbde04ecb011a85bb4cb54f0cdf5598529709a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 19:00:22 GMT
content-encoding
gzip
via
1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront)
last-modified
Mon, 21 Nov 2022 18:31:37 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
28472
x-amz-server-side-encryption
AES256
etag
W/"b3509b007a9d747642c6a762ce4aed79"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age: 86400
x-amz-cf-id
lKi0OUbbzZzqfI0MvAcUwNDRXh3IDdqJiYJwJ3k6Y_5tPVnTZ5WMtg==
usync.js
eus.rubiconproject.com/ Frame 6BE8 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
72d15234d6dde5fbdb7b89852408b3223101eff94b68d8d8eae1616290d2418f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:53 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 Nov 2022 20:06:56 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=61935
Connection
keep-alive
Content-Length
10066
Expires
Wed, 23 Nov 2022 20:07:08 GMT
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame 84BE 		636 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.250 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=157680000
content-encoding
gzip
content-type
text/html
date
Wed, 23 Nov 2022 02:54:52 GMT
etag
W/"601b131c-27c"
expires
Mon, 22 Nov 2027 02:54:52 GMT
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
server
openresty
sync
vid.vidoomy.com/ Frame 6C72 		49 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vid.vidoomy.com/sync?gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D3ab023ac29ea5990%26fi%3D7a666ecd51ae352c%26uid%3D%7B%7BVID%7D%7D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
acff2f7ced83945dfb1b2227c926ec6a29d4c9ef436b6cd78a0d0d7447286a09

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
br
content-type
text/html
date
Wed, 23 Nov 2022 02:54:53 GMT
etag
W/"61c991db-c5bc"
last-modified
Mon, 27 Dec 2021 10:13:47 GMT
server
CDN77-Turbo
x-77-cache
MISS
x-77-nzt
Abk73BCPvZXB
x-77-nzt-ray
908339306af5b9947d8b7d63e5166e08
x-77-pop
frankfurtDE
x-accel-expires
@1670208893
x-cache
MISS
csync
sync.adtelligent.com/ Frame FFAD 		0
384 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=ADAxld9Q1WPJ3fmG
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.1.122 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
0
Date
Wed, 23 Nov 2022 02:54:52 GMT
Etag
10aebe5b331045ba
Server
Adtelligent
data
bcp.crwdcntrl.net/6/ Frame D981 		60 B
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.35.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-35-234.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
0e25ca4c3ad355f772205763fb53be26f802a6df9ac04fd52ad7b5c6f30593f6

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:54:53 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://ads.us.e-planning.net
cache-control
no-cache
x-server
10.45.20.167
access-control-allow-credentials
true
content-length
60
expires
0
data
bcp.crwdcntrl.net/6/ Frame 71C7 		60 B
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.35.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-35-234.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
be09e8f92d60fdcad5a77543e8cccfccb4b1944c4f8a5737e6fff75b5e41de62

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:54:53 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://ads.us.e-planning.net
cache-control
no-cache
x-server
10.45.29.241
access-control-allow-credentials
true
content-length
60
expires
0
pixel
ps.eyeota.net/ Frame D981 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=27mtjstlEYCRSaaeeLIjlVFGQ&gdpr=0&gdpr_consent=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.125.70.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-70-222.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:53 GMT
Content-Length
1241
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
p
a.audrte.com/ Frame D981
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=27mtjstlEYCRSaaeeLIjlVFGQ&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=27mtjstlEYCRSaaeeLIjlVFGQ&gdpr=0&gdpr_consent=&google_gid=CAESEFX3m4Qoj4vZ4RlTWtcoaW0&google_cver=1
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
52.72.183.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-183-146.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:53 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Wed, 23 Nov 2022 02:54:53 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
p
a.audrte.com/ Frame D981
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=8510913750865436768
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=&google_gid=CAESEFX3m4Qoj4vZ4RlTWtcoaW0&google_cver=1
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
52.72.183.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-183-146.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:53 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Wed, 23 Nov 2022 02:54:53 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
p
a.audrte.com/ Frame 71C7
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=8510913750865436768
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=&google_gid=CAESEFX3m4Qoj4vZ4RlTWtcoaW0&google_cver=1
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
52.72.183.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-183-146.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:53 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Wed, 23 Nov 2022 02:54:53 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
p
a.audrte.com/ Frame 71C7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=27m1joTTsX7SV2yOh-iFTv-VQ&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=27m1joTTsX7SV2yOh-iFTv-VQ&gdpr=0&gdpr_consent=&google_gid=CAESEFX3m4Qoj4vZ4RlTWtcoaW0&google_cver=1
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
52.72.183.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-183-146.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:53 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Wed, 23 Nov 2022 02:54:53 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
pixel
ps.eyeota.net/ Frame 71C7 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=27m1joTTsX7SV2yOh-iFTv-VQ&gdpr=0&gdpr_consent=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.125.70.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-70-222.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:53 GMT
Content-Length
1241
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
media
a4p.adpartner.pro/ Frame CC40 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/media?id=7434&session_id=d983296b-ba03-4194-a396-ebfa56b4b876&session_pageview=3&site_visited=1
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/media/ls?mediaunit=7434&apuid=b396dead-d407-4521-bd1c-20b0ee5894fe&session_pageview=3&session_id=d983296b-ba03-4194-a396-ebfa56b4b876&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
59053117517098dd6e7a88d4b1e778253236a2e08925c3923cda855f41137333

Request headers

Referer
https://a4p.adpartner.pro/media/ls?mediaunit=7434&apuid=b396dead-d407-4521-bd1c-20b0ee5894fe&session_pageview=3&session_id=d983296b-ba03-4194-a396-ebfa56b4b876&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
text/plain

Response headers

date
Wed, 23 Nov 2022 02:54:53 GMT
cache-control
no-store no-transform
content-encoding
br
server
nginx
content-type
text/html; charset=utf-8
if
a4p.adpartner.pro/tracker/ Frame 4EA4 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522b396dead-d407-4521-bd1c-20b0ee5894fe%2522%252C%2522event%2522%253A%2522load%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2085828%252C%2522rule_id%2522%253A184323%252C%2522show_id%2522%253A%25223a5a9d6d-9e9a-4529-a22b-82af7384ba38%2522%257D%255D%252C%2522unit_id%2522%253A7434%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%25223a5a9d6d-9e9a-4529-a22b-82af7384ba38%2522%252C%2522url%2522%253A%2522http%253A%252F%252Fzdorovia.com.ua%252F%2522%257D
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate no-store no-transform
content-length
0
content-type
image/gif
date
Wed, 23 Nov 2022 02:54:53 GMT
expires
0
pragma
no-cache
server
nginx
if
a4p.adpartner.pro/tracker/ Frame 3189 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522b396dead-d407-4521-bd1c-20b0ee5894fe%2522%252C%2522event%2522%253A%2522show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2085828%252C%2522rule_id%2522%253A184323%252C%2522show_id%2522%253A%25223a5a9d6d-9e9a-4529-a22b-82af7384ba38%2522%257D%255D%252C%2522unit_id%2522%253A7434%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%25223a5a9d6d-9e9a-4529-a22b-82af7384ba38%2522%252C%2522url%2522%253A%2522http%253A%252F%252Fzdorovia.com.ua%252F%2522%257D
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate no-store no-transform
content-length
0
content-type
image/gif
date
Wed, 23 Nov 2022 02:54:53 GMT
expires
0
pragma
no-cache
server
nginx
api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
pagead2.googlesyndication.com/bg/ Frame 513A 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 00:22:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9155
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 23 Nov 2023 00:22:18 GMT
GS.d
js.cookieless-data.com/ Frame F114 		0
535 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1669172093167
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.83.160.162 Mairieux, France, ASN12876 (Online SAS, FR),
Reverse DNS
212-83-160-162.rev.poneytelecom.eu
Software
nginx/1.20.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 02:54:53 GMT
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
Server
nginx/1.20.2
P3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-Xss-Protection
0
Expires
Tue, 01 Jan 2000 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 233A 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
6691
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 01:03:22 GMT
expires
Thu, 23 Nov 2023 01:03:22 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame B893 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6485b9866c2416c69175729429f327f43514e45fb09063798c4546e7359d6d9c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-2oxki749QdOV3BVJJgdesg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-2oxki749QdOV3BVJJgdesg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 02:54:53 GMT
expires
Wed, 23 Nov 2022 02:54:53 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
verify.js
rtb0.doubleverify.com/ Frame ADBF 		442 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_361391902013&jsTagObjCallback=__tagObject_callback_361391902013&num=6&ctx=25334725&cmp=27853577&plc=337476919&sid=6688358&advid=&adsrv=&unit=728x90&isdvvid=&uid=361391902013&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.30&dvpx_strhd=0.30&brid=3&brver=99&bridua=3&dup=null&ppid=103&auevent=ABAjH0gc7_5FgGhEXZyKZA4jGmGO&aucmp=18133645195&aucrtv=426657690&auorder=1008774246&ausite=52321546355&auxch=1&pltfrm=1&aufilter1=4845432&autt=1&c1=4845432&turl=http://zdorovia.com.ua/&srcurlD=1&ssl=1&refD=2&htmlmsging=1&tstype=128&prr=1&aUrlD=1&m1=13&noc=4&fcifrms=25&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=161&eparams=DC4FC%3Dl9EEATbpTauTauK5%40C%40G%3A2%5D4%40%3E%5DF2TauU2%3F4r92%3A%3Fl9EEATbpTauTauK5%40C%40G%3A2%5D4%40%3E%5DF2Tar9EEATbpTauTauK5%40C%40G%3A2%5D4%40%3E%5DF2Tar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6EU2%26C%3Dl9EEADTbpTauTau7%3A%3D6%5D25A2CE%3F6C%5DAC%40Tau&dvp_exetime=15.60&aubndl=&callbackName=__verify_callback_361391902013
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal113.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.12.149.34.bc.googleusercontent.com
Software
/
Resource Hash
968e85bf2bc7e5a3bb2df7fda90431e82d36f50d2e746f0756ec76804b8aef08

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 02:54:53 GMT
Content-Encoding
br
X-DV-Response
0
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
close
Expires
11/22/2022 02:54:53
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 9470 		99 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: file.adpartner.pro
URL: https://file.adpartner.pro/2085/2085828/zdorovia.com.ua_970x250_ruslan1.html?adId=2085828&unitId=7434&link=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F7434%2F2085828%2F3a5a9d6d-9e9a-4529-a22b-82af7384ba38%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjY5MTcyMDkyLCJzaG93X2lkIjoiM2E1YTlkNmQtOWU5YS00NTI5LWEyMmItODJhZjczODRiYTM4IiwiYWRfdW5pdF9pZCI6NzQzNCwicnVsZV9pZCI6MTg0MzIzLCJhZF9pZCI6MjA4NTgyOCwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYjM5NmRlYWQtZDQwNy00NTIxLWJkMWMtMjBiMGVlNTg5NGZlIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%3D%3D%26hash%3Def83b6bc83581b1315c4e4c643ce8f72&showId=3a5a9d6d-9e9a-4529-a22b-82af7384ba38&apuid=b396dead-d407-4521-bd1c-20b0ee5894fe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1a78e672eccdcf753dcd3efabcfa7d1ed12ab382ad2cfb92ff86229e47d4c8e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34256
x-xss-protection
0
server
cafe
etag
10772060121216377202
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 23 Nov 2022 02:54:53 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 99D7 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
398892
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 18 Nov 2022 12:06:41 GMT
expires
Sat, 18 Nov 2023 12:06:41 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
logcz.aspx
ads.go2net.com.ua/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.go2net.com.ua/logcz.aspx?zone=ed2476d6-dc6a-46b4-b1f9-1613392c7015
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 23 Nov 2022 02:54:53 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3A62 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
6691
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 01:03:22 GMT
expires
Thu, 23 Nov 2023 01:03:22 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 125B 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ffe8ae9017db31a98d9664dfbb508dac285b719f1044dc21c12176f1dc28d912
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-rRBupUXHSCaGCE4NbUI2aQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-rRBupUXHSCaGCE4NbUI2aQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 02:54:53 GMT
expires
Wed, 23 Nov 2022 02:54:53 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
khaos.jpg
token.rubiconproject.com/ Frame 6BE8 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GS.d
js.cookieless-data.com/ Frame 84BE 		0
535 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1669172093332
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.83.160.162 Mairieux, France, ASN12876 (Online SAS, FR),
Reverse DNS
212-83-160-162.rev.poneytelecom.eu
Software
nginx/1.20.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 02:54:53 GMT
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
Server
nginx/1.20.2
P3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-Xss-Protection
0
Expires
Tue, 01 Jan 2000 00:00:00 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 1ADE
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417948&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1669172091&rafmt=1&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1669172091668&bpp=5&bdt=190&idt=191&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&correlator=4639092018766&frm=23&ife=5&pv=1&ga_vid=1022265231.1669172090&ga_sid=1669172090&ga_hid=927732058&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44768832%2C44773614%2C44779076&oid=2&pvsid=1045003748251155&tmod=523807073&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.maxf71wxo28k&fsb=1&dtd=217
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 02:54:53 GMT
expires
Wed, 23 Nov 2022 02:54:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 02:54:53 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/ Frame 9470 		355 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb5f6fa57de34cddd8d42ff39ab45adee5b31426b3e706b1f706742bb9d20388
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119611
x-xss-protection
0
server
cafe
etag
3870001375185893645
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 23 Nov 2022 02:54:53 GMT
ptrack
a.audrte.com/ Frame 9408 		368 B
900 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptrack?arlocation=217.138.196.100&p=M1353665098&artime=2022-11-23T02:54:53.477Z&arlocation=YWRzLnVzLmUtcGxhbm5pbmcubmV0L3VzcGQvMS81NTQ1M2RlOTdhMTE4Y2U5P3J1aW1kPTEmZHU9aHR0cHMlM0ElMkYlMkZpbnYtbmV0cy5hZG1peGVyLm5ldCUyRmFkeGNtLmFzcHglM0Zzc3AlM0RENTZEQzA5RC1DMzlDLTRCRDYtQkQ3My0wM0NBQjREQTlDNTAlMjZpZCUzRCUyNFVJRA==&gdpr=0&gdpr_consent=null&gdpr_version=1&arreferer=emRvcm92aWEuY29tLnVhLw==
Requested by
Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.183.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-183-146.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
348cad7c72440a6caa303509a97103d8460a4aba619211bcc5f9b81003e11a04

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:53 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
https://ads.us.e-planning.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
264
optimus_rules.json
tags.crwdcntrl.net/lt/c/15238/ Frame 9408 		155 B
643 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-97.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 22 Nov 2022 19:00:23 GMT
via
1.1 7e513424eee237ee26467e8fd5656ec0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
age
28472
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
155
last-modified
Mon, 21 Nov 2022 18:31:37 GMT
server
AmazonS3
etag
"1a1722e9cedbdc8af0dcd3345e46c73a"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age: 86400
accept-ranges
bytes
x-amz-cf-id
DXD9CE0UE4uyxeYvxc2ETyYcxVRHZRSnXU1j60k2NiWj2k6ChkDIKw==
gen_204
pagead2.googlesyndication.com/pagead/ Frame D456 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D6l1KPl8SOLUSLzwDRRGAmP7iyFLGBb3nQf4v9JWhXRQ4-RFkZiSrDj51Ki5K3hE91cgYp25cWGC9WjrJ-aUdv9PjMSZodBCnQ8vgK2DvINIFpqj8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417949&pi=t.ma~as.6208660382&w=300&lmt=1669172092&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1669172092258&bpp=4&bdt=728&idt=555&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&cookie=ID%3Df966468c1f21bd2a-22b3fecf76d700fd%3AT%3D1669172092%3ART%3D1669172092%3AS%3DALNI_MbxLjDH9BsH-ncOtlGFqPmHIHUxvQ&gpic=UID%3D00000b86211eed53%3AT%3D1669172092%3ART%3D1669172092%3AS%3DALNI_MaxgCLLG6BrkRDm3aXhGq6BAbnv-Q&correlator=4639092018766&frm=23&ife=5&pv=1&ga_vid=1022265231.1669172090&ga_sid=1669172090&ga_hid=663377632&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=910&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44777506%2C31070968%2C44770881&oid=2&pvsid=2843744206474669&tmod=1440526577&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.6ul7w0abq8ea&fsb=1&dtd=572
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:54:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dvbs_src.js
cdn.doubleverify.com/ Frame D456 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx=25334725&cmp=27909197&plc=339172621&sid=6909169&aufilter1=4845432&prr=1&ppid=103&autt=1&auevent=ABAjH0gxoaDEU_TLC-yrwwWBB015&c1=4845432&auorder=1008772347&aucmp=18508291121&aucrtv=430717651&auxch=1&pltfrm=1&ausite=52321546355&turl=http://zdorovia.com.ua/&aubndl=&dvregion=0&unit=300x250
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417949&pi=t.ma~as.6208660382&w=300&lmt=1669172092&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1669172092258&bpp=4&bdt=728&idt=555&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&cookie=ID%3Df966468c1f21bd2a-22b3fecf76d700fd%3AT%3D1669172092%3ART%3D1669172092%3AS%3DALNI_MbxLjDH9BsH-ncOtlGFqPmHIHUxvQ&gpic=UID%3D00000b86211eed53%3AT%3D1669172092%3ART%3D1669172092%3AS%3DALNI_MaxgCLLG6BrkRDm3aXhGq6BAbnv-Q&correlator=4639092018766&frm=23&ife=5&pv=1&ga_vid=1022265231.1669172090&ga_sid=1669172090&ga_hid=663377632&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=910&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44777506%2C31070968%2C44770881&oid=2&pvsid=2843744206474669&tmod=1440526577&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.6ul7w0abq8ea&fsb=1&dtd=572
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:d::1732:83c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
54e51249021fabff65b4ca7eb728f0a56cff080a37d9b0b13d1c401d5b9e6184

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:53 GMT
Content-Encoding
gzip
Last-Modified
Sun, 30 Oct 2022 09:55:21 GMT
Server
Microsoft-IIS/10.0
ETag
"42b02eb945ecd81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
1170
dvtp_src.js
cdn.doubleverify.com/ Frame D456 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417949&pi=t.ma~as.6208660382&w=300&lmt=1669172092&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1669172092258&bpp=4&bdt=728&idt=555&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&cookie=ID%3Df966468c1f21bd2a-22b3fecf76d700fd%3AT%3D1669172092%3ART%3D1669172092%3AS%3DALNI_MbxLjDH9BsH-ncOtlGFqPmHIHUxvQ&gpic=UID%3D00000b86211eed53%3AT%3D1669172092%3ART%3D1669172092%3AS%3DALNI_MaxgCLLG6BrkRDm3aXhGq6BAbnv-Q&correlator=4639092018766&frm=23&ife=5&pv=1&ga_vid=1022265231.1669172090&ga_sid=1669172090&ga_hid=663377632&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=910&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44777506%2C31070968%2C44770881&oid=2&pvsid=2843744206474669&tmod=1440526577&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.6ul7w0abq8ea&fsb=1&dtd=572
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:d::1732:83c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
79a78139d71522672ff7ac53d27d942533511ed7eb7a83dc08a6e33d4b7dc6b0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:53 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 Nov 2022 11:10:24 GMT
Server
Microsoft-IIS/10.0
ETag
"0509c463fed81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3314
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame D456 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417949&pi=t.ma~as.6208660382&w=300&lmt=1669172092&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1669172092258&bpp=4&bdt=728&idt=555&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&cookie=ID%3Df966468c1f21bd2a-22b3fecf76d700fd%3AT%3D1669172092%3ART%3D1669172092%3AS%3DALNI_MbxLjDH9BsH-ncOtlGFqPmHIHUxvQ&gpic=UID%3D00000b86211eed53%3AT%3D1669172092%3ART%3D1669172092%3AS%3DALNI_MaxgCLLG6BrkRDm3aXhGq6BAbnv-Q&correlator=4639092018766&frm=23&ife=5&pv=1&ga_vid=1022265231.1669172090&ga_sid=1669172090&ga_hid=663377632&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=910&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44777506%2C31070968%2C44770881&oid=2&pvsid=2843744206474669&tmod=1440526577&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.6ul7w0abq8ea&fsb=1&dtd=572
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 21:35:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
19183
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Dec 2022 21:35:10 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame D456 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417949&pi=t.ma~as.6208660382&w=300&lmt=1669172092&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1669172092258&bpp=4&bdt=728&idt=555&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&cookie=ID%3Df966468c1f21bd2a-22b3fecf76d700fd%3AT%3D1669172092%3ART%3D1669172092%3AS%3DALNI_MbxLjDH9BsH-ncOtlGFqPmHIHUxvQ&gpic=UID%3D00000b86211eed53%3AT%3D1669172092%3ART%3D1669172092%3AS%3DALNI_MaxgCLLG6BrkRDm3aXhGq6BAbnv-Q&correlator=4639092018766&frm=23&ife=5&pv=1&ga_vid=1022265231.1669172090&ga_sid=1669172090&ga_hid=663377632&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=910&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44777506%2C31070968%2C44770881&oid=2&pvsid=2843744206474669&tmod=1440526577&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.6ul7w0abq8ea&fsb=1&dtd=572
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 10:41:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
58406
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Dec 2022 10:41:27 GMT
l
www.google.com/ads/measurement/ Frame D456 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQEfF7gpn6FI6Ddhe4BlxhxwMRYjwwpmLiylXtXlBm0maYKJk4Fakj2JV8JrRm_8-N7fTGARqajTxZjoBVwvC3lvPwfgw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417949&pi=t.ma~as.6208660382&w=300&lmt=1669172092&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1669172092258&bpp=4&bdt=728&idt=555&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&cookie=ID%3Df966468c1f21bd2a-22b3fecf76d700fd%3AT%3D1669172092%3ART%3D1669172092%3AS%3DALNI_MbxLjDH9BsH-ncOtlGFqPmHIHUxvQ&gpic=UID%3D00000b86211eed53%3AT%3D1669172092%3ART%3D1669172092%3AS%3DALNI_MaxgCLLG6BrkRDm3aXhGq6BAbnv-Q&correlator=4639092018766&frm=23&ife=5&pv=1&ga_vid=1022265231.1669172090&ga_sid=1669172090&ga_hid=663377632&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=910&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44777506%2C31070968%2C44770881&oid=2&pvsid=2843744206474669&tmod=1440526577&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.6ul7w0abq8ea&fsb=1&dtd=572
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D456 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417949&pi=t.ma~as.6208660382&w=300&lmt=1669172092&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1669172092258&bpp=4&bdt=728&idt=555&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&cookie=ID%3Df966468c1f21bd2a-22b3fecf76d700fd%3AT%3D1669172092%3ART%3D1669172092%3AS%3DALNI_MbxLjDH9BsH-ncOtlGFqPmHIHUxvQ&gpic=UID%3D00000b86211eed53%3AT%3D1669172092%3ART%3D1669172092%3AS%3DALNI_MaxgCLLG6BrkRDm3aXhGq6BAbnv-Q&correlator=4639092018766&frm=23&ife=5&pv=1&ga_vid=1022265231.1669172090&ga_sid=1669172090&ga_hid=663377632&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=910&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44777506%2C31070968%2C44770881&oid=2&pvsid=2843744206474669&tmod=1440526577&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.6ul7w0abq8ea&fsb=1&dtd=572
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 23 Nov 2022 02:54:53 GMT
zdorovia.com.ua_970x250_ruslan1.html
file.adpartner.pro/2085/2085828/ Frame 3D91 		668 B
585 B 		Document
General
Check archive.org
Download Go to
Full URL
https://file.adpartner.pro/2085/2085828/zdorovia.com.ua_970x250_ruslan1.html?adId=2085828&unitId=7434&link=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F7434%2F2085828%2F2d0adcf5-3781-4e0a-a8ea-0d58b78b519e%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjY5MTcyMDkzLCJzaG93X2lkIjoiMmQwYWRjZjUtMzc4MS00ZTBhLWE4ZWEtMGQ1OGI3OGI1MTllIiwiYWRfdW5pdF9pZCI6NzQzNCwicnVsZV9pZCI6MTg0MzIzLCJhZF9pZCI6MjA4NTgyOCwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYjM5NmRlYWQtZDQwNy00NTIxLWJkMWMtMjBiMGVlNTg5NGZlIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%3D%3D%26hash%3Dec5eb7b6e0a59949d2ac1f550d71d351&showId=2d0adcf5-3781-4e0a-a8ea-0d58b78b519e&apuid=b396dead-d407-4521-bd1c-20b0ee5894fe
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/apstc/media.min.js?v=1.1.428
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.123.132.42 Kyiv, Ukraine, ASN35680 (VOLIA, UA),
Reverse DNS
42.132.123.77.colo.static.dcvolia.com
Software
nginx /
Resource Hash
4803ca05bf5d01dbd812e758881dc7cae6344da06c0fd9d19d42a341409a61e6

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-store
content-encoding
gzip
content-type
text/html
date
Wed, 23 Nov 2022 02:54:53 GMT
etag
W/"62947e8b-29c"
last-modified
Mon, 30 May 2022 08:21:31 GMT
server
nginx
pixel
googleads.g.doubleclick.net/xbbe/ Frame D12E 		640 B
262 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjepwIQlvvE0AIY0_WwzQEwAQ&v=APEucNUH9Y5vyeGNeR8jJ-6QWjDOdPVpp6pqa2zf4QfUq-SXAX-EEJgP62x4g4P4vQwtMwcTM9mLsmloxcH8KpQ7Kd5feuhazGB2bqEluLMf9GpHTO-fxJaykklEW5CwG4fRND-6_HHHWQtVBjMsnTFjoHIjPJo6tE6iE1GtTkqkN071W9GvhH8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417949&pi=t.ma~as.6208660382&w=300&lmt=1669172092&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1669172092258&bpp=4&bdt=728&idt=555&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&cookie=ID%3Df966468c1f21bd2a-22b3fecf76d700fd%3AT%3D1669172092%3ART%3D1669172092%3AS%3DALNI_MbxLjDH9BsH-ncOtlGFqPmHIHUxvQ&gpic=UID%3D00000b86211eed53%3AT%3D1669172092%3ART%3D1669172092%3AS%3DALNI_MaxgCLLG6BrkRDm3aXhGq6BAbnv-Q&correlator=4639092018766&frm=23&ife=5&pv=1&ga_vid=1022265231.1669172090&ga_sid=1669172090&ga_hid=663377632&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=910&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44777506%2C31070968%2C44770881&oid=2&pvsid=2843744206474669&tmod=1440526577&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.6ul7w0abq8ea&fsb=1&dtd=572
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417949&pi=t.ma~as.6208660382&w=300&lmt=1669172092&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1669172092258&bpp=4&bdt=728&idt=555&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&cookie=ID%3Df966468c1f21bd2a-22b3fecf76d700fd%3AT%3D1669172092%3ART%3D1669172092%3AS%3DALNI_MbxLjDH9BsH-ncOtlGFqPmHIHUxvQ&gpic=UID%3D00000b86211eed53%3AT%3D1669172092%3ART%3D1669172092%3AS%3DALNI_MaxgCLLG6BrkRDm3aXhGq6BAbnv-Q&correlator=4639092018766&frm=23&ife=5&pv=1&ga_vid=1022265231.1669172090&ga_sid=1669172090&ga_hid=663377632&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=910&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44777506%2C31070968%2C44770881&oid=2&pvsid=2843744206474669&tmod=1440526577&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.6ul7w0abq8ea&fsb=1&dtd=572
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 02:54:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame D456 		15 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CXBlqO3C5O2q_3hGNQkf7ZmXGa9jCYoB2JUnSEFUXJqrl0APyrbgTUGvmYaGW9Vqo_4BVhYvUcEOZwnRQrVmDbjnPTB07LGOaxz0jRvVqdn6ETsMzUJTaYS7yjoonEkaO0_sTIKL9NgsMZVAiWGjQlttjt8BKH0BPKPZhTWhfcySTq9xU&cry=1&dbm_d=AKAmf-Ca-chkqg17yAYN5CWKiB83ChB8dr65scCElkwoMoRxDpxLt-I_H8gyC4os8bmukfgSTR-Pt9NLURupHRlVAcdZ6cnvNJrBXimWtYnnH56WGESPo8Jvp8Za2MJyIOdv2Cy3aHIlrp38JfemBkqkPdTaNxdcWBHrcG8hwe0hV4PLoM7kSe-o3oNmf65vo50rNvSB7BYI-6pRo3gFlJDWt0OFHDv4HDdHEmnq2uyfvtukQNU4Bgtc_TLMbAah-2DxQ1gC-rD9f1RNjv9QiQC6Zeh4tnhwYhIsNpNJNGU9CUseg6N6EqIrz6Ox0ARcXkFw1h1mLePSXyIZ_HuM-yrlwor5nz0HeYM41VbkDqksUFBX4MDhd5aWUv0VRLwMiU0aBlqJs9Kqko4mkpJl3z8wmGCbO3Qqc_9Ev4HYkXZAQyS6EgdKkHHtX_it1qlFXgyrG0CASnKLctWbLD21E7kfhX3xqsv8WZLvXLn2gqQd46te2qvkmwxEHYq-VT2-53rcM07p28wsqWJyJw5DWtSt-lSRYqgK9WzzfAhTJ449trLnH8yV2b6MUQCukIn_0-7NWlIwijFDwH3YTXLN3ZXYkqVCYUGRNIAnybqGSTv2TtKmR-dA8SL7NMUtOfhdK6UhRWDFY5F7OXnkMdAtyr8UAQ7Mtqigf6POj8Iz-_QmIBQkQ13aPYrsP_7AAkn5C5yzkh5mFggy4u1v2YumjcfVcXVAxOn_LkO5aD-qfMg9vioGZiFiHJg2kwKgPwJqx3LvzJh_OiG-6QrcqfKnhB9PcgAvZ48egBkFpsFUs4SfLpzmFcumT4oX0ih712sKf6GjZUW-LbR5tnS4RUFbnrE0Pa30CDzrwB0zb2-e_7Yb0STVejkyLCBbwquxN8m6bli5BnyC4q3dwDbEn2p53tfUE679eeQJEx9o-mJpT5Xi3OKbe7L34XV-HKR_o5ZjGmMHYYxHE1GlOq_tu2UtP3SewU7YmbQbKt38XpQoWE-YQtOMHyF-GeJ4KxeotETAo8BOlogv83-E5rxI7gkw29NH9Ou9m_CHpbhSsrYcQpm0T0CKK07CF6nD0DC0rst1AnmuZto1xHl4T9JpRkgs8QOpVvPQq1NvK8TaQkZTRu5HQE8aLycSujFYrWrW82fBL7OkW6Jq5fD_stTT5_uuR2_dxQebmvfTH2n5uQTdBK_33BqOG9F3sy_ZnKyilXnUnEOa1RZHaZh66GUukqBZqNuMrmW4M5HzrFH-c9Vn56rjj9QUsiRYIpkzaNcYm52XroT8uCoyXgQ0RLz9adDn5GmiJ_eBJox_V9II1i8NWYy7VswrpDCkM16yP-3tppm60rf-srkkQkElUf4kZqbIgvUWnoPhrBMlMoMYKIj9gV-Am5vcK2XOgQgFgOR6x9lzkHj46qNjfAAQ7Atu2GVuXmTtOMdmsvyy1sVvOPU5HMuXHEXuDKNHVhB7MyQBWieqWCNJurx9JMMmduAAoLM3cKUYWXOo3ZXeaqrxz-UC5GWxtiQVXFQ7vbzj2PsvELqqV_GthnrrHLkQT3TdIf75LRB6EvEK0wS7lvKonDFwpgzn_NTAgVPlOPWNJaDRXFtUJgQgtNw7wBndWcyGlSsk2_sAazPBbjLVm6YMehrAfYfAXs2BoIVq33jTcAoNUutrtUJYSZvF1cAv_QvXAhciZvP9b9w69vNTs7GtRGQ4BGkUVCfPQZLPpMA4FGpfBjL1pumHMTti76bu1Z-wbICU9yZoVXxWBKPgkkRFb1PxqLvYx_6-NHBspnMeKpM8xJ5aqMuUBDPmd8sIe3xzXdHOhvfTG611Z0YRe_2qpjzg2EnTYbYvyOmxlD2aZGv0Ut9m1IXd7feWHjxgvXcPS5yaR_ZnMfXEcJhUI0d1fEQgCMNAgEonYiynEbaxbqWNcGoW2Pzprvuf6KRj1cJUnI979vosaHtg8SAj2NW3vMWAlI063yXZrXwKAxxeiV9lYtyPT0fvf_0fbi3KV3Jo3ZaniN3NzOtcReXw4bcPKEUqLHN_gptIdRkllE7Glhw3g_LplMGk3x38N6mJ70gKXnwp-rPWO1HNsN_mgCYES5cxqEsyvc-zye6K2ykHTag0YKiV2vrqDh7klHtmzWP_bQzdGozVujdlKUkGezmyROONHSD5CyClt8SObtvRZukBSaRkhD9AJ_Amp8HpTVBxiowRRbLrV0vPaYq6gGmz4nOwD_NheBjsnlGftIrREE3D-BGPV3s9dvLjqanIf382x8rpVMLrPp2GwsQt43Q1oMU300wZnpFTFfJQUHhVDqkLtoqOCZtZBaCyUQM32FLhEZTbhQx9GsrOjyrpoY9g-Tf3qBvUzsM72K66NfjMyg2xRwX72YgSltNZN3KfNmVARRg00y0htsb-EX9VbS-zuDLqzRRQTbcIZmc9H0hpS23ASJhlFuVuq-HbyOxF3A-_jcrw14UkO42BrA0BR7y3gXtliuBSRKOtcNHDhTgIV1kwrWlg6T2O-RhkHdi5wWEXVUo6-NNuUAx1jNAvP3evB2WfS2LwPxFApOvsR1zazmfTNE4BcaPk0q62bFLc1Y4osPJeCiRM2SJ8MRh76_R1ZmR4TkTfKPpKuXqRTbL6hI78o0kAL_-vx5_ShoxcOzLC2VXSZfiJNHPduhZ25fxy8MaDuvgRqtzuhvnI-BJA4nHX66nCFTD5dZBvYoNa7-FJw8WCPzzIrq0lbphHkr8n0Rf_i1ZdtSQpsm8E-TUBq6D8ZlVBpjhvY-xHi4pTCC5H9M4O0jMmbGPW2_ry6g466N0fQdWwByFHoDjoCrkOZJBWwvxJza83IAU3hGTh&cid=CAQSPADq26N90Rgt0PB0E41A8QMkwOj86FapGqosC4U7X1YJJqHDBT9FVuu7_IcGWZ5Ycfz3X4NN8vA68fFkvxgBIBM&rfl=2%2Chttp%253A%252F%252Fzdorovia.com.ua%242%2Chttp%253A%252F%252Fzdorovia.com.ua%252F%240
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417949&pi=t.ma~as.6208660382&w=300&lmt=1669172092&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1669172092258&bpp=4&bdt=728&idt=555&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&cookie=ID%3Df966468c1f21bd2a-22b3fecf76d700fd%3AT%3D1669172092%3ART%3D1669172092%3AS%3DALNI_MbxLjDH9BsH-ncOtlGFqPmHIHUxvQ&gpic=UID%3D00000b86211eed53%3AT%3D1669172092%3ART%3D1669172092%3AS%3DALNI_MaxgCLLG6BrkRDm3aXhGq6BAbnv-Q&correlator=4639092018766&frm=23&ife=5&pv=1&ga_vid=1022265231.1669172090&ga_sid=1669172090&ga_hid=663377632&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=910&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44777506%2C31070968%2C44770881&oid=2&pvsid=2843744206474669&tmod=1440526577&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.6ul7w0abq8ea&fsb=1&dtd=572
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
21d42027e662e530d67da764511f5675ae5810052db05e329445f039dc835849
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417949&pi=t.ma~as.6208660382&w=300&lmt=1669172092&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1669172092258&bpp=4&bdt=728&idt=555&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&cookie=ID%3Df966468c1f21bd2a-22b3fecf76d700fd%3AT%3D1669172092%3ART%3D1669172092%3AS%3DALNI_MbxLjDH9BsH-ncOtlGFqPmHIHUxvQ&gpic=UID%3D00000b86211eed53%3AT%3D1669172092%3ART%3D1669172092%3AS%3DALNI_MaxgCLLG6BrkRDm3aXhGq6BAbnv-Q&correlator=4639092018766&frm=23&ife=5&pv=1&ga_vid=1022265231.1669172090&ga_sid=1669172090&ga_hid=663377632&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=910&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44777506%2C31070968%2C44770881&oid=2&pvsid=2843744206474669&tmod=1440526577&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.6ul7w0abq8ea&fsb=1&dtd=572
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:54:53 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11344
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame B893 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221110&jk=1336550878665547&rc=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
adj
bid.g.doubleclick.net/xbbe/creative/ Frame ADBF 		70 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWE_2IoJBVX18ApNzkza4qb09D_agtQ_XCfJponayjbAnDMIi8&d=CokBAKAmf-AM7fb5G70dpSJebuf1tdzKY0clLseYU_5PtHwM68h60todJbmK5NXMn6ozXw5zklRpX5Mq1Qg97FnMqDWkHh6vVbrlSVuMdsALeitbAG6wVNHb665scm7641cK4bTDViksQ4eAtMrTX00kb738itlLudOW1LHY4nUI9MBUS4TUJF9gghgSyRQAoCZ_4FyhB4TdpkObijz49zRnzGBSZmz-ObJbooM3jxoC4t9AgSxs8SIf3u-VK0QJQQQJZCPNGmM_MhbtsD0sin-PU5PJ-HyLM-lL0NMwssOfXAvpADCaBJdX46S1hntiswkc3pLC567yZc4ItTFfvPRyCnkNYT5pYY19Mj_HZhAVcQivQxsKiVhKm2SI1rao3KwTk5V6qh3HUYgArIj_4Cf3kpolIGNv8m8oABCBrA61ciLu6uxBgAC94Cj8dVjIySBlmQRlzvafjtmPtyrfQDP9o7w0a2uU17xA4Lh3mdKHL9bxgh1P4NbElu6UHF16UH2qnSSiCnSi-rjS_NR2uoYx6jowo2JQ8-dfkiLiG9izlE7Z8XenRXo6KclOtvDjzmx5HjpSBGAlUat1sIbnIM-FA8Rz6VGuGGTjaOArE0mKhAqj3Xc9epgkMAxs5nKU6ip6AUFQ0cPvph3MRqjQNYM8nwPT-IrSyaQt6L-PIUoXucLtoBLMlR6XhRa2o9qlG2Y0Aw7S9rkSuHtmyTun5YvVHH-hiEmzHCBeYZPaO4kiFnn6X8A9wbnKICNkENugR8DY1_V2wQijelikB_MpLGjvXfJ_slvEI_EXksgMLUSzC54MLq_fJdhnTdEfrJjYOdxQDqn0HDMMx3A8VsomWFzxNpKOM_MCFC21tEXZE3PL17NHdLZcwxeHX0gW43A2Nlg0U-pMyN0tZtDhkFiZVvBViqb-E7Hb3o__9me63tU8_1RMF0iDGCLS5m7-skZ9w5loP8hEjeUdG9pkvVvxWPiAyBRr4s-YBlgZOeeZGNO3oLqM4LORVmhtVu-xnjZ_YDFqsvAUCDtZ1cDhst43UmfM7EJyhWEwAz_pmQMJA7wbOGXQ30FEE0uvUDv5BGpGrmDbi5jF99aayiV_9N-_4hvm-53AGaRS4xLuFw3--R06ZFotvo0WmL-Cnyqu880tNHDYxX0TKlbZYtW3Fxn-Ge7IWp2YMNYcmax-3RcIAJDL9Z0xj3k4zg_PMc4-Dd8-8mSWDV9i0zXdkPooXOP3C6ORhjeoWKeKnlKanVB8BAtSxL2iiG5N5uZqGdRw4ASSDXDManvkvERfl_ZfHNDH23-jAEc38iOzOgDY-1XToOVhGnm7uHRCdP9hyBw1peJS4ZrFDMDNESvJst_Gb2SfwxSIvPFNRj-peiauqlMj31IAV1IALPvk1uESJFxCHfOawjdoamKyuCiPPwO1dzZEib6N60AHVXCcFjYZRGf_7RLNaibeKbyEhZvmPCfaPaUvLrCuwk9tmrDmRMlyKMj68TQZetcBSdmqXdM6LR1F_ct6af7puWstrRYNmJIGPnEbd4niz_kJqV8XC0NMqMeNkMaylCr5QzQ3YaVqbWt7BN039dZRN1G16BSI0VXtXBs1EnV3Zrg_1eH-B0NbNyujAAvzmqD_vdnAE6OpXOCysard_XSYZWJMhVvN5_YnbUfhmYUFvOuVhYL8KYlyKd4jE9bsn0Fmx1T_-hTofbvfB7J8V6r5Wp2TWaCC44I6k3L6fcvfybTy58lDkX292SfO3dWmSS1YtT1tVC2os1WXiK02DGiiMfgLYOKwp79D_-Mg1i0oVzwbc_xsvcYq8UoHhx53d0SNe0bYj_etD66-0TX_rb_lyZj_ZpMOXF6TxYHCZdC73LOqO68cmrMS3mxxyGwkRGErJeQ4N4ckQ2zgZFRuyChR2esI_AvaoWqqoKbJvf81dI9qAtZAbPgxDJR2EVGOJm-9dI_QFkqzU1EuWHkYC0BFsN1TDRGhLUoooopEIkKZdpUMade--pGLvUYz0BgWe4Ee2imFS7zPWpUa61RFErRL4IBiBPNKY34I2WFX2SKROqn4EMAEX29z8hH1L-KsL4OYdyxbocUhPe4XDBr6NuxH-3Pa3smT5_VSU398zYdmHaDpS-1OOhPuqq4kL24MpES0RMSOUfDiaeuPOyRVw72AwpmCaL5ErLjTQ9nePxDQ7HzI1I0Gy19iMqe8stE6jUa1uOzxufEMeibkXrNHJ_rcZ2BvzFRY1KuXUhHHnURHrL5bOY82__h6V9YfnOeZ9a-PSQ9WXPM6BsQp571UCUDzccVMRkuS7orzlv5tfG7V7iyJ0Ir6SFwEp9XGHjK3Ug3FafubXpzAmlErm6AUklIqCw-eJmB6n5w64naEE-QuHEaVR0X1PGOsHlK8XUJaIGvyT1xYSF0CssZ1JpnZJGLS2_Tlz0FNayxBletMTxB_rCpjaAG-N2xYT3OyyMxHnqSoDdu0aUElDX0ppfwZx6lVDB3A0HvV-C-ssrpCs3-v9_3hf6j6EwVFQrDWZot891TFIOnYyixVr_J4tZpuqcHWNWu1Ofg5pJ0X8gM7zk5n-0I-Ir0OL25achXlPLMV4i_PXfVFj0svzNBwtyLP0lWWJQfOkrKm24h1F1L9PGcRUijHl4gWPfRHys5aylDuczGWgKf09pDTkAxkAc095_w3yHYSPHZcQTqO-VZ4FEEkYzGD37iNRCQGcfGGRcWyktUEkyx1SpfOjk_T2FUqZPiBbWuH9BbwuMpf2O0QeljaUhDr8VeBVcAnBpenyTZCgb4SQt99tN9jZ5u1cG9v0Zx3kzINlZQ8Ir31fbN7M6N8-EQLa1Admdwux8KpwD0ewI4KUCNOjKDZn1lMk5uIs76gra9MoW5Ow3CAweiXL6D3DygJtLekVAHTOkF6SC_G0zbj4iXXjxmTHFrIzIZpk7zUXYumMtFyDYra2R38mdIx8vZb-MuURso1u1yvZFcEORrefRd34WW1qOtIHWHvfAbMxjDK72RH6JU5MvJBPmkfN8mgKh9EZZmS2f1G6QmNMOe_n0qhsK91zeqlq7ShFmgdOh3We72guChoCnW2tmF_e8OhWAqXMtIGb5_1FAgVXug-iS7tabngY2kjeFBFkVjYImZzayRVMK1qbi3dATnupi3ac5_x_sfXHXlyfxYR7hjJIsj4gPAnuCWazidVe3s2lI6oti8BH0uaVx6ykVK7E5WuG7aXSc_3mELAFj3quOOCqQ7ZVoGyrQKdQJIewGbCXl4cQKHCMkLl61snEciVpcEs1L-pYX3m73CQE1dcG6UWfh56ykYrPf0vMlSjG_CGW4NLmquiAH4qNbiZ-HXN11q47oM71c5nOfeEyIfSxl0LWLqB801ZikChmuzyhlwTp7eo4MZ04YTCF6-FKBii1QjdsUxHUWyU7EPufvs8SfsW3c5A5Ts0XZNiERMnw34PpQ8FbXGWzcAcELBAwe3Vz5CE0gee1tQwZkuCz5SZElhlEKmoLJ2hEc7_SyoMFXyI6jTyOxHU9wbkgOmgGSfc9EWCylUJb92M5UDqa9JYLK3mvVuzvPDDoQCc6K30SF5asI9vPAWG3nNJiR4p4JPaxVLq7TqECmJQcefc6KuZqw_uWwR3SRe4bWR4HfH04h_zM9zPdShNuY_8T-i7-0umnTuINt_q15reDMJ42LrBg61AJYyDc8PXFa_KUuT5lieBpVX0uBoxCAQSKQDq26N9Ni3m6SfWZCrN2pNHMSnUFYGEMZgQpZyMd6cbEvdLBzeDBAjDGAEgE2AB
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal113.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.76.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ws-in-f157.1e100.net
Software
cafe /
Resource Hash
e74616fef38e60a9cefcbd0e69dbcb68d416fd13a51c2f9720c5c31ab83bd69f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:54:53 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23809
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
if
a4p.adpartner.pro/tracker/ Frame 4246 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522b396dead-d407-4521-bd1c-20b0ee5894fe%2522%252C%2522event%2522%253A%2522load%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2085828%252C%2522rule_id%2522%253A184323%252C%2522show_id%2522%253A%25222d0adcf5-3781-4e0a-a8ea-0d58b78b519e%2522%257D%255D%252C%2522unit_id%2522%253A7434%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%25222d0adcf5-3781-4e0a-a8ea-0d58b78b519e%2522%252C%2522url%2522%253A%2522http%253A%252F%252Fzdorovia.com.ua%252F%2522%257D
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate no-store no-transform
content-length
0
content-type
image/gif
date
Wed, 23 Nov 2022 02:54:53 GMT
expires
0
pragma
no-cache
server
nginx
if
a4p.adpartner.pro/tracker/ Frame 1850 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522b396dead-d407-4521-bd1c-20b0ee5894fe%2522%252C%2522event%2522%253A%2522show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2085828%252C%2522rule_id%2522%253A184323%252C%2522show_id%2522%253A%25222d0adcf5-3781-4e0a-a8ea-0d58b78b519e%2522%257D%255D%252C%2522unit_id%2522%253A7434%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%25222d0adcf5-3781-4e0a-a8ea-0d58b78b519e%2522%252C%2522url%2522%253A%2522http%253A%252F%252Fzdorovia.com.ua%252F%2522%257D
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate no-store no-transform
content-length
0
content-type
image/gif
date
Wed, 23 Nov 2022 02:54:53 GMT
expires
0
pragma
no-cache
server
nginx
api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
pagead2.googlesyndication.com/bg/ Frame 99D7 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 00:22:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9155
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 23 Nov 2023 00:22:18 GMT
api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
pagead2.googlesyndication.com/bg/ Frame F2E6 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 00:22:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9155
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 23 Nov 2023 00:22:18 GMT
mouse-01.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/871407110805838366/ Frame F2E6 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/871407110805838366/mouse-01.png
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bcf90fe8f18479b8d6b29b13ff4e20049625c79d173f91397beaf3cbf77894b5
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Sun, 20 Nov 2022 03:58:39 GMT
x-content-type-options
nosniff
age
255374
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1439
x-xss-protection
0
last-modified
Wed, 17 Jan 2018 10:47:59 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 20 Nov 2023 03:58:39 GMT
ACORN_LOGO.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/871407110805838366/ Frame F2E6 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/871407110805838366/ACORN_LOGO.svg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
01d3e0ef3e3f0d540a9307989f0fb7c522887b07743f7592bb532ff959e98d1b
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 21 Nov 2022 02:50:56 GMT
age
173037
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2822
x-xss-protection
0
last-modified
Wed, 17 Jan 2018 10:47:59 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 21 Nov 2023 02:50:56 GMT
ACORN-WEB-REMARKETING-NUMBER-TICKER_02.gif
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/871407110805838366/ Frame F2E6 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/871407110805838366/ACORN-WEB-REMARKETING-NUMBER-TICKER_02.gif
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac21479523f870f1d11d82e5f218409ec04e6f8afed07debb0ec9f1da3a18d7c
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Wed, 23 Nov 2022 00:33:29 GMT
x-content-type-options
nosniff
age
8484
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27478
x-xss-protection
0
last-modified
Wed, 17 Jan 2018 10:47:59 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 23 Nov 2023 00:33:29 GMT
ptrack
a.audrte.com/ Frame 7CDE 		368 B
900 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptrack?arlocation=217.138.196.100&p=M1353665098&artime=2022-11-23T02:54:53.615Z&arlocation=YWRzLnVzLmUtcGxhbm5pbmcubmV0L3VzcGQvMT9kdT1odHRwcyUzQSUyRiUyRnN5bmMuYWR0ZWxsaWdlbnQuY29tJTJGY3N5bmMlM0Z0JTNEYSUyNmVwJTNEMzA3OTcxJTI2ZXh0dWlkJTNEJTI0VUlE&gdpr=0&gdpr_consent=null&gdpr_version=1&arreferer=cy5hZHRlbGxpZ2VudC5jb20v
Requested by
Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.183.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-183-146.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
b2fe93272131aeb06507915b3113a1e5d109fc2415ddc20bf1b63f2d8633b9e0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:53 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
https://ads.us.e-planning.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
264
optimus_rules.json
tags.crwdcntrl.net/lt/c/15238/ Frame 7CDE 		155 B
642 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-97.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 22 Nov 2022 19:00:23 GMT
via
1.1 7e513424eee237ee26467e8fd5656ec0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
age
28472
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
155
last-modified
Mon, 21 Nov 2022 18:31:37 GMT
server
AmazonS3
etag
"1a1722e9cedbdc8af0dcd3345e46c73a"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age: 86400
accept-ranges
bytes
x-amz-cf-id
RDlc8PmqOS__0VO7VNBoHf-1JFji67qp9vhmzMu-nxNUlKcEWo4ZDg==
data
bcp.crwdcntrl.net/6/ Frame 9408 		60 B
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.35.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-35-234.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
72c7b409ca6e1844919949e7acfc6cde000cf7d88c0d162de77a5429f66a22db

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:54:53 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://ads.us.e-planning.net
cache-control
no-cache
x-server
10.45.20.167
access-control-allow-credentials
true
content-length
60
expires
0
api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
pagead2.googlesyndication.com/bg/ Frame 233A 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 00:22:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9155
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 23 Nov 2023 00:22:18 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 125B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221110&jk=2843744206474669&rc=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 3D91 		99 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: file.adpartner.pro
URL: https://file.adpartner.pro/2085/2085828/zdorovia.com.ua_970x250_ruslan1.html?adId=2085828&unitId=7434&link=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F7434%2F2085828%2F2d0adcf5-3781-4e0a-a8ea-0d58b78b519e%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjY5MTcyMDkzLCJzaG93X2lkIjoiMmQwYWRjZjUtMzc4MS00ZTBhLWE4ZWEtMGQ1OGI3OGI1MTllIiwiYWRfdW5pdF9pZCI6NzQzNCwicnVsZV9pZCI6MTg0MzIzLCJhZF9pZCI6MjA4NTgyOCwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYjM5NmRlYWQtZDQwNy00NTIxLWJkMWMtMjBiMGVlNTg5NGZlIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%3D%3D%26hash%3Dec5eb7b6e0a59949d2ac1f550d71d351&showId=2d0adcf5-3781-4e0a-a8ea-0d58b78b519e&apuid=b396dead-d407-4521-bd1c-20b0ee5894fe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c5d4259a9a1c294c7bb439cf797c81be723d972dbd1f649f9da9b53694a558f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34253
x-xss-protection
0
server
cafe
etag
17381630583514149779
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 23 Nov 2022 02:54:53 GMT
sd
us-u.openx.net/w/1.0/ Frame D12E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELX4QUZfew-Q0n8Ii6u6-AM&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELX4QUZfew-Q0n8Ii6u6-AM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjepwIQlvvE0AIY0_WwzQEwAQ&v=APEucNUH9Y5vyeGNeR8jJ-6QWjDOdPVpp6pqa2zf4QfUq-SXAX-EEJgP62x4g4P4vQwtMwcTM9mLsmloxcH8KpQ7Kd5feuhazGB2bqEluLMf9GpHTO-fxJaykklEW5CwG4fRND-6_HHHWQtVBjMsnTFjoHIjPJo6tE6iE1GtTkqkN071W9GvhH8
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:54:53 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:54:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELX4QUZfew-Q0n8Ii6u6-AM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame D12E 		43 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjepwIQlvvE0AIY0_WwzQEwAQ&v=APEucNUH9Y5vyeGNeR8jJ-6QWjDOdPVpp6pqa2zf4QfUq-SXAX-EEJgP62x4g4P4vQwtMwcTM9mLsmloxcH8KpQ7Kd5feuhazGB2bqEluLMf9GpHTO-fxJaykklEW5CwG4fRND-6_HHHWQtVBjMsnTFjoHIjPJo6tE6iE1GtTkqkN071W9GvhH8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:54:53 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame D12E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESECKdIA1QcsHGdxbzwYEe2VM&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESECKdIA1QcsHGdxbzwYEe2VM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjepwIQlvvE0AIY0_WwzQEwAQ&v=APEucNUH9Y5vyeGNeR8jJ-6QWjDOdPVpp6pqa2zf4QfUq-SXAX-EEJgP62x4g4P4vQwtMwcTM9mLsmloxcH8KpQ7Kd5feuhazGB2bqEluLMf9GpHTO-fxJaykklEW5CwG4fRND-6_HHHWQtVBjMsnTFjoHIjPJo6tE6iE1GtTkqkN071W9GvhH8
Protocol
H2
Server
23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-56.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires
Wed, 23 Nov 2022 02:54:53 GMT
pragma
no-cache
date
Wed, 23 Nov 2022 02:54:53 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.9
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:54:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESECKdIA1QcsHGdxbzwYEe2VM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame D12E 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjepwIQlvvE0AIY0_WwzQEwAQ&v=APEucNUH9Y5vyeGNeR8jJ-6QWjDOdPVpp6pqa2zf4QfUq-SXAX-EEJgP62x4g4P4vQwtMwcTM9mLsmloxcH8KpQ7Kd5feuhazGB2bqEluLMf9GpHTO-fxJaykklEW5CwG4fRND-6_HHHWQtVBjMsnTFjoHIjPJo6tE6iE1GtTkqkN071W9GvhH8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-56.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires
Wed, 23 Nov 2022 02:54:53 GMT
pragma
no-cache
date
Wed, 23 Nov 2022 02:54:53 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.9
content-length
23
content-type
image/gif
integrator.js
adservice.google.co.uk/adsid/ Frame 9470 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=file.adpartner.pro
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 9470 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=file.adpartner.pro
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame C3A1 		14 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155820289&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1669172093443&bpp=18&bdt=230&idt=219&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=1749007849656&frm=8&ife=1&pv=2&ga_vid=1427029477.1669172094&ga_sid=1669172094&ga_hid=574819294&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3846571605&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44774649%2C42531705%2C44774653%2C44777506%2C31070763%2C44770881&oid=2&pvsid=2870033142786992&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.ai7kwka5pwwb&fsb=1&dtd=238
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6241810443b19d546e0370b5517f6e70268bfc2ebc634f6c0b2f83f581006931
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
7887
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 02:54:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
p
a.audrte.com/ Frame 9408
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=8510913750865436768
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
52.72.183.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-183-146.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:54 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Wed, 23 Nov 2022 02:54:53 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
p
a.audrte.com/ Frame 9408
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=27m1joTTsX7SV2yOh-iFTv-VQ&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=27m1joTTsX7SV2yOh-iFTv-VQ&gdpr=0&gdpr_consent=&google_gid=CAESEFX3m4Qoj4vZ4RlTWtcoaW0&google_cver=1
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
52.72.183.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-183-146.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:54 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Wed, 23 Nov 2022 02:54:53 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
pixel
ps.eyeota.net/ Frame 9408 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=27m1joTTsX7SV2yOh-iFTv-VQ&gdpr=0&gdpr_consent=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.125.70.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-70-222.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:53 GMT
Content-Length
1241
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
pagead2.googlesyndication.com/bg/ Frame 3A62 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 00:22:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9155
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 23 Nov 2023 00:22:18 GMT
generate_204
tpc.googlesyndication.com/ Frame 55BE 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?4wT5iw
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:53 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
data
bcp.crwdcntrl.net/6/ Frame 7CDE 		60 B
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.35.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-35-234.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
fd658331ab7602d68bed82df63548665d24a638e948e141cdf3baad7bdbf0cb0

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:54:53 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://ads.us.e-planning.net
cache-control
no-cache
x-server
10.45.9.131
access-control-allow-credentials
true
content-length
60
expires
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame D456 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CXBlqO3C5O2q_3hGNQkf7ZmXGa9jCYoB2JUnSEFUXJqrl0APyrbgTUGvmYaGW9Vqo_4BVhYvUcEOZwnRQrVmDbjnPTB07LGOaxz0jRvVqdn6ETsMzUJTaYS7yjoonEkaO0_sTIKL9NgsMZVAiWGjQlttjt8BKH0BPKPZhTWhfcySTq9xU&cry=1&dbm_d=AKAmf-Ca-chkqg17yAYN5CWKiB83ChB8dr65scCElkwoMoRxDpxLt-I_H8gyC4os8bmukfgSTR-Pt9NLURupHRlVAcdZ6cnvNJrBXimWtYnnH56WGESPo8Jvp8Za2MJyIOdv2Cy3aHIlrp38JfemBkqkPdTaNxdcWBHrcG8hwe0hV4PLoM7kSe-o3oNmf65vo50rNvSB7BYI-6pRo3gFlJDWt0OFHDv4HDdHEmnq2uyfvtukQNU4Bgtc_TLMbAah-2DxQ1gC-rD9f1RNjv9QiQC6Zeh4tnhwYhIsNpNJNGU9CUseg6N6EqIrz6Ox0ARcXkFw1h1mLePSXyIZ_HuM-yrlwor5nz0HeYM41VbkDqksUFBX4MDhd5aWUv0VRLwMiU0aBlqJs9Kqko4mkpJl3z8wmGCbO3Qqc_9Ev4HYkXZAQyS6EgdKkHHtX_it1qlFXgyrG0CASnKLctWbLD21E7kfhX3xqsv8WZLvXLn2gqQd46te2qvkmwxEHYq-VT2-53rcM07p28wsqWJyJw5DWtSt-lSRYqgK9WzzfAhTJ449trLnH8yV2b6MUQCukIn_0-7NWlIwijFDwH3YTXLN3ZXYkqVCYUGRNIAnybqGSTv2TtKmR-dA8SL7NMUtOfhdK6UhRWDFY5F7OXnkMdAtyr8UAQ7Mtqigf6POj8Iz-_QmIBQkQ13aPYrsP_7AAkn5C5yzkh5mFggy4u1v2YumjcfVcXVAxOn_LkO5aD-qfMg9vioGZiFiHJg2kwKgPwJqx3LvzJh_OiG-6QrcqfKnhB9PcgAvZ48egBkFpsFUs4SfLpzmFcumT4oX0ih712sKf6GjZUW-LbR5tnS4RUFbnrE0Pa30CDzrwB0zb2-e_7Yb0STVejkyLCBbwquxN8m6bli5BnyC4q3dwDbEn2p53tfUE679eeQJEx9o-mJpT5Xi3OKbe7L34XV-HKR_o5ZjGmMHYYxHE1GlOq_tu2UtP3SewU7YmbQbKt38XpQoWE-YQtOMHyF-GeJ4KxeotETAo8BOlogv83-E5rxI7gkw29NH9Ou9m_CHpbhSsrYcQpm0T0CKK07CF6nD0DC0rst1AnmuZto1xHl4T9JpRkgs8QOpVvPQq1NvK8TaQkZTRu5HQE8aLycSujFYrWrW82fBL7OkW6Jq5fD_stTT5_uuR2_dxQebmvfTH2n5uQTdBK_33BqOG9F3sy_ZnKyilXnUnEOa1RZHaZh66GUukqBZqNuMrmW4M5HzrFH-c9Vn56rjj9QUsiRYIpkzaNcYm52XroT8uCoyXgQ0RLz9adDn5GmiJ_eBJox_V9II1i8NWYy7VswrpDCkM16yP-3tppm60rf-srkkQkElUf4kZqbIgvUWnoPhrBMlMoMYKIj9gV-Am5vcK2XOgQgFgOR6x9lzkHj46qNjfAAQ7Atu2GVuXmTtOMdmsvyy1sVvOPU5HMuXHEXuDKNHVhB7MyQBWieqWCNJurx9JMMmduAAoLM3cKUYWXOo3ZXeaqrxz-UC5GWxtiQVXFQ7vbzj2PsvELqqV_GthnrrHLkQT3TdIf75LRB6EvEK0wS7lvKonDFwpgzn_NTAgVPlOPWNJaDRXFtUJgQgtNw7wBndWcyGlSsk2_sAazPBbjLVm6YMehrAfYfAXs2BoIVq33jTcAoNUutrtUJYSZvF1cAv_QvXAhciZvP9b9w69vNTs7GtRGQ4BGkUVCfPQZLPpMA4FGpfBjL1pumHMTti76bu1Z-wbICU9yZoVXxWBKPgkkRFb1PxqLvYx_6-NHBspnMeKpM8xJ5aqMuUBDPmd8sIe3xzXdHOhvfTG611Z0YRe_2qpjzg2EnTYbYvyOmxlD2aZGv0Ut9m1IXd7feWHjxgvXcPS5yaR_ZnMfXEcJhUI0d1fEQgCMNAgEonYiynEbaxbqWNcGoW2Pzprvuf6KRj1cJUnI979vosaHtg8SAj2NW3vMWAlI063yXZrXwKAxxeiV9lYtyPT0fvf_0fbi3KV3Jo3ZaniN3NzOtcReXw4bcPKEUqLHN_gptIdRkllE7Glhw3g_LplMGk3x38N6mJ70gKXnwp-rPWO1HNsN_mgCYES5cxqEsyvc-zye6K2ykHTag0YKiV2vrqDh7klHtmzWP_bQzdGozVujdlKUkGezmyROONHSD5CyClt8SObtvRZukBSaRkhD9AJ_Amp8HpTVBxiowRRbLrV0vPaYq6gGmz4nOwD_NheBjsnlGftIrREE3D-BGPV3s9dvLjqanIf382x8rpVMLrPp2GwsQt43Q1oMU300wZnpFTFfJQUHhVDqkLtoqOCZtZBaCyUQM32FLhEZTbhQx9GsrOjyrpoY9g-Tf3qBvUzsM72K66NfjMyg2xRwX72YgSltNZN3KfNmVARRg00y0htsb-EX9VbS-zuDLqzRRQTbcIZmc9H0hpS23ASJhlFuVuq-HbyOxF3A-_jcrw14UkO42BrA0BR7y3gXtliuBSRKOtcNHDhTgIV1kwrWlg6T2O-RhkHdi5wWEXVUo6-NNuUAx1jNAvP3evB2WfS2LwPxFApOvsR1zazmfTNE4BcaPk0q62bFLc1Y4osPJeCiRM2SJ8MRh76_R1ZmR4TkTfKPpKuXqRTbL6hI78o0kAL_-vx5_ShoxcOzLC2VXSZfiJNHPduhZ25fxy8MaDuvgRqtzuhvnI-BJA4nHX66nCFTD5dZBvYoNa7-FJw8WCPzzIrq0lbphHkr8n0Rf_i1ZdtSQpsm8E-TUBq6D8ZlVBpjhvY-xHi4pTCC5H9M4O0jMmbGPW2_ry6g466N0fQdWwByFHoDjoCrkOZJBWwvxJza83IAU3hGTh&cid=CAQSPADq26N90Rgt0PB0E41A8QMkwOj86FapGqosC4U7X1YJJqHDBT9FVuu7_IcGWZ5Ycfz3X4NN8vA68fFkvxgBIBM&rfl=2%2Chttp%253A%252F%252Fzdorovia.com.ua%242%2Chttp%253A%252F%252Fzdorovia.com.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 12:06:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
398893
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Nov 2023 12:06:40 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 63E7 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssOWARixBwqPUnB7vT9QYeQV5ObfKr9-uY5KgipKOtBLBXlOfmIDVABDF3S6Ej2nDz0z3QnUnOGZHHxQ05kb1ORpjhuixFxybHfenyeApiokrmrjFYqAjIgSd_Bbgt7jsG-Rj8GHA&sai=AMfl-YQIcbzRPxwo3j7e7ajWdoEXepyGjAsFyDPPP_pmcjxy1ON1FdQslZP0ecdsyUPKPgow18DWE6XGqeVEz5WZO-w-Kzj-dgOl0KertQ&sig=Cg0ArKJSzF1_IqXw93SJEAE&cid=CAQSKQDq26N9kaJxeZfOnEz2QRIuTezXiw_0a3WtH2nbdHoFFFJkS-71ojpcGAEgEw&id=lidar2&mcvt=1060&p=0,0,600,160&mtos=1060,1060,1060,1060,1060&tos=1060,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1974494150&rs=2&la=0&cr=0&vs=4&r=v&rst=1669172091410&rpt=1250&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:54:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
ps.eyeota.net/ Frame 7CDE 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=27m1joTTsX7SV2yOh-iFTv-VQ&gdpr=0&gdpr_consent=
Requested by
Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.125.70.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-70-222.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:54 GMT
Content-Length
1241
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
p
a.audrte.com/ Frame 7CDE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=27m1joTTsX7SV2yOh-iFTv-VQ&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=27m1joTTsX7SV2yOh-iFTv-VQ&gdpr=0&gdpr_consent=&google_gid=CAESEFX3m4Qoj4vZ4RlTWtcoaW0&google_cver=1
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
52.72.183.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-183-146.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:54 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Wed, 23 Nov 2022 02:54:54 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
p
a.audrte.com/ Frame 7CDE
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=8510913750865436768
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
52.72.183.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-183-146.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:54 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Wed, 23 Nov 2022 02:54:54 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/ Frame 3D91 		355 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0de25efd930b02fd449159ebccd63c0bca2558b7812d8f66a7e24c7c79bb1d46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119606
x-xss-protection
0
server
cafe
etag
16635015327770973271
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 23 Nov 2022 02:54:53 GMT
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame ADBF 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 16:47:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
36456
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 23 Nov 2022 16:47:17 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/ Frame ADBF 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/omrhp.js
Requested by
Host: bid.g.doubleclick.net
URL: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWE_2IoJBVX18ApNzkza4qb09D_agtQ_XCfJponayjbAnDMIi8&d=CokBAKAmf-AM7fb5G70dpSJebuf1tdzKY0clLseYU_5PtHwM68h60todJbmK5NXMn6ozXw5zklRpX5Mq1Qg97FnMqDWkHh6vVbrlSVuMdsALeitbAG6wVNHb665scm7641cK4bTDViksQ4eAtMrTX00kb738itlLudOW1LHY4nUI9MBUS4TUJF9gghgSyRQAoCZ_4FyhB4TdpkObijz49zRnzGBSZmz-ObJbooM3jxoC4t9AgSxs8SIf3u-VK0QJQQQJZCPNGmM_MhbtsD0sin-PU5PJ-HyLM-lL0NMwssOfXAvpADCaBJdX46S1hntiswkc3pLC567yZc4ItTFfvPRyCnkNYT5pYY19Mj_HZhAVcQivQxsKiVhKm2SI1rao3KwTk5V6qh3HUYgArIj_4Cf3kpolIGNv8m8oABCBrA61ciLu6uxBgAC94Cj8dVjIySBlmQRlzvafjtmPtyrfQDP9o7w0a2uU17xA4Lh3mdKHL9bxgh1P4NbElu6UHF16UH2qnSSiCnSi-rjS_NR2uoYx6jowo2JQ8-dfkiLiG9izlE7Z8XenRXo6KclOtvDjzmx5HjpSBGAlUat1sIbnIM-FA8Rz6VGuGGTjaOArE0mKhAqj3Xc9epgkMAxs5nKU6ip6AUFQ0cPvph3MRqjQNYM8nwPT-IrSyaQt6L-PIUoXucLtoBLMlR6XhRa2o9qlG2Y0Aw7S9rkSuHtmyTun5YvVHH-hiEmzHCBeYZPaO4kiFnn6X8A9wbnKICNkENugR8DY1_V2wQijelikB_MpLGjvXfJ_slvEI_EXksgMLUSzC54MLq_fJdhnTdEfrJjYOdxQDqn0HDMMx3A8VsomWFzxNpKOM_MCFC21tEXZE3PL17NHdLZcwxeHX0gW43A2Nlg0U-pMyN0tZtDhkFiZVvBViqb-E7Hb3o__9me63tU8_1RMF0iDGCLS5m7-skZ9w5loP8hEjeUdG9pkvVvxWPiAyBRr4s-YBlgZOeeZGNO3oLqM4LORVmhtVu-xnjZ_YDFqsvAUCDtZ1cDhst43UmfM7EJyhWEwAz_pmQMJA7wbOGXQ30FEE0uvUDv5BGpGrmDbi5jF99aayiV_9N-_4hvm-53AGaRS4xLuFw3--R06ZFotvo0WmL-Cnyqu880tNHDYxX0TKlbZYtW3Fxn-Ge7IWp2YMNYcmax-3RcIAJDL9Z0xj3k4zg_PMc4-Dd8-8mSWDV9i0zXdkPooXOP3C6ORhjeoWKeKnlKanVB8BAtSxL2iiG5N5uZqGdRw4ASSDXDManvkvERfl_ZfHNDH23-jAEc38iOzOgDY-1XToOVhGnm7uHRCdP9hyBw1peJS4ZrFDMDNESvJst_Gb2SfwxSIvPFNRj-peiauqlMj31IAV1IALPvk1uESJFxCHfOawjdoamKyuCiPPwO1dzZEib6N60AHVXCcFjYZRGf_7RLNaibeKbyEhZvmPCfaPaUvLrCuwk9tmrDmRMlyKMj68TQZetcBSdmqXdM6LR1F_ct6af7puWstrRYNmJIGPnEbd4niz_kJqV8XC0NMqMeNkMaylCr5QzQ3YaVqbWt7BN039dZRN1G16BSI0VXtXBs1EnV3Zrg_1eH-B0NbNyujAAvzmqD_vdnAE6OpXOCysard_XSYZWJMhVvN5_YnbUfhmYUFvOuVhYL8KYlyKd4jE9bsn0Fmx1T_-hTofbvfB7J8V6r5Wp2TWaCC44I6k3L6fcvfybTy58lDkX292SfO3dWmSS1YtT1tVC2os1WXiK02DGiiMfgLYOKwp79D_-Mg1i0oVzwbc_xsvcYq8UoHhx53d0SNe0bYj_etD66-0TX_rb_lyZj_ZpMOXF6TxYHCZdC73LOqO68cmrMS3mxxyGwkRGErJeQ4N4ckQ2zgZFRuyChR2esI_AvaoWqqoKbJvf81dI9qAtZAbPgxDJR2EVGOJm-9dI_QFkqzU1EuWHkYC0BFsN1TDRGhLUoooopEIkKZdpUMade--pGLvUYz0BgWe4Ee2imFS7zPWpUa61RFErRL4IBiBPNKY34I2WFX2SKROqn4EMAEX29z8hH1L-KsL4OYdyxbocUhPe4XDBr6NuxH-3Pa3smT5_VSU398zYdmHaDpS-1OOhPuqq4kL24MpES0RMSOUfDiaeuPOyRVw72AwpmCaL5ErLjTQ9nePxDQ7HzI1I0Gy19iMqe8stE6jUa1uOzxufEMeibkXrNHJ_rcZ2BvzFRY1KuXUhHHnURHrL5bOY82__h6V9YfnOeZ9a-PSQ9WXPM6BsQp571UCUDzccVMRkuS7orzlv5tfG7V7iyJ0Ir6SFwEp9XGHjK3Ug3FafubXpzAmlErm6AUklIqCw-eJmB6n5w64naEE-QuHEaVR0X1PGOsHlK8XUJaIGvyT1xYSF0CssZ1JpnZJGLS2_Tlz0FNayxBletMTxB_rCpjaAG-N2xYT3OyyMxHnqSoDdu0aUElDX0ppfwZx6lVDB3A0HvV-C-ssrpCs3-v9_3hf6j6EwVFQrDWZot891TFIOnYyixVr_J4tZpuqcHWNWu1Ofg5pJ0X8gM7zk5n-0I-Ir0OL25achXlPLMV4i_PXfVFj0svzNBwtyLP0lWWJQfOkrKm24h1F1L9PGcRUijHl4gWPfRHys5aylDuczGWgKf09pDTkAxkAc095_w3yHYSPHZcQTqO-VZ4FEEkYzGD37iNRCQGcfGGRcWyktUEkyx1SpfOjk_T2FUqZPiBbWuH9BbwuMpf2O0QeljaUhDr8VeBVcAnBpenyTZCgb4SQt99tN9jZ5u1cG9v0Zx3kzINlZQ8Ir31fbN7M6N8-EQLa1Admdwux8KpwD0ewI4KUCNOjKDZn1lMk5uIs76gra9MoW5Ow3CAweiXL6D3DygJtLekVAHTOkF6SC_G0zbj4iXXjxmTHFrIzIZpk7zUXYumMtFyDYra2R38mdIx8vZb-MuURso1u1yvZFcEORrefRd34WW1qOtIHWHvfAbMxjDK72RH6JU5MvJBPmkfN8mgKh9EZZmS2f1G6QmNMOe_n0qhsK91zeqlq7ShFmgdOh3We72guChoCnW2tmF_e8OhWAqXMtIGb5_1FAgVXug-iS7tabngY2kjeFBFkVjYImZzayRVMK1qbi3dATnupi3ac5_x_sfXHXlyfxYR7hjJIsj4gPAnuCWazidVe3s2lI6oti8BH0uaVx6ykVK7E5WuG7aXSc_3mELAFj3quOOCqQ7ZVoGyrQKdQJIewGbCXl4cQKHCMkLl61snEciVpcEs1L-pYX3m73CQE1dcG6UWfh56ykYrPf0vMlSjG_CGW4NLmquiAH4qNbiZ-HXN11q47oM71c5nOfeEyIfSxl0LWLqB801ZikChmuzyhlwTp7eo4MZ04YTCF6-FKBii1QjdsUxHUWyU7EPufvs8SfsW3c5A5Ts0XZNiERMnw34PpQ8FbXGWzcAcELBAwe3Vz5CE0gee1tQwZkuCz5SZElhlEKmoLJ2hEc7_SyoMFXyI6jTyOxHU9wbkgOmgGSfc9EWCylUJb92M5UDqa9JYLK3mvVuzvPDDoQCc6K30SF5asI9vPAWG3nNJiR4p4JPaxVLq7TqECmJQcefc6KuZqw_uWwR3SRe4bWR4HfH04h_zM9zPdShNuY_8T-i7-0umnTuINt_q15reDMJ42LrBg61AJYyDc8PXFa_KUuT5lieBpVX0uBoxCAQSKQDq26N9Ni3m6SfWZCrN2pNHMSnUFYGEMZgQpZyMd6cbEvdLBzeDBAjDGAEgE2AB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 21:16:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
20293
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Dec 2022 21:16:40 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame ADBF 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite.js
Requested by
Host: bid.g.doubleclick.net
URL: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWE_2IoJBVX18ApNzkza4qb09D_agtQ_XCfJponayjbAnDMIi8&d=CokBAKAmf-AM7fb5G70dpSJebuf1tdzKY0clLseYU_5PtHwM68h60todJbmK5NXMn6ozXw5zklRpX5Mq1Qg97FnMqDWkHh6vVbrlSVuMdsALeitbAG6wVNHb665scm7641cK4bTDViksQ4eAtMrTX00kb738itlLudOW1LHY4nUI9MBUS4TUJF9gghgSyRQAoCZ_4FyhB4TdpkObijz49zRnzGBSZmz-ObJbooM3jxoC4t9AgSxs8SIf3u-VK0QJQQQJZCPNGmM_MhbtsD0sin-PU5PJ-HyLM-lL0NMwssOfXAvpADCaBJdX46S1hntiswkc3pLC567yZc4ItTFfvPRyCnkNYT5pYY19Mj_HZhAVcQivQxsKiVhKm2SI1rao3KwTk5V6qh3HUYgArIj_4Cf3kpolIGNv8m8oABCBrA61ciLu6uxBgAC94Cj8dVjIySBlmQRlzvafjtmPtyrfQDP9o7w0a2uU17xA4Lh3mdKHL9bxgh1P4NbElu6UHF16UH2qnSSiCnSi-rjS_NR2uoYx6jowo2JQ8-dfkiLiG9izlE7Z8XenRXo6KclOtvDjzmx5HjpSBGAlUat1sIbnIM-FA8Rz6VGuGGTjaOArE0mKhAqj3Xc9epgkMAxs5nKU6ip6AUFQ0cPvph3MRqjQNYM8nwPT-IrSyaQt6L-PIUoXucLtoBLMlR6XhRa2o9qlG2Y0Aw7S9rkSuHtmyTun5YvVHH-hiEmzHCBeYZPaO4kiFnn6X8A9wbnKICNkENugR8DY1_V2wQijelikB_MpLGjvXfJ_slvEI_EXksgMLUSzC54MLq_fJdhnTdEfrJjYOdxQDqn0HDMMx3A8VsomWFzxNpKOM_MCFC21tEXZE3PL17NHdLZcwxeHX0gW43A2Nlg0U-pMyN0tZtDhkFiZVvBViqb-E7Hb3o__9me63tU8_1RMF0iDGCLS5m7-skZ9w5loP8hEjeUdG9pkvVvxWPiAyBRr4s-YBlgZOeeZGNO3oLqM4LORVmhtVu-xnjZ_YDFqsvAUCDtZ1cDhst43UmfM7EJyhWEwAz_pmQMJA7wbOGXQ30FEE0uvUDv5BGpGrmDbi5jF99aayiV_9N-_4hvm-53AGaRS4xLuFw3--R06ZFotvo0WmL-Cnyqu880tNHDYxX0TKlbZYtW3Fxn-Ge7IWp2YMNYcmax-3RcIAJDL9Z0xj3k4zg_PMc4-Dd8-8mSWDV9i0zXdkPooXOP3C6ORhjeoWKeKnlKanVB8BAtSxL2iiG5N5uZqGdRw4ASSDXDManvkvERfl_ZfHNDH23-jAEc38iOzOgDY-1XToOVhGnm7uHRCdP9hyBw1peJS4ZrFDMDNESvJst_Gb2SfwxSIvPFNRj-peiauqlMj31IAV1IALPvk1uESJFxCHfOawjdoamKyuCiPPwO1dzZEib6N60AHVXCcFjYZRGf_7RLNaibeKbyEhZvmPCfaPaUvLrCuwk9tmrDmRMlyKMj68TQZetcBSdmqXdM6LR1F_ct6af7puWstrRYNmJIGPnEbd4niz_kJqV8XC0NMqMeNkMaylCr5QzQ3YaVqbWt7BN039dZRN1G16BSI0VXtXBs1EnV3Zrg_1eH-B0NbNyujAAvzmqD_vdnAE6OpXOCysard_XSYZWJMhVvN5_YnbUfhmYUFvOuVhYL8KYlyKd4jE9bsn0Fmx1T_-hTofbvfB7J8V6r5Wp2TWaCC44I6k3L6fcvfybTy58lDkX292SfO3dWmSS1YtT1tVC2os1WXiK02DGiiMfgLYOKwp79D_-Mg1i0oVzwbc_xsvcYq8UoHhx53d0SNe0bYj_etD66-0TX_rb_lyZj_ZpMOXF6TxYHCZdC73LOqO68cmrMS3mxxyGwkRGErJeQ4N4ckQ2zgZFRuyChR2esI_AvaoWqqoKbJvf81dI9qAtZAbPgxDJR2EVGOJm-9dI_QFkqzU1EuWHkYC0BFsN1TDRGhLUoooopEIkKZdpUMade--pGLvUYz0BgWe4Ee2imFS7zPWpUa61RFErRL4IBiBPNKY34I2WFX2SKROqn4EMAEX29z8hH1L-KsL4OYdyxbocUhPe4XDBr6NuxH-3Pa3smT5_VSU398zYdmHaDpS-1OOhPuqq4kL24MpES0RMSOUfDiaeuPOyRVw72AwpmCaL5ErLjTQ9nePxDQ7HzI1I0Gy19iMqe8stE6jUa1uOzxufEMeibkXrNHJ_rcZ2BvzFRY1KuXUhHHnURHrL5bOY82__h6V9YfnOeZ9a-PSQ9WXPM6BsQp571UCUDzccVMRkuS7orzlv5tfG7V7iyJ0Ir6SFwEp9XGHjK3Ug3FafubXpzAmlErm6AUklIqCw-eJmB6n5w64naEE-QuHEaVR0X1PGOsHlK8XUJaIGvyT1xYSF0CssZ1JpnZJGLS2_Tlz0FNayxBletMTxB_rCpjaAG-N2xYT3OyyMxHnqSoDdu0aUElDX0ppfwZx6lVDB3A0HvV-C-ssrpCs3-v9_3hf6j6EwVFQrDWZot891TFIOnYyixVr_J4tZpuqcHWNWu1Ofg5pJ0X8gM7zk5n-0I-Ir0OL25achXlPLMV4i_PXfVFj0svzNBwtyLP0lWWJQfOkrKm24h1F1L9PGcRUijHl4gWPfRHys5aylDuczGWgKf09pDTkAxkAc095_w3yHYSPHZcQTqO-VZ4FEEkYzGD37iNRCQGcfGGRcWyktUEkyx1SpfOjk_T2FUqZPiBbWuH9BbwuMpf2O0QeljaUhDr8VeBVcAnBpenyTZCgb4SQt99tN9jZ5u1cG9v0Zx3kzINlZQ8Ir31fbN7M6N8-EQLa1Admdwux8KpwD0ewI4KUCNOjKDZn1lMk5uIs76gra9MoW5Ow3CAweiXL6D3DygJtLekVAHTOkF6SC_G0zbj4iXXjxmTHFrIzIZpk7zUXYumMtFyDYra2R38mdIx8vZb-MuURso1u1yvZFcEORrefRd34WW1qOtIHWHvfAbMxjDK72RH6JU5MvJBPmkfN8mgKh9EZZmS2f1G6QmNMOe_n0qhsK91zeqlq7ShFmgdOh3We72guChoCnW2tmF_e8OhWAqXMtIGb5_1FAgVXug-iS7tabngY2kjeFBFkVjYImZzayRVMK1qbi3dATnupi3ac5_x_sfXHXlyfxYR7hjJIsj4gPAnuCWazidVe3s2lI6oti8BH0uaVx6ykVK7E5WuG7aXSc_3mELAFj3quOOCqQ7ZVoGyrQKdQJIewGbCXl4cQKHCMkLl61snEciVpcEs1L-pYX3m73CQE1dcG6UWfh56ykYrPf0vMlSjG_CGW4NLmquiAH4qNbiZ-HXN11q47oM71c5nOfeEyIfSxl0LWLqB801ZikChmuzyhlwTp7eo4MZ04YTCF6-FKBii1QjdsUxHUWyU7EPufvs8SfsW3c5A5Ts0XZNiERMnw34PpQ8FbXGWzcAcELBAwe3Vz5CE0gee1tQwZkuCz5SZElhlEKmoLJ2hEc7_SyoMFXyI6jTyOxHU9wbkgOmgGSfc9EWCylUJb92M5UDqa9JYLK3mvVuzvPDDoQCc6K30SF5asI9vPAWG3nNJiR4p4JPaxVLq7TqECmJQcefc6KuZqw_uWwR3SRe4bWR4HfH04h_zM9zPdShNuY_8T-i7-0umnTuINt_q15reDMJ42LrBg61AJYyDc8PXFa_KUuT5lieBpVX0uBoxCAQSKQDq26N9Ni3m6SfWZCrN2pNHMSnUFYGEMZgQpZyMd6cbEvdLBzeDBAjDGAEgE2AB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2c19d105106bf6f55dd15da3523b88f88921e03cf54e1efaa138922fc12397c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 13:36:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
47907
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11206
x-xss-protection
0
server
cafe
etag
16690196781007480285
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Dec 2022 13:36:26 GMT
dvbs_src_internal113.js
cdn.doubleverify.com/ Frame D456 		59 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src_internal113.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=25334725&cmp=27909197&plc=339172621&sid=6909169&aufilter1=4845432&prr=1&ppid=103&autt=1&auevent=ABAjH0gxoaDEU_TLC-yrwwWBB015&c1=4845432&auorder=1008772347&aucmp=18508291121&aucrtv=430717651&auxch=1&pltfrm=1&ausite=52321546355&turl=http://zdorovia.com.ua/&aubndl=&dvregion=0&unit=300x250
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:d::1732:83c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
c2da1bde386dc1e71e6f0cf3ddcce6650ba703109c5194f52c991f48755ad806

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:53 GMT
Content-Encoding
gzip
Last-Modified
Sun, 30 Oct 2022 09:56:00 GMT
Server
Microsoft-IIS/10.0
ETag
"0b85bd045ecd81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19448
generate_204
tpc.googlesyndication.com/ Frame 513A 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?R59SZg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:53 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame C3A1 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B5lqhz9GROpGPczA9h3yWjcQfzmUSYh35DFfxODrUbGS6CVUSzR2f3RW65vxAGY5gvAQVf2oSes8QhwLlAVNozwDpouKggNP3viWOtIXcuQRueEoA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155820289&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1669172093443&bpp=18&bdt=230&idt=219&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=1749007849656&frm=8&ife=1&pv=2&ga_vid=1427029477.1669172094&ga_sid=1669172094&ga_hid=574819294&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3846571605&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44774649%2C42531705%2C44774653%2C44777506%2C31070763%2C44770881&oid=2&pvsid=2870033142786992&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.ai7kwka5pwwb&fsb=1&dtd=238
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:54:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame C3A1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155820289&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1669172093443&bpp=18&bdt=230&idt=219&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=1749007849656&frm=8&ife=1&pv=2&ga_vid=1427029477.1669172094&ga_sid=1669172094&ga_hid=574819294&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3846571605&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44774649%2C42531705%2C44774653%2C44777506%2C31070763%2C44770881&oid=2&pvsid=2870033142786992&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.ai7kwka5pwwb&fsb=1&dtd=238
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 21:35:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
19184
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Dec 2022 21:35:10 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame C3A1 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155820289&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1669172093443&bpp=18&bdt=230&idt=219&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=1749007849656&frm=8&ife=1&pv=2&ga_vid=1427029477.1669172094&ga_sid=1669172094&ga_hid=574819294&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3846571605&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44774649%2C42531705%2C44774653%2C44777506%2C31070763%2C44770881&oid=2&pvsid=2870033142786992&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.ai7kwka5pwwb&fsb=1&dtd=238
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 10:41:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
58407
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Dec 2022 10:41:27 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C3A1 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155820289&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1669172093443&bpp=18&bdt=230&idt=219&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=1749007849656&frm=8&ife=1&pv=2&ga_vid=1427029477.1669172094&ga_sid=1669172094&ga_hid=574819294&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3846571605&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44774649%2C42531705%2C44774653%2C44777506%2C31070763%2C44770881&oid=2&pvsid=2870033142786992&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.ai7kwka5pwwb&fsb=1&dtd=238
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 23 Nov 2022 02:54:54 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 9272 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMe4vAEQnPDewQIY0ZbY1wEwAQ&v=APEucNWoKSQB8yD1lR1ckSzQyTUZW2g21uoJVvK3J2sd3OqXRLCpHPaUbTZqrjehdlkeXfMMJlCYnvCsGHYkWnMKJqmaIv24sw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155820289&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1669172093443&bpp=18&bdt=230&idt=219&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=1749007849656&frm=8&ife=1&pv=2&ga_vid=1427029477.1669172094&ga_sid=1669172094&ga_hid=574819294&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3846571605&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44774649%2C42531705%2C44774653%2C44777506%2C31070763%2C44770881&oid=2&pvsid=2870033142786992&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.ai7kwka5pwwb&fsb=1&dtd=238
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155820289&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1669172093443&bpp=18&bdt=230&idt=219&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=1749007849656&frm=8&ife=1&pv=2&ga_vid=1427029477.1669172094&ga_sid=1669172094&ga_hid=574819294&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3846571605&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44774649%2C42531705%2C44774653%2C44777506%2C31070763%2C44770881&oid=2&pvsid=2870033142786992&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.ai7kwka5pwwb&fsb=1&dtd=238
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 02:54:54 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame C3A1 		81 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AfVv7qsIpn5ayhRs-24DBiX6F4rGThUd8GBdJ-eGLuL6q5O4dP5bwxZ20735svzV4fMq46obaRODGT-kEoUTmygjV5Qw&cry=1&dbm_d=AKAmf-AaNfQoFJCemqUOyxQrCrcDTdf4rOFlGGmEEofovw273sX_2FmKpy5cTE02aUsG4SNjnIWGwvUhcpqobPJZl8DKCZBcHtAkJWEEefqweLr_qhgXrTDypw4jJusEoE_nOGRcsB6kpfJuzRBNeK6dd_082uZ9pD0W9ipMsU2fH29XfFbxm30fgPj0gw0W8rLOQc28turxbpGgAQxf2eIH-se5PcdKeuk6SmY8kVl1ppTpIKZNhAiGGScGczUGjhhIzcs-XAt4tbBfCs6wfeSzG_uD8PSZZkApq4tnwkjU09gGN-DecMNhXsp8qG3zRjKscrO9MAcxFmaUQ-z7cxz13puxlkm1ITx6tiDFOCzBqUYakg-3wvMwGIivSDFEqVcIbIbeJVoHPwSmTxGkJ_cRrLM7D0HGMw3dPvJpjPcLGLOS1lCj6oUZWMaS24hhT-h9nr9sDM2BEqLB2nG5R75WgZ3mAko3h6BDhVVpu9xTJq20u0JHflrMuE_an8Vuxug9lwEDw6z3-rSXNLc2AA-01StbY44YAo_C4AxzcxWdz8NDBXR1O-e4tXlGkydXG-1U2ExYx_iae01QSKgRffdf-HBJVgapyTW1RrBY4AZZth8QZEIydHzdH0SFvyUpb2W6Ew7pHqF2YbcVsZ1C9fUiViVwOXamBsbJReujplhHISCihpr9eo6vfXMENCFueiXr5qh177nzhHth5wqZ_k1tqoOeN-UfauE44sTLtSermzbLo9ewOzJXkwHypx3TCIGTVjOKkPefrBRBzf5eQ5mNcclj87ljm26nQnW6_H-3Kpcm6BFncyArFUZu58U08Z21bEAmqPGBZyCRfPhZcfnXmIMhx0ZdXMGlPIyDX4I_X8kXwgSz7S6U08eqigvyadf9ez-Wum27dr_3Kn7tdWeudEI4ivL9AX5nO8Ah9iNDiMmhU8ZNDGN0sxuHwF96umEhPxIHtNio-VxGH7OEEcIxEylotvs8wpx299MJHD0lz3zIeuzSvQ08HKNJfecTjLrnVwSzDQEawngM4948AakhoFlCNfSlgjatdskL6Fbux80opct96yIxyopZYEyU8P-KwnET8hXc_zFbWSQSpfI9nwOLJhi0uUO6GcLdZsaRlx29qasPooW6j05ixhHzWLvC1WBJehN5EVoNh5wNgMwcmioWWvLUhrxjpI5h5yOFJ35UtggsbL_s_SW5lO9QyhoGyRIBjVf1XL7_Y8JCmOJHzvFCQnnd69Lo3X_6vDbXIJMcCilMuy6mSojMB8HB9ACMXx53F4irmIOhNhD6iWEnlD8X0UedIIlk39MuZKjg2GFLp5LTMuDwP1xkv_VG53nFxBVhlLh00NxU3Pwk4GGqb-sqfAdAMZwqx4JZjvMAWiSXTFOVpVTZzU9lTYQ9w9PAfMWfDb3JtMkVSGSGVdzKXVvLTGNa-9zTosNSRynjhUVCdt_qfuF5RG0nXJHskKAL8-rmgnz-fPxCeLOEn5_tiBhD7NQSZZi8nFePiYgI2mn_YGwmoImqv4oJJ392GwfM_I29ysegWnGA0PGjqdEnt8ISVZQbkn-pHtTgKL5A-GYVHKgDvMi6FfZPWFOEZnzP_vPWZDo1w8255PRSUZ0PUnorLABGbp8c7MJMtcGGdBZt4hss-RXCEYDKrJ5Q14Qp476gL3B4XuiweU2yQhVgb6tEPpBa3BUj5ruRcsVaSF1oY9W_KvQ-DYn4CU2jpfJHmSJ_OZvviRvMdMjr3JDhYFS1qcJc55kjxhcvD53GuxhIPjdKxIZ_-MJqOLwIZILDDbyUoaCa0HSmb9t2mA1-yRf5jzoUJxDc0HYaOPh81aTfAtv6WxOfDdsDUbpPfGTReWEG51BxCmK0Xyje_VgfnkPsfLhUoMGkxLdpoYHWolJpz4mET809WS4lv46gdGyWM-A5v66GK6oLUrnOV8f1iViaq1usLkaJiRHeD75WxeuBwj8U_X_nSmPVMs6i1KvHTCwxlu4YnMkzUXjiH61nY8zTKH3khmNZsyVgh1mL5NqYPYA6q7H2GDHe1xzRmLiFgbuA8hdOblf7npnyn-VFdx6iV-w59qBuYJgjPWz0SCTH1bf43R0bMVAPJABb7EZ27kmbIPsFhfqUTYHy14MR_OJU8Uh4DOTlLa5YHJiBc6vyamFwXCXv_JcdhXyC-CIgFIbjuRpZF34Qk2dfME4oALSZyjCj0tACtw8Kofml4LmqJvu8fZhAX4JMw0PWcmFFufAUixLmZslmVitOeOjVhlXNBy9Z8S_d0CgnFohRAujs3bhK9Gobq2WNuHyabv7yvX672rPN1w03mtv1td0Qp7XW1CjK6gLjBAdHVpSIHakxq7XRbBJysoe7QO5vuTMHQEDrXcNTFjUhumC8tmVKkWU_TSnxP8EgXzK6ofdx2IKD7lMgKP0E6Jkh126Occ8GxgOZ3Dyyd799cYc6zJeBxQ71LgPaedytSkpWb341XSe9RGvW9YulfvuJwhQ5zn94dK-XwYD-6p96405wSWPt5jl35rueVQsaedacuf6VJRGQ9y5MtU_qj2QPW9VAaHaMI5SmNDEpaox1D2vbJSWxIM9GtLKx2eWWL5INBdqtvy6E0-IaBow4EFp3UQ3Socre2RwC0u1H-bsxNl1AB2KZkTL1SVj75aXX3INdv7zpb1Yq3g_zeCkgEFluf3ZxRgjUKktsjNaW9EGQI68DocWbG3R5mOvzZVm0_bmTx2vot7lnLaahUJieQ7faPFRohxpdvS2jRVQes4vD0ODMghYp8rdlh7FosWCQi0p2C234RvGcOXJz5Nlx5Xy2UR_ILpSjCKFl5c9kjKQP_DClKeeMns4WifmOz8FOHR3e55JX_bT4T8KFnhsmDW5-yaxE7r1mhSx5twkZ_NyUrmYJskHMSDmvUwuikoXMdRjQp3sk4FutLO-e9sXA-1xDsXQihdngTebmeg6qUTt9-3ShLenvLKAMCId6-IvX2RwT_nu0_SSAv5lc51tgVUbkPWlp22VN6_fOdBJTugmaLxar7CMMFhN1VcwmuD8z2Z3hRTfkqLS8BLLSKgZ4vcC79z9xWJvF-nesGLltzY7Bj9e7quM2lfCI9GZ0T0uPHQabm9RjzYgh0mzXJoe89-YArJGvgPMPGbXBvT_LaB4cTtsokK7yzjM8AdTW-BtVJ4u3r0Vk3ewtcSUARszkdVvfks4_APqwaFpMUzUfBbZ26z9ekgu7Mkp4lRNJ5BvmhT0JoBhgym65STzPg5y2iDoJ67gTQqX60ddcfT8NK8Zouum7fhUVCyOkIfPNZEPR2-i52Rr5OzkXPHcb8ejKhry2H7CE0jwh1hGNvFgE&cid=CAQSKQDq26N9K4gXLc0cWVk3wbrfAnSeL65KiewOlFx-SblulbAwQSDhx563GAEgEw&rfl=3%2Chttp%253A%252F%252Fzdorovia.com.ua%242%2C%2Chttps%253A%252F%252Ffile.adpartner.pro%252F%240
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155820289&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1669172093443&bpp=18&bdt=230&idt=219&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=1749007849656&frm=8&ife=1&pv=2&ga_vid=1427029477.1669172094&ga_sid=1669172094&ga_hid=574819294&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3846571605&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44774649%2C42531705%2C44774653%2C44777506%2C31070763%2C44770881&oid=2&pvsid=2870033142786992&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.ai7kwka5pwwb&fsb=1&dtd=238
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
64cb32ed9eaa927a2ae4a80f89db64a205543f0c88570271cf416a5b0789502f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155820289&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1669172093443&bpp=18&bdt=230&idt=219&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=1749007849656&frm=8&ife=1&pv=2&ga_vid=1427029477.1669172094&ga_sid=1669172094&ga_hid=574819294&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3846571605&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44774649%2C42531705%2C44774653%2C44777506%2C31070763%2C44770881&oid=2&pvsid=2870033142786992&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.ai7kwka5pwwb&fsb=1&dtd=238
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:54:54 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34851
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
verify.js
rtb0.doubleverify.com/ Frame D456 		443 B
548 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_742070962654&jsTagObjCallback=__tagObject_callback_742070962654&num=6&ctx=25334725&cmp=27909197&plc=339172621&sid=6909169&advid=&adsrv=&unit=300x250&isdvvid=&uid=742070962654&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.30&dvpx_strhd=0.30&brid=3&brver=99&bridua=3&dup=null&ppid=103&auevent=ABAjH0gxoaDEU_TLC-yrwwWBB015&aucmp=18508291121&aucrtv=430717651&auorder=1008772347&ausite=52321546355&auxch=1&pltfrm=1&aufilter1=4845432&autt=1&c1=4845432&turl=http://zdorovia.com.ua/&srcurlD=1&ssl=1&refD=2&htmlmsging=1&tstype=128&prr=1&aUrlD=1&m1=13&noc=4&fcifrms=25&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=161&eparams=DC4FC%3Dl9EEATbpTauTauK5%40C%40G%3A2%5D4%40%3E%5DF2TauU2%3F4r92%3A%3Fl9EEATbpTauTauK5%40C%40G%3A2%5D4%40%3E%5DF2Tar9EEATbpTauTauK5%40C%40G%3A2%5D4%40%3E%5DF2Tar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6EU2%26C%3Dl9EEADTbpTauTau7%3A%3D6%5D25A2CE%3F6C%5DAC%40Tau&dvp_exetime=5.60&aubndl=&callbackName=__verify_callback_742070962654
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal113.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.12.149.34.bc.googleusercontent.com
Software
/
Resource Hash
b2ed9be156e0197fd74963e34335e177410163848ebaa40a7a455e7e12667c44

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 02:54:54 GMT
Content-Encoding
br
X-DV-Response
0
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
close
Expires
11/22/2022 02:54:54
activeview
pagead2.googlesyndication.com/pcs/ Frame 0672 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssgTcpf_TGNFRYNuBT1yPoqQS6bogKmSfpAnQRjj1LVI3HxokRRmWy7BJpKfwQFZGkjGkjKy5QNRwtFRnwwUoRmL77yYL4camqpqA4mJDwjzaBEtfQOvbgiKUTy7hkMpb0IB6HWFcIW_ZGhPj5Qq6kQy4NP0D-VIhTY2g&sai=AMfl-YQjbsyoa5XaNGyLZemw9mPbo0A2UDcEadZaHZTiKGiIuThYQOBG0lD4VjKUojqyN0FAujMs7qC92Pykj7FMGVfvphnsiErPsLjg7A&sig=Cg0ArKJSzFnhMFeiNUdFEAE&cid=CAQSKQDq26N9sfDzHRxk7XfVC-8GpQjZxAJcmjd8sS0FncdEAG7LQUTZorctGAEgEw&id=lidar2&mcvt=1082&p=0,0,200,240&mtos=1082,1082,1082,1082,1082&tos=1082,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=132049923&rs=2&la=0&cr=0&vs=4&r=v&rst=1669172092611&rpt=430&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:54:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 6F24 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
398893
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 18 Nov 2022 12:06:41 GMT
expires
Sat, 18 Nov 2023 12:06:41 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.co.uk/adsid/ Frame 3D91 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=file.adpartner.pro
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 3D91 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=file.adpartner.pro
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 1590 		15 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155823868&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1669172093862&bpp=13&bdt=236&idt=324&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=3857357183040&frm=8&ife=1&pv=2&ga_vid=1240897355.1669172094&ga_sid=1669172094&ga_hid=311990213&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=802331862&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C42531705%2C44774606&oid=2&pvsid=1999659876815096&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.enrtmqh2xdo1&fsb=1&dtd=342
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68ce5e6b058eda223db621959ba983469abd481a2f9968fde08c42464fe225ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
8000
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 02:54:54 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/12253562395284209664/728x90-Crystal_Ski/ Frame 746E 		18 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12253562395284209664/728x90-Crystal_Ski/index.html?e=69&leftOffset=0&topOffset=0&c=uvcZk6if6d&t=1&renderingType=2&ev=01_247
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fcbd2ad507245d0858967d08e4465973290ea279594e442db3e03c28387aba2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 02:54:54 GMT
expires
Thu, 23 Nov 2023 02:54:54 GMT
last-modified
Mon, 13 Jun 2022 11:16:22 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame ADBF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuiXP0A91-1SFGihh7EHzyNtvaEFt7A-X2hN5RlrxWBX5eU96kmme9XDt-gTZKPnFmbeSsTt4H5df0hh5v9xXp_Jp7Djf-YD33fNjzRxEqzM5kJHAxO1gT61-Ka7THExY5AsnooYvZpeGTs6tdy1nJkrINO1k0yVLU&sai=AMfl-YRqhiGe2-PZHM1oM87zwP8dZ9JyhVU113k7gsUs_jZozovqZIvWnFTZV48gcf3RFdRiTPnbJ5gc8B9cbbU9WLiGvU-5rGkVnkxmtB6G&sig=Cg0ArKJSzIIcXLTF8HfKEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=373&cbvp=1&cstd=365&cisv=r20221110.80635&arae=0&ftch=1&adurl=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 23 Nov 2022 02:54:54 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame C279 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr={gdpr]&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:53 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame C3A1 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 11:55:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
53974
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 23 Nov 2022 11:55:20 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/ Frame C3A1 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AfVv7qsIpn5ayhRs-24DBiX6F4rGThUd8GBdJ-eGLuL6q5O4dP5bwxZ20735svzV4fMq46obaRODGT-kEoUTmygjV5Qw&cry=1&dbm_d=AKAmf-AaNfQoFJCemqUOyxQrCrcDTdf4rOFlGGmEEofovw273sX_2FmKpy5cTE02aUsG4SNjnIWGwvUhcpqobPJZl8DKCZBcHtAkJWEEefqweLr_qhgXrTDypw4jJusEoE_nOGRcsB6kpfJuzRBNeK6dd_082uZ9pD0W9ipMsU2fH29XfFbxm30fgPj0gw0W8rLOQc28turxbpGgAQxf2eIH-se5PcdKeuk6SmY8kVl1ppTpIKZNhAiGGScGczUGjhhIzcs-XAt4tbBfCs6wfeSzG_uD8PSZZkApq4tnwkjU09gGN-DecMNhXsp8qG3zRjKscrO9MAcxFmaUQ-z7cxz13puxlkm1ITx6tiDFOCzBqUYakg-3wvMwGIivSDFEqVcIbIbeJVoHPwSmTxGkJ_cRrLM7D0HGMw3dPvJpjPcLGLOS1lCj6oUZWMaS24hhT-h9nr9sDM2BEqLB2nG5R75WgZ3mAko3h6BDhVVpu9xTJq20u0JHflrMuE_an8Vuxug9lwEDw6z3-rSXNLc2AA-01StbY44YAo_C4AxzcxWdz8NDBXR1O-e4tXlGkydXG-1U2ExYx_iae01QSKgRffdf-HBJVgapyTW1RrBY4AZZth8QZEIydHzdH0SFvyUpb2W6Ew7pHqF2YbcVsZ1C9fUiViVwOXamBsbJReujplhHISCihpr9eo6vfXMENCFueiXr5qh177nzhHth5wqZ_k1tqoOeN-UfauE44sTLtSermzbLo9ewOzJXkwHypx3TCIGTVjOKkPefrBRBzf5eQ5mNcclj87ljm26nQnW6_H-3Kpcm6BFncyArFUZu58U08Z21bEAmqPGBZyCRfPhZcfnXmIMhx0ZdXMGlPIyDX4I_X8kXwgSz7S6U08eqigvyadf9ez-Wum27dr_3Kn7tdWeudEI4ivL9AX5nO8Ah9iNDiMmhU8ZNDGN0sxuHwF96umEhPxIHtNio-VxGH7OEEcIxEylotvs8wpx299MJHD0lz3zIeuzSvQ08HKNJfecTjLrnVwSzDQEawngM4948AakhoFlCNfSlgjatdskL6Fbux80opct96yIxyopZYEyU8P-KwnET8hXc_zFbWSQSpfI9nwOLJhi0uUO6GcLdZsaRlx29qasPooW6j05ixhHzWLvC1WBJehN5EVoNh5wNgMwcmioWWvLUhrxjpI5h5yOFJ35UtggsbL_s_SW5lO9QyhoGyRIBjVf1XL7_Y8JCmOJHzvFCQnnd69Lo3X_6vDbXIJMcCilMuy6mSojMB8HB9ACMXx53F4irmIOhNhD6iWEnlD8X0UedIIlk39MuZKjg2GFLp5LTMuDwP1xkv_VG53nFxBVhlLh00NxU3Pwk4GGqb-sqfAdAMZwqx4JZjvMAWiSXTFOVpVTZzU9lTYQ9w9PAfMWfDb3JtMkVSGSGVdzKXVvLTGNa-9zTosNSRynjhUVCdt_qfuF5RG0nXJHskKAL8-rmgnz-fPxCeLOEn5_tiBhD7NQSZZi8nFePiYgI2mn_YGwmoImqv4oJJ392GwfM_I29ysegWnGA0PGjqdEnt8ISVZQbkn-pHtTgKL5A-GYVHKgDvMi6FfZPWFOEZnzP_vPWZDo1w8255PRSUZ0PUnorLABGbp8c7MJMtcGGdBZt4hss-RXCEYDKrJ5Q14Qp476gL3B4XuiweU2yQhVgb6tEPpBa3BUj5ruRcsVaSF1oY9W_KvQ-DYn4CU2jpfJHmSJ_OZvviRvMdMjr3JDhYFS1qcJc55kjxhcvD53GuxhIPjdKxIZ_-MJqOLwIZILDDbyUoaCa0HSmb9t2mA1-yRf5jzoUJxDc0HYaOPh81aTfAtv6WxOfDdsDUbpPfGTReWEG51BxCmK0Xyje_VgfnkPsfLhUoMGkxLdpoYHWolJpz4mET809WS4lv46gdGyWM-A5v66GK6oLUrnOV8f1iViaq1usLkaJiRHeD75WxeuBwj8U_X_nSmPVMs6i1KvHTCwxlu4YnMkzUXjiH61nY8zTKH3khmNZsyVgh1mL5NqYPYA6q7H2GDHe1xzRmLiFgbuA8hdOblf7npnyn-VFdx6iV-w59qBuYJgjPWz0SCTH1bf43R0bMVAPJABb7EZ27kmbIPsFhfqUTYHy14MR_OJU8Uh4DOTlLa5YHJiBc6vyamFwXCXv_JcdhXyC-CIgFIbjuRpZF34Qk2dfME4oALSZyjCj0tACtw8Kofml4LmqJvu8fZhAX4JMw0PWcmFFufAUixLmZslmVitOeOjVhlXNBy9Z8S_d0CgnFohRAujs3bhK9Gobq2WNuHyabv7yvX672rPN1w03mtv1td0Qp7XW1CjK6gLjBAdHVpSIHakxq7XRbBJysoe7QO5vuTMHQEDrXcNTFjUhumC8tmVKkWU_TSnxP8EgXzK6ofdx2IKD7lMgKP0E6Jkh126Occ8GxgOZ3Dyyd799cYc6zJeBxQ71LgPaedytSkpWb341XSe9RGvW9YulfvuJwhQ5zn94dK-XwYD-6p96405wSWPt5jl35rueVQsaedacuf6VJRGQ9y5MtU_qj2QPW9VAaHaMI5SmNDEpaox1D2vbJSWxIM9GtLKx2eWWL5INBdqtvy6E0-IaBow4EFp3UQ3Socre2RwC0u1H-bsxNl1AB2KZkTL1SVj75aXX3INdv7zpb1Yq3g_zeCkgEFluf3ZxRgjUKktsjNaW9EGQI68DocWbG3R5mOvzZVm0_bmTx2vot7lnLaahUJieQ7faPFRohxpdvS2jRVQes4vD0ODMghYp8rdlh7FosWCQi0p2C234RvGcOXJz5Nlx5Xy2UR_ILpSjCKFl5c9kjKQP_DClKeeMns4WifmOz8FOHR3e55JX_bT4T8KFnhsmDW5-yaxE7r1mhSx5twkZ_NyUrmYJskHMSDmvUwuikoXMdRjQp3sk4FutLO-e9sXA-1xDsXQihdngTebmeg6qUTt9-3ShLenvLKAMCId6-IvX2RwT_nu0_SSAv5lc51tgVUbkPWlp22VN6_fOdBJTugmaLxar7CMMFhN1VcwmuD8z2Z3hRTfkqLS8BLLSKgZ4vcC79z9xWJvF-nesGLltzY7Bj9e7quM2lfCI9GZ0T0uPHQabm9RjzYgh0mzXJoe89-YArJGvgPMPGbXBvT_LaB4cTtsokK7yzjM8AdTW-BtVJ4u3r0Vk3ewtcSUARszkdVvfks4_APqwaFpMUzUfBbZ26z9ekgu7Mkp4lRNJ5BvmhT0JoBhgym65STzPg5y2iDoJ67gTQqX60ddcfT8NK8Zouum7fhUVCyOkIfPNZEPR2-i52Rr5OzkXPHcb8ejKhry2H7CE0jwh1hGNvFgE&cid=CAQSKQDq26N9K4gXLc0cWVk3wbrfAnSeL65KiewOlFx-SblulbAwQSDhx563GAEgEw&rfl=3%2Chttp%253A%252F%252Fzdorovia.com.ua%242%2C%2Chttps%253A%252F%252Ffile.adpartner.pro%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 21:16:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
20294
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Dec 2022 21:16:40 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame C3A1 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AfVv7qsIpn5ayhRs-24DBiX6F4rGThUd8GBdJ-eGLuL6q5O4dP5bwxZ20735svzV4fMq46obaRODGT-kEoUTmygjV5Qw&cry=1&dbm_d=AKAmf-AaNfQoFJCemqUOyxQrCrcDTdf4rOFlGGmEEofovw273sX_2FmKpy5cTE02aUsG4SNjnIWGwvUhcpqobPJZl8DKCZBcHtAkJWEEefqweLr_qhgXrTDypw4jJusEoE_nOGRcsB6kpfJuzRBNeK6dd_082uZ9pD0W9ipMsU2fH29XfFbxm30fgPj0gw0W8rLOQc28turxbpGgAQxf2eIH-se5PcdKeuk6SmY8kVl1ppTpIKZNhAiGGScGczUGjhhIzcs-XAt4tbBfCs6wfeSzG_uD8PSZZkApq4tnwkjU09gGN-DecMNhXsp8qG3zRjKscrO9MAcxFmaUQ-z7cxz13puxlkm1ITx6tiDFOCzBqUYakg-3wvMwGIivSDFEqVcIbIbeJVoHPwSmTxGkJ_cRrLM7D0HGMw3dPvJpjPcLGLOS1lCj6oUZWMaS24hhT-h9nr9sDM2BEqLB2nG5R75WgZ3mAko3h6BDhVVpu9xTJq20u0JHflrMuE_an8Vuxug9lwEDw6z3-rSXNLc2AA-01StbY44YAo_C4AxzcxWdz8NDBXR1O-e4tXlGkydXG-1U2ExYx_iae01QSKgRffdf-HBJVgapyTW1RrBY4AZZth8QZEIydHzdH0SFvyUpb2W6Ew7pHqF2YbcVsZ1C9fUiViVwOXamBsbJReujplhHISCihpr9eo6vfXMENCFueiXr5qh177nzhHth5wqZ_k1tqoOeN-UfauE44sTLtSermzbLo9ewOzJXkwHypx3TCIGTVjOKkPefrBRBzf5eQ5mNcclj87ljm26nQnW6_H-3Kpcm6BFncyArFUZu58U08Z21bEAmqPGBZyCRfPhZcfnXmIMhx0ZdXMGlPIyDX4I_X8kXwgSz7S6U08eqigvyadf9ez-Wum27dr_3Kn7tdWeudEI4ivL9AX5nO8Ah9iNDiMmhU8ZNDGN0sxuHwF96umEhPxIHtNio-VxGH7OEEcIxEylotvs8wpx299MJHD0lz3zIeuzSvQ08HKNJfecTjLrnVwSzDQEawngM4948AakhoFlCNfSlgjatdskL6Fbux80opct96yIxyopZYEyU8P-KwnET8hXc_zFbWSQSpfI9nwOLJhi0uUO6GcLdZsaRlx29qasPooW6j05ixhHzWLvC1WBJehN5EVoNh5wNgMwcmioWWvLUhrxjpI5h5yOFJ35UtggsbL_s_SW5lO9QyhoGyRIBjVf1XL7_Y8JCmOJHzvFCQnnd69Lo3X_6vDbXIJMcCilMuy6mSojMB8HB9ACMXx53F4irmIOhNhD6iWEnlD8X0UedIIlk39MuZKjg2GFLp5LTMuDwP1xkv_VG53nFxBVhlLh00NxU3Pwk4GGqb-sqfAdAMZwqx4JZjvMAWiSXTFOVpVTZzU9lTYQ9w9PAfMWfDb3JtMkVSGSGVdzKXVvLTGNa-9zTosNSRynjhUVCdt_qfuF5RG0nXJHskKAL8-rmgnz-fPxCeLOEn5_tiBhD7NQSZZi8nFePiYgI2mn_YGwmoImqv4oJJ392GwfM_I29ysegWnGA0PGjqdEnt8ISVZQbkn-pHtTgKL5A-GYVHKgDvMi6FfZPWFOEZnzP_vPWZDo1w8255PRSUZ0PUnorLABGbp8c7MJMtcGGdBZt4hss-RXCEYDKrJ5Q14Qp476gL3B4XuiweU2yQhVgb6tEPpBa3BUj5ruRcsVaSF1oY9W_KvQ-DYn4CU2jpfJHmSJ_OZvviRvMdMjr3JDhYFS1qcJc55kjxhcvD53GuxhIPjdKxIZ_-MJqOLwIZILDDbyUoaCa0HSmb9t2mA1-yRf5jzoUJxDc0HYaOPh81aTfAtv6WxOfDdsDUbpPfGTReWEG51BxCmK0Xyje_VgfnkPsfLhUoMGkxLdpoYHWolJpz4mET809WS4lv46gdGyWM-A5v66GK6oLUrnOV8f1iViaq1usLkaJiRHeD75WxeuBwj8U_X_nSmPVMs6i1KvHTCwxlu4YnMkzUXjiH61nY8zTKH3khmNZsyVgh1mL5NqYPYA6q7H2GDHe1xzRmLiFgbuA8hdOblf7npnyn-VFdx6iV-w59qBuYJgjPWz0SCTH1bf43R0bMVAPJABb7EZ27kmbIPsFhfqUTYHy14MR_OJU8Uh4DOTlLa5YHJiBc6vyamFwXCXv_JcdhXyC-CIgFIbjuRpZF34Qk2dfME4oALSZyjCj0tACtw8Kofml4LmqJvu8fZhAX4JMw0PWcmFFufAUixLmZslmVitOeOjVhlXNBy9Z8S_d0CgnFohRAujs3bhK9Gobq2WNuHyabv7yvX672rPN1w03mtv1td0Qp7XW1CjK6gLjBAdHVpSIHakxq7XRbBJysoe7QO5vuTMHQEDrXcNTFjUhumC8tmVKkWU_TSnxP8EgXzK6ofdx2IKD7lMgKP0E6Jkh126Occ8GxgOZ3Dyyd799cYc6zJeBxQ71LgPaedytSkpWb341XSe9RGvW9YulfvuJwhQ5zn94dK-XwYD-6p96405wSWPt5jl35rueVQsaedacuf6VJRGQ9y5MtU_qj2QPW9VAaHaMI5SmNDEpaox1D2vbJSWxIM9GtLKx2eWWL5INBdqtvy6E0-IaBow4EFp3UQ3Socre2RwC0u1H-bsxNl1AB2KZkTL1SVj75aXX3INdv7zpb1Yq3g_zeCkgEFluf3ZxRgjUKktsjNaW9EGQI68DocWbG3R5mOvzZVm0_bmTx2vot7lnLaahUJieQ7faPFRohxpdvS2jRVQes4vD0ODMghYp8rdlh7FosWCQi0p2C234RvGcOXJz5Nlx5Xy2UR_ILpSjCKFl5c9kjKQP_DClKeeMns4WifmOz8FOHR3e55JX_bT4T8KFnhsmDW5-yaxE7r1mhSx5twkZ_NyUrmYJskHMSDmvUwuikoXMdRjQp3sk4FutLO-e9sXA-1xDsXQihdngTebmeg6qUTt9-3ShLenvLKAMCId6-IvX2RwT_nu0_SSAv5lc51tgVUbkPWlp22VN6_fOdBJTugmaLxar7CMMFhN1VcwmuD8z2Z3hRTfkqLS8BLLSKgZ4vcC79z9xWJvF-nesGLltzY7Bj9e7quM2lfCI9GZ0T0uPHQabm9RjzYgh0mzXJoe89-YArJGvgPMPGbXBvT_LaB4cTtsokK7yzjM8AdTW-BtVJ4u3r0Vk3ewtcSUARszkdVvfks4_APqwaFpMUzUfBbZ26z9ekgu7Mkp4lRNJ5BvmhT0JoBhgym65STzPg5y2iDoJ67gTQqX60ddcfT8NK8Zouum7fhUVCyOkIfPNZEPR2-i52Rr5OzkXPHcb8ejKhry2H7CE0jwh1hGNvFgE&cid=CAQSKQDq26N9K4gXLc0cWVk3wbrfAnSeL65KiewOlFx-SblulbAwQSDhx563GAEgEw&rfl=3%2Chttp%253A%252F%252Fzdorovia.com.ua%242%2C%2Chttps%253A%252F%252Ffile.adpartner.pro%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2c19d105106bf6f55dd15da3523b88f88921e03cf54e1efaa138922fc12397c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 13:36:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
47908
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11206
x-xss-protection
0
server
cafe
etag
16690196781007480285
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Dec 2022 13:36:26 GMT
dv-measurements3225.js
cdn.doubleverify.com/ Frame 1BEF 		545 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements3225.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:d::1732:83c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
7a525c52ebccd4a3e95e0bb433242298300312acc3e5ea424e87429d82e0c695

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:54 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 Nov 2022 09:55:39 GMT
Server
Microsoft-IIS/10.0
ETag
"809f579358fed81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
107051
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame D436 		1 KB
646 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417939&pi=t.ma~as.7553037928&w=728&lmt=1669172091&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1669172091570&bpp=7&bdt=106&idt=190&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&correlator=4639092018766&frm=23&ife=5&pv=2&ga_vid=1022265231.1669172090&ga_sid=1669172090&ga_hid=52432709&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531705%2C31070923&oid=2&pvsid=417168342558042&tmod=1518457775&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.f1jdbaqguy4t&fsb=1&dtd=214
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
65565
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 22 Nov 2022 08:42:09 GMT
etag
48472445140208031
expires
Wed, 23 Nov 2022 08:42:09 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame ADBF 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fdca945e53e22f07741a3ad330c2ef07699d9befcf6670f6a6d9d9d611747ee6

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
dv-measurements3225.js
cdn.doubleverify.com/ Frame 6026 		545 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements3225.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:d::1732:83c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
7a525c52ebccd4a3e95e0bb433242298300312acc3e5ea424e87429d82e0c695

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:54 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 Nov 2022 09:55:39 GMT
Server
Microsoft-IIS/10.0
ETag
"809f579358fed81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
107051
adj
bid.g.doubleclick.net/xbbe/creative/ Frame D456 		70 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNVjUkJRtXXktYacILFSYLGXnYN9lZz4X41S-VF6APns31KpuyQ&d=CokBAKAmf-BZK28ntiyyIu2PO2jWsVGsoRg1DAFadhaoQwoa-x1qVqd6EyYapbOZEerLRHnuWZmElq1hRym9GqcNclKji5GMU-At_Fi7DD65zfGPulrMQIC4GxHhjCvDUs-V08WxiaFYtGDdzMgodNDj2dlnfrgcjTlTCmEJJnD9sBIwotNRlzXieggSuRMAoCZ_4Cs-pDkU0RL9P2iTd1YkcL3rxkDXV8dyqF0gTArXO6EiAhcSPgBj6dCGlpMu4oZCcVrEXSbfcSxJtTVuFl7Zlqx2Yn2FdqELnxY5WIeqtselXU5MtEqzmrxYHmLhwaS0HznuvNKmkiz_G2C3ditBBbwE0ot29knDjGzHNEANZvB6jBSBujhXDvM-jXLiPaB0zoxOkuA7CCd2CsUrynbnaNsfPyY0MNXovIiew7C68mVvuFspNz1iukIMqmg9gg_O4hZJ0dulwPXLMO-Qap-US6FV8A6rZYmqHOrmfQ9BpuRFRo1FISmi4vMwDpS6NRtU5e_sAc5Mn3oUMxbUhrndNpGsEytJ3jZufOLrMo6AIrlp_PRxGzZ9ePDZnlS3joiVCNFkoEuyK1XAcy_zQg6rDl6hTSdEOAnao7SbjWXXdbCmQte0u9LMF-Zdat0rUEs575FmF73WSj_YDqatFrGPcs0YLC12xjNnGWiwxtdr-1li8VHltv0D5x4s3rcgfGgJ1dcMsV7xxzTpyXwPFpnJwf4Mg9oFonTivcq28emIn4I9741RuFYoYGaul_NfCYha3g6JXOiTGPJUH7ZvPPCR50ol2LrVJZB4Q4XnWTbxr7Cehni0RAbvDe7X6QMvbEPAtYB2SqNvvQ2pF8I939YeWfc5gjx3xM3SewNIiF5vUYDtCbzISPrkfOhazkzqgoMotxueOIVpPq-9aN-27WaHr3UFy4Cg5x0XU81RwglbUFBHxSBJc98QfYkzNDkCubOn7MDq585jdhv7ZiBw9bMn4b1k6VkGGhVV5ofBwUvl-SYFlykUUKun2pd4kZM6wuTdG5X82PJ1Tm_Zw9ljD2kM5VEGLy3Sv3n3Z3GhzsNfSYxRStL-n_2kDruUWNtNdt0PTs1IDUyShlrUV12OqO33yutDtr2hYOtGceHqSFqtmbuf4nrbiXkecVNC0-AyIPZM_5glQCkUAGlPiEKF_3zWzy-5MN8I3y28YJEVP76Amcocrp3HAhiz9iAqvuoW9LscYYBIgbTIONIHahj2onTaztgsPRTUi6pIxVMlPy6VZ8K2x7x_ZaBQY7IXdsBAvqMZfJ0u-btRppYiLPtLZu0TMfHbrCCwykwBH0y-5rRijmFzdy5F3A0geNREOmHqKXfb4cHYP5ovqLPH6pxAjp2FCF5EhWo8B8WdDn3LiuJEiFTiecqXM5C4Or1fJiGASRpcJDmi8-moYSAyDlR2gyYBUmgm8R3AFvd_s10sDXJwmccXXiQokZlAbH1LLJD2FSDLzc8-RSp3KaU-XImBc5hmrFBJRcogFlYepMuV1ExJurBCaIr_sNf-42LjqDgb3MyTm7gOLSP022V2U7M27X7-hQb_H19mMU5qwOCSBtzcfkZF3PUvshtjhWCTa0tld6uFtiWDjI2xJ6eI8BLUl2VYVAWqXjiKNPa0oyZ9sf_jjZdSCNQ9OfrEFIyMyqK1Ejpc14Uug1kk-pgMnOxXzE8ompmgdtTLIh7geN2JVmPyClU_OT2ksgjRQ-dV0DVlhKlkLYsaKXG0M0sKXMaZhyvzMdGU5gT8GOtyFOOm49PQeQzNcdNV3mrWk4QaBQyLJPoXQbSxwtAGuXYaRMYZ2PM4ZPf1xgxfR_-_WuAM9vxH_2HZRq9JyQYwIpizUpmBwzmC1oko9BJSBZNTfncNikzepxnjlUj4tXJQoWG7w5kM5mPpLYOaIH2penDv2ghcl_ZEMmeiL3OnKO3r_KbgKCCJ8PCHDkiK9phOWfsDDXOFsapAfk425PE-iKwm4TPno4_TYSuyhVf-8Y0FGtCMHqbiSgZMBJF5kUn1sAuPxnMKSiuiZnwdUxJhTZlQr9lyILpYWJUFn5bIwAuE1p93YU-ee4hanUzQv9hTHiUYkhGZsR9Lwd9LfRHgASM-7UVTuWEYC5BZYpA559LNyCjvX96J0wYLs6dIImS9ZAz7-oXPgtXBqmonE_g-YxJTxALfoSv3ba68PyahBgR0F4CtX3XJIPoKBHZ0hwoqddaGbehAqBguj9SoD_636xG9hu7ZymfnWT6yjGXUu9PmgSwRJtDq1TDqsXH-whEXM1VliQ7pA5upVGJf9uHS3wperL6_Y8Kr4rqkziAl63JMVVUn5AXkZKu8yQsmR2Ppvy-o528OONLBONE4EHGToqArlYCEv6PeSmG36Jeg-DbeOSnwQtXV17Ku9QM47FYUC0_pKy7JDfH9VaamNv3kRhRyeTcfruGqx1CnPXGVL4SH9iU3TAvDUmvp3xKxQKOkNXnU7asnwOVf_1X7z8uLxxZIeVXZKYNyizBNgZP9UDyjdY5XmDvHZ0YAYbmbrstHahziwZjJRGpZCGBvhLFmc15qiu-aPvQdOnM8tRPkQ9LAjGDjzKw6nu-h0olYZA7tmzNyDCoZpeVfygTfCpQyYzrPuWozKP94v-ZvuJL2AsjgEtP2y1dL4WIp5WfYaaAXOsON_b_xvhtAd-y4v0EVwUJeB5CWcNy1nX2sFcQd0MkHIUG2IaGaBCdwYRG5eiL1rFqcs4gd733rkyO1JW23joRkO0_sk_D57mhLCAQqdTLBRKLsxj6-Ih6eBLS-NVgfFrDlhmboqDKb1aa3FADDN8Hx3uDuXfUr0ata59mhuqJVVTZujjSVtdZN9CemC67XAgAJNU-v992ziNTxveEXkC6tqb63schpVUIjOri6_rT0CLYdCNHut2NAAQisdNmARD1j5FVx3AdHSZJxbEWBM9k_QJCPxPYsDM3H6JVod7Q9I0fkRK6MtjT_3RhN5UwhLN03ny3KUQPMNR2dG9GXpZxn3G8y4yXb4Q50utftIXqVf1Zah8K322uqK9Ds_Te4nf7P2BjElZhz0SJCmNAPxx0UYM_KSEIWxlKaZPXcPqACHfMPhd5U14mGAdL3cQ8_NFhw6po8HnikQ2B10-1VXCqaG-gJjOQ56VOwDRcnAdcclxCCAv41OyM-dB17jkTGP3jPNE_8ZO5YV5yxjfOKQdbobgkEq3iJvOSufGv8VI850t4YVm8GfBzqZLYK5SWd02y0xUHU-X1Gb3kXomjlNluAYQoAk47Civt4pau0j9sF3aZQHtPTHcJeHzGlpvMUNs5Q9o2v-tiin74Gv3qMphiFLDh76voT9URq6a0wciV1t-LF2Iyg5tCK-rBcQEyRn1cFhIa84m-ZrXIGqpxor31CfkMPa99l0Ln5u311x1UzS3hYCWQ4NJC6A_ypmiNzvNIxPYle6kdtAXnNuSO8uIg2ARdG6QLZrnfImocUev3CBjVmBlbb5NuopCAu5Ky_cHVvvcnWh0osb1rJ7xpECAQSPADq26N90Rgt0PB0E41A8QMkwOj86FapGqosC4U7X1YJJqHDBT9FVuu7_IcGWZ5Ycfz3X4NN8vA68fFkvxgBIBNgAQ
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal113.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.76.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ws-in-f157.1e100.net
Software
cafe /
Resource Hash
9a1e4bc172b3058865cfe10541ed9e1db75bfb03e5ef235e8da5e577b75056b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:54:54 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23710
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1590 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D9Lk74pxZrZISI7n6WmecLv6TP9sGbPBJlniLBB3uJvqGw2fyzOSzlj93FFhdyxMKa6rXUlnlVt7rzo73Ru5ZAmUMAVQ8me9irBuDXqQMExzvyCOI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155823868&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1669172093862&bpp=13&bdt=236&idt=324&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=3857357183040&frm=8&ife=1&pv=2&ga_vid=1240897355.1669172094&ga_sid=1669172094&ga_hid=311990213&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=802331862&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C42531705%2C44774606&oid=2&pvsid=1999659876815096&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.enrtmqh2xdo1&fsb=1&dtd=342
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:54:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 1590 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155823868&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1669172093862&bpp=13&bdt=236&idt=324&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=3857357183040&frm=8&ife=1&pv=2&ga_vid=1240897355.1669172094&ga_sid=1669172094&ga_hid=311990213&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=802331862&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C42531705%2C44774606&oid=2&pvsid=1999659876815096&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.enrtmqh2xdo1&fsb=1&dtd=342
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 21:35:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
19184
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Dec 2022 21:35:10 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 1590 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155823868&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1669172093862&bpp=13&bdt=236&idt=324&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=3857357183040&frm=8&ife=1&pv=2&ga_vid=1240897355.1669172094&ga_sid=1669172094&ga_hid=311990213&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=802331862&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C42531705%2C44774606&oid=2&pvsid=1999659876815096&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.enrtmqh2xdo1&fsb=1&dtd=342
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 10:41:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
58407
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Dec 2022 10:41:27 GMT
l
www.google.com/ads/measurement/ Frame 1590 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSlT18jivoSLvgYPScx3qWmAto8nvtzqowiU7lOYWHKcVWbmmccaFKGvqar6qQQKLB0x-6JTHbQCYTnAhAOmqhhGF00-A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155823868&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1669172093862&bpp=13&bdt=236&idt=324&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=3857357183040&frm=8&ife=1&pv=2&ga_vid=1240897355.1669172094&ga_sid=1669172094&ga_hid=311990213&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=802331862&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C42531705%2C44774606&oid=2&pvsid=1999659876815096&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.enrtmqh2xdo1&fsb=1&dtd=342
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1590 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155823868&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1669172093862&bpp=13&bdt=236&idt=324&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=3857357183040&frm=8&ife=1&pv=2&ga_vid=1240897355.1669172094&ga_sid=1669172094&ga_hid=311990213&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=802331862&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C42531705%2C44774606&oid=2&pvsid=1999659876815096&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.enrtmqh2xdo1&fsb=1&dtd=342
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 23 Nov 2022 02:54:54 GMT
adlib.css
s0.2mdn.net/sadbundle/12253562395284209664/728x90-Crystal_Ski/ Frame 746E 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12253562395284209664/728x90-Crystal_Ski/adlib.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12253562395284209664/728x90-Crystal_Ski/index.html?e=69&leftOffset=0&topOffset=0&c=uvcZk6if6d&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fa4365f9098aa5351bbf4bab30eb7982b16ab10322cfa69a30edaa211eec29b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12253562395284209664/728x90-Crystal_Ski/index.html?e=69&leftOffset=0&topOffset=0&c=uvcZk6if6d&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:55:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
341976
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1886
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 11:16:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 19 Nov 2023 03:55:18 GMT
fonts.css
s0.2mdn.net/sadbundle/12253562395284209664/728x90-Crystal_Ski/ Frame 746E 		434 B
190 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12253562395284209664/728x90-Crystal_Ski/fonts.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12253562395284209664/728x90-Crystal_Ski/index.html?e=69&leftOffset=0&topOffset=0&c=uvcZk6if6d&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce47e2bfcfcdd077dd715215cbf5e8f0dd160c35a459d133a002b15e631cad87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12253562395284209664/728x90-Crystal_Ski/index.html?e=69&leftOffset=0&topOffset=0&c=uvcZk6if6d&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:22:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
343962
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
161
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 11:16:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 19 Nov 2023 03:22:12 GMT
adStyle.css
s0.2mdn.net/sadbundle/12253562395284209664/728x90-Crystal_Ski/ Frame 746E 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12253562395284209664/728x90-Crystal_Ski/adStyle.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12253562395284209664/728x90-Crystal_Ski/index.html?e=69&leftOffset=0&topOffset=0&c=uvcZk6if6d&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b247e56de8d6629754d2b60988a1619771a2e349df86b118e81ff52968549f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12253562395284209664/728x90-Crystal_Ski/index.html?e=69&leftOffset=0&topOffset=0&c=uvcZk6if6d&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 01:11:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
438177
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1183
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 11:16:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 18 Nov 2023 01:11:57 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 746E 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12253562395284209664/728x90-Crystal_Ski/index.html?e=69&leftOffset=0&topOffset=0&c=uvcZk6if6d&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12253562395284209664/728x90-Crystal_Ski/index.html?e=69&leftOffset=0&topOffset=0&c=uvcZk6if6d&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 11:10:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
56677
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 23 Nov 2022 11:10:17 GMT
gsap_3.2.4_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 746E 		57 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12253562395284209664/728x90-Crystal_Ski/index.html?e=69&leftOffset=0&topOffset=0&c=uvcZk6if6d&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12253562395284209664/728x90-Crystal_Ski/index.html?e=69&leftOffset=0&topOffset=0&c=uvcZk6if6d&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23276
x-xss-protection
0
last-modified
Thu, 05 Mar 2020 03:53:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 23 Nov 2022 02:54:54 GMT
snow.png
s0.2mdn.net/sadbundle/12253562395284209664/728x90-Crystal_Ski/ Frame 746E 		506 B
533 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12253562395284209664/728x90-Crystal_Ski/snow.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12253562395284209664/728x90-Crystal_Ski/index.html?e=69&leftOffset=0&topOffset=0&c=uvcZk6if6d&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6d0aa15878ea81619e92027135cd494136fa7eed212bff8976e7debc916543fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12253562395284209664/728x90-Crystal_Ski/index.html?e=69&leftOffset=0&topOffset=0&c=uvcZk6if6d&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 22:28:20 GMT
x-content-type-options
nosniff
age
447994
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
506
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 11:16:22 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Nov 2023 22:28:20 GMT
plus.png
s0.2mdn.net/sadbundle/12253562395284209664/728x90-Crystal_Ski/ Frame 746E 		317 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12253562395284209664/728x90-Crystal_Ski/plus.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12253562395284209664/728x90-Crystal_Ski/index.html?e=69&leftOffset=0&topOffset=0&c=uvcZk6if6d&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
404c8904ba1b8499bf4b71abe05e20d81afd5cf440e0f4c668b79765559b69ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12253562395284209664/728x90-Crystal_Ski/index.html?e=69&leftOffset=0&topOffset=0&c=uvcZk6if6d&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 17:18:46 GMT
x-content-type-options
nosniff
age
380168
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
317
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 11:16:22 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 18 Nov 2023 17:18:46 GMT
adlibUtils-v3.js
s0.2mdn.net/sadbundle/12253562395284209664/728x90-Crystal_Ski/ Frame 746E 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12253562395284209664/728x90-Crystal_Ski/adlibUtils-v3.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12253562395284209664/728x90-Crystal_Ski/index.html?e=69&leftOffset=0&topOffset=0&c=uvcZk6if6d&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6aed3a238eccdba51ccad99da44ae89e563a5e561cff593bdaa35982b8cc16f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12253562395284209664/728x90-Crystal_Ski/index.html?e=69&leftOffset=0&topOffset=0&c=uvcZk6if6d&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 05:39:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
594931
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10657
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 11:16:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 16 Nov 2023 05:39:23 GMT
animation.js
s0.2mdn.net/sadbundle/12253562395284209664/728x90-Crystal_Ski/ Frame 746E 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12253562395284209664/728x90-Crystal_Ski/animation.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12253562395284209664/728x90-Crystal_Ski/index.html?e=69&leftOffset=0&topOffset=0&c=uvcZk6if6d&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
76479a92fd0a1fbae17b90c67d7ac394c12a92e1df57b486f296d81fb5489704
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12253562395284209664/728x90-Crystal_Ski/index.html?e=69&leftOffset=0&topOffset=0&c=uvcZk6if6d&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 21:16:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20305
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1770
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 11:16:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 22 Nov 2023 21:16:29 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 403A 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMe4vAEQnPDewQIY66yj2AEwAQ&v=APEucNVdQwFj8KamRw0UQKS2-NwlNJ0s-rxK5Y3ZglsGEDbEB99S_W6DyDF2ZljopvBxM1LO9uOzY7TFMXffwdl3YCPkEzbrsQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155823868&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1669172093862&bpp=13&bdt=236&idt=324&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=3857357183040&frm=8&ife=1&pv=2&ga_vid=1240897355.1669172094&ga_sid=1669172094&ga_hid=311990213&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=802331862&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C42531705%2C44774606&oid=2&pvsid=1999659876815096&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.enrtmqh2xdo1&fsb=1&dtd=342
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155823868&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1669172093862&bpp=13&bdt=236&idt=324&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=3857357183040&frm=8&ife=1&pv=2&ga_vid=1240897355.1669172094&ga_sid=1669172094&ga_hid=311990213&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=802331862&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C42531705%2C44774606&oid=2&pvsid=1999659876815096&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.enrtmqh2xdo1&fsb=1&dtd=342
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 02:54:54 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 1590 		81 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ctv3dgYZbDiIR1cH2M048G7quS3S-kwlAIcDOz-vMy8EWArAioBqauErCAmQgdbcSK94k5VwBPsTiJOBSZDqmMquaSPw&cry=1&dbm_d=AKAmf-BYjXoZRPsZ2IVyDlykHUVoSFITXYLY7O9PCKwHoma0rErvNjuKsdkUJsJbhBv49uzimN_8RybLej1yEsZQwyRMdVr9F7TFSyUYIs9IR0n3g6eBRDKZ_tgPJKzNHgxIDrFeldTfj_KS_l_ZxyA40fQDid1eHdXEJ4fKjPsAil6gOemxOq3wD4V4COp6TjTrG3kU2d5zEdxoilBNOprwex2m3bab1VTnCU-qPt0qb4e9pOai_-yN9z7r_9gvuGPsBct_74OPvqKEWYuwDziCAhmGFcD6Qt1I41FZiIX8YHNpr_C-grXJZ4ZkXVbMnCgyiYq19B6A5h9dITGvnNJt4cMHX2993xWwQOyxCawdTJjM49bsHqbfiErW3pnunmDi198AhTTSvYz0qr7fHXQR5aCv9QcYhPWBYjdlyNH-TZQ57OQgka1amXGxy_NQZoxXCWk2dpTGHCL6qyxblqzchV-uN8-G58oUxKPVlkVTGP86-WkqewQIQqTS4usApfBjoxTepK1XCGEBVlavHiqI7L8DyDZgZ6O8ZAsMFJKJayjw9X2pn4N61feolDrwEQBqg4mpQsK3WN2pwztVL2MLHucIbniMyTVwvFQodp522TBA9CUlyZVE79AgK5v8COKApN60X8EJiwvfOEPq6F49i6SXuPoYcdJdb9Wxfxh6QCAXXVy2buQhtmN-CEz950zXiznJCGrLhSsbC7wUQrvUYH_bNGhRsvzgXNRriPfbdPBPYfq-nupjYWg__2gF6kW2069IuOcO36l-u3RuhmctjgGbm9C50kgKWnz2nK7pUAdM8LwXxcs7q1tuqxS8EIIpWnT0UJ_CoTaHK8Om30mwjsF6aGpZ1MGtR3Td8wxusUw3pF3S5kuc0z9lOhRwLqARn9__GcnyQCmxZys7nYMf7XNrW2DlVZhWgmveY7IepGfUIGVVFwTPpqK5J-mGnmuSBKeT9Vmh3OQfVlJ5TNNn1IdEhfdkYGIReFVmjLWaEFVkvDzrP1h5_Q5EgabXW_bD6Vgsj8g-r1QtyX9vDm0ClSnoScluZvSaH9-AaGPV3SPYT5gwvzqC_bKHnAp5yS0cX9ZQQTAigrXaRL4GouCks5hHuZzlfJVU5saaPltVRE_LGOLjE6tuplUAjCBsia0khzFJXkKf-br5KJmpgBDc7xLlkQTtV-GYNeRDiveKWq6jh_9qOQAzQchFQeG1oG3HBSm951jJtImJ6yaFAE2wX3QdQhfJYm2RWjLAW8cYVoHcAJm8C3eekfqazQCVxCjr7AfZH15gCoMl-PU--HIybHes8sbBw4KFWvQrN2Jm0pWI7bj_wlvHdYtPNViOlJlsyys2IM0hNZaIVNEDMv5qMaB25ErnNNaelD0MmOeEeFWmFmzlEzVRxBQ7ZiJf3c8UzLlDpxcP0QP-B5vRHwntNJ7KhuJtdAxPvjZxqg6gWwNQx-EcFGKBAZ1cCzXao_kWoyISnWjh4qvtjdhQeE0aYnzSA_bOstU_MpaFNwHkns4kOj6g-599ScTbFav6YjZxeNmQTkjBcGTh101mYI-S2IlgV1JcV5ZfrosZVv3LH9H02LS6t1kJIl9ZEBmPJCjlmc-OrlSaof8gZMNe6TTmuA8Z26vUqcj0h4nHXbnXXlCTdNmDv-2BjMRoCTl7KPomVzItKZoQIzPO7Mu2TGTwlSqJciE2NDTF5QIfnjTz5ZorGmjqCRyycYngr8qAmpD9JsWQ1WkHvLSzCisCfJNXbyCTmRdMNvsm1XhLiZEK11ks2qt9ek7BZyxEmt2JoPP2qX4pjsJUFnGUTiwujjsQHC9E3HwTeG_hF2gJpZt16th0bgieyDcX-qRAf40nhhOYyv3jN-Sm54Nn6xq7-RfHrazSNseQyhXmig_2eq2Hd0zNg2hEpamVwSUhMdYHEw2X61kWfbJfYOVfqX3XI1aNMarVocDqCtcEFx8GfQKWYlAJvFggb9F41mvn5PXqE-5t3ljIL4ggeN58DQ5X7NExDdRZH5_M-Oeg-oKbX35YB4JAXCFtLRvn5OFanmgVU9bcdJQPbZ9mG_nXF6cTFW5d1eR_kijmS4vJNkQVyNm05jalnNB8lR_Iq8hdsVY_9ZU1tbczRy7RdWUCck2HgJjGumkWv5zsUfJvyrTNx4E4suGUFFpOV9NNWYLwLCgJO0hHUXlF9mVU3JtIjwPSMMkopU3BIv65AzA-iteaTRN_xfs0_Dq2LuVkc-PkGHW_OBonQAchCZtDHgZ8a965EwbRGa8PT2KIC0XtKDx_wOWutDKzU4ieDbLwQxUXaZtNxPPXGuCdhPCO0bxf2YAVB90aQ_Gb8GGLA1v9oMmQ8Kt-DtT5NSpql8AyrkvHKOB7c6pBKHEBnxUvbw7nQELVEjs7uGO7a3BoJkspv2R71vnKiLxg4zxBg4QVc96W7dQDGVhegrtkZizooQwEUO-AsXQ3-OcvBaHK2MTTxt-HKcUIKwxYqDXMVnF5-ozFfUDpLJX_PgrVGXfsMdEY_m8WOiD8qeRcVX0dY2O3a3W2cFghtI3oE1b9DWI7sxzSlB19Tgqb5RG4uivCWSLwP9onfxEkQOd2SXDF1bLFJoz1IYG6YvoCBIObPMd7WSGQOBpbfTDylcMF6M0kH_EIpd9QtmS12tcmRLtJfzLW-qcOw9x0daeAWIohbaH6_3IOfY4dAZAXL64iESzZ9A5FcrEJaVUpSMjrDLJfLf_RFS9-Nmpqxq3X8mJidMwywoZvYYslQgLBFComVZFdjC_zGJPVq-ApirsOUzelDIRVho65tAid-U79WWAH_3IRSqngKu05yjSfM6g1_gtD_ECcbWA99QKNFvaJ1ZKxHutxHfGvNJgriDd8Q6PSCtkwD-sksmYryy6a9OuyUB1pxu2vYGLCXC_aPb1x806zXRqEY5vkCA1IxqgZAfJAGlId_tNdlKNb0zoRZD18wvK2XtKnhOSQq5H2o-DqwccPu9QoIIcpEqWu315Kf-Dw8uRE6pDg3Jjyo5wql6kXva9L8m8GZx0yRQf9agNz1bovFqbtvAWE0h8hZSgrI9uZl-JdJjln-9Mu3tXeXwMqoEWVTXjmmix0otVV_r1F-Ds47DHGzlIflSb3re4aduMDrQACP9H9KtjefgCjPyAJI4BXCsimEKNAYXp7BA9pwJ1mEKJfoUjU19g_i4V4vVl_YoGhqqhNG_8GbyVmxmM2lzhZ-pTVjyYqY-qSDP3ZAmrR8DVmJB6Ard390vBMgElS9X3z37KhlTC9ES13GAM2PN9nvEEatW-tIEd36N8LNzoxfA1ofMpXfBRQJ5YIxPNUaEy25hTrt03Mvab57QUusn6c&cid=CAQSKQDq26N9bUVA0KCQWeLUW1OLrXWw3dZsx5z-qjoFaXoY-kaycJ0Mo_HWGAEgEw&rfl=3%2Chttp%253A%252F%252Fzdorovia.com.ua%242%2C%2Chttps%253A%252F%252Ffile.adpartner.pro%252F%240
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155823868&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1669172093862&bpp=13&bdt=236&idt=324&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=3857357183040&frm=8&ife=1&pv=2&ga_vid=1240897355.1669172094&ga_sid=1669172094&ga_hid=311990213&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=802331862&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C42531705%2C44774606&oid=2&pvsid=1999659876815096&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.enrtmqh2xdo1&fsb=1&dtd=342
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1320d80076e33e05d34b3e45c224388c99d34efc505e45751fc43f9e1ab007f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155823868&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1669172093862&bpp=13&bdt=236&idt=324&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=3857357183040&frm=8&ife=1&pv=2&ga_vid=1240897355.1669172094&ga_sid=1669172094&ga_hid=311990213&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=802331862&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C42531705%2C44774606&oid=2&pvsid=1999659876815096&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.enrtmqh2xdo1&fsb=1&dtd=342
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:54:54 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34955
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
pagead2.googlesyndication.com/bg/ Frame 6F24 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 00:22:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9156
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 23 Nov 2023 00:22:18 GMT
pixel
cm.g.doubleclick.net/ Frame D436
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESED2A47MvZA1OlWaznPTDAGM&google_cver=1&google_push=ASkJ3FabONDSzL2yDOHgjOXzTJ7mZ6pWCXwXRftk7jpVgBVZVKaNaX216d...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ASkJ3FabONDSzL2yDOHgjOXzTJ7mZ6pWCXwXRftk7jpVgBVZVKaNaX216dVOVYrbxqaoVbWMrXtX4HvEbUEZ747ME6pN9xc72ZOu&google_hm=lJQenxYqxbPH...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ASkJ3FabONDSzL2yDOHgjOXzTJ7mZ6pWCXwXRftk7jpVgBVZVKaNaX216dVOVYrbxqaoVbWMrXtX4HvEbUEZ747ME6pN9xc72ZOu&google_hm=lJQenxYqxbPHWEpyQjZK_A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417939&pi=t.ma~as.7553037928&w=728&lmt=1669172091&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1669172091570&bpp=7&bdt=106&idt=190&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&correlator=4639092018766&frm=23&ife=5&pv=2&ga_vid=1022265231.1669172090&ga_sid=1669172090&ga_hid=52432709&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531705%2C31070923&oid=2&pvsid=417168342558042&tmod=1518457775&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.f1jdbaqguy4t&fsb=1&dtd=214
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:54:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:54:54 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ASkJ3FabONDSzL2yDOHgjOXzTJ7mZ6pWCXwXRftk7jpVgBVZVKaNaX216dVOVYrbxqaoVbWMrXtX4HvEbUEZ747ME6pN9xc72ZOu&google_hm=lJQenxYqxbPHWEpyQjZK_A
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D436
Redirect Chain
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEC_goKkI657rKBAbdkYfGGY&google_cver=1&google_push=ASkJ3FYFpJPFbc6BfY24eCieSr1TdJycdQnyE40zogDFSkKLjOWuoVAP-RI_kl9GK_vuYvmDuLIr1hHFAIoVbs_hW5nwUHKPkeL5
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ASkJ3FYFpJPFbc6BfY24eCieSr1TdJycdQnyE40zogDFSkKLjOWuoVAP-RI_kl9GK_vuYvmDuLIr1hHFAIoVbs_hW5nwUHKPkeL5&google_hm=Q0FFU0VDX2dvS2tJNjU3c...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ASkJ3FYFpJPFbc6BfY24eCieSr1TdJycdQnyE40zogDFSkKLjOWuoVAP-RI_kl9GK_vuYvmDuLIr1hHFAIoVbs_hW5nwUHKPkeL5&google_hm=Q0FFU0VDX2dvS2tJNjU3cktCQWJka1lmR0dZ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417939&pi=t.ma~as.7553037928&w=728&lmt=1669172091&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1669172091570&bpp=7&bdt=106&idt=190&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&correlator=4639092018766&frm=23&ife=5&pv=2&ga_vid=1022265231.1669172090&ga_sid=1669172090&ga_hid=52432709&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531705%2C31070923&oid=2&pvsid=417168342558042&tmod=1518457775&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.f1jdbaqguy4t&fsb=1&dtd=214
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:54:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 02:54:54 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ASkJ3FYFpJPFbc6BfY24eCieSr1TdJycdQnyE40zogDFSkKLjOWuoVAP-RI_kl9GK_vuYvmDuLIr1hHFAIoVbs_hW5nwUHKPkeL5&google_hm=Q0FFU0VDX2dvS2tJNjU3cktCQWJka1lmR0dZ
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D436
Redirect Chain
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DASkJ3FYqoAmx...
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DASkJ3FYqoAmx...
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjExMjMwMjU0NTUwMDA1Nzc3MzYxMjYxOQ%3D%3D&google_push=ASkJ3FYqoAmxR6-OUmjAn7PciP4ZsIHKSg6DdUGwFJLw-B1NgALu496b7dAofI_AAKeTDG...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjExMjMwMjU0NTUwMDA1Nzc3MzYxMjYxOQ%3D%3D&google_push=ASkJ3FYqoAmxR6-OUmjAn7PciP4ZsIHKSg6DdUGwFJLw-B1NgALu496b7dAofI_AAKeTDGWaNeQVuDw30i1wezzkpMeIMQ7AfM8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417939&pi=t.ma~as.7553037928&w=728&lmt=1669172091&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1669172091570&bpp=7&bdt=106&idt=190&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&correlator=4639092018766&frm=23&ife=5&pv=2&ga_vid=1022265231.1669172090&ga_sid=1669172090&ga_hid=52432709&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531705%2C31070923&oid=2&pvsid=417168342558042&tmod=1518457775&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.f1jdbaqguy4t&fsb=1&dtd=214
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:54:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjExMjMwMjU0NTUwMDA1Nzc3MzYxMjYxOQ%3D%3D&google_push=ASkJ3FYqoAmxR6-OUmjAn7PciP4ZsIHKSg6DdUGwFJLw-B1NgALu496b7dAofI_AAKeTDGWaNeQVuDw30i1wezzkpMeIMQ7AfM8
pragma
no-cache
date
Wed, 23 Nov 2022 02:54:55 GMT
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=2628000
content-length
0
expires
Wed, 23 Nov 2022 02:54:55 GMT
dds
rtb.openx.net/sync/ Frame D436 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEHEr4js_domGWNVHxCMsuW8&google_cver=1&google_push=ASkJ3FaFlziFY-OWz9YmenW9MuI4kQuNqfNZUYAmzV9K98sMubuPhYn5FHSYpOgCpNE_M49z1jLL0caGXnSiYV1QsZVD_Ot5QhiX
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417939&pi=t.ma~as.7553037928&w=728&lmt=1669172091&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1669172091570&bpp=7&bdt=106&idt=190&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&correlator=4639092018766&frm=23&ife=5&pv=2&ga_vid=1022265231.1669172090&ga_sid=1669172090&ga_hid=52432709&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531705%2C31070923&oid=2&pvsid=417168342558042&tmod=1518457775&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.f1jdbaqguy4t&fsb=1&dtd=214
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:54:53 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
6elgjbrj7ckd331gkudjv8k9koiv7jf6
pixel
cm.g.doubleclick.net/ Frame D436
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FUDqd6sZQ-ytIpqNQ_PI3g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FUDqd6sZQ-ytIpqNQ_PI3g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FZcOe_ywUCiYj4tj-bPFLVSSDNEBOpkDrreoV-16vSLn1l5_Cj_ERndRDFElRcmA9-tidTyUl_W73pSaCrjmN1gpStvnorT
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417939&pi=t.ma~as.7553037928&w=728&lmt=1669172091&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1669172091570&bpp=7&bdt=106&idt=190&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&correlator=4639092018766&frm=23&ife=5&pv=2&ga_vid=1022265231.1669172090&ga_sid=1669172090&ga_hid=52432709&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531705%2C31070923&oid=2&pvsid=417168342558042&tmod=1518457775&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.f1jdbaqguy4t&fsb=1&dtd=214
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:54:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FUDqd6sZQ-ytIpqNQ_PI3g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FZcOe_ywUCiYj4tj-bPFLVSSDNEBOpkDrreoV-16vSLn1l5_Cj_ERndRDFElRcmA9-tidTyUl_W73pSaCrjmN1gpStvnorT
date
Wed, 23 Nov 2022 02:54:53 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame D436
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJcunONHl2Avp2jRpCs-ne0&google_cver=1&google_push=ASkJ3FY9pUw1H2imCs1C5oSw_McD4dVs1n1sj4r8V059T8OV8FD9wjrXpFYZFSDBKiB3fNBzfkL...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFUMVlWMzMtMTgtSk5EVA==&google_push=ASkJ3FY9pUw1H2imCs1C5oSw_McD4dVs1n1sj4r8V059T8OV8FD9wjrXpFYZFSDBKiB3fNBzfkLhpSucgVktAwwjf4XF4fjl9wev
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFUMVlWMzMtMTgtSk5EVA==&google_push=ASkJ3FY9pUw1H2imCs1C5oSw_McD4dVs1n1sj4r8V059T8OV8FD9wjrXpFYZFSDBKiB3fNBzfkLhpSucgVktAwwjf4XF4fjl9wev
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417939&pi=t.ma~as.7553037928&w=728&lmt=1669172091&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1669172091570&bpp=7&bdt=106&idt=190&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&correlator=4639092018766&frm=23&ife=5&pv=2&ga_vid=1022265231.1669172090&ga_sid=1669172090&ga_hid=52432709&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531705%2C31070923&oid=2&pvsid=417168342558042&tmod=1518457775&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.f1jdbaqguy4t&fsb=1&dtd=214
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:54:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFUMVlWMzMtMTgtSk5EVA==&google_push=ASkJ3FY9pUw1H2imCs1C5oSw_McD4dVs1n1sj4r8V059T8OV8FD9wjrXpFYZFSDBKiB3fNBzfkLhpSucgVktAwwjf4XF4fjl9wev
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Expires
0
pixel
cm.g.doubleclick.net/ Frame D436
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAqJsBEL46lwg3-0NOGmDow&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEAqJsBEL46lwg3-0NOGmDow&google_hm=Y32Lexf10MiJyhZhOhh3aAAAAsEAAAIB&google_nid=index&google_push=ASkJ3Fa4TPVSuAyN9BekvNUL4YWxzvKs0Rz9s...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEAqJsBEL46lwg3-0NOGmDow&google_hm=Y32Lexf10MiJyhZhOhh3aAAAAsEAAAIB&google_nid=index&google_push=ASkJ3Fa4TPVSuAyN9BekvNUL4YWxzvKs0Rz9s--Wn74usjZMVC0CCn86AbtHTcY-5aMwuI0EWoTZfXCt6MR_j9C7wIxC5_Cb9ao
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417939&pi=t.ma~as.7553037928&w=728&lmt=1669172091&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1669172091570&bpp=7&bdt=106&idt=190&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&correlator=4639092018766&frm=23&ife=5&pv=2&ga_vid=1022265231.1669172090&ga_sid=1669172090&ga_hid=52432709&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531705%2C31070923&oid=2&pvsid=417168342558042&tmod=1518457775&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.f1jdbaqguy4t&fsb=1&dtd=214
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:54:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:54:54 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p0wToFSdGj3%2BzDrHMSNo4hy2u3WfSsGNzG3R0if%2F%2FrMejZ6P%2B7R4BeF9w%2FnfhOYvzVmPvWqoje2wiWYP8eg4B3Ickvk7VV09D%2FdnPGtmAWgIUhOVtHa0BFS%2FxCmJUh45sE%2FFX1DUv9g3fg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEAqJsBEL46lwg3-0NOGmDow&google_hm=Y32Lexf10MiJyhZhOhh3aAAAAsEAAAIB&google_nid=index&google_push=ASkJ3Fa4TPVSuAyN9BekvNUL4YWxzvKs0Rz9s--Wn74usjZMVC0CCn86AbtHTcY-5aMwuI0EWoTZfXCt6MR_j9C7wIxC5_Cb9ao
cache-control
no-cache
cf-ray
76e69f77ba64549f-MAN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
attr
cm.g.doubleclick.net/pixel/ Frame D436 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LBHeBP_h9oOlHBVOby1hQQAy38Wg4nQCD9Ie4W9pr6jxvrwrnqZp4VPV3EbHLygxHejlW0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417939&pi=t.ma~as.7553037928&w=728&lmt=1669172091&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1669172091570&bpp=7&bdt=106&idt=190&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&correlator=4639092018766&frm=23&ife=5&pv=2&ga_vid=1022265231.1669172090&ga_sid=1669172090&ga_hid=52432709&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531705%2C31070923&oid=2&pvsid=417168342558042&tmod=1518457775&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.f1jdbaqguy4t&fsb=1&dtd=214
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:54 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
visit.js
tps.doubleverify.com/ Frame 1BEF 		694 B
700 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=355&ttfrms=38&brid=3&brver=99.0.4844.51&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEATbpTauTauK5%40C%40G%3A2%5D4%40%3E%5DF2TauU2%3F4r92%3A%3Fl9EEATbpTauTauK5%40C%40G%3A2%5D4%40%3E%5DF2Tar9EEATbpTauTauK5%40C%40G%3A2%5D4%40%3E%5DF2Tar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6E&srcurlD=1&aUrlD=0&ssl=https:&uid=1669172094701198&jsCallback=dvCallback_1669172094701449&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=90&winw=728&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=3225&tgjsver=3225&lvvn=28&m1=13&refD=2&referrer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4577254435597104%26output%3Dhtml%26h%3D90%26slotname%3D7553037928%26adk%3D3481491427%26adf%3D2751417939%26pi%3Dt.ma~as.7553037928%26w%3D728%26lmt%3D1669172091%26format%3D728x90%26url%3Dhttp%253A%252F%252Fzdorovia.com.ua%252F%26ea%3D0%26wgl%3D1%26dt%3D1669172091570%26bpp%3D7%26bdt%3D106%26idt%3D190%26shv%3Dr20221110%26mjsv%3Dm202211100101%26ptt%3D9%26saldr%3Daa%26correlator%3D4639092018766%26frm%3D23%26ife%3D5%26pv%3D2%26ga_vid%3D1022265231.1669172090%26ga_sid%3D1669172090%26ga_hid%3D52432709%26ga_fc%3D1%26nhd%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D542%26ady%3D61%26biw%3D1600%26bih%3D1200%26isw%3D728%26ish%3D90%26ifk%3D3879291087%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C44777877%252C42531705%252C31070923%26oid%3D2%26pvsid%3D417168342558042%26tmod%3D1518457775%26uas%3D0%26nvt%3D1%26eae%3D2%26fc%3D640%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C728%252C90%26vis%3D1%26rsz%3D%257C%257CE%257C%26abl%3DCS%26pfx%3D0%26fu%3D4%26bc%3D23%26ifi%3D1%26uci%3D1.f1jdbaqguy4t%26fsb%3D1%26dtd%3D214&fcifrms=25&brh=2&sdf=2&dvp_epl=225&noc=4&nav_pltfrm=Win32&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=http://zdorovia.com.ua/&c1=4845432&prr=1&errorURL=https://tps.doubleverify.com/visit.jpg&ppid=103&auevent=ABAjH0gc7_5FgGhEXZyKZA4jGmGO&aucmp=18133645195&aucrtv=426657690&auorder=1008774246&ausite=52321546355&auxch=1&pltfrm=1&aufilter1=4845432&autt=1&mib=0&dvp_rcp=2&dvp_htec=1&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=7769102582.136515&dvp_tukv=46861861203.2934&dvp_uuid=1940992.0059597653&dvp_strhd=0.6000003814697266&dvpx_strhd=0.6000003814697266&dvp_tuid=371846495333
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3225.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.12.149.34.bc.googleusercontent.com
Software
/
Resource Hash
5af01027febcd2100334a4f79b5ac8add28c2e81dd926631619c0ed8b1f2aa8a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 02:54:55 GMT
Content-Encoding
br
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
close
Expires
11/22/2022 02:54:54
generate_204
tpc.googlesyndication.com/ Frame 233A 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?y-RlPg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:54 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame D456 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 16:47:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
36457
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 23 Nov 2022 16:47:17 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/ Frame D456 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/omrhp.js
Requested by
Host: bid.g.doubleclick.net
URL: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNVjUkJRtXXktYacILFSYLGXnYN9lZz4X41S-VF6APns31KpuyQ&d=CokBAKAmf-BZK28ntiyyIu2PO2jWsVGsoRg1DAFadhaoQwoa-x1qVqd6EyYapbOZEerLRHnuWZmElq1hRym9GqcNclKji5GMU-At_Fi7DD65zfGPulrMQIC4GxHhjCvDUs-V08WxiaFYtGDdzMgodNDj2dlnfrgcjTlTCmEJJnD9sBIwotNRlzXieggSuRMAoCZ_4Cs-pDkU0RL9P2iTd1YkcL3rxkDXV8dyqF0gTArXO6EiAhcSPgBj6dCGlpMu4oZCcVrEXSbfcSxJtTVuFl7Zlqx2Yn2FdqELnxY5WIeqtselXU5MtEqzmrxYHmLhwaS0HznuvNKmkiz_G2C3ditBBbwE0ot29knDjGzHNEANZvB6jBSBujhXDvM-jXLiPaB0zoxOkuA7CCd2CsUrynbnaNsfPyY0MNXovIiew7C68mVvuFspNz1iukIMqmg9gg_O4hZJ0dulwPXLMO-Qap-US6FV8A6rZYmqHOrmfQ9BpuRFRo1FISmi4vMwDpS6NRtU5e_sAc5Mn3oUMxbUhrndNpGsEytJ3jZufOLrMo6AIrlp_PRxGzZ9ePDZnlS3joiVCNFkoEuyK1XAcy_zQg6rDl6hTSdEOAnao7SbjWXXdbCmQte0u9LMF-Zdat0rUEs575FmF73WSj_YDqatFrGPcs0YLC12xjNnGWiwxtdr-1li8VHltv0D5x4s3rcgfGgJ1dcMsV7xxzTpyXwPFpnJwf4Mg9oFonTivcq28emIn4I9741RuFYoYGaul_NfCYha3g6JXOiTGPJUH7ZvPPCR50ol2LrVJZB4Q4XnWTbxr7Cehni0RAbvDe7X6QMvbEPAtYB2SqNvvQ2pF8I939YeWfc5gjx3xM3SewNIiF5vUYDtCbzISPrkfOhazkzqgoMotxueOIVpPq-9aN-27WaHr3UFy4Cg5x0XU81RwglbUFBHxSBJc98QfYkzNDkCubOn7MDq585jdhv7ZiBw9bMn4b1k6VkGGhVV5ofBwUvl-SYFlykUUKun2pd4kZM6wuTdG5X82PJ1Tm_Zw9ljD2kM5VEGLy3Sv3n3Z3GhzsNfSYxRStL-n_2kDruUWNtNdt0PTs1IDUyShlrUV12OqO33yutDtr2hYOtGceHqSFqtmbuf4nrbiXkecVNC0-AyIPZM_5glQCkUAGlPiEKF_3zWzy-5MN8I3y28YJEVP76Amcocrp3HAhiz9iAqvuoW9LscYYBIgbTIONIHahj2onTaztgsPRTUi6pIxVMlPy6VZ8K2x7x_ZaBQY7IXdsBAvqMZfJ0u-btRppYiLPtLZu0TMfHbrCCwykwBH0y-5rRijmFzdy5F3A0geNREOmHqKXfb4cHYP5ovqLPH6pxAjp2FCF5EhWo8B8WdDn3LiuJEiFTiecqXM5C4Or1fJiGASRpcJDmi8-moYSAyDlR2gyYBUmgm8R3AFvd_s10sDXJwmccXXiQokZlAbH1LLJD2FSDLzc8-RSp3KaU-XImBc5hmrFBJRcogFlYepMuV1ExJurBCaIr_sNf-42LjqDgb3MyTm7gOLSP022V2U7M27X7-hQb_H19mMU5qwOCSBtzcfkZF3PUvshtjhWCTa0tld6uFtiWDjI2xJ6eI8BLUl2VYVAWqXjiKNPa0oyZ9sf_jjZdSCNQ9OfrEFIyMyqK1Ejpc14Uug1kk-pgMnOxXzE8ompmgdtTLIh7geN2JVmPyClU_OT2ksgjRQ-dV0DVlhKlkLYsaKXG0M0sKXMaZhyvzMdGU5gT8GOtyFOOm49PQeQzNcdNV3mrWk4QaBQyLJPoXQbSxwtAGuXYaRMYZ2PM4ZPf1xgxfR_-_WuAM9vxH_2HZRq9JyQYwIpizUpmBwzmC1oko9BJSBZNTfncNikzepxnjlUj4tXJQoWG7w5kM5mPpLYOaIH2penDv2ghcl_ZEMmeiL3OnKO3r_KbgKCCJ8PCHDkiK9phOWfsDDXOFsapAfk425PE-iKwm4TPno4_TYSuyhVf-8Y0FGtCMHqbiSgZMBJF5kUn1sAuPxnMKSiuiZnwdUxJhTZlQr9lyILpYWJUFn5bIwAuE1p93YU-ee4hanUzQv9hTHiUYkhGZsR9Lwd9LfRHgASM-7UVTuWEYC5BZYpA559LNyCjvX96J0wYLs6dIImS9ZAz7-oXPgtXBqmonE_g-YxJTxALfoSv3ba68PyahBgR0F4CtX3XJIPoKBHZ0hwoqddaGbehAqBguj9SoD_636xG9hu7ZymfnWT6yjGXUu9PmgSwRJtDq1TDqsXH-whEXM1VliQ7pA5upVGJf9uHS3wperL6_Y8Kr4rqkziAl63JMVVUn5AXkZKu8yQsmR2Ppvy-o528OONLBONE4EHGToqArlYCEv6PeSmG36Jeg-DbeOSnwQtXV17Ku9QM47FYUC0_pKy7JDfH9VaamNv3kRhRyeTcfruGqx1CnPXGVL4SH9iU3TAvDUmvp3xKxQKOkNXnU7asnwOVf_1X7z8uLxxZIeVXZKYNyizBNgZP9UDyjdY5XmDvHZ0YAYbmbrstHahziwZjJRGpZCGBvhLFmc15qiu-aPvQdOnM8tRPkQ9LAjGDjzKw6nu-h0olYZA7tmzNyDCoZpeVfygTfCpQyYzrPuWozKP94v-ZvuJL2AsjgEtP2y1dL4WIp5WfYaaAXOsON_b_xvhtAd-y4v0EVwUJeB5CWcNy1nX2sFcQd0MkHIUG2IaGaBCdwYRG5eiL1rFqcs4gd733rkyO1JW23joRkO0_sk_D57mhLCAQqdTLBRKLsxj6-Ih6eBLS-NVgfFrDlhmboqDKb1aa3FADDN8Hx3uDuXfUr0ata59mhuqJVVTZujjSVtdZN9CemC67XAgAJNU-v992ziNTxveEXkC6tqb63schpVUIjOri6_rT0CLYdCNHut2NAAQisdNmARD1j5FVx3AdHSZJxbEWBM9k_QJCPxPYsDM3H6JVod7Q9I0fkRK6MtjT_3RhN5UwhLN03ny3KUQPMNR2dG9GXpZxn3G8y4yXb4Q50utftIXqVf1Zah8K322uqK9Ds_Te4nf7P2BjElZhz0SJCmNAPxx0UYM_KSEIWxlKaZPXcPqACHfMPhd5U14mGAdL3cQ8_NFhw6po8HnikQ2B10-1VXCqaG-gJjOQ56VOwDRcnAdcclxCCAv41OyM-dB17jkTGP3jPNE_8ZO5YV5yxjfOKQdbobgkEq3iJvOSufGv8VI850t4YVm8GfBzqZLYK5SWd02y0xUHU-X1Gb3kXomjlNluAYQoAk47Civt4pau0j9sF3aZQHtPTHcJeHzGlpvMUNs5Q9o2v-tiin74Gv3qMphiFLDh76voT9URq6a0wciV1t-LF2Iyg5tCK-rBcQEyRn1cFhIa84m-ZrXIGqpxor31CfkMPa99l0Ln5u311x1UzS3hYCWQ4NJC6A_ypmiNzvNIxPYle6kdtAXnNuSO8uIg2ARdG6QLZrnfImocUev3CBjVmBlbb5NuopCAu5Ky_cHVvvcnWh0osb1rJ7xpECAQSPADq26N90Rgt0PB0E41A8QMkwOj86FapGqosC4U7X1YJJqHDBT9FVuu7_IcGWZ5Ycfz3X4NN8vA68fFkvxgBIBNgAQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 21:16:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
20294
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Dec 2022 21:16:40 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame D456 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite.js
Requested by
Host: bid.g.doubleclick.net
URL: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNVjUkJRtXXktYacILFSYLGXnYN9lZz4X41S-VF6APns31KpuyQ&d=CokBAKAmf-BZK28ntiyyIu2PO2jWsVGsoRg1DAFadhaoQwoa-x1qVqd6EyYapbOZEerLRHnuWZmElq1hRym9GqcNclKji5GMU-At_Fi7DD65zfGPulrMQIC4GxHhjCvDUs-V08WxiaFYtGDdzMgodNDj2dlnfrgcjTlTCmEJJnD9sBIwotNRlzXieggSuRMAoCZ_4Cs-pDkU0RL9P2iTd1YkcL3rxkDXV8dyqF0gTArXO6EiAhcSPgBj6dCGlpMu4oZCcVrEXSbfcSxJtTVuFl7Zlqx2Yn2FdqELnxY5WIeqtselXU5MtEqzmrxYHmLhwaS0HznuvNKmkiz_G2C3ditBBbwE0ot29knDjGzHNEANZvB6jBSBujhXDvM-jXLiPaB0zoxOkuA7CCd2CsUrynbnaNsfPyY0MNXovIiew7C68mVvuFspNz1iukIMqmg9gg_O4hZJ0dulwPXLMO-Qap-US6FV8A6rZYmqHOrmfQ9BpuRFRo1FISmi4vMwDpS6NRtU5e_sAc5Mn3oUMxbUhrndNpGsEytJ3jZufOLrMo6AIrlp_PRxGzZ9ePDZnlS3joiVCNFkoEuyK1XAcy_zQg6rDl6hTSdEOAnao7SbjWXXdbCmQte0u9LMF-Zdat0rUEs575FmF73WSj_YDqatFrGPcs0YLC12xjNnGWiwxtdr-1li8VHltv0D5x4s3rcgfGgJ1dcMsV7xxzTpyXwPFpnJwf4Mg9oFonTivcq28emIn4I9741RuFYoYGaul_NfCYha3g6JXOiTGPJUH7ZvPPCR50ol2LrVJZB4Q4XnWTbxr7Cehni0RAbvDe7X6QMvbEPAtYB2SqNvvQ2pF8I939YeWfc5gjx3xM3SewNIiF5vUYDtCbzISPrkfOhazkzqgoMotxueOIVpPq-9aN-27WaHr3UFy4Cg5x0XU81RwglbUFBHxSBJc98QfYkzNDkCubOn7MDq585jdhv7ZiBw9bMn4b1k6VkGGhVV5ofBwUvl-SYFlykUUKun2pd4kZM6wuTdG5X82PJ1Tm_Zw9ljD2kM5VEGLy3Sv3n3Z3GhzsNfSYxRStL-n_2kDruUWNtNdt0PTs1IDUyShlrUV12OqO33yutDtr2hYOtGceHqSFqtmbuf4nrbiXkecVNC0-AyIPZM_5glQCkUAGlPiEKF_3zWzy-5MN8I3y28YJEVP76Amcocrp3HAhiz9iAqvuoW9LscYYBIgbTIONIHahj2onTaztgsPRTUi6pIxVMlPy6VZ8K2x7x_ZaBQY7IXdsBAvqMZfJ0u-btRppYiLPtLZu0TMfHbrCCwykwBH0y-5rRijmFzdy5F3A0geNREOmHqKXfb4cHYP5ovqLPH6pxAjp2FCF5EhWo8B8WdDn3LiuJEiFTiecqXM5C4Or1fJiGASRpcJDmi8-moYSAyDlR2gyYBUmgm8R3AFvd_s10sDXJwmccXXiQokZlAbH1LLJD2FSDLzc8-RSp3KaU-XImBc5hmrFBJRcogFlYepMuV1ExJurBCaIr_sNf-42LjqDgb3MyTm7gOLSP022V2U7M27X7-hQb_H19mMU5qwOCSBtzcfkZF3PUvshtjhWCTa0tld6uFtiWDjI2xJ6eI8BLUl2VYVAWqXjiKNPa0oyZ9sf_jjZdSCNQ9OfrEFIyMyqK1Ejpc14Uug1kk-pgMnOxXzE8ompmgdtTLIh7geN2JVmPyClU_OT2ksgjRQ-dV0DVlhKlkLYsaKXG0M0sKXMaZhyvzMdGU5gT8GOtyFOOm49PQeQzNcdNV3mrWk4QaBQyLJPoXQbSxwtAGuXYaRMYZ2PM4ZPf1xgxfR_-_WuAM9vxH_2HZRq9JyQYwIpizUpmBwzmC1oko9BJSBZNTfncNikzepxnjlUj4tXJQoWG7w5kM5mPpLYOaIH2penDv2ghcl_ZEMmeiL3OnKO3r_KbgKCCJ8PCHDkiK9phOWfsDDXOFsapAfk425PE-iKwm4TPno4_TYSuyhVf-8Y0FGtCMHqbiSgZMBJF5kUn1sAuPxnMKSiuiZnwdUxJhTZlQr9lyILpYWJUFn5bIwAuE1p93YU-ee4hanUzQv9hTHiUYkhGZsR9Lwd9LfRHgASM-7UVTuWEYC5BZYpA559LNyCjvX96J0wYLs6dIImS9ZAz7-oXPgtXBqmonE_g-YxJTxALfoSv3ba68PyahBgR0F4CtX3XJIPoKBHZ0hwoqddaGbehAqBguj9SoD_636xG9hu7ZymfnWT6yjGXUu9PmgSwRJtDq1TDqsXH-whEXM1VliQ7pA5upVGJf9uHS3wperL6_Y8Kr4rqkziAl63JMVVUn5AXkZKu8yQsmR2Ppvy-o528OONLBONE4EHGToqArlYCEv6PeSmG36Jeg-DbeOSnwQtXV17Ku9QM47FYUC0_pKy7JDfH9VaamNv3kRhRyeTcfruGqx1CnPXGVL4SH9iU3TAvDUmvp3xKxQKOkNXnU7asnwOVf_1X7z8uLxxZIeVXZKYNyizBNgZP9UDyjdY5XmDvHZ0YAYbmbrstHahziwZjJRGpZCGBvhLFmc15qiu-aPvQdOnM8tRPkQ9LAjGDjzKw6nu-h0olYZA7tmzNyDCoZpeVfygTfCpQyYzrPuWozKP94v-ZvuJL2AsjgEtP2y1dL4WIp5WfYaaAXOsON_b_xvhtAd-y4v0EVwUJeB5CWcNy1nX2sFcQd0MkHIUG2IaGaBCdwYRG5eiL1rFqcs4gd733rkyO1JW23joRkO0_sk_D57mhLCAQqdTLBRKLsxj6-Ih6eBLS-NVgfFrDlhmboqDKb1aa3FADDN8Hx3uDuXfUr0ata59mhuqJVVTZujjSVtdZN9CemC67XAgAJNU-v992ziNTxveEXkC6tqb63schpVUIjOri6_rT0CLYdCNHut2NAAQisdNmARD1j5FVx3AdHSZJxbEWBM9k_QJCPxPYsDM3H6JVod7Q9I0fkRK6MtjT_3RhN5UwhLN03ny3KUQPMNR2dG9GXpZxn3G8y4yXb4Q50utftIXqVf1Zah8K322uqK9Ds_Te4nf7P2BjElZhz0SJCmNAPxx0UYM_KSEIWxlKaZPXcPqACHfMPhd5U14mGAdL3cQ8_NFhw6po8HnikQ2B10-1VXCqaG-gJjOQ56VOwDRcnAdcclxCCAv41OyM-dB17jkTGP3jPNE_8ZO5YV5yxjfOKQdbobgkEq3iJvOSufGv8VI850t4YVm8GfBzqZLYK5SWd02y0xUHU-X1Gb3kXomjlNluAYQoAk47Civt4pau0j9sF3aZQHtPTHcJeHzGlpvMUNs5Q9o2v-tiin74Gv3qMphiFLDh76voT9URq6a0wciV1t-LF2Iyg5tCK-rBcQEyRn1cFhIa84m-ZrXIGqpxor31CfkMPa99l0Ln5u311x1UzS3hYCWQ4NJC6A_ypmiNzvNIxPYle6kdtAXnNuSO8uIg2ARdG6QLZrnfImocUev3CBjVmBlbb5NuopCAu5Ky_cHVvvcnWh0osb1rJ7xpECAQSPADq26N90Rgt0PB0E41A8QMkwOj86FapGqosC4U7X1YJJqHDBT9FVuu7_IcGWZ5Ycfz3X4NN8vA68fFkvxgBIBNgAQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2c19d105106bf6f55dd15da3523b88f88921e03cf54e1efaa138922fc12397c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 13:36:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
47908
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11206
x-xss-protection
0
server
cafe
etag
16690196781007480285
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Dec 2022 13:36:26 GMT
index.html
s0.2mdn.net/sadbundle/2978795306681093372/ Frame DB39 		27 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2978795306681093372/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed0b0fe09a9dd4169fdc0c4e994c64522cdec9d516b1cbdd083f7a36573dc046
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
432700
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5309
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 18 Nov 2022 02:43:14 GMT
expires
Sat, 18 Nov 2023 02:43:14 GMT
last-modified
Mon, 31 Oct 2022 13:57:38 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame C3A1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsshLv_MbqqzBI1eArxwIMqQmEGR2SZGhmvuWLuNpopo1iejCKLrNIMd459IN02gw5k4J994QGhkJm1xeUUA0XSdUcBcWsm_zs5w2caZD9_nL_cyRj_yg7uyvOaCKPpShxpkCZqbt2WWTK1ZI9ZxwfmOT66WEZ7hi12_C7FhfFupc-iRLzziCvMFzctsTFQADn5ZXj7qwoGSIpwXd48UDTt4UtPBvvjoj2ij5r2d0XBzZEZPBItlf3XMRPeqQ_m3fDKW3XH477pYENL6RY5NVTegDCHoScYzfKpz4Cm3qOIVpmrJ0U5rfD4KWzjsJls-xq5MbCZo2xX-pHlNqtwcicSVB61pqcxCwedm71yjEyTHpXgXp9FcKEXhEdhYN4zfGJ8gsc0Jhy9XF2T9Qc123SHAQaLZ-scx0gscSxQpUZ-zgzlWFRTgLl_4So7X3nZwBJxaQoC8YRJojqUVqivWjXuX-G1TCHi9pr1ySLJzvciD4bKINHxZ6bPpYfGvI2ao7w09a3oG1LkV77sdRBGURKkvBkU-SSCvUiXHZ5wgG4eRweTh5lhebIjMrAQYd0VGvcbzmWL3PNo7n7H0xBQwYTNnV1ZvhmW4DqgdBn1o7kDHQttOkdwAglVp69PCE2ebQOIRwTCeYrGtpU_lB9VJu3yarz-U1dn1BPbLGZBf8PrPbZBXZltNMh9GhRzQrmGy5rEPQ-UyqqdBz9za9doWCf3-XfBR3-qKNvHB3eNAZvtosEYhlSXo6KZDd6Q8sZcitBlX0rJyLHyK3y7MV4Sv1QyqVr89bN1Bq4ZfTnRkIpO60nfSMTNcqlgwd7nvZDXNI913Ytyw0R3ojMgLPqeSVz75236EpmRyt6q2YIrqEH8E6GWYrdsAm1yhNFBjtOu2ZyeGUxuJxnO1Du7D76Rw0LxrzxyFd2Zi1hsnQpJdV-XK6Rj9urv2aDU4ENVT2XylBec1XbuXvW0N56VACXGsrNftMzVG6k1i7O_MooblYvNRCVpZAEIK6XAMbTDj8qkTMNuDuGYsEXyq-CBrIGZNjLgaPEWwGh_OC2Pt8nCd2gPjgkVkPUJh2d8EQO1By3GtmV6VE55n8YvXx1w9u-4nu9SclFTlELwyNkq7WsnXT9lQ3Qs3_p7cRuwyE7dHkhDfCjPQzBy-QJHFKRgO--S5gJwXSJYmS2B-5pTpI80B1cTS1l0OoKC7aBR3cyRxvxuYj_hYwvdVaURsVxFxbFeETei6RnDuamfTrqRVjSIs-MuG3p--6wvtcRc&sai=AMfl-YTUhWsH5xTBaNjEesx4vHiVBm6JhjBzBSnSE3NgqTEZyy1xfyfMFdSGokIUTf8iBiuRrgobYd-OIgSm1mpI5HkZsFcRoFTaqE-ytft-BOdg1dVXKEfnTTKJrhBA8Y8Qr6P_JAQGHdeyyEQD3IsCboapNH4_ir1AuWnV7Gs0YF1iCP9vUyewRyO3pcOGr3n5qGZ3_VJasuRAARYneak&sig=Cg0ArKJSzDPE1GCg8f5BEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=459&cbvp=1&cstd=456&cisv=r20221110.57482&arae=0&ftch=1&adurl=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 23 Nov 2022 02:54:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 23 Nov 2022 02:54:54 GMT
visit.js
tps.doubleverify.com/ Frame 6026 		694 B
701 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=402&ttfrms=8&brid=3&brver=99.0.4844.51&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEATbpTauTauK5%40C%40G%3A2%5D4%40%3E%5DF2TauU2%3F4r92%3A%3Fl9EEATbpTauTauK5%40C%40G%3A2%5D4%40%3E%5DF2Tar9EEATbpTauTauK5%40C%40G%3A2%5D4%40%3E%5DF2Tar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6E&srcurlD=1&aUrlD=0&ssl=https:&uid=1669172094765869&jsCallback=dvCallback_1669172094765943&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=90&winw=728&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=3225&tgjsver=3225&lvvn=28&m1=13&refD=2&referrer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4577254435597104%26output%3Dhtml%26h%3D90%26slotname%3D7553037928%26adk%3D3481491427%26adf%3D2751417939%26pi%3Dt.ma~as.7553037928%26w%3D728%26lmt%3D1669172091%26format%3D728x90%26url%3Dhttp%253A%252F%252Fzdorovia.com.ua%252F%26ea%3D0%26wgl%3D1%26dt%3D1669172091570%26bpp%3D7%26bdt%3D106%26idt%3D190%26shv%3Dr20221110%26mjsv%3Dm202211100101%26ptt%3D9%26saldr%3Daa%26correlator%3D4639092018766%26frm%3D23%26ife%3D5%26pv%3D2%26ga_vid%3D1022265231.1669172090%26ga_sid%3D1669172090%26ga_hid%3D52432709%26ga_fc%3D1%26nhd%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D542%26ady%3D61%26biw%3D1600%26bih%3D1200%26isw%3D728%26ish%3D90%26ifk%3D3879291087%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C44777877%252C42531705%252C31070923%26oid%3D2%26pvsid%3D417168342558042%26tmod%3D1518457775%26uas%3D0%26nvt%3D1%26eae%3D2%26fc%3D640%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C728%252C90%26vis%3D1%26rsz%3D%257C%257CE%257C%26abl%3DCS%26pfx%3D0%26fu%3D4%26bc%3D23%26ifi%3D1%26uci%3D1.f1jdbaqguy4t%26fsb%3D1%26dtd%3D214&fcifrms=25&brh=2&sdf=2&dvp_epl=225&noc=4&nav_pltfrm=Win32&ctx=25334725&cmp=27853577&sid=6688358&plc=337476919&crt=154637892&btreg=529108025&btadsrv=doubleclick&adsrv=1&advid=10685630&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=1&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=7769102582.136515&dvp_tukv=9811202698.961935&dvp_uuid=97761252143.16481&dvp_strhd=0.19999980926513672&dvpx_strhd=0.19999980926513672&dvp_tuid=113529749128
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3225.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.12.149.34.bc.googleusercontent.com
Software
/
Resource Hash
4176ef4b226ec3594ce67ea47c05d93f55c521a1eda62c074b15893484e86bdb

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 02:54:54 GMT
Content-Encoding
br
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
close
Expires
11/22/2022 02:54:54
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame C3A1 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155820289&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1669172093443&bpp=18&bdt=230&idt=219&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=1749007849656&frm=8&ife=1&pv=2&ga_vid=1427029477.1669172094&ga_sid=1669172094&ga_hid=574819294&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3846571605&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44774649%2C42531705%2C44774653%2C44777506%2C31070763%2C44770881&oid=2&pvsid=2870033142786992&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.ai7kwka5pwwb&fsb=1&dtd=238
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 12:06:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
398894
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Nov 2023 12:06:40 GMT
truncated
/ Frame C3A1 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0672b11390df88de7cbadb94341ff565402966fa32ebbeabda80700f91b24517

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/pagead/ Frame 3C9F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221110&jk=417168342558042&bg=!UFOlUxfNAAbvMpMzzzI7ACkAdvg8Wqq1gIVV1ZRgLYk_DReb_u9lq6uGxMqStYO1t922HV9BCN973wIAAALHUgAAAANoAQeZAs1s1KvDlNztmg_L813lvzlsYPqapn5D-GMhTcMSZiBMhgkf7lqJZgLRs4yDHCKQTytIfPSw6-gpakcgMdOvs4hywiVD18boXH3W0vgdKTe1aMbEt3ADth4ejEQpn7gP2Jr7KX8WBxPGO5AybjKyhlULjCnPvJDSUsvvPKzt43wJyU2FVNtH4US3DmfYBtaKfK66cFgpujFtXlPD5Kpx-YuGm5zVNopP85nDKTZSMhJt6uC2ChsobH4eYCZlAVDUWDPBO1n5XqDhgxUy1OUKhRjGvtDYZHG7F6a8oIeW9FjsbHP3mw_PYh5VCGaFVcEwra6W7mvYON5ZbGEKbtd2cgMXNvara__So1a2nG1W2mnz3-iATMDEjdQ1CUWB_AeL6nb99U_SsuS16I0MYFBiG2lfWuUMky1x8e7zfpwS5s9K3mfcKISNRS6Ml4GLMBuud84sW4BiRAlaoP39ljBKeGHIWbp6SToVtJtdgxm1QfmFpSf68TGwUF5gdHslOKBM3EPT1F8NduQfFtfu2Cks3SGLhREg0vWdbFTZUZ8bLt9M2IL1S7xFbqHtf2nOk9Dwe12FIc0gy0G9cue-5E5uaAmyU2fQbxmxs9jRIi1Ci9J6SeJhDnOwimzbBKCgRy28zsP6MaMrk_sSeX1afxXn3BHdHcBgdicC0NcUmo-1wx-bPIjbn-EkwlqT1c63iTwQbthNbqWicgLbpvTjpVm2b7_QSHbFKR2nx-5nQfla3fLPqKLy5lXidOblqv6NEBZi1_kXHYmrDHkixabNIEPCoX0T5fulKVh_3Q9euQKeEOWPG9OKQqYXbRYnLKvDZOqpd5DhRI7LbLJaivAIMv7Ifc19CRB8dvJ0-wvyn1-nMQmhlVpPOEPoA18cKu_68jhoroMZs1gQv1IKgz8RuOVDHZFaci32hsbiR8U1764cjqUeiQKr-jD3_Es4Md4gnyo
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 3A62 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?nxf86w
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:54 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 1590 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 11:55:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
53974
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 23 Nov 2022 11:55:20 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/ Frame 1590 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ctv3dgYZbDiIR1cH2M048G7quS3S-kwlAIcDOz-vMy8EWArAioBqauErCAmQgdbcSK94k5VwBPsTiJOBSZDqmMquaSPw&cry=1&dbm_d=AKAmf-BYjXoZRPsZ2IVyDlykHUVoSFITXYLY7O9PCKwHoma0rErvNjuKsdkUJsJbhBv49uzimN_8RybLej1yEsZQwyRMdVr9F7TFSyUYIs9IR0n3g6eBRDKZ_tgPJKzNHgxIDrFeldTfj_KS_l_ZxyA40fQDid1eHdXEJ4fKjPsAil6gOemxOq3wD4V4COp6TjTrG3kU2d5zEdxoilBNOprwex2m3bab1VTnCU-qPt0qb4e9pOai_-yN9z7r_9gvuGPsBct_74OPvqKEWYuwDziCAhmGFcD6Qt1I41FZiIX8YHNpr_C-grXJZ4ZkXVbMnCgyiYq19B6A5h9dITGvnNJt4cMHX2993xWwQOyxCawdTJjM49bsHqbfiErW3pnunmDi198AhTTSvYz0qr7fHXQR5aCv9QcYhPWBYjdlyNH-TZQ57OQgka1amXGxy_NQZoxXCWk2dpTGHCL6qyxblqzchV-uN8-G58oUxKPVlkVTGP86-WkqewQIQqTS4usApfBjoxTepK1XCGEBVlavHiqI7L8DyDZgZ6O8ZAsMFJKJayjw9X2pn4N61feolDrwEQBqg4mpQsK3WN2pwztVL2MLHucIbniMyTVwvFQodp522TBA9CUlyZVE79AgK5v8COKApN60X8EJiwvfOEPq6F49i6SXuPoYcdJdb9Wxfxh6QCAXXVy2buQhtmN-CEz950zXiznJCGrLhSsbC7wUQrvUYH_bNGhRsvzgXNRriPfbdPBPYfq-nupjYWg__2gF6kW2069IuOcO36l-u3RuhmctjgGbm9C50kgKWnz2nK7pUAdM8LwXxcs7q1tuqxS8EIIpWnT0UJ_CoTaHK8Om30mwjsF6aGpZ1MGtR3Td8wxusUw3pF3S5kuc0z9lOhRwLqARn9__GcnyQCmxZys7nYMf7XNrW2DlVZhWgmveY7IepGfUIGVVFwTPpqK5J-mGnmuSBKeT9Vmh3OQfVlJ5TNNn1IdEhfdkYGIReFVmjLWaEFVkvDzrP1h5_Q5EgabXW_bD6Vgsj8g-r1QtyX9vDm0ClSnoScluZvSaH9-AaGPV3SPYT5gwvzqC_bKHnAp5yS0cX9ZQQTAigrXaRL4GouCks5hHuZzlfJVU5saaPltVRE_LGOLjE6tuplUAjCBsia0khzFJXkKf-br5KJmpgBDc7xLlkQTtV-GYNeRDiveKWq6jh_9qOQAzQchFQeG1oG3HBSm951jJtImJ6yaFAE2wX3QdQhfJYm2RWjLAW8cYVoHcAJm8C3eekfqazQCVxCjr7AfZH15gCoMl-PU--HIybHes8sbBw4KFWvQrN2Jm0pWI7bj_wlvHdYtPNViOlJlsyys2IM0hNZaIVNEDMv5qMaB25ErnNNaelD0MmOeEeFWmFmzlEzVRxBQ7ZiJf3c8UzLlDpxcP0QP-B5vRHwntNJ7KhuJtdAxPvjZxqg6gWwNQx-EcFGKBAZ1cCzXao_kWoyISnWjh4qvtjdhQeE0aYnzSA_bOstU_MpaFNwHkns4kOj6g-599ScTbFav6YjZxeNmQTkjBcGTh101mYI-S2IlgV1JcV5ZfrosZVv3LH9H02LS6t1kJIl9ZEBmPJCjlmc-OrlSaof8gZMNe6TTmuA8Z26vUqcj0h4nHXbnXXlCTdNmDv-2BjMRoCTl7KPomVzItKZoQIzPO7Mu2TGTwlSqJciE2NDTF5QIfnjTz5ZorGmjqCRyycYngr8qAmpD9JsWQ1WkHvLSzCisCfJNXbyCTmRdMNvsm1XhLiZEK11ks2qt9ek7BZyxEmt2JoPP2qX4pjsJUFnGUTiwujjsQHC9E3HwTeG_hF2gJpZt16th0bgieyDcX-qRAf40nhhOYyv3jN-Sm54Nn6xq7-RfHrazSNseQyhXmig_2eq2Hd0zNg2hEpamVwSUhMdYHEw2X61kWfbJfYOVfqX3XI1aNMarVocDqCtcEFx8GfQKWYlAJvFggb9F41mvn5PXqE-5t3ljIL4ggeN58DQ5X7NExDdRZH5_M-Oeg-oKbX35YB4JAXCFtLRvn5OFanmgVU9bcdJQPbZ9mG_nXF6cTFW5d1eR_kijmS4vJNkQVyNm05jalnNB8lR_Iq8hdsVY_9ZU1tbczRy7RdWUCck2HgJjGumkWv5zsUfJvyrTNx4E4suGUFFpOV9NNWYLwLCgJO0hHUXlF9mVU3JtIjwPSMMkopU3BIv65AzA-iteaTRN_xfs0_Dq2LuVkc-PkGHW_OBonQAchCZtDHgZ8a965EwbRGa8PT2KIC0XtKDx_wOWutDKzU4ieDbLwQxUXaZtNxPPXGuCdhPCO0bxf2YAVB90aQ_Gb8GGLA1v9oMmQ8Kt-DtT5NSpql8AyrkvHKOB7c6pBKHEBnxUvbw7nQELVEjs7uGO7a3BoJkspv2R71vnKiLxg4zxBg4QVc96W7dQDGVhegrtkZizooQwEUO-AsXQ3-OcvBaHK2MTTxt-HKcUIKwxYqDXMVnF5-ozFfUDpLJX_PgrVGXfsMdEY_m8WOiD8qeRcVX0dY2O3a3W2cFghtI3oE1b9DWI7sxzSlB19Tgqb5RG4uivCWSLwP9onfxEkQOd2SXDF1bLFJoz1IYG6YvoCBIObPMd7WSGQOBpbfTDylcMF6M0kH_EIpd9QtmS12tcmRLtJfzLW-qcOw9x0daeAWIohbaH6_3IOfY4dAZAXL64iESzZ9A5FcrEJaVUpSMjrDLJfLf_RFS9-Nmpqxq3X8mJidMwywoZvYYslQgLBFComVZFdjC_zGJPVq-ApirsOUzelDIRVho65tAid-U79WWAH_3IRSqngKu05yjSfM6g1_gtD_ECcbWA99QKNFvaJ1ZKxHutxHfGvNJgriDd8Q6PSCtkwD-sksmYryy6a9OuyUB1pxu2vYGLCXC_aPb1x806zXRqEY5vkCA1IxqgZAfJAGlId_tNdlKNb0zoRZD18wvK2XtKnhOSQq5H2o-DqwccPu9QoIIcpEqWu315Kf-Dw8uRE6pDg3Jjyo5wql6kXva9L8m8GZx0yRQf9agNz1bovFqbtvAWE0h8hZSgrI9uZl-JdJjln-9Mu3tXeXwMqoEWVTXjmmix0otVV_r1F-Ds47DHGzlIflSb3re4aduMDrQACP9H9KtjefgCjPyAJI4BXCsimEKNAYXp7BA9pwJ1mEKJfoUjU19g_i4V4vVl_YoGhqqhNG_8GbyVmxmM2lzhZ-pTVjyYqY-qSDP3ZAmrR8DVmJB6Ard390vBMgElS9X3z37KhlTC9ES13GAM2PN9nvEEatW-tIEd36N8LNzoxfA1ofMpXfBRQJ5YIxPNUaEy25hTrt03Mvab57QUusn6c&cid=CAQSKQDq26N9bUVA0KCQWeLUW1OLrXWw3dZsx5z-qjoFaXoY-kaycJ0Mo_HWGAEgEw&rfl=3%2Chttp%253A%252F%252Fzdorovia.com.ua%242%2C%2Chttps%253A%252F%252Ffile.adpartner.pro%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 21:16:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
20294
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Dec 2022 21:16:40 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 1590 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ctv3dgYZbDiIR1cH2M048G7quS3S-kwlAIcDOz-vMy8EWArAioBqauErCAmQgdbcSK94k5VwBPsTiJOBSZDqmMquaSPw&cry=1&dbm_d=AKAmf-BYjXoZRPsZ2IVyDlykHUVoSFITXYLY7O9PCKwHoma0rErvNjuKsdkUJsJbhBv49uzimN_8RybLej1yEsZQwyRMdVr9F7TFSyUYIs9IR0n3g6eBRDKZ_tgPJKzNHgxIDrFeldTfj_KS_l_ZxyA40fQDid1eHdXEJ4fKjPsAil6gOemxOq3wD4V4COp6TjTrG3kU2d5zEdxoilBNOprwex2m3bab1VTnCU-qPt0qb4e9pOai_-yN9z7r_9gvuGPsBct_74OPvqKEWYuwDziCAhmGFcD6Qt1I41FZiIX8YHNpr_C-grXJZ4ZkXVbMnCgyiYq19B6A5h9dITGvnNJt4cMHX2993xWwQOyxCawdTJjM49bsHqbfiErW3pnunmDi198AhTTSvYz0qr7fHXQR5aCv9QcYhPWBYjdlyNH-TZQ57OQgka1amXGxy_NQZoxXCWk2dpTGHCL6qyxblqzchV-uN8-G58oUxKPVlkVTGP86-WkqewQIQqTS4usApfBjoxTepK1XCGEBVlavHiqI7L8DyDZgZ6O8ZAsMFJKJayjw9X2pn4N61feolDrwEQBqg4mpQsK3WN2pwztVL2MLHucIbniMyTVwvFQodp522TBA9CUlyZVE79AgK5v8COKApN60X8EJiwvfOEPq6F49i6SXuPoYcdJdb9Wxfxh6QCAXXVy2buQhtmN-CEz950zXiznJCGrLhSsbC7wUQrvUYH_bNGhRsvzgXNRriPfbdPBPYfq-nupjYWg__2gF6kW2069IuOcO36l-u3RuhmctjgGbm9C50kgKWnz2nK7pUAdM8LwXxcs7q1tuqxS8EIIpWnT0UJ_CoTaHK8Om30mwjsF6aGpZ1MGtR3Td8wxusUw3pF3S5kuc0z9lOhRwLqARn9__GcnyQCmxZys7nYMf7XNrW2DlVZhWgmveY7IepGfUIGVVFwTPpqK5J-mGnmuSBKeT9Vmh3OQfVlJ5TNNn1IdEhfdkYGIReFVmjLWaEFVkvDzrP1h5_Q5EgabXW_bD6Vgsj8g-r1QtyX9vDm0ClSnoScluZvSaH9-AaGPV3SPYT5gwvzqC_bKHnAp5yS0cX9ZQQTAigrXaRL4GouCks5hHuZzlfJVU5saaPltVRE_LGOLjE6tuplUAjCBsia0khzFJXkKf-br5KJmpgBDc7xLlkQTtV-GYNeRDiveKWq6jh_9qOQAzQchFQeG1oG3HBSm951jJtImJ6yaFAE2wX3QdQhfJYm2RWjLAW8cYVoHcAJm8C3eekfqazQCVxCjr7AfZH15gCoMl-PU--HIybHes8sbBw4KFWvQrN2Jm0pWI7bj_wlvHdYtPNViOlJlsyys2IM0hNZaIVNEDMv5qMaB25ErnNNaelD0MmOeEeFWmFmzlEzVRxBQ7ZiJf3c8UzLlDpxcP0QP-B5vRHwntNJ7KhuJtdAxPvjZxqg6gWwNQx-EcFGKBAZ1cCzXao_kWoyISnWjh4qvtjdhQeE0aYnzSA_bOstU_MpaFNwHkns4kOj6g-599ScTbFav6YjZxeNmQTkjBcGTh101mYI-S2IlgV1JcV5ZfrosZVv3LH9H02LS6t1kJIl9ZEBmPJCjlmc-OrlSaof8gZMNe6TTmuA8Z26vUqcj0h4nHXbnXXlCTdNmDv-2BjMRoCTl7KPomVzItKZoQIzPO7Mu2TGTwlSqJciE2NDTF5QIfnjTz5ZorGmjqCRyycYngr8qAmpD9JsWQ1WkHvLSzCisCfJNXbyCTmRdMNvsm1XhLiZEK11ks2qt9ek7BZyxEmt2JoPP2qX4pjsJUFnGUTiwujjsQHC9E3HwTeG_hF2gJpZt16th0bgieyDcX-qRAf40nhhOYyv3jN-Sm54Nn6xq7-RfHrazSNseQyhXmig_2eq2Hd0zNg2hEpamVwSUhMdYHEw2X61kWfbJfYOVfqX3XI1aNMarVocDqCtcEFx8GfQKWYlAJvFggb9F41mvn5PXqE-5t3ljIL4ggeN58DQ5X7NExDdRZH5_M-Oeg-oKbX35YB4JAXCFtLRvn5OFanmgVU9bcdJQPbZ9mG_nXF6cTFW5d1eR_kijmS4vJNkQVyNm05jalnNB8lR_Iq8hdsVY_9ZU1tbczRy7RdWUCck2HgJjGumkWv5zsUfJvyrTNx4E4suGUFFpOV9NNWYLwLCgJO0hHUXlF9mVU3JtIjwPSMMkopU3BIv65AzA-iteaTRN_xfs0_Dq2LuVkc-PkGHW_OBonQAchCZtDHgZ8a965EwbRGa8PT2KIC0XtKDx_wOWutDKzU4ieDbLwQxUXaZtNxPPXGuCdhPCO0bxf2YAVB90aQ_Gb8GGLA1v9oMmQ8Kt-DtT5NSpql8AyrkvHKOB7c6pBKHEBnxUvbw7nQELVEjs7uGO7a3BoJkspv2R71vnKiLxg4zxBg4QVc96W7dQDGVhegrtkZizooQwEUO-AsXQ3-OcvBaHK2MTTxt-HKcUIKwxYqDXMVnF5-ozFfUDpLJX_PgrVGXfsMdEY_m8WOiD8qeRcVX0dY2O3a3W2cFghtI3oE1b9DWI7sxzSlB19Tgqb5RG4uivCWSLwP9onfxEkQOd2SXDF1bLFJoz1IYG6YvoCBIObPMd7WSGQOBpbfTDylcMF6M0kH_EIpd9QtmS12tcmRLtJfzLW-qcOw9x0daeAWIohbaH6_3IOfY4dAZAXL64iESzZ9A5FcrEJaVUpSMjrDLJfLf_RFS9-Nmpqxq3X8mJidMwywoZvYYslQgLBFComVZFdjC_zGJPVq-ApirsOUzelDIRVho65tAid-U79WWAH_3IRSqngKu05yjSfM6g1_gtD_ECcbWA99QKNFvaJ1ZKxHutxHfGvNJgriDd8Q6PSCtkwD-sksmYryy6a9OuyUB1pxu2vYGLCXC_aPb1x806zXRqEY5vkCA1IxqgZAfJAGlId_tNdlKNb0zoRZD18wvK2XtKnhOSQq5H2o-DqwccPu9QoIIcpEqWu315Kf-Dw8uRE6pDg3Jjyo5wql6kXva9L8m8GZx0yRQf9agNz1bovFqbtvAWE0h8hZSgrI9uZl-JdJjln-9Mu3tXeXwMqoEWVTXjmmix0otVV_r1F-Ds47DHGzlIflSb3re4aduMDrQACP9H9KtjefgCjPyAJI4BXCsimEKNAYXp7BA9pwJ1mEKJfoUjU19g_i4V4vVl_YoGhqqhNG_8GbyVmxmM2lzhZ-pTVjyYqY-qSDP3ZAmrR8DVmJB6Ard390vBMgElS9X3z37KhlTC9ES13GAM2PN9nvEEatW-tIEd36N8LNzoxfA1ofMpXfBRQJ5YIxPNUaEy25hTrt03Mvab57QUusn6c&cid=CAQSKQDq26N9bUVA0KCQWeLUW1OLrXWw3dZsx5z-qjoFaXoY-kaycJ0Mo_HWGAEgEw&rfl=3%2Chttp%253A%252F%252Fzdorovia.com.ua%242%2C%2Chttps%253A%252F%252Ffile.adpartner.pro%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2c19d105106bf6f55dd15da3523b88f88921e03cf54e1efaa138922fc12397c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 13:36:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
47908
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11206
x-xss-protection
0
server
cafe
etag
16690196781007480285
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Dec 2022 13:36:26 GMT
b8c0d930a427dabae239f7414570f3f0.js
s0.2mdn.net/sadbundle/2978795306681093372/ Frame DB39 		86 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2978795306681093372/b8c0d930a427dabae239f7414570f3f0.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2978795306681093372/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d4759891f9c9268b21702e96256b9c1095f67c5cf70a40b8cb5113ffd8dcf1e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2978795306681093372/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 01:34:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
264020
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25056
x-xss-protection
0
last-modified
Mon, 31 Oct 2022 13:57:38 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 20 Nov 2023 01:34:34 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 9CD1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221110&jk=1045003748251155&bg=!ExClEFTNAAbvMpMzzzI7ACkAdvg8WqiyxY7Fug5FuzHf44qaeLEuFKKU-s-ommstb0yXMIEeCs4z8wIAAAKgUgAAAAZoAQeZAq8RD5bx0KIngg07aYX9M4j6o59mxjHZwf-pfwU351KGz4zJeQXdKWrKs6Oeb06EsRGLd9WHeUV08RZr7Qz9IARgA63cV1l80KkPnoj5z5-5jrjT4mlnWBUnSRQPXS0V0rlld_5dkuRyUJHB8hC5JlB0aL_Hg9n9G5q8QkHlHbjn_PnwdV7ySN0KnU0JzoqeuzPmCImnxULKGGk8GteKfU9EkJqmOlXNJuwzBixKqNsPeWh_GoLQ_ZWrkv1reVnBGPS3_XOzDfRofNp8eKA6wOM2dMTrd_m4RFxT8hzlfkhpJrdAtNMpWmOg_ttLCxAOfQ1HoY2mxWskvBsElGhYHXQjKoMaI7KjhQxWqa1Ebkx8uEUe7SH7R85nl_BSYNhlv5SFAijCPIaur8KpC8xYRtaUaEOrYNzW62VKC06-obhjttt3PEb1dnCe9F5Pd6zyL9HdKkaXD70IZIJul72P_VbATadP9epNRWHsU-266gLn1z0lNP6T04bjnnLYSdMXgzBbWSJbOzYnERegS00XyCe9BQ8Om1-7fnGTb33KKIiwc_5-5JYS6E8IHMdI4p0gHrRZvHTfNmh5IPi0E-ZRN5LCTTW_dhXPs49S8Oj7mo_p8wXBBACueYp186abrPwP-e3644cnF-rLFrHI9ph6-63u_Dng3vIEqmUlqJ_M-UKf16g6-jdBz5-NSucmBTRk5rGpCeQzPirdn4E1gxNCR3DF9QO3XrakCESOjWxV7-ZzSQ-oFZZvc6KjFUPvhU_vjT2mHu6Qc0TScIaY39UxmGqYEinSXfZ4BT9OpKQpB_wjG1ymhmaRBxly8pE3InyGUsWMqtBPyFLQTqefbHzp6TfEBegqxP-Ee_EU5wUTU17xjF_KSBv2uIduAxrG3C9HHKtrSNe-3iO3HfJxgA6LMfA
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
index.html
s0.2mdn.net/sadbundle/11451833700682039296/300x250-First%20Choice%20-%20Aktiv/ Frame 5FA7 		17 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11451833700682039296/300x250-First%20Choice%20-%20Aktiv/index.html?e=69&leftOffset=0&topOffset=0&c=cxZRQO0Vvo&t=1&renderingType=2&ev=01_247
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9a7aa18a2f7f0a129b00c19f6dd2ee464a3ace905218ce1a2222c7b6a410f51f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 02:54:55 GMT
expires
Thu, 23 Nov 2023 02:54:55 GMT
last-modified
Mon, 13 Jun 2022 11:17:51 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame D456 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstEQj_x_-JQpSblweproKjrYJsT7rZV0_uQZLjggauRtsXYUtYZYbZWNZKsu6JI13gtcd_f3VWek0zuKn_P3CAi2iuEDNLmoJL7Dr45BnaMTuaCzu_NvZSbzKKpT2Skr4wtEjJQF0kuD2Bkfo4Sj-38KwHGyJu2STs&sai=AMfl-YTOtXnlvnBTAaiNETBGq-gRKTYd4fcQOx4VIE4heHJLhSG4luteU1RjfyKPXURulsKQk1eUAe_kt680Mj9i8JrQlKWz1P5fr5G9s3dI1eWrjESc6WZfoFKKlaZHnhh_qg&sig=Cg0ArKJSzA8MHS3aI4rfEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=266&cbvp=1&cstd=261&cisv=r20221110.82771&arae=0&ftch=1&adurl=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 23 Nov 2022 02:54:55 GMT
dv-measurements3225.js
cdn.doubleverify.com/ Frame 3239 		545 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements3225.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:d::1732:83c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
7a525c52ebccd4a3e95e0bb433242298300312acc3e5ea424e87429d82e0c695

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:55 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 Nov 2022 09:55:39 GMT
Server
Microsoft-IIS/10.0
ETag
"809f579358fed81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
107051
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 3EEF 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
398894
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 18 Nov 2022 12:06:41 GMT
expires
Sat, 18 Nov 2023 12:06:41 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 746E 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ab4f33a78ee38adc77329be0b5ad3916c146c376544020dd93c304d8bfae5e69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:55 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5656
x-xss-protection
0
dv-measurements3225.js
cdn.doubleverify.com/ Frame 2F3A 		545 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements3225.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:d::1732:83c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
7a525c52ebccd4a3e95e0bb433242298300312acc3e5ea424e87429d82e0c695

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:55 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 Nov 2022 09:55:39 GMT
Server
Microsoft-IIS/10.0
ETag
"809f579358fed81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
107051
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 5A53 		1 KB
647 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417949&pi=t.ma~as.6208660382&w=300&lmt=1669172092&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1669172092258&bpp=4&bdt=728&idt=555&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&cookie=ID%3Df966468c1f21bd2a-22b3fecf76d700fd%3AT%3D1669172092%3ART%3D1669172092%3AS%3DALNI_MbxLjDH9BsH-ncOtlGFqPmHIHUxvQ&gpic=UID%3D00000b86211eed53%3AT%3D1669172092%3ART%3D1669172092%3AS%3DALNI_MaxgCLLG6BrkRDm3aXhGq6BAbnv-Q&correlator=4639092018766&frm=23&ife=5&pv=1&ga_vid=1022265231.1669172090&ga_sid=1669172090&ga_hid=663377632&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=910&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44777506%2C31070968%2C44770881&oid=2&pvsid=2843744206474669&tmod=1440526577&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.6ul7w0abq8ea&fsb=1&dtd=572
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
65566
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 22 Nov 2022 08:42:09 GMT
etag
48472445140208031
expires
Wed, 23 Nov 2022 08:42:09 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame D456 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
418722b79142332a7534dbc977edd758fc50a9e78af73dfaadacceabf484211b

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
PugMaster
image6.pubmatic.com/AdServer/ Frame C241 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=57320304&p=156813&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
99e14d8cb52ef0f1ba9693fd83dddaf3d7650d8da4ea8fedeaf826ea66cfec93

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Wed, 23 Nov 2022 02:54:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
gen_204
pagead2.googlesyndication.com/pagead/ Frame 99D7 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bdq9ufIt9Y8WDGee17_UP5auq2AIAAAAAOAHgBAI&bg=!6uml6a3NAAbvMpMzzzI7ACkAdvg8Wj6P3bFgvm84w6Zt8gQfVGvh5Z0baOc6fCqfKUneShqE1oZwqQIAAARSUgAAAANoAQeZAt5DwSScuHXlfLBRF2x3zK1FJ9WrwYO3M-8TnIcdhN9cB5pOKjf9-RVxc76zBefFooeh1iuAAMJDemMAW2yGi3dl9qlMxuz54aP1UNiWOh5L33bIlUje9-6QULlw5o3zzSxM05QK9qxakjQhKkA4dHZ3poISA8WLcRD5WORUs9nCoH5t3X_NnjixMRbBIbeYT8DAOHNUcLuAC1ql0zY5hkbmwhx9mtMFu1zqcCs8hOYXk288RgIHxzymlPpYPOBC1_ZohtkFqMfEtY-4pUanpzBFtKWGqYpzk90T7Y4yoaIsDu-Jm1EEqMw-3SKDsz3WnbydwxCZH1tFjI7fiPjC0M9c6mCcRa5e3cIB6OQzP5VKqmlObJQxC4XLwvyy3tdgSz-qn5OkOJRa9iC-T8wbiI_N8sMEtSvam3S-DiyEL9QFQ8B3l4kQv1hy67Vzs89Bcm41Q0XqXiVvVn4LQmYc10U5fQvgGh2fgrtXh06h49PV107xRBUJgaQD8eljU1p9R3fLIty4_XVIoRMWIv_BIB4t4KwS20TgE2omVAYcSPft17-IAFcrVvwq8jHTpCee6NZ0egkUYSrii2e1yT0_EY0liVsAyYTk1v-7oC92kTazVSXwTGVb2hYlbr7s6azdi7HPa-ls5r9H2bU1HCZ017J9K6d-LtzqSOQk9CBKoU48ZhZmrNrbXpgdMYacYB15KO5Tuodaragk7DfryxIFBXyk9agTY6MO3YyPTFW407wRpGrrPZMlDgzodbcJkuNsiFhehbfUxm5MbiiX9u0hFVQ-Cc-2cFIO8n7cGIrhcNhsyiFGhLvOZNS59xtyfD3QF4K3nGwamwxWd-DiUX7P6KGIFPtXwpHLZFXgL9qO1iEF3d6M6iOZm0EMQa1YSQkhq0N0I0G4oofBHpqe2_kN3lQcuDA90MaVbLvuifZm8uHJUNRlS-E8oqzyeLC-HmzuF2O1_kJHqJE09SYlaPFxwg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417939&pi=t.ma~as.7553037928&w=728&lmt=1669172091&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1669172091570&bpp=7&bdt=106&idt=190&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&correlator=4639092018766&frm=23&ife=5&pv=2&ga_vid=1022265231.1669172090&ga_sid=1669172090&ga_hid=52432709&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531705%2C31070923&oid=2&pvsid=417168342558042&tmod=1518457775&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.f1jdbaqguy4t&fsb=1&dtd=214
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:54:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.html
s0.2mdn.net/sadbundle/18030282549340789940/ Frame 6BC4 		28 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/18030282549340789940/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8275905f60376cf5cc89fc61dc70ad9cc19eeb185dcee8f44041b05327d4caf3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
431277
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5431
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 18 Nov 2022 03:06:58 GMT
expires
Sat, 18 Nov 2023 03:06:58 GMT
last-modified
Fri, 04 Nov 2022 08:41:57 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 1590 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsui5Bw5v1N9YqbaLOB5q7UfZ-xjW0qWDTWLqqh3dEAsUbF63mM0qFDCnM00diVeTiqNKV6y3uCuE0k7ps4EgRXukq7Ny0GKCfMBjEQFv0v2oJ29Swf41u5rWVu5bMGo8Qmj2Ank2yWhH4ekk_tU1HLVt7cNPTNJmUZct6QuAEZLJblWF1skS2mL-eWDTwDRf3R9TPb2s5uzBZThkHZSmswS-z6UP3jO-XQL-zhiWM0H6D8Fm0IVLbMxrG_TfYv_ife8yi83OsduX_RV9DdfiEqIZJ5_2bRmAjCQdEFFCutlF6hunRoh3zk0jgA4MkhFwn6GtepFW73VLI2tBh0ia95N67m_yRkwb1uLBby3tF81Gvg1A6mAtBVOTv5Nhwvr_zd3q77JUlEqlHwBZqgXVmZs94gXbmZ9iEKl3ciAY1AH-jrEL_GpzH6qoezae-LNXDrAkJ1z5JxPTVN-oCfLOPhymSo8p1VsC8YbKs-OjniCc7-lUz4h_xy9LEc5uLD9afDiFbBE_x-Y5CJYHXqzMEk3ppCIHyevmOm2O5whdDgOSVXjDzFRnyiaT3oGogALU6ycraGRDRxUH53Fxq0yZiIeqy87s7jFrdcxZk2_A8zvAMU8YGC6yIVj1PT8LTyA8ZjYzljCWwP6pKPrXntazEDcHN18NcB6Qq5q-CKtTJEHuwRgY1kKTCj83eNAlSsatBjFBgrOork7owMKCM8wykrIrrlJg8tMQpF9qGV45T1qNpViGShxMWZGUDwiVwSO8XCJMPG4DfyP35pBNZmYok_vF7VISZYj1S8hq7JPjQ9JS5OmDqhAUSQRWGJME0JGVaMSpQ7BpuVYSVmdonjiD3YfPQFK8C5rfMryCW3NJOwqUrLd3Wfs_kmEZ0Fkw16syGg8PKoPej-AIxRJP96sM0W44LAVqMaWjTLtmUWEiZe-ivQx0CesD1hERl1xLtuJWME1GY-XBfZCGuYmGZgY2O8lXbXsj_ss5fktLhFIpi5ewcZ0xlJ7JKwBX2B4fSsZmU_K8RvFcRt5EHNvj3vUfA57ILR7bkVw1R-yfI_zrUe4nQjRPhCxdOS-xrE8H4jC_NDAsatCu8kw273K1TCdVCxkMavgjNobRPPsQAartV_kksOM75mY427ObUIdrGfpP1HyMqwXHhvtoURCMflJrEDrqjZcoefCGW_FkC72gvhtcOvvz4Z9ZMua5bMIBmSZeDvmcs5LYAYH3i1sZywI1zyisxh_Vb19bfhkcF2fMxhdZWOCSHs1kbH3Ze6_&sai=AMfl-YRiY23yibwr5pfKASy3doVG4ARjut0IgBW-sGq--9N5NJSAAo0PsRxPgDNgRNA8l3F46EObP-6ZpGaRidKPyl01RndUdjDqEIdf1CnI88rWcY-3q1z3vw-sYPlQqHyBk_7HRUZKxMTRte5dbvV_QmzYjLEruRQ8PbNhQzbbSKC6-OK8br6DKpiUgvcrFwOGGb70u1CatOUYXpm00YQ&sig=Cg0ArKJSzO9nood2_xLDEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=264&cbvp=1&cstd=262&cisv=r20221110.09136&arae=0&ftch=1&adurl=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 23 Nov 2022 02:54:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 23 Nov 2022 02:54:55 GMT
adlib.css
s0.2mdn.net/sadbundle/11451833700682039296/300x250-First%20Choice%20-%20Aktiv/ Frame 5FA7 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11451833700682039296/300x250-First%20Choice%20-%20Aktiv/adlib.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11451833700682039296/300x250-First%20Choice%20-%20Aktiv/index.html?e=69&leftOffset=0&topOffset=0&c=cxZRQO0Vvo&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fa4365f9098aa5351bbf4bab30eb7982b16ab10322cfa69a30edaa211eec29b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11451833700682039296/300x250-First%20Choice%20-%20Aktiv/index.html?e=69&leftOffset=0&topOffset=0&c=cxZRQO0Vvo&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 12:53:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
396113
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1886
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 11:17:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 18 Nov 2023 12:53:02 GMT
fonts.css
s0.2mdn.net/sadbundle/11451833700682039296/300x250-First%20Choice%20-%20Aktiv/ Frame 5FA7 		875 B
280 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11451833700682039296/300x250-First%20Choice%20-%20Aktiv/fonts.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11451833700682039296/300x250-First%20Choice%20-%20Aktiv/index.html?e=69&leftOffset=0&topOffset=0&c=cxZRQO0Vvo&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
292f50f919c43a55bc54544484bdf2bbb4487899dc20e1a531c003c33db23b74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11451833700682039296/300x250-First%20Choice%20-%20Aktiv/index.html?e=69&leftOffset=0&topOffset=0&c=cxZRQO0Vvo&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 19:38:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
544581
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
243
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 11:17:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 16 Nov 2023 19:38:34 GMT
adStyle.css
s0.2mdn.net/sadbundle/11451833700682039296/300x250-First%20Choice%20-%20Aktiv/ Frame 5FA7 		6 KB
989 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11451833700682039296/300x250-First%20Choice%20-%20Aktiv/adStyle.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11451833700682039296/300x250-First%20Choice%20-%20Aktiv/index.html?e=69&leftOffset=0&topOffset=0&c=cxZRQO0Vvo&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e50cbfdac28bb2bba9e2ad115f2b34236073ca8a1d968380c63600b92296656
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11451833700682039296/300x250-First%20Choice%20-%20Aktiv/index.html?e=69&leftOffset=0&topOffset=0&c=cxZRQO0Vvo&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 19:07:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
373673
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
952
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 11:17:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 18 Nov 2023 19:07:02 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 5FA7 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11451833700682039296/300x250-First%20Choice%20-%20Aktiv/index.html?e=69&leftOffset=0&topOffset=0&c=cxZRQO0Vvo&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11451833700682039296/300x250-First%20Choice%20-%20Aktiv/index.html?e=69&leftOffset=0&topOffset=0&c=cxZRQO0Vvo&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 11:10:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
56678
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 23 Nov 2022 11:10:17 GMT
gsap_3.2.4_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 5FA7 		57 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11451833700682039296/300x250-First%20Choice%20-%20Aktiv/index.html?e=69&leftOffset=0&topOffset=0&c=cxZRQO0Vvo&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11451833700682039296/300x250-First%20Choice%20-%20Aktiv/index.html?e=69&leftOffset=0&topOffset=0&c=cxZRQO0Vvo&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23276
x-xss-protection
0
last-modified
Thu, 05 Mar 2020 03:53:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 23 Nov 2022 02:54:55 GMT
adlibUtils-v3.js
s0.2mdn.net/sadbundle/11451833700682039296/300x250-First%20Choice%20-%20Aktiv/ Frame 5FA7 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11451833700682039296/300x250-First%20Choice%20-%20Aktiv/adlibUtils-v3.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11451833700682039296/300x250-First%20Choice%20-%20Aktiv/index.html?e=69&leftOffset=0&topOffset=0&c=cxZRQO0Vvo&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef1c3f512d332ab4b488a0f601f870589d712b0e1c3a2531e3beabdcce4ed1a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11451833700682039296/300x250-First%20Choice%20-%20Aktiv/index.html?e=69&leftOffset=0&topOffset=0&c=cxZRQO0Vvo&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 12:53:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
396113
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10972
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 11:17:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 18 Nov 2023 12:53:02 GMT
animation.js
s0.2mdn.net/sadbundle/11451833700682039296/300x250-First%20Choice%20-%20Aktiv/ Frame 5FA7 		12 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11451833700682039296/300x250-First%20Choice%20-%20Aktiv/animation.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11451833700682039296/300x250-First%20Choice%20-%20Aktiv/index.html?e=69&leftOffset=0&topOffset=0&c=cxZRQO0Vvo&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ebb33715c0dd71b3cc1109db4f08e93ebf83acb378f37a1f2a2359b066458af2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11451833700682039296/300x250-First%20Choice%20-%20Aktiv/index.html?e=69&leftOffset=0&topOffset=0&c=cxZRQO0Vvo&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 12:53:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
396113
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2376
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 11:17:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 18 Nov 2023 12:53:02 GMT
ed69972da1f67d4cf8993f23553f7509.jpg
s0.2mdn.net/sadbundle/2978795306681093372/media/ Frame DB39 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2978795306681093372/media/ed69972da1f67d4cf8993f23553f7509.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2978795306681093372/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5e4785eb8a7cfe47178ef53ab653bd49742262523946b3eede81bd2f48183a43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2978795306681093372/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 02:43:14 GMT
x-content-type-options
nosniff
age
432701
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5515
x-xss-protection
0
last-modified
Mon, 31 Oct 2022 13:57:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 18 Nov 2023 02:43:14 GMT
6f09c67680486c333f6aba951964db46.svg
s0.2mdn.net/sadbundle/2978795306681093372/media/ Frame DB39 		2 KB
961 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2978795306681093372/media/6f09c67680486c333f6aba951964db46.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2978795306681093372/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
53be360fb7a461b9ac1f3fae1814a10a35f962363ed99b985db7ae8d5b43711f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2978795306681093372/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 02:04:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
262236
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
924
x-xss-protection
0
last-modified
Mon, 31 Oct 2022 13:57:38 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 20 Nov 2023 02:04:19 GMT
6eb717b268c5f405b54f89e251f8be7a.svg
s0.2mdn.net/sadbundle/2978795306681093372/media/ Frame DB39 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2978795306681093372/media/6eb717b268c5f405b54f89e251f8be7a.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2978795306681093372/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c2d5e2508552270d4e4a199fb5a520d567c17f0d9bb4d66669f36b2be2f637c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2978795306681093372/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 02:43:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
432701
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
995
x-xss-protection
0
last-modified
Mon, 31 Oct 2022 13:57:38 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 18 Nov 2023 02:43:14 GMT
178206d125e7aff1fb192ed8e9a7c081.svg
s0.2mdn.net/sadbundle/2978795306681093372/media/ Frame DB39 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2978795306681093372/media/178206d125e7aff1fb192ed8e9a7c081.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2978795306681093372/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85f220acef8d714cb7847dee24c04996b5f5ab4d0993b2dc73ca7c7662986306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2978795306681093372/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 02:43:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
432701
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1703
x-xss-protection
0
last-modified
Mon, 31 Oct 2022 13:57:38 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 18 Nov 2023 02:43:14 GMT
38778ad6232a5738db62a7ae9400a2e2.svg
s0.2mdn.net/sadbundle/2978795306681093372/media/ Frame DB39 		927 B
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2978795306681093372/media/38778ad6232a5738db62a7ae9400a2e2.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2978795306681093372/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2cf2c6cc4aa6512be5d445481334a4feae1b651c55f5b0800cf6340b4a259233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2978795306681093372/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 21:14:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
452413
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
374
x-xss-protection
0
last-modified
Mon, 31 Oct 2022 13:57:38 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Nov 2023 21:14:42 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 1590 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155823868&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1669172093862&bpp=13&bdt=236&idt=324&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=3857357183040&frm=8&ife=1&pv=2&ga_vid=1240897355.1669172094&ga_sid=1669172094&ga_hid=311990213&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=802331862&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C42531705%2C44774606&oid=2&pvsid=1999659876815096&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.enrtmqh2xdo1&fsb=1&dtd=342
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 12:06:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
398895
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Nov 2023 12:06:40 GMT
truncated
/ Frame 1590 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
241129e5b635dc64e220763231bf80f258af802c44cdc89c905681df4297b6a7

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 746E 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 23 Nov 2022 02:54:55 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame ADBF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuiXP0A91-1SFGihh7EHzyNtvaEFt7A-X2hN5RlrxWBX5eU96kmme9XDt-gTZKPnFmbeSsTt4H5df0hh5v9xXp_Jp7Djf-YD33fNjzRxEqzM5kJHAxO1gT61-Ka7THExY5AsnooYvZpeGTs6tdy1nJkrINO1k0yVLU&sai=AMfl-YRqhiGe2-PZHM1oM87zwP8dZ9JyhVU113k7gsUs_jZozovqZIvWnFTZV48gcf3RFdRiTPnbJ5gc8B9cbbU9WLiGvU-5rGkVnkxmtB6G&sig=Cg0ArKJSzIIcXLTF8HfKEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1381&vt=11&dtpt=1008&dett=3&cstd=365&cisv=r20221110.80635&arae=0&ftch=1&adurl=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 23 Nov 2022 02:54:55 GMT
4934b96fc7fa98ffb2141efaaec5c7a3.js
s0.2mdn.net/sadbundle/18030282549340789940/ Frame 6BC4 		85 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/18030282549340789940/4934b96fc7fa98ffb2141efaaec5c7a3.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18030282549340789940/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3be9cdda0336a9e173b08ce4ab6eb5ec6e32c97e4f0d8496aa86f3a969ba057
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18030282549340789940/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 20:20:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
455678
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24952
x-xss-protection
0
last-modified
Fri, 04 Nov 2022 08:41:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Nov 2023 20:20:17 GMT
visit.js
tps.doubleverify.com/ Frame 3239 		694 B
701 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=309&ttfrms=6&brid=3&brver=99.0.4844.51&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEATbpTauTauK5%40C%40G%3A2%5D4%40%3E%5DF2TauU2%3F4r92%3A%3Fl9EEATbpTauTauK5%40C%40G%3A2%5D4%40%3E%5DF2Tar9EEATbpTauTauK5%40C%40G%3A2%5D4%40%3E%5DF2Tar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6E&srcurlD=1&aUrlD=0&ssl=https:&uid=1669172095348264&jsCallback=dvCallback_1669172095348694&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=250&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=3225&tgjsver=3225&lvvn=28&m1=13&refD=2&referrer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4577254435597104%26output%3Dhtml%26h%3D250%26slotname%3D6208660382%26adk%3D2159672584%26adf%3D2751417949%26pi%3Dt.ma~as.6208660382%26w%3D300%26lmt%3D1669172092%26format%3D300x250%26url%3Dhttp%253A%252F%252Fzdorovia.com.ua%252F%26ea%3D0%26wgl%3D1%26dt%3D1669172092258%26bpp%3D4%26bdt%3D728%26idt%3D555%26shv%3Dr20221110%26mjsv%3Dm202211140101%26ptt%3D9%26saldr%3Daa%26cookie%3DID%253Df966468c1f21bd2a-22b3fecf76d700fd%253AT%253D1669172092%253ART%253D1669172092%253AS%253DALNI_MbxLjDH9BsH-ncOtlGFqPmHIHUxvQ%26gpic%3DUID%253D00000b86211eed53%253AT%253D1669172092%253ART%253D1669172092%253AS%253DALNI_MaxgCLLG6BrkRDm3aXhGq6BAbnv-Q%26correlator%3D4639092018766%26frm%3D23%26ife%3D5%26pv%3D1%26ga_vid%3D1022265231.1669172090%26ga_sid%3D1669172090%26ga_hid%3D663377632%26ga_fc%3D1%26nhd%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D970%26ady%3D910%26biw%3D1600%26bih%3D1200%26isw%3D300%26ish%3D250%26ifk%3D1564989781%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759842%252C42531705%252C44777506%252C31070968%252C44770881%26oid%3D2%26pvsid%3D2843744206474669%26tmod%3D1440526577%26uas%3D0%26nvt%3D1%26eae%3D2%26fc%3D640%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C300%252C250%26vis%3D1%26rsz%3D%257C%257CE%257C%26abl%3DCS%26pfx%3D0%26fu%3D4%26bc%3D23%26ifi%3D1%26uci%3D1.6ul7w0abq8ea%26fsb%3D1%26dtd%3D572&fcifrms=25&brh=2&sdf=2&dvp_epl=225&noc=4&nav_pltfrm=Win32&ctx=25334725&cmp=27909197&sid=6909169&plc=339172621&crt=151351638&btreg=530955651&btadsrv=doubleclick&adsrv=1&advid=10150206&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=1&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=259389207750.1615&dvp_tukv=389603.9534051345&dvp_uuid=77245173941.22328&dvp_strhd=0.19999980926513672&dvpx_strhd=0.19999980926513672&dvp_tuid=1147598647757
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3225.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.12.149.34.bc.googleusercontent.com
Software
/
Resource Hash
9a0892b35b35c21f9f0c2e8161697703d6a19b0cb13ea647086e0f9d772a4da2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 02:54:55 GMT
Content-Encoding
br
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
close
Expires
11/22/2022 02:54:55
pixel
cm.g.doubleclick.net/ Frame 5A53
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESECeZTWnRbWa7mvh8rfVb7eI&google_cver=1&google_push=ASkJ3FamPWPs-xoiR4G9XvsUKruqg2oCIZHXegV0tECoVy7z25EtSHZAs7...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ASkJ3FamPWPs-xoiR4G9XvsUKruqg2oCIZHXegV0tECoVy7z25EtSHZAs7ZEthGvBb62N3ncExbmTHnZ3tzTrwqKfPwko4yod88&google_hm=lJQenxYqxbPHW...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ASkJ3FamPWPs-xoiR4G9XvsUKruqg2oCIZHXegV0tECoVy7z25EtSHZAs7ZEthGvBb62N3ncExbmTHnZ3tzTrwqKfPwko4yod88&google_hm=lJQenxYqxbPHWEpyQjZK_A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417949&pi=t.ma~as.6208660382&w=300&lmt=1669172092&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1669172092258&bpp=4&bdt=728&idt=555&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&cookie=ID%3Df966468c1f21bd2a-22b3fecf76d700fd%3AT%3D1669172092%3ART%3D1669172092%3AS%3DALNI_MbxLjDH9BsH-ncOtlGFqPmHIHUxvQ&gpic=UID%3D00000b86211eed53%3AT%3D1669172092%3ART%3D1669172092%3AS%3DALNI_MaxgCLLG6BrkRDm3aXhGq6BAbnv-Q&correlator=4639092018766&frm=23&ife=5&pv=1&ga_vid=1022265231.1669172090&ga_sid=1669172090&ga_hid=663377632&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=910&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44777506%2C31070968%2C44770881&oid=2&pvsid=2843744206474669&tmod=1440526577&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.6ul7w0abq8ea&fsb=1&dtd=572
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:54:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ASkJ3FamPWPs-xoiR4G9XvsUKruqg2oCIZHXegV0tECoVy7z25EtSHZAs7ZEthGvBb62N3ncExbmTHnZ3tzTrwqKfPwko4yod88&google_hm=lJQenxYqxbPHWEpyQjZK_A
pragma
no-cache
date
Wed, 23 Nov 2022 02:54:55 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 5A53 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JmIG3TJKslxYAMpGH2X1D3AnTBQiBB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417949&pi=t.ma~as.6208660382&w=300&lmt=1669172092&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1669172092258&bpp=4&bdt=728&idt=555&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&cookie=ID%3Df966468c1f21bd2a-22b3fecf76d700fd%3AT%3D1669172092%3ART%3D1669172092%3AS%3DALNI_MbxLjDH9BsH-ncOtlGFqPmHIHUxvQ&gpic=UID%3D00000b86211eed53%3AT%3D1669172092%3ART%3D1669172092%3AS%3DALNI_MaxgCLLG6BrkRDm3aXhGq6BAbnv-Q&correlator=4639092018766&frm=23&ife=5&pv=1&ga_vid=1022265231.1669172090&ga_sid=1669172090&ga_hid=663377632&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=910&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44777506%2C31070968%2C44770881&oid=2&pvsid=2843744206474669&tmod=1440526577&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.6ul7w0abq8ea&fsb=1&dtd=572
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:55 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
visit.js
tps.doubleverify.com/ Frame 2F3A 		694 B
701 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=295&ttfrms=7&brid=3&brver=99.0.4844.51&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEATbpTauTauK5%40C%40G%3A2%5D4%40%3E%5DF2TauU2%3F4r92%3A%3Fl9EEATbpTauTauK5%40C%40G%3A2%5D4%40%3E%5DF2Tar9EEATbpTauTauK5%40C%40G%3A2%5D4%40%3E%5DF2Tar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6E&srcurlD=1&aUrlD=0&ssl=https:&uid=1669172095379389&jsCallback=dvCallback_1669172095379488&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=250&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=3225&tgjsver=3225&lvvn=28&m1=13&refD=2&referrer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4577254435597104%26output%3Dhtml%26h%3D250%26slotname%3D6208660382%26adk%3D2159672584%26adf%3D2751417949%26pi%3Dt.ma~as.6208660382%26w%3D300%26lmt%3D1669172092%26format%3D300x250%26url%3Dhttp%253A%252F%252Fzdorovia.com.ua%252F%26ea%3D0%26wgl%3D1%26dt%3D1669172092258%26bpp%3D4%26bdt%3D728%26idt%3D555%26shv%3Dr20221110%26mjsv%3Dm202211140101%26ptt%3D9%26saldr%3Daa%26cookie%3DID%253Df966468c1f21bd2a-22b3fecf76d700fd%253AT%253D1669172092%253ART%253D1669172092%253AS%253DALNI_MbxLjDH9BsH-ncOtlGFqPmHIHUxvQ%26gpic%3DUID%253D00000b86211eed53%253AT%253D1669172092%253ART%253D1669172092%253AS%253DALNI_MaxgCLLG6BrkRDm3aXhGq6BAbnv-Q%26correlator%3D4639092018766%26frm%3D23%26ife%3D5%26pv%3D1%26ga_vid%3D1022265231.1669172090%26ga_sid%3D1669172090%26ga_hid%3D663377632%26ga_fc%3D1%26nhd%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D970%26ady%3D910%26biw%3D1600%26bih%3D1200%26isw%3D300%26ish%3D250%26ifk%3D1564989781%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759842%252C42531705%252C44777506%252C31070968%252C44770881%26oid%3D2%26pvsid%3D2843744206474669%26tmod%3D1440526577%26uas%3D0%26nvt%3D1%26eae%3D2%26fc%3D640%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C300%252C250%26vis%3D1%26rsz%3D%257C%257CE%257C%26abl%3DCS%26pfx%3D0%26fu%3D4%26bc%3D23%26ifi%3D1%26uci%3D1.6ul7w0abq8ea%26fsb%3D1%26dtd%3D572&fcifrms=25&brh=2&sdf=2&dvp_epl=225&noc=4&nav_pltfrm=Win32&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=http://zdorovia.com.ua/&c1=4845432&prr=1&errorURL=https://tps.doubleverify.com/visit.jpg&ppid=103&auevent=ABAjH0gxoaDEU_TLC-yrwwWBB015&aucmp=18508291121&aucrtv=430717651&auorder=1008772347&ausite=52321546355&auxch=1&pltfrm=1&aufilter1=4845432&autt=1&mib=0&dvp_rcp=2&dvp_htec=1&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=259389207750.1615&dvp_tukv=196898967317.79935&dvp_uuid=221201523344.3363&dvp_strhd=0.3000001907348633&dvpx_strhd=0.3000001907348633&dvp_tuid=1288900021588
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3225.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.12.149.34.bc.googleusercontent.com
Software
/
Resource Hash
5e9379c14acdda791b010f4cc98dcc476723bfe09616d92c85cc4fe14867adce

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 02:54:55 GMT
Content-Encoding
br
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
close
Expires
11/22/2022 02:54:55
9b452d01458672910e7d5563cf627a12.jpg
s0.2mdn.net/sadbundle/2978795306681093372/media/ Frame DB39 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2978795306681093372/media/9b452d01458672910e7d5563cf627a12.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2978795306681093372/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
638da68d1a997a598941305c443568296ea3ddca5403770f4957e77c89176182
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2978795306681093372/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 06:57:56 GMT
x-content-type-options
nosniff
age
590219
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9180
x-xss-protection
0
last-modified
Mon, 31 Oct 2022 13:57:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 16 Nov 2023 06:57:56 GMT
8757899ed78b540d7a10e2090524ee29.jpg
s0.2mdn.net/sadbundle/2978795306681093372/media/ Frame DB39 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2978795306681093372/media/8757899ed78b540d7a10e2090524ee29.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2978795306681093372/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b03ce3d833cdc7cb662b4af5266d43554fa0d3a9beaa08a2c2ce2add99ba651b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2978795306681093372/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 12:56:20 GMT
x-content-type-options
nosniff
age
482315
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8009
x-xss-protection
0
last-modified
Mon, 31 Oct 2022 13:57:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Nov 2023 12:56:20 GMT
425fe9df5aeccd76555df3bc4e1306aa.jpg
s0.2mdn.net/sadbundle/2978795306681093372/media/ Frame DB39 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2978795306681093372/media/425fe9df5aeccd76555df3bc4e1306aa.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2978795306681093372/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
375219458230d32bb6cc873daa53643fd9e4cccfb515abb9cc54f51c84dea2b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2978795306681093372/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 21:27:50 GMT
x-content-type-options
nosniff
age
365225
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8670
x-xss-protection
0
last-modified
Mon, 31 Oct 2022 13:57:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 18 Nov 2023 21:27:50 GMT
6b665cec6cfb91f1db319fda16726be0.jpg
s0.2mdn.net/sadbundle/2978795306681093372/media/ Frame DB39 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2978795306681093372/media/6b665cec6cfb91f1db319fda16726be0.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2978795306681093372/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f2e892ca68c6d486d8df7cabfa1a525c6e4490726084b9007ec88bd933d3d5a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2978795306681093372/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 00:40:19 GMT
x-content-type-options
nosniff
age
94476
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6784
x-xss-protection
0
last-modified
Mon, 31 Oct 2022 13:57:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 22 Nov 2023 00:40:19 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 91A1
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7169039542254237838&gdpr=0&gdpr_consent=
42 B
240 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7169039542254237838&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 23 Nov 2022 02:54:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Wed, 23 Nov 2022 02:54:55 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7169039542254237838&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
adx
match.prod.bidr.io/cookie-sync/ Frame AB3B
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEV0JrN0cteGNBQUItejY4bk1rQQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
43 B
433 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.34.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-34-58.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
43
Date
Wed, 23 Nov 2022 02:54:55 GMT
Server
gunicorn
cache-control
no-cache, must-revalidate
content-type
image/gif
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma
no-cache
strict-transport-security
max-age=2592000; includeSubDomains

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
355
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 02:54:55 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame 5B34
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=oywzxlZ-TQZkjoxdHLND8NmKxGQ
42 B
382 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=oywzxlZ-TQZkjoxdHLND8NmKxGQ
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 23 Nov 2022 02:54:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
159
Content-Type
text/html; charset=utf-8
Date
Wed, 23 Nov 2022 02:54:55 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=oywzxlZ-TQZkjoxdHLND8NmKxGQ
Pug
simage2.pubmatic.com/AdServer/ Frame 335F
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y32LfAAKFdI0aAA7&gdpr=0&gdpr_consent=
1 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y32LfAAKFdI0aAA7&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Wed, 23 Nov 2022 02:54:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Wed, 23 Nov 2022 02:54:55 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y32LfAAKFdI0aAA7&gdpr=0&gdpr_consent=
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-lcy-eglc8600046-LCY
x-timer
S1669172095.417015,VS0,VE0
/
csync.loopme.me/ Frame A46D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.214.223.115 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
115.223.214.35.bc.googleusercontent.com
Software
_ /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

date
Wed, 23 Nov 2022 02:54:55 GMT
server
_
i.match
s.tribalfusion.com/z/ Frame BF4E
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
414 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
76e69f7deda975cf-LHR
content-length
43
content-type
image/gif; charset=utf-8
date
Wed, 23 Nov 2022 02:54:55 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
76e69f7ccd1c75cf-LHR
content-type
text/html
date
Wed, 23 Nov 2022 02:54:55 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
6051
cookiesync
core.iprom.net/ Frame CE92 		43 B
277 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Wed, 23 Nov 2022 02:54:55 GMT
Vary
Accept-Encoding
X-adserver-worker
erebus-440493bb26df@version_1.531
X-core-time
0ms
X-server-arch
v2
pub
matching.truffle.bid/sync/ Frame 91A2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.161.54.172 , Germany, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS
static.172.54.161.5.clients.your-server.de
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Connection
keep-alive
Date
Wed, 23 Nov 2022 02:54:55 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
generic
match.adsrvr.org/track/cmf/ Frame 58C8
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8548484106
70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8548484106
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Wed, 23 Nov 2022 02:54:55 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Wed, 23 Nov 2022 02:54:55 GMT
etag
RXbf471198dec9463f89a0347329157e9e003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8548484106
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
bridge
cm.adgrx.com/ Frame 90DB 		43 B
283 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.196 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Wed, 23 Nov 2022 02:54:55 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-5
gdpr_consent=
sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=d3ac1de4f69aa85b/gdpr=0/ Frame C81C
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=d3ac1de4f69aa85b/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%...
49 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=d3ac1de4f69aa85b/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DEcv7Kmx8QYgjbQnWMURggSVh
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.35.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-35-234.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache
content-length
49
content-type
image/gif
date
Wed, 23 Nov 2022 02:54:55 GMT
expires
0
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma
no-cache
server
Jetty(9.4.38.v20210224)
x-server
10.45.25.6

Redirect headers

content-length
0
location
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=d3ac1de4f69aa85b/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DEcv7Kmx8QYgjbQnWMURggSVh
cm
ipac.ctnsnet.com/int/ Frame 34FC 		43 B
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Wed, 23 Nov 2022 02:54:55 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
simage2.pubmatic.com/AdServer/ Frame A49A
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A6E0864F3955409AAE0AC8EBB77074AF&gdpr=0&gdpr_consent=
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A6E0864F3955409AAE0AC8EBB77074AF&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Wed, 23 Nov 2022 02:54:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Wed, 23 Nov 2022 02:54:55 GMT
expires
Tue, 22 Nov 2022 02:54:55 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A6E0864F3955409AAE0AC8EBB77074AF&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
csync
sync.adtelligent.com/ Frame 6748 		0
404 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=1540EA77-AB19-43EC-AD22-9A8D43F3C8DE
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.1.122 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
0
Date
Wed, 23 Nov 2022 02:54:54 GMT
Etag
10aebe5b331045ba
Server
Adtelligent
Artemis
aud.pubmatic.com/AdServer/ Frame C241
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=1540EA77-AB19-43EC-AD22-9A8D43F3C8DE&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=1540EA77-AB19-43EC-AD22-9A8D43F3C8DE&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=1540EA77-AB19-43EC-AD22-9A8D43F3C8DE&addseg=11,34,40
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=1540EA77-AB19-43EC-AD22-9A8D43F3C8DE&addseg=11,34,40
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
185.64.190.87 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

date
Wed, 23 Nov 2022 02:54:55 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=1540EA77-AB19-43EC-AD22-9A8D43F3C8DE&addseg=11,34,40
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141
info2
uipglob.semasio.net/pubmatic/1/ Frame C241
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=1540EA77-AB19-43EC-AD22-9A8D43F3C8DE&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=1540EA77-AB19-43EC-AD22-9A8D43F3C8DE&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=1540EA77-AB19-43EC-AD22-9A8D43F3C8DE&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
77.243.60.138 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:55:04 GMT
frontend-id
9
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:55:04 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=1540EA77-AB19-43EC-AD22-9A8D43F3C8DE&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
mw
mwzeom.zeotap.com/ Frame C241 		95 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=1540EA77-AB19-43EC-AD22-9A8D43F3C8DE
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:55 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
76e69f7c79da730e-LHR
access-control-allow-headers
*
content-length
95
p
a.audrte.com/ Frame C241
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=1540EA77-AB19-43EC-AD22-9A8D43F3C8DE
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
52.72.183.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-183-146.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 02:54:55 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Wed, 23 Nov 2022 02:54:55 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame C241 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Wed, 23 Nov 2022 02:54:55 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame C241
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3779534352676268122&gdpr=0&gdpr_consent=&us_privacy=
1 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3779534352676268122&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Wed, 23 Nov 2022 02:54:54 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3779534352676268122&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Wed, 23 Nov 2022 02:54:54 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame C241
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:3de1acb7-13e2-487c-8e9f-0bbd5e2a5344&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:3de1acb7-13e2-487c-8e9f-0bbd5e2a5344&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 23 Nov 2022 02:54:55 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:3de1acb7-13e2-487c-8e9f-0bbd5e2a5344&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Wed, 23 Nov 2022 02:54:55 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
simage2.pubmatic.com/AdServer/ Frame C241
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3740268398524048266
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3740268398524048266
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 23 Nov 2022 02:54:54 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 02:54:55 GMT
AN-X-Request-Uuid
27266662-8a46-4ddf-99e1-49200824af14
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3740268398524048266
Connection
keep-alive
X-Proxy-Origin
217.138.196.100; 217.138.196.100; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame C241
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=e7e0112f-fd32-488a-b344-d9a20a0a7347&gdpr=0&gdpr_consent=
1 B
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=e7e0112f-fd32-488a-b344-d9a20a0a7347&gdpr=0&gdpr_consent=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Wed, 23 Nov 2022 02:54:54 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=e7e0112f-fd32-488a-b344-d9a20a0a7347&gdpr=0&gdpr_consent=
Date
Wed, 23 Nov 2022 02:54:55 GMT
Connection
keep-alive
X-CI-RTID
1c361c8c-a327-4669-9393-a066a3130d55
Content-Length
205
Content-Type
text/html; charset=utf-8
api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
pagead2.googlesyndication.com/bg/ Frame 3EEF 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 00:22:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9157
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 23 Nov 2023 00:22:18 GMT
CSH_GEN_BRA_G0030_BF22_Display_2090_4109_1.20.jpeg_1668193221491_CSH_GEN_BRA_G0030_BF22_Display_2090_4109_1.20.jpeg
s0.2mdn.net/dynamic/2/10972614/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/636e38ac0a6a4e1a2a11323d/original/ Frame 746E 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10972614/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/636e38ac0a6a4e1a2a11323d/original/CSH_GEN_BRA_G0030_BF22_Display_2090_4109_1.20.jpeg_1668193221491_CSH_GEN_BRA_G0030_BF22_Display_2090_4109_1.20.jpeg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
022b03a09cbfb1b95106c1ce345502114f2906cc911a1f88cd35668e516d3075
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12253562395284209664/728x90-Crystal_Ski/index.html?e=69&leftOffset=0&topOffset=0&c=uvcZk6if6d&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 19:08:26 GMT
x-content-type-options
nosniff
age
27989
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10829
x-xss-protection
0
last-modified
Fri, 11 Nov 2022 19:00:36 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 22 Nov 2023 19:08:26 GMT
green.jpg_1654676661554_green.jpg
s0.2mdn.net/dynamic/2/10972614/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/60c38ac395a6ba0006c07d59/templates/60d1c841259ae400060bed77/content/ Frame 746E 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10972614/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/60c38ac395a6ba0006c07d59/templates/60d1c841259ae400060bed77/content/green.jpg_1654676661554_green.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
627eb9f093dbcfaa5bda1e358da29f3f8c3d7c440977ff5c3b5a39a9a2b33839
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12253562395284209664/728x90-Crystal_Ski/index.html?e=69&leftOffset=0&topOffset=0&c=uvcZk6if6d&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:22:13 GMT
x-content-type-options
nosniff
age
343962
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1964
x-xss-protection
0
last-modified
Wed, 08 Jun 2022 08:24:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 19 Nov 2023 03:22:13 GMT
icon.png_1654676661554_icon.png
s0.2mdn.net/dynamic/2/10972614/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/60c38ac395a6ba0006c07d59/templates/60d1c841259ae400060bed77/content/ Frame 746E 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10972614/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/60c38ac395a6ba0006c07d59/templates/60d1c841259ae400060bed77/content/icon.png_1654676661554_icon.png
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1eb72593541d2e8030368866e03471079975be3cb30aec0952baaeefd78fb293
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12253562395284209664/728x90-Crystal_Ski/index.html?e=69&leftOffset=0&topOffset=0&c=uvcZk6if6d&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 05:14:24 GMT
x-content-type-options
nosniff
age
423631
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1075
x-xss-protection
0
last-modified
Wed, 08 Jun 2022 08:24:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 18 Nov 2023 05:14:24 GMT
icon1.png_1654676661554_icon1.png
s0.2mdn.net/dynamic/2/10972614/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/60c38ac395a6ba0006c07d59/templates/60d1c841259ae400060bed77/content/ Frame 746E 		839 B
868 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10972614/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/60c38ac395a6ba0006c07d59/templates/60d1c841259ae400060bed77/content/icon1.png_1654676661554_icon1.png
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80be87288b81ef66258e8f79ef62758528d8f7ba1fa65f1a0d3378b3f960a324
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12253562395284209664/728x90-Crystal_Ski/index.html?e=69&leftOffset=0&topOffset=0&c=uvcZk6if6d&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 09:42:30 GMT
x-content-type-options
nosniff
age
321145
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
839
x-xss-protection
0
last-modified
Wed, 08 Jun 2022 08:24:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 19 Nov 2023 09:42:30 GMT
FREE-CHANGES_WHITE.png_1656946999699_FREE-CHANGES_WHITE.png
s0.2mdn.net/dynamic/2/10972614/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/609d2b70a9358100069475ac/original/ Frame 746E 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10972614/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/609d2b70a9358100069475ac/original/FREE-CHANGES_WHITE.png_1656946999699_FREE-CHANGES_WHITE.png
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3b7e1ee41b3a3451de52cefe8da3a36dc50d9e36499a295a6edc97f7ab275b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12253562395284209664/728x90-Crystal_Ski/index.html?e=69&leftOffset=0&topOffset=0&c=uvcZk6if6d&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 20:35:00 GMT
x-content-type-options
nosniff
age
109195
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4961
x-xss-protection
0
last-modified
Mon, 04 Jul 2022 15:03:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 21 Nov 2023 20:35:00 GMT
icon3.png_1654676661554_icon3.png
s0.2mdn.net/dynamic/2/10972614/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/60c38ac395a6ba0006c07d59/templates/60d1c841259ae400060bed77/content/ Frame 746E 		730 B
759 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10972614/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/60c38ac395a6ba0006c07d59/templates/60d1c841259ae400060bed77/content/icon3.png_1654676661554_icon3.png
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d3e8c9562d27fc8c2f494caa91e665b16a5bc5ab098ca0a9df839049247c346
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12253562395284209664/728x90-Crystal_Ski/index.html?e=69&leftOffset=0&topOffset=0&c=uvcZk6if6d&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 05:14:26 GMT
x-content-type-options
nosniff
age
423629
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
730
x-xss-protection
0
last-modified
Wed, 08 Jun 2022 08:24:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 18 Nov 2023 05:14:26 GMT
feefo_wm_gold_service_2022_WHITE.png_1655996589146_feefo_wm_gold_service_2022_WHITE.png
s0.2mdn.net/dynamic/2/10972614/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/62b2e41b6d9b2b23d1871411/original/ Frame 746E 		75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10972614/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/62b2e41b6d9b2b23d1871411/original/feefo_wm_gold_service_2022_WHITE.png_1655996589146_feefo_wm_gold_service_2022_WHITE.png
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
853053c3e9c21bad0b07e4b8f922911cb98280c5d2489f961e055ba9b37f270a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12253562395284209664/728x90-Crystal_Ski/index.html?e=69&leftOffset=0&topOffset=0&c=uvcZk6if6d&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 12:54:39 GMT
x-content-type-options
nosniff
age
396016
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
77208
x-xss-protection
0
last-modified
Thu, 23 Jun 2022 15:03:17 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 18 Nov 2023 12:54:39 GMT
CSH_GMW_WHITE.png_1654676661554_CSH_GMW_WHITE.png
s0.2mdn.net/dynamic/2/10972614/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/624c6db443129680c9b59525/original/ Frame 746E 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10972614/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/624c6db443129680c9b59525/original/CSH_GMW_WHITE.png_1654676661554_CSH_GMW_WHITE.png
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9d52551d0d3969a369c1b4ba9172cbfa8cb3f2c56a95c59b116196506564912
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12253562395284209664/728x90-Crystal_Ski/index.html?e=69&leftOffset=0&topOffset=0&c=uvcZk6if6d&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:37:25 GMT
x-content-type-options
nosniff
age
343050
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11120
x-xss-protection
0
last-modified
Wed, 08 Jun 2022 08:24:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 19 Nov 2023 03:37:25 GMT
blank.png_1654676661554_blank.png
s0.2mdn.net/dynamic/2/10972614/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6113a5288a7ab49328617a1f/original/ Frame 746E 		91 B
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10972614/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6113a5288a7ab49328617a1f/original/blank.png_1654676661554_blank.png
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4df4f831ed5cdb639c42779819720daea3b9850e12cafe851ea4b242ccaa166e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12253562395284209664/728x90-Crystal_Ski/index.html?e=69&leftOffset=0&topOffset=0&c=uvcZk6if6d&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 13:45:31 GMT
x-content-type-options
nosniff
age
392964
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
91
x-xss-protection
0
last-modified
Wed, 08 Jun 2022 08:24:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 18 Nov 2023 13:45:31 GMT
LOGO-STRAP_WHITE_RGB%20.png_1654676661554_LOGO&STRAP_WHITE_RGB%20.png
s0.2mdn.net/dynamic/2/10972614/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/61250506ad09bb6cf0fb6f1d/original/ Frame 746E 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10972614/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/61250506ad09bb6cf0fb6f1d/original/LOGO-STRAP_WHITE_RGB%20.png_1654676661554_LOGO&STRAP_WHITE_RGB%20.png
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
605f5f89b676c72ccda7a2bb2257f1b787f4fa4fcd111e652e81c8ba62026ac8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12253562395284209664/728x90-Crystal_Ski/index.html?e=69&leftOffset=0&topOffset=0&c=uvcZk6if6d&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 05:28:22 GMT
x-content-type-options
nosniff
age
595593
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1958
x-xss-protection
0
last-modified
Wed, 08 Jun 2022 08:24:29 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 16 Nov 2023 05:28:22 GMT
logo.png_1654676661554_logo.png
s0.2mdn.net/dynamic/2/10972614/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/60c38ac395a6ba0006c07d59/templates/611272668a7ab4208a5e93f8/content/ Frame 746E 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10972614/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/60c38ac395a6ba0006c07d59/templates/611272668a7ab4208a5e93f8/content/logo.png_1654676661554_logo.png
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
605f5f89b676c72ccda7a2bb2257f1b787f4fa4fcd111e652e81c8ba62026ac8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12253562395284209664/728x90-Crystal_Ski/index.html?e=69&leftOffset=0&topOffset=0&c=uvcZk6if6d&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:22:13 GMT
x-content-type-options
nosniff
age
343962
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1958
x-xss-protection
0
last-modified
Wed, 08 Jun 2022 08:24:28 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 19 Nov 2023 03:22:13 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame ADBF 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvxpm2sVousxbM5mktMnEq6SWNpU-1pFJFMxDA6kAVyDoFyhSSwtzhrGAhfzzb8BYANmA7vODiTyRJ8kbnaDSWi3Xr5T0qWyxEuEm4k97Tc58Mby-xCWv24DiVHzMhU-QqZFaIwjw&sai=AMfl-YT6KyY5xizJdWCVCgKqgU4NZZYXRYZtVLSGVCRCYfZ6GuJKNrBybIE_WM8F76oAdATAR8z1yxSo5HZHpFtbqpLTK6n3YBFl1oWMKA&sig=Cg0ArKJSzNAYWCK0bWxfEAE&cid=CAQSKQDq26N9Ni3m6SfWZCrN2pNHMSnUFYGEMZgQpZyMd6cbEvdLBzeDBAjDGAEgEw&id=lidar2&mcvt=1037&p=0,0,90,728&mtos=1037,1037,1037,1037,1037&tos=1037,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3481491427&rs=2&la=0&cr=0&vs=4&r=v&rst=1669172091786&rpt=2565&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:54:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 0ED2 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
398894
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 18 Nov 2022 12:06:41 GMT
expires
Sat, 18 Nov 2023 12:06:41 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
BrandonText-Bold.woff
s0.2mdn.net/sadbundle/12253562395284209664/728x90-Crystal_Ski/ Frame 746E 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12253562395284209664/728x90-Crystal_Ski/BrandonText-Bold.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12253562395284209664/728x90-Crystal_Ski/fonts.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cccd6bbd7a7c7ab4a3080322d70ac63c386ba9c37740cc8c2be220c157216b1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/12253562395284209664/728x90-Crystal_Ski/fonts.css
Origin
https://s0.2mdn.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 01:07:53 GMT
x-content-type-options
nosniff
age
352022
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34172
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 11:16:22 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 19 Nov 2023 01:07:53 GMT
BrandonText-Regular.woff
s0.2mdn.net/sadbundle/12253562395284209664/728x90-Crystal_Ski/ Frame 746E 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12253562395284209664/728x90-Crystal_Ski/BrandonText-Regular.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12253562395284209664/728x90-Crystal_Ski/fonts.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
731bc189a064b79fa15c680fb951fb8ad5f5a4b09620d561e21df3a52b095ff7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/12253562395284209664/728x90-Crystal_Ski/fonts.css
Origin
https://s0.2mdn.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:22:13 GMT
x-content-type-options
nosniff
age
343962
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34412
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 11:16:22 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 19 Nov 2023 03:22:13 GMT
api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
pagead2.googlesyndication.com/bg/ Frame 910B 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 00:22:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9157
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 23 Nov 2023 00:22:18 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame D456 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstEQj_x_-JQpSblweproKjrYJsT7rZV0_uQZLjggauRtsXYUtYZYbZWNZKsu6JI13gtcd_f3VWek0zuKn_P3CAi2iuEDNLmoJL7Dr45BnaMTuaCzu_NvZSbzKKpT2Skr4wtEjJQF0kuD2Bkfo4Sj-38KwHGyJu2STs&sai=AMfl-YTOtXnlvnBTAaiNETBGq-gRKTYd4fcQOx4VIE4heHJLhSG4luteU1RjfyKPXURulsKQk1eUAe_kt680Mj9i8JrQlKWz1P5fr5G9s3dI1eWrjESc6WZfoFKKlaZHnhh_qg&sig=Cg0ArKJSzA8MHS3aI4rfEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=792&vt=11&dtpt=526&dett=3&cstd=261&cisv=r20221110.82771&arae=0&ftch=1&adurl=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 23 Nov 2022 02:54:55 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame C3A1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsshLv_MbqqzBI1eArxwIMqQmEGR2SZGhmvuWLuNpopo1iejCKLrNIMd459IN02gw5k4J994QGhkJm1xeUUA0XSdUcBcWsm_zs5w2caZD9_nL_cyRj_yg7uyvOaCKPpShxpkCZqbt2WWTK1ZI9ZxwfmOT66WEZ7hi12_C7FhfFupc-iRLzziCvMFzctsTFQADn5ZXj7qwoGSIpwXd48UDTt4UtPBvvjoj2ij5r2d0XBzZEZPBItlf3XMRPeqQ_m3fDKW3XH477pYENL6RY5NVTegDCHoScYzfKpz4Cm3qOIVpmrJ0U5rfD4KWzjsJls-xq5MbCZo2xX-pHlNqtwcicSVB61pqcxCwedm71yjEyTHpXgXp9FcKEXhEdhYN4zfGJ8gsc0Jhy9XF2T9Qc123SHAQaLZ-scx0gscSxQpUZ-zgzlWFRTgLl_4So7X3nZwBJxaQoC8YRJojqUVqivWjXuX-G1TCHi9pr1ySLJzvciD4bKINHxZ6bPpYfGvI2ao7w09a3oG1LkV77sdRBGURKkvBkU-SSCvUiXHZ5wgG4eRweTh5lhebIjMrAQYd0VGvcbzmWL3PNo7n7H0xBQwYTNnV1ZvhmW4DqgdBn1o7kDHQttOkdwAglVp69PCE2ebQOIRwTCeYrGtpU_lB9VJu3yarz-U1dn1BPbLGZBf8PrPbZBXZltNMh9GhRzQrmGy5rEPQ-UyqqdBz9za9doWCf3-XfBR3-qKNvHB3eNAZvtosEYhlSXo6KZDd6Q8sZcitBlX0rJyLHyK3y7MV4Sv1QyqVr89bN1Bq4ZfTnRkIpO60nfSMTNcqlgwd7nvZDXNI913Ytyw0R3ojMgLPqeSVz75236EpmRyt6q2YIrqEH8E6GWYrdsAm1yhNFBjtOu2ZyeGUxuJxnO1Du7D76Rw0LxrzxyFd2Zi1hsnQpJdV-XK6Rj9urv2aDU4ENVT2XylBec1XbuXvW0N56VACXGsrNftMzVG6k1i7O_MooblYvNRCVpZAEIK6XAMbTDj8qkTMNuDuGYsEXyq-CBrIGZNjLgaPEWwGh_OC2Pt8nCd2gPjgkVkPUJh2d8EQO1By3GtmV6VE55n8YvXx1w9u-4nu9SclFTlELwyNkq7WsnXT9lQ3Qs3_p7cRuwyE7dHkhDfCjPQzBy-QJHFKRgO--S5gJwXSJYmS2B-5pTpI80B1cTS1l0OoKC7aBR3cyRxvxuYj_hYwvdVaURsVxFxbFeETei6RnDuamfTrqRVjSIs-MuG3p--6wvtcRc&sai=AMfl-YTUhWsH5xTBaNjEesx4vHiVBm6JhjBzBSnSE3NgqTEZyy1xfyfMFdSGokIUTf8iBiuRrgobYd-OIgSm1mpI5HkZsFcRoFTaqE-ytft-BOdg1dVXKEfnTTKJrhBA8Y8Qr6P_JAQGHdeyyEQD3IsCboapNH4_ir1AuWnV7Gs0YF1iCP9vUyewRyO3pcOGr3n5qGZ3_VJasuRAARYneak&sig=Cg0ArKJSzDPE1GCg8f5BEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1245&vt=11&dtpt=786&dett=3&cstd=456&cisv=r20221110.57482&arae=0&ftch=1&adurl=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 23 Nov 2022 02:54:55 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 9470 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d3ac4865d2c09c0e87497b5fc86890c2dcbd95324200689449495a41dd337dfc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:55 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11332
x-xss-protection
0
ed69972da1f67d4cf8993f23553f7509.jpg
s0.2mdn.net/sadbundle/18030282549340789940/media/ Frame 6BC4 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/18030282549340789940/media/ed69972da1f67d4cf8993f23553f7509.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18030282549340789940/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5e4785eb8a7cfe47178ef53ab653bd49742262523946b3eede81bd2f48183a43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18030282549340789940/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 03:06:58 GMT
x-content-type-options
nosniff
age
431277
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5515
x-xss-protection
0
last-modified
Fri, 04 Nov 2022 08:41:57 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 18 Nov 2023 03:06:58 GMT
7aebc6464f79bda82ae0dfafd9b84566.svg
s0.2mdn.net/sadbundle/18030282549340789940/media/ Frame 6BC4 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/18030282549340789940/media/7aebc6464f79bda82ae0dfafd9b84566.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18030282549340789940/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0266c1016aab57da0da73d99d479449098897981b6e497db3bfba634a8f0f49b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18030282549340789940/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 03:06:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
431277
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1891
x-xss-protection
0
last-modified
Fri, 04 Nov 2022 08:41:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 18 Nov 2023 03:06:58 GMT
b45cd87ca999d117abfa27a9d2cc0b93.svg
s0.2mdn.net/sadbundle/18030282549340789940/media/ Frame 6BC4 		2 KB
961 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/18030282549340789940/media/b45cd87ca999d117abfa27a9d2cc0b93.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18030282549340789940/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a701542abb5708d4d103a2a2e2e1aadf61a8334b4b1705d2b09819c97d4ca6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18030282549340789940/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 03:06:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
431277
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
924
x-xss-protection
0
last-modified
Fri, 04 Nov 2022 08:41:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 18 Nov 2023 03:06:58 GMT
6eb717b268c5f405b54f89e251f8be7a.svg
s0.2mdn.net/sadbundle/18030282549340789940/media/ Frame 6BC4 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/18030282549340789940/media/6eb717b268c5f405b54f89e251f8be7a.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18030282549340789940/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c2d5e2508552270d4e4a199fb5a520d567c17f0d9bb4d66669f36b2be2f637c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18030282549340789940/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 03:06:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
431277
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
995
x-xss-protection
0
last-modified
Fri, 04 Nov 2022 08:41:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 18 Nov 2023 03:06:58 GMT
5aadfd2e8999477c7eb5640416fd315f.svg
s0.2mdn.net/sadbundle/18030282549340789940/media/ Frame 6BC4 		932 B
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/18030282549340789940/media/5aadfd2e8999477c7eb5640416fd315f.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18030282549340789940/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f856495ad86cd108feb0b63db29fcca3796b00e41a9407255e28b046563e5e21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18030282549340789940/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 07:58:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
413758
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
372
x-xss-protection
0
last-modified
Fri, 04 Nov 2022 08:41:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 18 Nov 2023 07:58:57 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 5FA7 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2f94354adb35be5e58296f25e2b8ae05c7b7a81885a01a78c76d8f370b875b88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:55 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5621
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 3CAA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221110&jk=1336550878665547&bg=!bW6lbirNAAbvMpMzzzI7ACkAdvg8Wh8AuPU5k8R93ubUXOR8Prmc-kNC1DkOxOnA-x7WvZOQbRW8xwIAAAOwUgAAAANoAQcKAGTWJBDqDhWDbfyk0DRbEWcmUtnwN7uZwl8gTwc3DLXPMcYUl68cMmexR41EITz5rQi0ab-il54DeNBQnuNANfHqh5aBzflPPduumBQLZay8nqJycyIrVLZHtskt-ymMCGQSXBEumQLKBeG44kjpkJRe_godjNfE4LZtflCsHmmuZIzyp1zvSy-bgBiEu72d-pZDNuJkrDaJhLrxidGjhhhRCU6XKDhbcccgzCh8JBf_9p4MoxgozB3P1QzYeNpwoHkF7E-F5EcZSD1evWypNDO0k3_dnUAqk61PjByyMpmjyPSzVI0mZjx1-_mr4yhOKp03T8wSjslR3eglD4KO8iIdJ_Plh2giIOEEV9Mpj8PGJKlYaJVPb_H8AQiDhpNEH60wdbKFOjYvtrpIyfjI_nSamM9xm2gkiOCLqyzz5oni5HBqovFJgnQGbpHkhsBK2dLKG_r3Cn7MW79NBE7Nw-HgqLIrFBVhXaVeVZOfy8PLgZrbrQkSHSYPLlGl26NcgAkK1FGP1ZOCFH7EMjiFHnz8UDm2IEUN8UvBFzVf-yCbACSOWh9VJaICPRVUQxX51MqMM5AQWEnPxYYqoLNKyO8nbHiOnGez_4y26LXcDvUVSo61Lmhs_pTsrMW8GjVS5tZbYFfNdUEdfjKTy4iUu2STnYaQRX-OLEzwgsnNUClgYQvkVO_hkE1TDeg5CxI_OWl67_f8KaxTa38oHAdJJCkvFw7TaYADFjnQ-oJEq9XUJRAtJiZbkfGN6CawqsfTd6WWJPu1JZJvCfQmCzKZJrOEEKusdGOcU3oKDR1kyPD5QhvaokGyocDxhz7k9sjaaFaKuxu8It2OvJCQw--1QPDRV9J0bHSin-8aKiGN-2bAQ7scjK6ZbCoNrIEBHaCsPJ1zZD9zX_kYcXrt1Ej3w84dJzPYPobUKxkD7hSDH0brpJuk-up-CrPFo0iU097sIYR4KU54wegpHEHKZUc-KjG7QGrBWBCRY-zJF5Im2ROqe6hBAGvXbfCoaVR4fWoMduebDhvEJLEhOLcXdRS05ihZ9Ja-6yKVmy0lVaKFGETBCFnquSk3iFFT33WHsWrHzDcT
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 9470 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 23 Nov 2022 02:54:55 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6F24 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BsFJifYt9Y87kJIzC7_UPz7S4uA4AAAAAOAHgBAI&bg=!9vWl9bHNAAbvMpMzzzI7ACkAdvg8WipEFhADI1ebENCcCiiBM5yCBMGTkDuM0XZCDZxURvYcvT5tJQIAAAJoUgAAAANoAQeZAtTqRGQu1kB19EEYvkvNdLY2I-HoAm8wMAZ_zwllNKbj0ngm-aSF5u7QKqrWrj40Tl9H4SbcKUlUVnzXkAF-A7bs1g1F-ULhTDA-GwgMMJIFjNkEVk0wJ5NlUqpJiMKhQ9iig3mqwupPM2XApVK0tZzzMNYs9ARp1GUttGbR18t5pKpcO_PNAkt31FJKO9E2qT1AlJNo9jSP1ZEdP-O7qm7kjf9hlStRkco45aqBBpIb_uX4UgBn8RLJDrifTcbXg-5jTBjHVfZ2igT9Ef0b_6oU6cmrVcEKNXH15onGJoIGFjH_K49w_nGLog_trH698_jeRt8zuX4xc0DPzLtKxJNCPMlhRQuVFXJP8LH_8RiZ_1W7Oijywi7RlKd65Os6xu26tw6JPsg8gM8BVq6u_DNlBbKYZC_z3t8Kzd8FKub435_hg2-PfJYMNjoNdBU58B0AxHe2Q4HU7Pu_KWCpEdUYPagKi1bmPjz_E6OSHOmpKOmziAFQ1aFWtWC01fERlFf9OuaB4TTecVtkwlMx9GxgJrkKF6EDiSdeKZbkuk4ml61LImvOWvy-40HHuBMDBfTPhSPfzSFX6G30MluFqa1nKsa7rP6aL_-C6kZVXfGEb3aVAjSAY1NIa1_DW6CQ1eAiL__x7u4LuvAp8SlrltMtTZ4K2g_jCjfMZBy5oCISwCVDWUBruNyydgzrjtmT2ub-aYah6OXWF8B3LPtfnj_IS4mcr6xMuvGT-kOqE2-OZM4qoxooCthKCJi7HhY4nroPnesI9_tFvN55xGuERdpA806hllFije8V7UdFEwcZ7nOgcWx4PCL1exxLFOeCHIDmYHJD4i2cmzEaejxpSPUaW6T2ze-Kw-ypJv5cM0vDQwxyJXZHaF6dggpw5HCxq08j87EMzYELqaCBH7wwtP97EYBxBlaHZRNJHWiO63dfzUhvtk7E1qheG5dsx64lGxgn7B0t
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417949&pi=t.ma~as.6208660382&w=300&lmt=1669172092&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1669172092258&bpp=4&bdt=728&idt=555&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&cookie=ID%3Df966468c1f21bd2a-22b3fecf76d700fd%3AT%3D1669172092%3ART%3D1669172092%3AS%3DALNI_MbxLjDH9BsH-ncOtlGFqPmHIHUxvQ&gpic=UID%3D00000b86211eed53%3AT%3D1669172092%3ART%3D1669172092%3AS%3DALNI_MaxgCLLG6BrkRDm3aXhGq6BAbnv-Q&correlator=4639092018766&frm=23&ife=5&pv=1&ga_vid=1022265231.1669172090&ga_sid=1669172090&ga_hid=663377632&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=910&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44777506%2C31070968%2C44770881&oid=2&pvsid=2843744206474669&tmod=1440526577&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.6ul7w0abq8ea&fsb=1&dtd=572
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:54:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 5FA7 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 23 Nov 2022 02:54:55 GMT
api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
pagead2.googlesyndication.com/bg/ Frame 0ED2 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 00:22:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9157
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 23 Nov 2023 00:22:18 GMT
93b0b6b309eab173165b6110fb0a2637.jpg
s0.2mdn.net/sadbundle/18030282549340789940/media/ Frame 6BC4 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/18030282549340789940/media/93b0b6b309eab173165b6110fb0a2637.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18030282549340789940/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8e5941c51bb3df3352c89721215f1d518984cba8fefd2048a37988da2dea241
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18030282549340789940/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 07:58:57 GMT
x-content-type-options
nosniff
age
413758
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9593
x-xss-protection
0
last-modified
Fri, 04 Nov 2022 08:41:57 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 18 Nov 2023 07:58:57 GMT
1b450c0b0ec98137ad2ae2e4ead815b1.jpg
s0.2mdn.net/sadbundle/18030282549340789940/media/ Frame 6BC4 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/18030282549340789940/media/1b450c0b0ec98137ad2ae2e4ead815b1.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18030282549340789940/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6bde7c766dd93dbc350167dc63decbf345b851acdecff00f7466e55dd319e71b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18030282549340789940/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 06:17:34 GMT
x-content-type-options
nosniff
age
592641
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6332
x-xss-protection
0
last-modified
Fri, 04 Nov 2022 08:41:57 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 16 Nov 2023 06:17:34 GMT
931ffbf4c615b84c2be84553c31c8c28.jpg
s0.2mdn.net/sadbundle/18030282549340789940/media/ Frame 6BC4 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/18030282549340789940/media/931ffbf4c615b84c2be84553c31c8c28.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18030282549340789940/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29fb339b41ead4b4ebb877e441fcb4d3b706002446150d1774a35584f02af981
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18030282549340789940/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 06:17:34 GMT
x-content-type-options
nosniff
age
592641
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9015
x-xss-protection
0
last-modified
Fri, 04 Nov 2022 08:41:57 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 16 Nov 2023 06:17:34 GMT
6a109eeb2adedf390186147dba7f3df0.jpg
s0.2mdn.net/sadbundle/18030282549340789940/media/ Frame 6BC4 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/18030282549340789940/media/6a109eeb2adedf390186147dba7f3df0.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18030282549340789940/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b196da55a321ca277688ffe8ad59490c8738ad96b17d9752992c8bdcd39468fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18030282549340789940/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 02:39:48 GMT
x-content-type-options
nosniff
age
346507
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10317
x-xss-protection
0
last-modified
Fri, 04 Nov 2022 08:41:57 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 19 Nov 2023 02:39:48 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 787D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221110&jk=2843744206474669&bg=!vL-lv_vNAAbvMpMzzzI7ACkAdvg8WvcLst7RfpYQaYUDKicPtZT4Y4ZnnJGDAFT4687rySyHQKU8MgIAAAOnUgAAAARoAQeZArd9AN0Fatd1DqZXLn4IL0T8_12q5vOTKWPexKEem667KPjkyR8Pf4AUh-FC4qVQ8Wge6y7-WZmajvyd0CY3ywi7GPOlUcFS13Pc58xgcJcR_-3rcyxW8Cz9EFAItksJovBukNAgSTHgE6Gpo3ugVMZ7KRR4Th_XzPK1Gwrpwtl24JZdh00Ehh5qzUj4cgyIimdxu7072NVJjs9G9IYbljy4Q5EPMo4Y4oxaogvGKv6atDFsyVnAiJvBisNOIwUUvab8NJ7U3s8veVz7D-fz85qIPPLZYBQFGaVkMCNuoKvpey7Zzie9N_wI4x5OV_OCqP3PYI8wnXTfdnCVcsehzm9sIuCh1kKWMIPIKLIVhIBtkc7ckbAo3mikZIJIaVkD4oX1gLWW_RP1ggltLHJJ8t8IYuKMPkI62O6kLg7ZiCt0Yv8xw_FiR0UuqjxDCfInSzscrj8nGZzkB_GXDzXxmIXW4LySrLKXFVDCQA8yB124gSR3Xe1-sFTwtjyrwgGs9hFUTSaDHVEWZQ-qf8ss7uM1HbxP8IJdK2KeOeZjjzL1MBgaqBdS3UsubwR-Y8OwjqZ0VgPvp_UFlVMEfGnZ6Ivl5Mvaxayxmh43aj04T4arjyv_bgeqa70BYDtDm2T-237rbjVv3ag3TJooe3Ku8vt3zYYBLpdRl8K1DYZ5Eb4o2JBnAQD1GPgEbE4Ago7XMALZiEx8F3QIIi9PECXmJ6fZYmct1XbCeTbWUY5n4ajhc-iuS7tt3AmSKnnN0czjR_YcCrfsq9gCX_t8c7UDUIe-QYBIVV3wPnyPPFbA7w3TQ1asPQBDtAxGfrReK03YKlMWKsTOJetu2nWNdSdQdm7yxDdjHdjy31XcF3OiyqkMaxulSePAz7QA570-rprId7NPc4RjIR88ijJkSXCujEaban7OlkCntQ
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
grill-restaurant-outside-adriana-beach-club-hotel-resort-albufeira-algarve-portugal_1531_574_0.81.jpeg_1668425889803_grill-restaurant-outside-adriana-beach-club-hotel-resort-albufeira-algarve-portu...
s0.2mdn.net/dynamic/2/11027764/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/63593af582d6f5f6019ab8b2/original/ Frame 5FA7 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/11027764/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/63593af582d6f5f6019ab8b2/original/grill-restaurant-outside-adriana-beach-club-hotel-resort-albufeira-algarve-portugal_1531_574_0.81.jpeg_1668425889803_grill-restaurant-outside-adriana-beach-club-hotel-resort-albufeira-algarve-portugal_1531_574_0.81.jpeg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417949&pi=t.ma~as.6208660382&w=300&lmt=1669172092&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1669172092258&bpp=4&bdt=728&idt=555&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&cookie=ID%3Df966468c1f21bd2a-22b3fecf76d700fd%3AT%3D1669172092%3ART%3D1669172092%3AS%3DALNI_MbxLjDH9BsH-ncOtlGFqPmHIHUxvQ&gpic=UID%3D00000b86211eed53%3AT%3D1669172092%3ART%3D1669172092%3AS%3DALNI_MaxgCLLG6BrkRDm3aXhGq6BAbnv-Q&correlator=4639092018766&frm=23&ife=5&pv=1&ga_vid=1022265231.1669172090&ga_sid=1669172090&ga_hid=663377632&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=910&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44777506%2C31070968%2C44770881&oid=2&pvsid=2843744206474669&tmod=1440526577&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.6ul7w0abq8ea&fsb=1&dtd=572
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
13e6bcaa4383496a55294262253de35d7d63557a92803d7787c62c330961b32d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11451833700682039296/300x250-First%20Choice%20-%20Aktiv/index.html?e=69&leftOffset=0&topOffset=0&c=cxZRQO0Vvo&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 02:08:34 GMT
x-content-type-options
nosniff
age
89181
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27748
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 11:38:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 22 Nov 2023 02:08:34 GMT
background.jpg_1668425889803_background.jpg
s0.2mdn.net/dynamic/2/11027764/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/609ab9bba935810006923ea0/templates/63482c72c2dff51bdc2768f2/content/ Frame 5FA7 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/11027764/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/609ab9bba935810006923ea0/templates/63482c72c2dff51bdc2768f2/content/background.jpg_1668425889803_background.jpg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417949&pi=t.ma~as.6208660382&w=300&lmt=1669172092&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1669172092258&bpp=4&bdt=728&idt=555&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&cookie=ID%3Df966468c1f21bd2a-22b3fecf76d700fd%3AT%3D1669172092%3ART%3D1669172092%3AS%3DALNI_MbxLjDH9BsH-ncOtlGFqPmHIHUxvQ&gpic=UID%3D00000b86211eed53%3AT%3D1669172092%3ART%3D1669172092%3AS%3DALNI_MaxgCLLG6BrkRDm3aXhGq6BAbnv-Q&correlator=4639092018766&frm=23&ife=5&pv=1&ga_vid=1022265231.1669172090&ga_sid=1669172090&ga_hid=663377632&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=910&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44777506%2C31070968%2C44770881&oid=2&pvsid=2843744206474669&tmod=1440526577&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.6ul7w0abq8ea&fsb=1&dtd=572
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
52c8c21869d442e788b9ab4fcd5fba63de27e7b6d1ec511d27b633c9523652ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11451833700682039296/300x250-First%20Choice%20-%20Aktiv/index.html?e=69&leftOffset=0&topOffset=0&c=cxZRQO0Vvo&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 11:31:26 GMT
x-content-type-options
nosniff
age
55409
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13001
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 11:38:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 22 Nov 2023 11:31:26 GMT
blank.png_1668425889803_blank.png
s0.2mdn.net/dynamic/2/11027764/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/62540ecfb3d115d67b86dcf6/original/ Frame 5FA7 		927 B
960 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/11027764/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/62540ecfb3d115d67b86dcf6/original/blank.png_1668425889803_blank.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417949&pi=t.ma~as.6208660382&w=300&lmt=1669172092&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1669172092258&bpp=4&bdt=728&idt=555&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&cookie=ID%3Df966468c1f21bd2a-22b3fecf76d700fd%3AT%3D1669172092%3ART%3D1669172092%3AS%3DALNI_MbxLjDH9BsH-ncOtlGFqPmHIHUxvQ&gpic=UID%3D00000b86211eed53%3AT%3D1669172092%3ART%3D1669172092%3AS%3DALNI_MaxgCLLG6BrkRDm3aXhGq6BAbnv-Q&correlator=4639092018766&frm=23&ife=5&pv=1&ga_vid=1022265231.1669172090&ga_sid=1669172090&ga_hid=663377632&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=910&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44777506%2C31070968%2C44770881&oid=2&pvsid=2843744206474669&tmod=1440526577&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.6ul7w0abq8ea&fsb=1&dtd=572
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1c45dbdb7b09412d6e8d0a108245bf284d53a80fe178119869ca65654c0621a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11451833700682039296/300x250-First%20Choice%20-%20Aktiv/index.html?e=69&leftOffset=0&topOffset=0&c=cxZRQO0Vvo&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 11:21:45 GMT
x-content-type-options
nosniff
age
55990
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
927
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 11:38:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 22 Nov 2023 11:21:45 GMT
TESTING_BLUE.png_1668425889803_TESTING_BLUE.png
s0.2mdn.net/dynamic/2/11027764/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/609d2b67a9358100069473e0/original/ Frame 5FA7 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/11027764/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/609d2b67a9358100069473e0/original/TESTING_BLUE.png_1668425889803_TESTING_BLUE.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417949&pi=t.ma~as.6208660382&w=300&lmt=1669172092&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1669172092258&bpp=4&bdt=728&idt=555&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&cookie=ID%3Df966468c1f21bd2a-22b3fecf76d700fd%3AT%3D1669172092%3ART%3D1669172092%3AS%3DALNI_MbxLjDH9BsH-ncOtlGFqPmHIHUxvQ&gpic=UID%3D00000b86211eed53%3AT%3D1669172092%3ART%3D1669172092%3AS%3DALNI_MaxgCLLG6BrkRDm3aXhGq6BAbnv-Q&correlator=4639092018766&frm=23&ife=5&pv=1&ga_vid=1022265231.1669172090&ga_sid=1669172090&ga_hid=663377632&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=910&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44777506%2C31070968%2C44770881&oid=2&pvsid=2843744206474669&tmod=1440526577&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.6ul7w0abq8ea&fsb=1&dtd=572
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
17eba3ef8823dd7a29f9c217edb2feab54fc6bb5ab3759b43b325761e4d55d2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11451833700682039296/300x250-First%20Choice%20-%20Aktiv/index.html?e=69&leftOffset=0&topOffset=0&c=cxZRQO0Vvo&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 11:26:38 GMT
x-content-type-options
nosniff
age
55697
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5771
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 11:38:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 22 Nov 2023 11:26:38 GMT
ATOL_BLUE.png_1668425889803_ATOL_BLUE.png
s0.2mdn.net/dynamic/2/11027764/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/617923a368ffdde15f5d7ae1/original/ Frame 5FA7 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/11027764/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/617923a368ffdde15f5d7ae1/original/ATOL_BLUE.png_1668425889803_ATOL_BLUE.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417949&pi=t.ma~as.6208660382&w=300&lmt=1669172092&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1669172092258&bpp=4&bdt=728&idt=555&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&cookie=ID%3Df966468c1f21bd2a-22b3fecf76d700fd%3AT%3D1669172092%3ART%3D1669172092%3AS%3DALNI_MbxLjDH9BsH-ncOtlGFqPmHIHUxvQ&gpic=UID%3D00000b86211eed53%3AT%3D1669172092%3ART%3D1669172092%3AS%3DALNI_MaxgCLLG6BrkRDm3aXhGq6BAbnv-Q&correlator=4639092018766&frm=23&ife=5&pv=1&ga_vid=1022265231.1669172090&ga_sid=1669172090&ga_hid=663377632&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=910&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44777506%2C31070968%2C44770881&oid=2&pvsid=2843744206474669&tmod=1440526577&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.6ul7w0abq8ea&fsb=1&dtd=572
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96f087922f32e82fb25fbf87070e7d0c7b67442807c7c319581373b49684e5e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11451833700682039296/300x250-First%20Choice%20-%20Aktiv/index.html?e=69&leftOffset=0&topOffset=0&c=cxZRQO0Vvo&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 05:05:19 GMT
x-content-type-options
nosniff
age
78576
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4452
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 11:38:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 22 Nov 2023 05:05:19 GMT
FREE-CHANGES_BLUE.png_1668425889803_FREE-CHANGES_BLUE.png
s0.2mdn.net/dynamic/2/11027764/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/609d2b70a9358100069475ad/original/ Frame 5FA7 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/11027764/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/609d2b70a9358100069475ad/original/FREE-CHANGES_BLUE.png_1668425889803_FREE-CHANGES_BLUE.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417949&pi=t.ma~as.6208660382&w=300&lmt=1669172092&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1669172092258&bpp=4&bdt=728&idt=555&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&cookie=ID%3Df966468c1f21bd2a-22b3fecf76d700fd%3AT%3D1669172092%3ART%3D1669172092%3AS%3DALNI_MbxLjDH9BsH-ncOtlGFqPmHIHUxvQ&gpic=UID%3D00000b86211eed53%3AT%3D1669172092%3ART%3D1669172092%3AS%3DALNI_MaxgCLLG6BrkRDm3aXhGq6BAbnv-Q&correlator=4639092018766&frm=23&ife=5&pv=1&ga_vid=1022265231.1669172090&ga_sid=1669172090&ga_hid=663377632&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=910&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44777506%2C31070968%2C44770881&oid=2&pvsid=2843744206474669&tmod=1440526577&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.6ul7w0abq8ea&fsb=1&dtd=572
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a601b0d09f6c99008ebc6a11074d8b7c3d07658aa3bab00b56358a51ea6f7657
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11451833700682039296/300x250-First%20Choice%20-%20Aktiv/index.html?e=69&leftOffset=0&topOffset=0&c=cxZRQO0Vvo&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 11:26:38 GMT
x-content-type-options
nosniff
age
55697
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5116
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 11:38:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 22 Nov 2023 11:26:38 GMT
logo.png_1668425889803_logo.png
s0.2mdn.net/dynamic/2/11027764/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/609ab9bba935810006923ea0/templates/63482c72c2dff51bdc2768f2/content/ Frame 5FA7 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/11027764/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/609ab9bba935810006923ea0/templates/63482c72c2dff51bdc2768f2/content/logo.png_1668425889803_logo.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417949&pi=t.ma~as.6208660382&w=300&lmt=1669172092&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1669172092258&bpp=4&bdt=728&idt=555&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&cookie=ID%3Df966468c1f21bd2a-22b3fecf76d700fd%3AT%3D1669172092%3ART%3D1669172092%3AS%3DALNI_MbxLjDH9BsH-ncOtlGFqPmHIHUxvQ&gpic=UID%3D00000b86211eed53%3AT%3D1669172092%3ART%3D1669172092%3AS%3DALNI_MaxgCLLG6BrkRDm3aXhGq6BAbnv-Q&correlator=4639092018766&frm=23&ife=5&pv=1&ga_vid=1022265231.1669172090&ga_sid=1669172090&ga_hid=663377632&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=910&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44777506%2C31070968%2C44770881&oid=2&pvsid=2843744206474669&tmod=1440526577&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.6ul7w0abq8ea&fsb=1&dtd=572
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fe62c3f45302ba6868ea0e01f2ee5985893b406749a8371fe44a66394d0122be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11451833700682039296/300x250-First%20Choice%20-%20Aktiv/index.html?e=69&leftOffset=0&topOffset=0&c=cxZRQO0Vvo&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 11:31:26 GMT
x-content-type-options
nosniff
age
55409
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6456
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 11:38:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 22 Nov 2023 11:31:26 GMT
Nunito_Sans_Bold.woff
s0.2mdn.net/sadbundle/11451833700682039296/300x250-First%20Choice%20-%20Aktiv/ Frame 5FA7 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11451833700682039296/300x250-First%20Choice%20-%20Aktiv/Nunito_Sans_Bold.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11451833700682039296/300x250-First%20Choice%20-%20Aktiv/fonts.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
714a28784e8adaaea2dc7278a01d9d05b28ca053190c596dd24b20601842d438
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/11451833700682039296/300x250-First%20Choice%20-%20Aktiv/fonts.css
Origin
https://s0.2mdn.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 00:29:10 GMT
x-content-type-options
nosniff
age
354345
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25908
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 11:17:51 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 19 Nov 2023 00:29:10 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DEB4 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
6693
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 01:03:22 GMT
expires
Thu, 23 Nov 2023 01:03:22 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 1245 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
55450dd3fe4117d02269f4bcc9fef4a18ae8735289455f3dc43f81a146cdcbb7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-tEzb4CNL7YOW4w2iq0K6Xg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-tEzb4CNL7YOW4w2iq0K6Xg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 02:54:55 GMT
expires
Wed, 23 Nov 2022 02:54:55 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
view
googleads4.g.doubleclick.net/pcs/ Frame 1590 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsui5Bw5v1N9YqbaLOB5q7UfZ-xjW0qWDTWLqqh3dEAsUbF63mM0qFDCnM00diVeTiqNKV6y3uCuE0k7ps4EgRXukq7Ny0GKCfMBjEQFv0v2oJ29Swf41u5rWVu5bMGo8Qmj2Ank2yWhH4ekk_tU1HLVt7cNPTNJmUZct6QuAEZLJblWF1skS2mL-eWDTwDRf3R9TPb2s5uzBZThkHZSmswS-z6UP3jO-XQL-zhiWM0H6D8Fm0IVLbMxrG_TfYv_ife8yi83OsduX_RV9DdfiEqIZJ5_2bRmAjCQdEFFCutlF6hunRoh3zk0jgA4MkhFwn6GtepFW73VLI2tBh0ia95N67m_yRkwb1uLBby3tF81Gvg1A6mAtBVOTv5Nhwvr_zd3q77JUlEqlHwBZqgXVmZs94gXbmZ9iEKl3ciAY1AH-jrEL_GpzH6qoezae-LNXDrAkJ1z5JxPTVN-oCfLOPhymSo8p1VsC8YbKs-OjniCc7-lUz4h_xy9LEc5uLD9afDiFbBE_x-Y5CJYHXqzMEk3ppCIHyevmOm2O5whdDgOSVXjDzFRnyiaT3oGogALU6ycraGRDRxUH53Fxq0yZiIeqy87s7jFrdcxZk2_A8zvAMU8YGC6yIVj1PT8LTyA8ZjYzljCWwP6pKPrXntazEDcHN18NcB6Qq5q-CKtTJEHuwRgY1kKTCj83eNAlSsatBjFBgrOork7owMKCM8wykrIrrlJg8tMQpF9qGV45T1qNpViGShxMWZGUDwiVwSO8XCJMPG4DfyP35pBNZmYok_vF7VISZYj1S8hq7JPjQ9JS5OmDqhAUSQRWGJME0JGVaMSpQ7BpuVYSVmdonjiD3YfPQFK8C5rfMryCW3NJOwqUrLd3Wfs_kmEZ0Fkw16syGg8PKoPej-AIxRJP96sM0W44LAVqMaWjTLtmUWEiZe-ivQx0CesD1hERl1xLtuJWME1GY-XBfZCGuYmGZgY2O8lXbXsj_ss5fktLhFIpi5ewcZ0xlJ7JKwBX2B4fSsZmU_K8RvFcRt5EHNvj3vUfA57ILR7bkVw1R-yfI_zrUe4nQjRPhCxdOS-xrE8H4jC_NDAsatCu8kw273K1TCdVCxkMavgjNobRPPsQAartV_kksOM75mY427ObUIdrGfpP1HyMqwXHhvtoURCMflJrEDrqjZcoefCGW_FkC72gvhtcOvvz4Z9ZMua5bMIBmSZeDvmcs5LYAYH3i1sZywI1zyisxh_Vb19bfhkcF2fMxhdZWOCSHs1kbH3Ze6_&sai=AMfl-YRiY23yibwr5pfKASy3doVG4ARjut0IgBW-sGq--9N5NJSAAo0PsRxPgDNgRNA8l3F46EObP-6ZpGaRidKPyl01RndUdjDqEIdf1CnI88rWcY-3q1z3vw-sYPlQqHyBk_7HRUZKxMTRte5dbvV_QmzYjLEruRQ8PbNhQzbbSKC6-OK8br6DKpiUgvcrFwOGGb70u1CatOUYXpm00YQ&sig=Cg0ArKJSzO9nood2_xLDEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=968&vt=11&dtpt=704&dett=3&cstd=262&cisv=r20221110.09136&arae=0&ftch=1&adurl=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 23 Nov 2022 02:54:55 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 3D91 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09e51ed5a577eba58559abf1c7fcc8667e59701c50f37d4f22a76e8ea9f6e8be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:55 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11370
x-xss-protection
0
api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
pagead2.googlesyndication.com/bg/ Frame ADBB 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 00:22:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9157
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 23 Nov 2023 00:22:18 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 1742 		289 B
572 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=10858631&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr={gdpr]&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
53d7124dc9dc690adfafcb93f1bcdfa0ba151f2f5d11893e190a49f68759c54f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Wed, 23 Nov 2022 02:54:54 GMT
content-length
289
content-type
text/html; charset=UTF-8
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 3D91 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 23 Nov 2022 02:54:55 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 1245 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221110&jk=2870033142786992&rc=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
syncframe
gum.criteo.com/ Frame F6D7 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=zdorovia.com.ua
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 02:54:55 GMT
server
Kestrel
server-processing-duration-in-ticks
1028421
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
csync
sync.adtelligent.com/ Frame CF14 		0
404 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=558003&extuid=1540EA77-AB19-43EC-AD22-9A8D43F3C8DE
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.1.122 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
0
Date
Wed, 23 Nov 2022 02:54:55 GMT
Etag
10aebe5b331045ba
Server
Adtelligent
ids
idsync.frontend.weborama.fr/ Frame 1742
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=1540EA77-AB19-43EC-AD22-9A8D43F3C8DE
0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=1540EA77-AB19-43EC-AD22-9A8D43F3C8DE
Protocol
H3
Server
34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.131.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:54:56 GMT
via
1.1 google
last-modified
Wed, 23 Nov 2022 02:54:56 GMT
server
Weborama Collect Frontend
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=1540EA77-AB19-43EC-AD22-9A8D43F3C8DE
date
Wed, 23 Nov 2022 02:54:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
qmap
sync.crwdcntrl.net/ Frame 1742 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=1540EA77-AB19-43EC-AD22-9A8D43F3C8DE&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.35.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-35-234.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:54:56 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.20.167
content-length
49
expires
0
api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
pagead2.googlesyndication.com/bg/ Frame DEB4 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 00:22:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9158
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 23 Nov 2023 00:22:18 GMT
csync
sync.adtelligent.com/ Frame 8158 		0
404 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=1540EA77-AB19-43EC-AD22-9A8D43F3C8DE
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.1.122 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
0
Date
Wed, 23 Nov 2022 02:54:55 GMT
Etag
10aebe5b331045ba
Server
Adtelligent
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 359A 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
6694
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 01:03:22 GMT
expires
Thu, 23 Nov 2023 01:03:22 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 1600 		783 B
537 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3fdfd345e3ed78cf17705978090e67853e52fd32f12c01e42b4c50667cdcaacf
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-WG35LRpNWRDXbs5GBzFS6w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
515
content-security-policy
script-src 'report-sample' 'nonce-WG35LRpNWRDXbs5GBzFS6w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 02:54:56 GMT
expires
Wed, 23 Nov 2022 02:54:56 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3EEF 		0
25 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BbooXfot9Y_SAB9yE9u8Pm-iRyA0AAAAAOAHgBAI&bg=!LS6lLmrNAAbvMpMzzzI7ACkAdvg8WtFiV0HuOmF8_yXeiO0t6M3GxjH9X9eyIUx1CNDWCDHAWjVFyAIAAAGdUgAAAANoAQcKAEeYu72fUKOhaTwQLV50cpEWCBbIq3qAKlIehrNszvJanV6jJplnk7po3RhFMEx7vHGRLBKRBAwG_jQeggv9_ss_JvG04vRFmpkDBXADfQ5237rHjleg9rcuBUToCHP50qZgRfN3Ffn8sKmG3go3GPvT0nWIzX-O00am2JgSrukhSsGHVccVaiNswX7IkKkTx0hx7BCTOdIEN3evmr5H1J9zN6vQTyiIe_uXLhzP7YWdWDLFYMnbdxSf5g-F_eyx-Wu4EnuIthD2Ph3yevPwUoYx3u5P5Up3Z1_bsOmEtA55HvjMb6dUUiMG7VdCsoL6q0A2Z9qyySlcuzLuhs7JRhi82P5tzqdSTdFCHc8JY-I5RqewZeANtMi75ufmoTYjQLTqtWjaA-ZTPy57QgGKu1lLydsLChtHQORha0CN35YuQSB1L6sR_poApN_Ls0rF0k5zaENmBUSCLrW3iJ91_PvwJ0blfPAoj7FeJWThOHqJKEdHK7PQ5MZg43_zekTA6oDIEiBe-MNq70OzZ8dgkMWvjVfTHF5yuxLx7H8fn7_FDa9MYUv385Jnq3oGnAn9t2HhTHvZNG9TEkpvOZPlPKlj-RsqMlpIBqcp88wohkp8FlCbPxlvpWnHrwQtV1gMqcT-JuozzrhIqvjDyzH_MSSlPVhWBGt86YzWV7qWeH7YWi-80S45YxH3yApD7tq45nt3koa8lNoEwN1ixKZgWSN15RGdX8Vryl9b5IjftS7_tDwZd6hHlfTcYDiKK0uWwjM5HmL1Pj8_lcIdMKB9EvLRPtusWSGeSeatl9ywI-uzb5-5Drlj_BMccsCB55kjMg0DQjAkS1AgJCBrhRlkKG0OSafeeqYVKpxTRXscH_kHQDZjR9zhVFYoyKjkdtG_fWVsep6j8idIHJbsMURCJiA7F5o4BW9rgSC7JBLAK-vW52YkbRTEmHED0Gl2mZcJzdJVD1IW_ZB070kbH20QuMVU-0Ea7hBoibD4zzlgk3mFxsC8yxz9j0C8GRR5ud3hIWmayOWFuVS0OPzKgbPpZEWIbpo2rlbQTI5U8V7QIWAO0LTNnuAE7wSDoXv_yx78JglbM5HCOuKPQ1oiZVo3Tb_Sz7M789_E2Z5kzu4Wbx_S
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:54:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame D456 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuKsGR_YlBdt4zLmeQgD6cW6piIJxN_CHgRD7SpRR7eVxDMDhhaXivvwF35rdXs4PnzN7DtUT_J5535oRh9QcMPh2CwaNefHaI5ahMd24YTO11DYN7QtU8i8JcJSwbk1HLA1Mj1hg&sai=AMfl-YTjNXehn56oOSkR159SHqHUbnVegIOotLWhG7FSqwVMpN0un-e2CCBXtv-b6bcweyTnyTJgfSFRmydy05_oOa1OALRYFdwNOQrwqE-ZOcg-0pwcx9sHKozliTQ9gVo&sig=Cg0ArKJSzM0gaaFfvo3LEAE&cid=CAQSPADq26N90Rgt0PB0E41A8QMkwOj86FapGqosC4U7X1YJJqHDBT9FVuu7_IcGWZ5Ycfz3X4NN8vA68fFkvxgBIBM&id=lidar2&mcvt=1014&p=0,0,250,300&mtos=1014,1014,1014,1014,1014&tos=1014,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2159672584&rs=2&la=0&cr=0&vs=4&r=v&rst=1669172092832&rpt=2286&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:54:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/ Frame F6D7
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=zdorovia.com.ua&sn=ChromeSyncframe&so=0&topUrl=zdorovia.com.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=3_7T73xiTk41Z3IzbS9mMGx1U014TFdPWC8yNWhPaytkaDVoSm9KWlYzdlpnRlhPYW1qNDEzVWVlVExvcE1peEEyL2ZqYnRtckR4cTZ4bDZPakdITVVjMDNwNy9HZHE1RnJZNnBCQTFRcll4V2FzNXBTQlkvNTRtcXJjeU...
427 B
653 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=3_7T73xiTk41Z3IzbS9mMGx1U014TFdPWC8yNWhPaytkaDVoSm9KWlYzdlpnRlhPYW1qNDEzVWVlVExvcE1peEEyL2ZqYnRtckR4cTZ4bDZPakdITVVjMDNwNy9HZHE1RnJZNnBCQTFRcll4V2FzNXBTQlkvNTRtcXJjeUJ4M3BMYkxUaldjOWEvMUZRajcydmIwZGlKdmhVV0ZCZDk2clBuZDB0ODY1K2pvWHo0bzg0QzJkTFozazZLTDBwSW03dTkwUEpiT2k5a05YV0p0YlQ2LzZNaW90dG5qdkw2dTBsRVhVajhlM3Q4ZWhncVVhWkdiajlYaFhMdHB0T1paRGhOelhOS1F3UlNCMjRKUlVMSjZyUHhOdXFBdz09fA&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
89e8415fbb63c06d0a5f9d2f6e6abab9e383f6c2d3d69d3deff7d82df1c6e0e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:54:56 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2269623
expires
0

Redirect headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:54:55 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=3_7T73xiTk41Z3IzbS9mMGx1U014TFdPWC8yNWhPaytkaDVoSm9KWlYzdlpnRlhPYW1qNDEzVWVlVExvcE1peEEyL2ZqYnRtckR4cTZ4bDZPakdITVVjMDNwNy9HZHE1RnJZNnBCQTFRcll4V2FzNXBTQlkvNTRtcXJjeUJ4M3BMYkxUaldjOWEvMUZRajcydmIwZGlKdmhVV0ZCZDk2clBuZDB0ODY1K2pvWHo0bzg0QzJkTFozazZLTDBwSW03dTkwUEpiT2k5a05YV0p0YlQ2LzZNaW90dG5qdkw2dTBsRVhVajhlM3Q4ZWhncVVhWkdiajlYaFhMdHB0T1paRGhOelhOS1F3UlNCMjRKUlVMSjZyUHhOdXFBdz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
294181
content-length
0
expires
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 1600 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221110&jk=1999659876815096&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0ED2 		0
25 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BASHofot9Y6G2KJOPgAfdlr34DQAAAAA4AeAEAg&bg=!i4iliMzNAAbvMpMzzzI7ACkAdvg8WhsDxHjZzEuF1hjd4dkRi8fPwNAi1LpeWgXBLMBjfL2adqlIsgIAAAFPUgAAAANoAQeZAwS3m5c6Nxbr2aXgUod5wmOFTy-a-KIENqITIZUPzyWXJb5bYIMCDoMuOMwn3ApwmBLL65ob4m8MnZTzOtyhoUznoT8wQ17Y0Y2yID8nr6-1mZ44PXdjXZrhS-4AxZwdJnyO4wVNIB5FL0_XSbve9lsudtoabNeHhbEfhlvsOsH5YMbei93r3GGRsYhH6g9zJm2FtIwmsytrGPTI86f3rYj_6vEKizQbpL8fmdxKf-gqMO1kNJkpKiFzwK3cRltlmVVN9mDHj9whBufF4Qz1TePtwbdDbaQoIA3xcSEnyPQunLnJqIviL0uVkuy77rUyx3K5NVuySrBSyjm-nbIIHleXF7xBsj98b_t3VFAZwnVtO9upqvfMsJz1Pb0i3ErOULCco6TBtUskfMKXnyEkUdrQhu07xBGuFIkynRVWYLbdiRzRG3kF6uoAzFA8cfsLICIKXhSJNf0d89RzF_9DyUBh5SojbogNADe04_WnL-EwiWzVlfpF2nyKBJBwkZIHJyosYvB_eQ1H8PTJqia3kFXY5sF3mYTCdBG8VAdTvYDt8zNz3LFQt215T9b1gyotiA6kcLkKZxAcFbN2AXYJdZ_eTPAoH9LoeFlbw1vBjD-sINAETzr0Sg1u5zOb3dqaIIDb2UmXMhJScqbRYl4Tdo6DUjKPBOG6Qt89ovyKO-usgYP9fuzBBKDHZL2dZWRfYiKjvmmFLnk2RJfcpktz64Xtz4jUElG94rirlZP9vxYQRlCuWwqVbc8-zFosTmHptEt3dGgwNaitRMmEWf4GK9hpj1vK6WzxIGBKGI5CUFXm1JskA4OVrap471tfol0XiSLFuIUueQwxpEBpCYBujKNtH4CSQJX60Y7JWVKMtmSYW0dgT1NLYF1bTZyfERpfvFwTpKp9cW_3rhmXbYlsaahdHjuJqhzr6TVlJlO7HJ8OmWsOCmWpq2RHdSwp_nOAiEZoXv_GAoSTDOVfAZl1sLb1r2b-F9JscPu_yI_-kfbSGWn6iI5Cfxy8ulVKOnH8aIUyhXNL
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 02:54:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
pagead2.googlesyndication.com/bg/ Frame 359A 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 00:22:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9158
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 23 Nov 2023 00:22:18 GMT
generate_204
tpc.googlesyndication.com/ Frame DEB4 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?1KE52w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:56 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 359A 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?3IZLYg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:56 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
um
u-ams03.e-planning.net/ Frame 1D0D 		42 B
103 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u-ams03.e-planning.net/um?dc=3ab023ac29ea5990&fi=b2fa57c77b829b93&uid=f480e52263601e65ea80c40c597af449
Requested by
Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D3ab023ac29ea5990%26fi%3Db2fa57c77b829b93%26uid%3D%7B%7BVID%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.252 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://vid.vidoomy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-type
image/gif
date
Wed, 23 Nov 2022 02:54:56 GMT
server
openresty
um
u-ams03.e-planning.net/ Frame 5B93 		42 B
103 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u-ams03.e-planning.net/um?dc=3ab023ac29ea5990&fi=b2fa57c77b829b93&uid=f66c2b0869940a26a878505394b8e720
Requested by
Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D3ab023ac29ea5990%26fi%3Db2fa57c77b829b93%26uid%3D%7B%7BVID%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.252 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://vid.vidoomy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-type
image/gif
date
Wed, 23 Nov 2022 02:54:56 GMT
server
openresty
sodar
pagead2.googlesyndication.com/pagead/ Frame 9470 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221110&jk=2870033142786992&bg=!rq2lrenNAAbvMpMzzzI7ACkAdvg8Wohn7nrc1Yx-qKEv0Fg514q9DkJqb5VFvy_s5MopSUjp3lMmJwIAAADQUgAAAANoAQeZAuNbnsRFxv_BSmLVQ2mPG6oAThBo57pWr9fmImQpQh2cOQYDW9hw4poMsGpOLITgFAwRfxUqK4hFcHahV7kmDADsSq7ThbGNmkrI_8cryuVh86ZsqhmE24AhDfUVcmEDBZY4HIVi95uJm_cNp5U-hDO459QiTj8LTCNasxiKic6N0vSDxX3MXXllETdRn2-y4GQjtSXxLDJgwTdL06ZRzQVDYNvADB9IU-Zl_7hy1L6YkQ2ctd1tiIU2VQx48bWS8-YR0Ywh1PmsB8X7lEoqu5rphAQnnqSC97Hs-OMGQtRYbMXlVbBFyOIsUWPiwBsAno3C6b1QamJ8GDcpPWnt8_ExAw5k-5kZaq2Hzz-N3xM-yxyyAg4HN4vCPfygq0JXAzBqup16qhJF-k1tCrwoenXUedXK4pxVE9pClBIU5VDJFEONlNRO4kOmcoVBulUFo_EAL8W8rvKyoFPJXYZQFCtztTTbFa_9dPsi5dC17i-o9kC7QiJK6gXKib-si5seiPYO67fCuwENwiHMFb_T_lb171LsTJoHbLE_SK2IwdV7jmK5dS-qimWcX9NH7fImrIA_pn6v1RUwPsOwQvCnebdVyfNq88ZN68Vp8LQm7NzQ6vtLflnZUy2JcTBh64VJjDa2XYcqastsQYR603JlD4Fwabm9AulqmaDQf9ysjj2PVrV2lmPTqFdv49G1sv530brQb1PWIM9rhnyFu2jQCBqsgf7XIT3bzJrzJHEh7LFmZfxP9F_gfgmcOY_1mroJUhRIgoWPqdL6QID5FWpJtQTfytE1QjW7uFOcrS9neX5GHlyasH3AR1xWovBFFOLDh0JylFPGpGEJLe_Z2NWAqSab5nSgy8PmMbndwC9YEIZUg8z1IyLky9G9SeMhXfJyr50pot3sq7I7B48MTJoGS8fGDG9dpBL5zr7x704OsAHw9CWZkxj2eUkefcwhDV6mpnfqz1IV9z_YbEjqX1rUMdYEjDO4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 3D91 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221110&jk=1999659876815096&bg=!goGlgcXNAAbvMpMzzzI7ACkAdvg8Wlp2Hv51l_2Klg3weRxI9Kkbhfic8wvHmRWDELsuG_TFM70PggIAAACGUgAAAANoAQcKAEfy8Yphk2ty-D0dbsG5qKHg-HBWKQPCtN4rQPBvrRNeYAI8MhhNXcSdIFQENBiPeVYXL8DtgTWcjb4Z9mkg0FpuYcsGnpMP7ZkC0RnfKztNjC3tZVF6ea2wfX4EKrw0ya2tbEqQwVfbY_DIYh3xnCP8t7f0LdzkW3-lwD9AkFvk48bL4CaCzzy3attxgEW3rMmJ1mKNBOEN4v6uqUEpyOkSrAWdlahGvmfwePjfen_7lFA9b-7XP_Oh3gvk_Lquv5VMaCeH9F3Q3tiCaZzdUtLwVoPxdoXWC9l3s4MJ-6SFxt_XToRuC10yRw8O1De3RnIHOYXtiJMYnItZEnG42oGkNbWu-_h-0tYwboY3Nd0-_G2Pb2q1nBbCLfYOJGwy_hIAEDjycmMPPe0_3m4uls5btjjoKzZfqT4PGSBDctLNv7ka7oQmUGqCbWiDuJjMqI7Heykbh0FsuLrbJIVO-SOFpTe6FOXqE2ygzUfRVtbIdOga9Yu29kbz0tNeLx1HrKSajcFxEtaYCwUElDqWRKJyqCnG5zDnD_n8ppfl2xOiYTIYwQNGmKTihvryVlVZz0YXFmgEQgc8WWtir2nGeiS24dDBT4txBa_5hhvwTd9sW-ci-TlDestBjw6XYMxk4hxBEJkZhEWajRSEsjpS-geags_5njpiMTSjZpSSB-yHwQVv3jnirjYd98mawF3owFVAdP9FpUDzRSFoAW5fTUruE79hbX1blXzw6XDMkghol7v1jQ313VckE0ssUlWeyItglgLZkbDHbXncMgq4AEwJyG2nvZsBuZa0Reslq_KgA8qyR-Lfb83OFZQeny-_LjtsUFaDuFd9PLTP7rKmJ57dIp1O-3Gfp4pVpB_MUfGJplHRIDBI8c_cdfENX0fTWndyU629PRgK8aAmMFy31W43TJC8wt6d0iQYFh8sG7mm3nDK0Hki3bQ0nqK19ix6yKQij_MJD3GJf2sMQFH8h0EkxtfyY1e854WmA-Y64O7ycmVp-ZCV4KelXJ78BOQtAH6fO4cMzGR3E_AFW1WhW52cor5PSLCh4KXU_uI
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
um
u-ams03.e-planning.net/ Frame E8AF 		42 B
103 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u-ams03.e-planning.net/um?dc=3ab023ac29ea5990&fi=7a666ecd51ae352c&uid=f480e52263601e65ea80c40c597af449
Requested by
Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D3ab023ac29ea5990%26fi%3D7a666ecd51ae352c%26uid%3D%7B%7BVID%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.252 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://vid.vidoomy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-type
image/gif
date
Wed, 23 Nov 2022 02:54:57 GMT
server
openresty
SPug
simage4.pubmatic.com/AdServer/ Frame C241 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156813&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:57 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
um
u-ams03.e-planning.net/ Frame 6C72 		42 B
103 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u-ams03.e-planning.net/um?dc=3ab023ac29ea5990&fi=7a666ecd51ae352c&uid=f66c2b0869940a26a878505394b8e720
Requested by
Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D3ab023ac29ea5990%26fi%3D7a666ecd51ae352c%26uid%3D%7B%7BVID%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.252 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://vid.vidoomy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-type
image/gif
date
Wed, 23 Nov 2022 02:54:57 GMT
server
openresty
Aktiv_Grotesk_Cd_Black_Italic.woff
s0.2mdn.net/sadbundle/11451833700682039296/300x250-First%20Choice%20-%20Aktiv/ Frame 5FA7 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11451833700682039296/300x250-First%20Choice%20-%20Aktiv/Aktiv_Grotesk_Cd_Black_Italic.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11451833700682039296/300x250-First%20Choice%20-%20Aktiv/fonts.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef982e31e2efe3284c0e33d1dd5843633accf6c7c97e27cab254520cad53822a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/11451833700682039296/300x250-First%20Choice%20-%20Aktiv/fonts.css
Origin
https://s0.2mdn.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 12:53:04 GMT
x-content-type-options
nosniff
age
396113
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27796
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 11:17:51 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 18 Nov 2023 12:53:04 GMT
Aktiv_Grotesk_Cd_Medium.woff
s0.2mdn.net/sadbundle/11451833700682039296/300x250-First%20Choice%20-%20Aktiv/ Frame 5FA7 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11451833700682039296/300x250-First%20Choice%20-%20Aktiv/Aktiv_Grotesk_Cd_Medium.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11451833700682039296/300x250-First%20Choice%20-%20Aktiv/fonts.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
322283ad195555b16f6338778f94914cc68906f495fa00ce0bf29ae731ea6cd3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/11451833700682039296/300x250-First%20Choice%20-%20Aktiv/fonts.css
Origin
https://s0.2mdn.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 12:53:04 GMT
x-content-type-options
nosniff
age
396113
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25476
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 11:17:51 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 18 Nov 2023 12:53:04 GMT
event.png
tpsc-eu3.doubleverify.com/ Frame 6026 		0
229 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tpsc-eu3.doubleverify.com/event.png?impid=e87bac3d20b74e47b072015aa3ec85be&flavor=0&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=162&eoid=12&msrjs=3225&sdf=67108866&vit=2&isvelg=1&rmi=16&tltms=0&tetms=10&msltms=94&vltms=162&sei=289&vetms=207&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=904&msrcannum=3&ismms=12&isumms=11&nvr=6&isgmmims=12&isgmv4mims=12&elmtp=1&isbxdms=2412&b0=100&b11=2558&adhgt=90&adwdth=728&norwdth=728&norhgt=90&vsos=3&dvp_vsosnmr=16&lftb=2658&sftb=2658&msrdp=2&naral=640&vct=512&vphgt=1200&vpwdth=1600&chgt=90&cwdth=728&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=977&isuiabvms=977&isgmpims=194&isgmv4dpims=977&ispmxpms=977&engalms=11&dvp_dpr=1&ttfurm=3375&cbust=1669172098134699
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3225.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.12.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Wed, 23 Nov 2022 02:54:58 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
close
Expires
11/22/2022 02:54:58
event.png
tpsc-eu3.doubleverify.com/ Frame 1BEF 		0
229 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tpsc-eu3.doubleverify.com/event.png?impid=dbceb9e0754d44d4893e51cf10923c0b&flavor=0&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=324&eoid=11&msrjs=3225&sdf=67108866&vit=2&isvelg=1&rmi=16&tltms=0&tetms=11&msltms=65&vltms=324&sei=289&vetms=271&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=904&msrcannum=3&ismms=47&isumms=46&nvr=6&isgmmims=47&isgmv4mims=47&elmtp=1&isbxdms=2648&b0=100&b11=2774&adhgt=90&adwdth=728&norwdth=728&norhgt=90&vsos=3&dvp_vsosnmr=16&lftb=2874&sftb=2874&msrdp=3&naral=640&vct=512&vphgt=1200&vpwdth=1600&chgt=90&cwdth=728&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1000&isuiabvms=1000&isgmpims=231&isgmv4dpims=1000&ispmxpms=1000&engalms=45&dvp_dpr=1&ttfurm=3632&cbust=1669172098298220
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3225.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.12.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Wed, 23 Nov 2022 02:54:58 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
close
Expires
11/22/2022 02:54:58
event.png
tpsc-eu3.doubleverify.com/ Frame 3239 		0
229 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tpsc-eu3.doubleverify.com/event.png?impid=b8ec0a2160c647a78ab23855358f8d48&flavor=0&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&dvp_ealrgx=1&dvp_ealmp=1&dvp_ealslr=1&vdur=113&eoid=12&msrjs=3225&sdf=67108866&vit=2&isvelg=1&rmi=16&tltms=0&tetms=10&msltms=65&vltms=113&sei=289&vetms=159&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=904&msrcannum=3&ismms=10&isumms=9&nvr=6&isgmmims=10&isgmv4mims=10&elmtp=1&isbxdms=2309&b0=100&b11=2377&adhgt=250&adwdth=300&norwdth=300&norhgt=250&vsos=4&dvp_vsosnmr=16&lftb=2477&sftb=2477&msrdp=2&naral=640&vct=512&vphgt=1200&vpwdth=1600&chgt=250&cwdth=300&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1025&isuiabvms=1025&isgmpims=148&isgmv4dpims=1025&ispmxpms=1025&engalms=9&engscrlms=149&dvp_pageEng=true&dvp_dpr=1&dvp_valpct=2&ttfurm=3277&cbust=1669172098620547
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3225.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.12.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Wed, 23 Nov 2022 02:54:58 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
close
Expires
11/22/2022 02:54:58
event.png
tpsc-eu3.doubleverify.com/ Frame 2F3A 		0
229 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tpsc-eu3.doubleverify.com/event.png?impid=508621ccf2d742e3b070fb12e09bac75&flavor=0&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&dvp_ealrgx=1&dvp_ealmp=1&dvp_ealslr=1&vdur=121&eoid=11&msrjs=3225&sdf=67108866&vit=2&isvelg=1&rmi=16&tltms=0&tetms=9&msltms=62&vltms=121&sei=289&vetms=180&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=904&msrcannum=3&ismms=11&isumms=10&nvr=6&isgmmims=11&isgmv4mims=11&elmtp=1&isbxdms=2310&b0=100&b11=2409&adhgt=250&adwdth=300&norwdth=300&norhgt=250&vsos=4&dvp_vsosnmr=16&lftb=2509&sftb=2509&msrdp=3&naral=640&vct=512&vphgt=1200&vpwdth=1600&chgt=250&cwdth=300&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=921&isuiabvms=921&isgmpims=162&isgmv4dpims=921&ispmxpms=921&engalms=9&engscrlms=162&dvp_pageEng=true&dvp_dpr=1&dvp_valpct=2&ttfurm=3308&cbust=1669172098681977
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3225.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.12.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Wed, 23 Nov 2022 02:54:58 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
close
Expires
11/22/2022 02:54:58
6eb717b268c5f405b54f89e251f8be7a.svg
s0.2mdn.net/sadbundle/2978795306681093372/media/ Frame DB39 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2978795306681093372/media/6eb717b268c5f405b54f89e251f8be7a.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2978795306681093372/b8c0d930a427dabae239f7414570f3f0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c2d5e2508552270d4e4a199fb5a520d567c17f0d9bb4d66669f36b2be2f637c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2978795306681093372/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 02:43:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
432705
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
995
x-xss-protection
0
last-modified
Mon, 31 Oct 2022 13:57:38 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 18 Nov 2023 02:43:14 GMT
9b452d01458672910e7d5563cf627a12.jpg
s0.2mdn.net/sadbundle/2978795306681093372/media/ Frame DB39 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2978795306681093372/media/9b452d01458672910e7d5563cf627a12.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
638da68d1a997a598941305c443568296ea3ddca5403770f4957e77c89176182
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2978795306681093372/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 06:57:56 GMT
x-content-type-options
nosniff
age
590223
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9180
x-xss-protection
0
last-modified
Mon, 31 Oct 2022 13:57:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 16 Nov 2023 06:57:56 GMT
8757899ed78b540d7a10e2090524ee29.jpg
s0.2mdn.net/sadbundle/2978795306681093372/media/ Frame DB39 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2978795306681093372/media/8757899ed78b540d7a10e2090524ee29.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b03ce3d833cdc7cb662b4af5266d43554fa0d3a9beaa08a2c2ce2add99ba651b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2978795306681093372/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 12:56:20 GMT
x-content-type-options
nosniff
age
482319
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8009
x-xss-protection
0
last-modified
Mon, 31 Oct 2022 13:57:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Nov 2023 12:56:20 GMT
425fe9df5aeccd76555df3bc4e1306aa.jpg
s0.2mdn.net/sadbundle/2978795306681093372/media/ Frame DB39 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2978795306681093372/media/425fe9df5aeccd76555df3bc4e1306aa.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
375219458230d32bb6cc873daa53643fd9e4cccfb515abb9cc54f51c84dea2b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2978795306681093372/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 21:27:50 GMT
x-content-type-options
nosniff
age
365229
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8670
x-xss-protection
0
last-modified
Mon, 31 Oct 2022 13:57:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 18 Nov 2023 21:27:50 GMT
6b665cec6cfb91f1db319fda16726be0.jpg
s0.2mdn.net/sadbundle/2978795306681093372/media/ Frame DB39 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2978795306681093372/media/6b665cec6cfb91f1db319fda16726be0.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f2e892ca68c6d486d8df7cabfa1a525c6e4490726084b9007ec88bd933d3d5a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2978795306681093372/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 00:40:19 GMT
x-content-type-options
nosniff
age
94480
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6784
x-xss-protection
0
last-modified
Mon, 31 Oct 2022 13:57:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 22 Nov 2023 00:40:19 GMT
bd3d744a6cba6d757b2b86850623f2db.svg
s0.2mdn.net/sadbundle/2978795306681093372/media/ Frame DB39 		8 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2978795306681093372/media/bd3d744a6cba6d757b2b86850623f2db.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
44ae7ae6d0abe5b5ec86f36b1e74902602b727f21d836b64734e0e374ea0b9dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2978795306681093372/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 06:34:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
332452
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2606
x-xss-protection
0
last-modified
Mon, 31 Oct 2022 13:57:38 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 19 Nov 2023 06:34:07 GMT
8ea4d88b002cd3da4d83f594d6574921.svg
s0.2mdn.net/sadbundle/2978795306681093372/media/ Frame DB39 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2978795306681093372/media/8ea4d88b002cd3da4d83f594d6574921.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c4d4b840badba266575f6b5aa1e3a4a74e8aa3a440ca025627a9fb892f006aa0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2978795306681093372/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 12:56:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
482315
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1201
x-xss-protection
0
last-modified
Mon, 31 Oct 2022 13:57:38 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Nov 2023 12:56:24 GMT
4fc5eb7c95b5e90833514e0f29865ed8.svg
s0.2mdn.net/sadbundle/2978795306681093372/media/ Frame DB39 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2978795306681093372/media/4fc5eb7c95b5e90833514e0f29865ed8.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e529d34dab4cc363863f9184f1efb466d358086d0340e007693f881ecdb174df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2978795306681093372/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 04:08:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
81997
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1661
x-xss-protection
0
last-modified
Mon, 31 Oct 2022 13:57:38 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 22 Nov 2023 04:08:22 GMT
d64d1f761015f0967b66266f5b72afd2.svg
s0.2mdn.net/sadbundle/2978795306681093372/media/ Frame DB39 		2 KB
976 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2978795306681093372/media/d64d1f761015f0967b66266f5b72afd2.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fd5bf180d1a30434f545450f12ec490ab2b9c3004d8e13734e6a85da254e6c11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2978795306681093372/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 10:11:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
578625
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
928
x-xss-protection
0
last-modified
Mon, 31 Oct 2022 13:57:38 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 16 Nov 2023 10:11:14 GMT
undefined1xx793
s0.2mdn.net/sadbundle/2978795306681093372/ Frame DB39 		43 B
77 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2978795306681093372/undefined1xx793
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2978795306681093372/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:59 GMT
x-content-type-options
nosniff
server
sffe
x-dns-prefetch-control
off
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Wed, 23 Nov 2022 02:54:59 GMT
ebc7f90c8252dbae677e75dda82e94b6.png
s0.2mdn.net/sadbundle/2978795306681093372/media/ Frame DB39 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2978795306681093372/media/ebc7f90c8252dbae677e75dda82e94b6.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6d34527022d24611ac8cbff100361bc8db60c3ff26a1100e06e3d24039685f2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2978795306681093372/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 03:57:42 GMT
x-content-type-options
nosniff
age
428237
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5324
x-xss-protection
0
last-modified
Mon, 31 Oct 2022 13:57:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 18 Nov 2023 03:57:42 GMT
6eb717b268c5f405b54f89e251f8be7a.svg
s0.2mdn.net/sadbundle/18030282549340789940/media/ Frame 6BC4 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/18030282549340789940/media/6eb717b268c5f405b54f89e251f8be7a.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18030282549340789940/4934b96fc7fa98ffb2141efaaec5c7a3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c2d5e2508552270d4e4a199fb5a520d567c17f0d9bb4d66669f36b2be2f637c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18030282549340789940/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 03:06:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
431281
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
995
x-xss-protection
0
last-modified
Fri, 04 Nov 2022 08:41:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 18 Nov 2023 03:06:58 GMT
93b0b6b309eab173165b6110fb0a2637.jpg
s0.2mdn.net/sadbundle/18030282549340789940/media/ Frame 6BC4 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/18030282549340789940/media/93b0b6b309eab173165b6110fb0a2637.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8e5941c51bb3df3352c89721215f1d518984cba8fefd2048a37988da2dea241
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18030282549340789940/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 07:58:57 GMT
x-content-type-options
nosniff
age
413762
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9593
x-xss-protection
0
last-modified
Fri, 04 Nov 2022 08:41:57 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 18 Nov 2023 07:58:57 GMT
1b450c0b0ec98137ad2ae2e4ead815b1.jpg
s0.2mdn.net/sadbundle/18030282549340789940/media/ Frame 6BC4 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/18030282549340789940/media/1b450c0b0ec98137ad2ae2e4ead815b1.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6bde7c766dd93dbc350167dc63decbf345b851acdecff00f7466e55dd319e71b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18030282549340789940/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 06:17:34 GMT
x-content-type-options
nosniff
age
592645
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6332
x-xss-protection
0
last-modified
Fri, 04 Nov 2022 08:41:57 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 16 Nov 2023 06:17:34 GMT
931ffbf4c615b84c2be84553c31c8c28.jpg
s0.2mdn.net/sadbundle/18030282549340789940/media/ Frame 6BC4 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/18030282549340789940/media/931ffbf4c615b84c2be84553c31c8c28.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29fb339b41ead4b4ebb877e441fcb4d3b706002446150d1774a35584f02af981
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18030282549340789940/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 06:17:34 GMT
x-content-type-options
nosniff
age
592645
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9015
x-xss-protection
0
last-modified
Fri, 04 Nov 2022 08:41:57 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 16 Nov 2023 06:17:34 GMT
6a109eeb2adedf390186147dba7f3df0.jpg
s0.2mdn.net/sadbundle/18030282549340789940/media/ Frame 6BC4 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/18030282549340789940/media/6a109eeb2adedf390186147dba7f3df0.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b196da55a321ca277688ffe8ad59490c8738ad96b17d9752992c8bdcd39468fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18030282549340789940/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 02:39:48 GMT
x-content-type-options
nosniff
age
346511
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10317
x-xss-protection
0
last-modified
Fri, 04 Nov 2022 08:41:57 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 19 Nov 2023 02:39:48 GMT
62751c1ebae0f571720ab09dcb75f4cb.svg
s0.2mdn.net/sadbundle/18030282549340789940/media/ Frame 6BC4 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/18030282549340789940/media/62751c1ebae0f571720ab09dcb75f4cb.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c9eb72021ef29dc13bdc410152cd7c2003983bcedbbdae64d5be142eeacab9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18030282549340789940/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 03:07:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
431277
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1024
x-xss-protection
0
last-modified
Fri, 04 Nov 2022 08:41:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 18 Nov 2023 03:07:02 GMT
201d58261302a7312c03a4839eede1c5.svg
s0.2mdn.net/sadbundle/18030282549340789940/media/ Frame 6BC4 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/18030282549340789940/media/201d58261302a7312c03a4839eede1c5.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
637fbbe914cdf6168600483b3686c9a57bb5503f2fe8ab8cbc03e39948920127
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18030282549340789940/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 06:17:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
592641
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1110
x-xss-protection
0
last-modified
Fri, 04 Nov 2022 08:41:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 16 Nov 2023 06:17:38 GMT
538fc49cfa80a0b80d06024a8ce63c82.svg
s0.2mdn.net/sadbundle/18030282549340789940/media/ Frame 6BC4 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/18030282549340789940/media/538fc49cfa80a0b80d06024a8ce63c82.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e1da3001c1d7484341e80948c4a269ba4036a4e8df423b246b557db27286fca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18030282549340789940/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 02:39:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
346506
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1660
x-xss-protection
0
last-modified
Fri, 04 Nov 2022 08:41:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 19 Nov 2023 02:39:53 GMT
322132e56165ff49c987dbe2a797e06c.svg
s0.2mdn.net/sadbundle/18030282549340789940/media/ Frame 6BC4 		2 KB
980 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/18030282549340789940/media/322132e56165ff49c987dbe2a797e06c.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1edd2056130bf39592f7afd73b29e6f61e96d4516e3a17049497f6cf7087c815
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18030282549340789940/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 03:07:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
431277
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
929
x-xss-protection
0
last-modified
Fri, 04 Nov 2022 08:41:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 18 Nov 2023 03:07:02 GMT
undefinedd7d73w
s0.2mdn.net/sadbundle/18030282549340789940/ Frame 6BC4 		43 B
77 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/18030282549340789940/undefinedd7d73w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18030282549340789940/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 02:54:59 GMT
x-content-type-options
nosniff
server
sffe
x-dns-prefetch-control
off
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Wed, 23 Nov 2022 02:54:59 GMT
5f8a79cd841d43acb8300835194b3a91.png
s0.2mdn.net/sadbundle/18030282549340789940/media/ Frame 6BC4 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/18030282549340789940/media/5f8a79cd841d43acb8300835194b3a91.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7cb14fe4c16904e02657276e33531299092b2bf165bafca51409da607cd470c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18030282549340789940/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 02:39:53 GMT
x-content-type-options
nosniff
age
346506
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6058
x-xss-protection
0
last-modified
Fri, 04 Nov 2022 08:41:57 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 19 Nov 2023 02:39:53 GMT
2073c6a262ecc5134b0754512a0a2e7f.png
s0.2mdn.net/sadbundle/18030282549340789940/media/ Frame 6BC4 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/18030282549340789940/media/2073c6a262ecc5134b0754512a0a2e7f.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
78a1ec728879bb4073d33280a1649cddadd24b1890a5da83323731380a1a5ba6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18030282549340789940/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 03:07:02 GMT
x-content-type-options
nosniff
age
431277
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6429
x-xss-protection
0
last-modified
Fri, 04 Nov 2022 08:41:57 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 18 Nov 2023 03:07:02 GMT
tt
a4p.adpartner.pro/ Frame AAE3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tt?time=10&apuid=b396dead-d407-4521-bd1c-20b0ee5894fe&session_pageview=1&session_id=d983296b-ba03-4194-a396-ebfa56b4b876&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F&referer=
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/branding?id=1550&0.35508495829612663
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store no-transform
date
Wed, 23 Nov 2022 02:55:01 GMT
server
nginx

Verdicts & Comments Add Verdict or Comment

147 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 undefined| returnExports function| videojs object| vttjs function| VTTRegion function| WebVTT undefined| Youtube function| $ function| jQuery object| ddmenu function| setEqualHeight function| setCookie function| getCookie function| deleteCookie function| contentBorder function| validate function| json_encode function| toggleSpoiler function| addcat function| ShowOrHide function| DoDiv function| check_uncheck_all function| showpreview function| insertext function| insertimage function| quote function| confirmit function| emailCheck function| in_array function| center_div function| sack object| admixerVast object| globalAmlAds object| head object| script object| _gaq string| iS object| iD object| iP string| iR string| iT string| iH number| iI number| f string| x object| bmN object| bmD object| bs object| bm object| bmS string| r object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportGELQueue_ object| ytLoggingTransportGELProtoQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| _gat object| gaGlobal function| HELPER number| bannerNum object| adexOpt object| APC string| unitNum object| functionCallbacks boolean| functionLock boolean| apuidExists function| waitForApuID boolean| initVisitTime object| logVisitTime number| sessionPageview object| result string| key string| apuid object| sessionData object| loadedBanners object| onMainScriptLoad object| loadAdpartnerBranding function| adpartnerBranding object| banner1550_92005143690506380 object| admixerJSONP object| __core-js_shared__ object| core object| admixerML object| globalAml object| admixerAds object| admixerLoad object| globalAmlLoad object| ap_br_img number| k object| hb_dmx_res object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_132 object| Criteo object| Criteo_132 function| html2canvas function| _open object| google_reactive_ads_global_state object| google_ad_modifications number| google_global_correlator object| google_prev_clients object| googletag

163 Cookies

Domain/Path Name / Value
.admixer.net/bs Name: am-uid
Value: d364e212501d4e3d804c2267b01abaeb
.zdorovia.com.ua/ Name: ngTrackID
Value: c1aae7900a17fcb0f991a7253a153e2a
.zdorovia.com.ua/ Name: PHPSESSID
Value: nvjakjro91gsrkthr276i2egr0
zdorovia.com.ua/ Name: b
Value: b
.youtube.com/ Name: YSC
Value: zCCDi4UeQc4
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: yUYiqMhtcBI
.zdorovia.com.ua/ Name: __utma
Value: 148597372.1022265231.1669172090.1669172090.1669172090.1
.zdorovia.com.ua/ Name: __utmc
Value: 148597372
.zdorovia.com.ua/ Name: __utmz
Value: 148597372.1669172090.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.zdorovia.com.ua/ Name: __utmt
Value: 1
.zdorovia.com.ua/ Name: __utmb
Value: 148597372.1.10.1669172090
zdorovia.com.ua/ Name: session_id
Value: d983296b-ba03-4194-a396-ebfa56b4b876
zdorovia.com.ua/ Name: site_visited
Value: 1669258490.1
a4p.adpartner.pro/ Name: apuid
Value: b396dead-d407-4521-bd1c-20b0ee5894fe
a4p.adpartner.pro/ Name: apudmg
Value: 1
.yadro.ru/ Name: FTID
Value: 1ZVOjw3bf28R1ZVOjw001MhW
.yadro.ru/ Name: VID
Value: 1iZjdC2DdCuR1ZVOjw001Mi7
zdorovia.com.ua/ Name:
Value: store.test
.admixer.net/ Name: am-uid
Value: d364e212501d4e3d804c2267b01abaeb
.ads.go2net.com.ua/ Name: am-uid
Value: d364e212501d4e3d804c2267b01abaeb
.creativecdn.com/ Name: u
Value: wTexWmdAG4YFBWa8Ajjx
.creativecdn.com/ Name: ts
Value: 1669172091
.adnxs.com/ Name: uuid2
Value: 3740268398524048266
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 1540EA77-AB19-43EC-AD22-9A8D43F3C8DE
ads.us.e-planning.net/ Name: CT
Value: 1
.adx.opera.com/ Name: UID
Value: OPU59f8c11a9fbc4eb29d7cad9b3271e5ac
.e-planning.net/ Name: E
Value: ADAxld9Q1WPJ3fmG
.adform.net/ Name: C
Value: 1
.yahoo.com/ Name: A3
Value: d=AQABBHuLfWMCEFvsAteZgyjvY1LCJ_uGwXUFEgEBAQHcfmOHYwAAAAAA_eMAAA&S=AQAAAnK03JZXRaSHwANHVeK3DG8
.bidswitch.net/ Name: tuuid
Value: 9e649be7-33c8-4031-a1f7-94900454b0f2
.bidswitch.net/ Name: c
Value: 1669172091
.bidswitch.net/ Name: tuuid_lu
Value: 1669172091
.exchange.buzzoola.com/ Name: uuid
Value: c2c51052-ca07-4dd3-6c29-ccbb517356ef
.zeotap.com/ Name: zc
Value: a62ab6c8-fec4-4a23-5437-6d3421c0e7d2
.adform.net/ Name: uid
Value: 8510913750865436768
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: tuuid
Value: bc75d50b-8dab-5247-a8a3-d173cbde5a08
.betweendigital.com/ Name: ss
Value: 1
rtb.com.ru/ Name: as-user
Value: 637d8b7b05f70871e6834211
.tapad.com/ Name: TapAd_TS
Value: 1669172091643
.tapad.com/ Name: TapAd_DID
Value: aa0c1ee7-0a31-45de-aed6-81240d8b4d73
.adfarm1.adition.com/ Name: UserID1
Value: 7169039542254237838
.demdex.net/ Name: demdex
Value: 69322004840513710122150382449058956049
.scoota.co/ Name: tuuid
Value: bf160c69-9d66-4d7b-9c0f-dbedc0395ec2
.scoota.co/ Name: c
Value: 1669172091
.scoota.co/ Name: tuuid_lu
Value: 1669172091
.casalemedia.com/ Name: CMID
Value: Y32Lexf10MiJyhZhOhh3aAAA
.casalemedia.com/ Name: CMPS
Value: 705
.casalemedia.com/ Name: CMPRO
Value: 705
.weborama.fr/ Name: AFFICHE_W
Value: O6bvPRffZTU729
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.dpm.demdex.net/ Name: dpm
Value: 69322004840513710122150382449058956049
.tidaltv.com/ Name: tidal_ttid
Value: dab3b1b2-2ac2-42a9-a26e-a62a2a3e5af4
.openx.net/ Name: i
Value: 647f04bd-58bc-4e89-808f-3c99d70a10a1|1669172091
pa.tns-ua.com/ Name: uid
Value: ZF2D8EBCEF664007890F3520B12A7E92
.doubleclick.net/ Name: IDE
Value: AHWqTUkqcSq3AWvz8K0LTV1q1sQP75dsZIe87BB68QIUrx2uGhvk8aLuIMS6264lY_I
.lemmatechnologies.com/ Name: uid
Value: 3381dc13-6ada-11ed-b3f8-801844df0ab8
.360yield.com/ Name: tuuid
Value: 88369634-aa65-40f3-8724-867f5258950b
.360yield.com/ Name: tuuid_lu
Value: 1669172091
.tidaltv.com/ Name: sync-his
Value: "H4sIAAAAAAAAADM0NjY0sDK0MAIA+T36RgkAAAA="
.agkn.com/ Name: ab
Value: 0001%3A5eO5wZb76c%2BV772vuJjDW9k0Q9EnknTA
.adtelligent.com/ Name: vmuid
Value: 10aebe5b331045ba
.krxd.net/ Name: _kuid_
Value: PNxge8NR
.fwmrm.net/ Name: _uid
Value: "h803b_7169039542241855626"
.richaudience.com/ Name: avcid-zeo-uid
Value: a62ab6c8-fec4-4a23-5437-6d3421c0e7d2
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y32LfAAKFdI0aAA7
.betweendigital.com/ Name: ut
Value: Y32LfAAB6Ej6jFc8XCHElhW-k9nOrIHNvflbFg==
zdorovia.com.ua/ Name: lapuid
Value: b396dead-d407-4521-bd1c-20b0ee5894fe
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pbw
Value: %24b%3d16990%3b%24o%3d11100
.adtelligent.com/ Name: a307558
Value: b396dead-d407-4521-bd1c-20b0ee5894fe
.adtelligent.com/ Name: a584890
Value: 3740268398524048266
.adtelligent.com/ Name: a297253
Value: 3740268398524048266
.adtelligent.com/ Name: a309255
Value: 8e0db42b-48a4-4297-b1d5-34643276e1d1
.adtelligent.com/ Name: a307971
Value: ADAxld9Q1WPJ3fmG
.mathtag.com/ Name: uuid
Value: 9cce637d-8b7c-4800-ae67-3b9c2047dcda
.simpli.fi/ Name: suid
Value: A6E0864F3955409AAE0AC8EBB77074AF
.quantserve.com/ Name: mc
Value: 637d8b7c-48903-9b15f-b8c5a
.adtelligent.com/ Name: a289656
Value: 88369634-aa65-40f3-8724-867f5258950b
.adtelligent.com/ Name: p440467
Value: d364e212501d4e3d804c2267b01abaeb
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-rUDV3qMR1dm2R9qDq0DPg_lC19y2EdrZrhIHq_5n&KRTB&19420-rUDV3qMR1dm2R9qDq0DPg_lC19y2EdrZrhIHq_5n&KRTB&22979-rUDV3qMR1dm2R9qDq0DPg_lC19y2EdrZrhIHq_5n&KRTB&23403-rUDV3qMR1dm2R9qDq0DPg_lC19y2EdrZrhIHq_5n
.de17a.com/ Name: guid
Value: 1.7141305549775566278
.adtelligent.com/ Name: a558003
Value: 1540EA77-AB19-43EC-AD22-9A8D43F3C8DE
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEFdZnj6DEk_DXw2CJZHfttM&KRTB&16514-CAESEFdZnj6DEk_DXw2CJZHfttM&KRTB&23025-CAESEFdZnj6DEk_DXw2CJZHfttM&KRTB&23386-CAESEFdZnj6DEk_DXw2CJZHfttM
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-3740268398524048266&KRTB&23339-3740268398524048266
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:36e6637d-8b7c-4200-b477-a05274394952&KRTB&16736-uid:36e6637d-8b7c-4200-b477-a05274394952&KRTB&23019-uid:36e6637d-8b7c-4200-b477-a05274394952&KRTB&23208-uid:36e6637d-8b7c-4200-b477-a05274394952
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-8510913750865436768&KRTB&23263-8510913750865436768
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-7141305549775566278
.console.adtarget.com.tr/ Name: vmuid
Value: f88ebb0c6ebd2ec3
.console.adtarget.com.tr/ Name: a738101
Value: ${UID}
.console.adtarget.com.tr/ Name: a307565
Value: ${UID}
.amazon-adsystem.com/ Name: ad-id
Value: A_fC6a64eEJMiL7Mz7l5CeQ
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.console.adtarget.com.tr/ Name: a307080
Value: wTexWmdAG4YFBWa8Ajjx
.console.adtarget.com.tr/ Name: a307457
Value: 8510913750865436768
.onaudience.com/ Name: cookie
Value: d3ac1de4f69aa85b
.onaudience.com/ Name: done_redirects161
Value: 1
.zdorovia.com.ua/ Name: __gads
Value: ID=f966468c1f21bd2a-22b3fecf76d700fd:T=1669172092:RT=1669172092:S=ALNI_MbxLjDH9BsH-ncOtlGFqPmHIHUxvQ
.zdorovia.com.ua/ Name: __gpi
Value: UID=00000b86211eed53:T=1669172092:RT=1669172092:S=ALNI_MaxgCLLG6BrkRDm3aXhGq6BAbnv-Q
.adtelligent.com/ Name: a318342
Value: f88ebb0c6ebd2ec3
.mfadsrvr.com/ Name: tuuid
Value: 339cf93d-b6a4-48d7-b9b9-ae93c2e389eb
.mfadsrvr.com/ Name: c
Value: 1669172092
.mfadsrvr.com/ Name: tuuid_lu
Value: 1669172092
.analytics.yahoo.com/ Name: IDSYNC
Value: "1985~28g2:19ah~28g2:18z8~28g2"
.nrich.ai/ Name: _nauid
Value: 589c8d80-bc6f-4a24-9155-6b69c32c5d85
zdorovia.com.ua/ Name: session_pageview
Value: 1669172093.3
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2Il`rD6O-!]tbPl1M>e)ZlrFUfJ+tGXxouShV(NF9j9lS3S4TCx2A][-i!FYZRP=mj)5i3If)y3KL9D3I?+d-zAEL
.mfadsrvr.com/ Name: ssh
Value: !bidswitch,1669172092
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-9e649be7-33c8-4031-a1f7-94900454b0f2
.onaudience.com/ Name: done_redirects219
Value: 1
.zeotap.com/ Name: zsc
Value: mf%E7%90%D8%19n%A6%2B%FD%0F%A9b%0Aa%D2%BC%1E%05%83%AFh%D4%91%13d%86v%EDN1%60%3F%A6%DF%F3N0%1A%EF%C3%B7%D9%97%15%AD%25%E4u%D0N%FFR%BA%EEU%B5%A2%FC%99%0F%3A%DE%94u%9Dm%FD_%FF%85%18%97G%85%80%06%01%A1%E9%F1%0E%A2%9D%90i%A3t9%B5%96%EE%A0%04.%B7%5Ef%D0%16%81%8D%AD%E2%F0%18%DC%E44%07%9F%FD%F5%DF%9557%07%7C%AB%3E%27%84%ED%3FJ%A0%E2%15%0DA%A1a%87G%D4%AF%F5%C0%14%1B~%83%03%29%B4%DE%C7G%2F%ED%FD%CD~%1C%A4%DE%EA-%94%09u%3CH%08%E1%CD
.eyeota.net/ Name: SERVERID
Value: 23794~DM
.audrte.com/ Name: arcki2_adform
Value: 8510913750865436768!20220908!1669172093339
.doubleclick.net/ Name: DSID
Value: NO_DATA
.audrte.com/ Name: arcki2_ddp
Value: CAESEFX3m4Qoj4vZ4RlTWtcoaW0!20220908!1669172093464
.admixer.co.kr/ Name: __auid
Value: 3f675d511532067017d4323fd93edf53
.admixer.co.kr/ Name: __puid_103
Value: d364e212501d4e3d804c2267b01abaeb
.admixer.co.kr/ Name: __id_utm
Value: 20221123
.admixer.co.kr/ Name: __id_inf_103
Value: 0_d364e212501d4e3d804c2267b01abaeb
.audrte.com/ Name: arcki2
Value: 27m1joTTsX7SV2yOh-iFTv-VQ!20220908!1669172093695!ip#217.138.196.100
.quantserve.com/ Name: d
Value: EK0BDgHSJ4EO-TA
.casalemedia.com/ Name: CMTS
Value: 4528
.agkn.com/ Name: u
Value: C|0CEAAAAAAKxBH_gAAAAAAAQ13AQCAAQpAAAAAAA
.e.dlx.addthis.com/ Name: na_tc
Value: Y
.pubmatic.com/ Name: SyncRTB3
Value: 1670025600%3A63%7C1674345600%3A69%7C1670371200%3A8_233_238_243_165_54_22_56_81_13_21_71_166_3_220_88_104_55_176_99_214_161_251_7_234_204%7C1669766400%3A223_15_2%7C1671753600%3A203%7C1670457600%3A35
.addthis.com/ Name: na_id
Value: 2022112302545500057773612619
.addthis.com/ Name: na_tc
Value: Y
.addthis.com/ Name: uid
Value: 637d8b7fc3f363ca
.addthis.com/ Name: ouid
Value: 637d8b7f0001a1f39e94b94d7493af55fa07742d53af79a3e37c
.dlx.addthis.com/ Name: na_rn
Value: 0
.dlx.addthis.com/ Name: na_sr
Value: 20221123
.dlx.addthis.com/ Name: na_srp
Value: 3614
.dlx.addthis.com/ Name: na_sc_e
Value: 0
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-Y32LfAAKFdI0aAA7&KRTB&22978-Y32LfAAKFdI0aAA7&KRTB&23194-Y32LfAAKFdI0aAA7&KRTB&23209-Y32LfAAKFdI0aAA7
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7169039542254237838&KRTB&23369-7169039542254237838
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-bf471198-dec9-463f-89a0-347329157e9e-003%22%2C%22zdxidn%22%3A%221508%22%2C%22nxtrdr%22%3Afalse%7D
.ctnsnet.com/ Name: cid_33b1392ac49348d791fc7b06ab426077
Value: 1
.fiftyt.com/ Name: fifid
Value: 0c1d4052-1e43-4fe7-5f50-288f138877d6
.fiftyt.com/ Name: cs
Value: MTY2OTE3MjA5NXxEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fBWcVXM_AA1a9cH1B9NgOIPIjfYyU__pBIJwAShoMIoq
.turn.com/ Name: uid
Value: 3779534352676268122
ads.playground.xyz/ Name: connect.sid
Value: s%3A4MF9XyhYLmcO15qwO4t7SHpbZrkp3q57.z6qb8SFAbv%2FqkABSau0Oe%2FVPKMunE0EUwyaizckJopE
.audrte.com/ Name: arcki2_pubmatic
Value: 1540EA77-AB19-43EC-AD22-9A8D43F3C8DE!20220908!1669172095477
.adtelligent.com/ Name: a281178
Value: 1540EA77-AB19-43EC-AD22-9A8D43F3C8DE
.semasio.net/ Name: SEUNCY
Value: 9D9427E867E125D1
.bidr.io/ Name: bito
Value: AADWBk7G-xcAAB-z68nMkA
.bidr.io/ Name: bitoIsSecure
Value: ok
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-3779534352676268122&KRTB&23150-3779534352676268122
.adsby.bidtheatre.com/ Name: __kuid
Value: 3de1acb7-13e2-487c-8e9f-0bbd5e2a5344.438386095
.onaudience.com/ Name: done_redirects104
Value: 1
.fiftyt.com/ Name: fppm
Value: 20221123025455
.tribalfusion.com/ Name: ANON_ID
Value: aunseFwl6h6bQQwbQQaZawlconC5h3flpjGVpQqxFPDvaQP0qnoOhRQRYifro1SZbF5WDMbF0hYm5fZbNNcDZde5
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-a32c33c6-567e-4d06-648e-8c5d1cb343f0.eYkUCkG6W6TWN2GBGwtPnJ41sipH%2FHE6OoiAb0IncYY
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AoywzxlZ-TQZkjoxdHLND8NmKxGQ.d6wrC6bEBB9KvlXn3zph3e99a%2F4Ff2gi6w2SbMFm1Cs
.ipredictive.com/ Name: cu
Value: e7e0112f-fd32-488a-b344-d9a20a0a7347|1669172095829
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-oywzxlZ-TQZkjoxdHLND8NmKxGQ&KRTB&23334-oywzxlZ-TQZkjoxdHLND8NmKxGQ&KRTB&23417-oywzxlZ-TQZkjoxdHLND8NmKxGQ&KRTB&23426-oywzxlZ-TQZkjoxdHLND8NmKxGQ
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 12
.pubmatic.com/ Name: DPSync3
Value: 1670371200%3A219_226_227_235_241_221_201_197_245%7C1669248000%3A174
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-e7e0112f-fd32-488a-b344-d9a20a0a7347&KRTB&23011-e7e0112f-fd32-488a-b344-d9a20a0a7347&KRTB&23355-e7e0112f-fd32-488a-b344-d9a20a0a7347
.pubmatic.com/ Name: PugT
Value: 1669172094
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1669193696053
.criteo.com/ Name: uid
Value: c82f8267-52d0-4100-bfa6-b4213bf87b26
.zdorovia.com.ua/ Name: cto_bundle
Value: Y0yYxl8yZjRsWWdGb29rd1hkYW5OQ1hrWHF1OFJOWkFWWnRJMkFLOXoyV1U4d2pDMkpWMENqSVJPT0VRam0wck80MHdOJTJCQ0FxUjN0MDBOVXpNYk1HMzJyNkQzb00lMkZ1T3hRWXdiQmQyVFRnQSUyRnFxbDhGVDhrNFVaJTJGOUxPc2tvVlhpTjYxbDJPZ2lPMHlzcHBNbzMyUk44JTJCUjd3JTNEJTNE
.pubmatic.com/ Name: SPugT
Value: 1669172096

13 Console Messages

Source Level URL
Text
network error URL: http://zdorovia.com.ua/templates/default3/js/media.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
other warning URL: http://zdorovia.com.ua/(Line 850)
Message:
Unrecognized feature: 'web-share'.
network error URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&reqId=e6dcd8ce-093b-46e1-4464-c6c2a433e59a&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&reqId=e6dcd8ce-093b-46e1-4464-c6c2a433e59a&zdid=1361
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&reqId=e6dcd8ce-093b-46e1-4464-c6c2a433e59a&zdid=1361
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://tags.bluekai.com/site/87734?id=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a62ab6c8-fec4-4a23-5437-6d3421c0e7d2&reqId=e6dcd8ce-093b-46e1-4464-c6c2a433e59a&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 ()
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://pr-bh.ybp.yahoo.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
security error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417948&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1669172091&rafmt=1&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1669172091668&bpp=5&bdt=190&idt=191&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&correlator=4639092018766&frm=23&ife=5&pv=1&ga_vid=1022265231.1669172090&ga_sid=1669172090&ga_hid=927732058&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44768832%2C44773614%2C44779076&oid=2&pvsid=1045003748251155&tmod=523807073&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.maxf71wxo28k&fsb=1&dtd=217
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/871407110805838366/index.html".
security error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417948&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1669172091&rafmt=1&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1669172091668&bpp=5&bdt=190&idt=191&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&correlator=4639092018766&frm=23&ife=5&pv=1&ga_vid=1022265231.1669172090&ga_sid=1669172090&ga_hid=927732058&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44768832%2C44773614%2C44779076&oid=2&pvsid=1045003748251155&tmod=523807073&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.maxf71wxo28k&fsb=1&dtd=217
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/871407110805838366/index.html".
network error URL: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=d3ac1de4f69aa85b/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DEcv7Kmx8QYgjbQnWMURggSVh
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=1540EA77-AB19-43EC-AD22-9A8D43F3C8DE&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://s0.2mdn.net/sadbundle/2978795306681093372/undefined1xx793
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://s0.2mdn.net/sadbundle/18030282549340789940/undefinedd7d73w
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
a.tribalfusion.com
a4p.adpartner.pro
aa.agkn.com
aax-eu.amazon-adsystem.com
ad.360yield.com
ad.turn.com
ads.betweendigital.com
ads.go2net.com.ua
ads.playground.xyz
ads.pubmatic.com
ads.us.e-planning.net
adservice.google.co.uk
adservice.google.com
adx.adform.net
ajax.googleapis.com
ap.lijit.com
aud.pubmatic.com
bcp.crwdcntrl.net
beacon.krxd.net
bid.g.doubleclick.net
bidder.criteo.com
c.bigmir.net
c1.adform.net
cdn.admixer.net
cdn.doubleverify.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
cms.quantserve.com
core.iprom.net
counter.yadro.ru
cr.frontend.weborama.fr
creativecdn.com
cs.mobfox.com
cs.yellowblue.io
csync.loopme.me
d.agkn.com
d5p.de17a.com
dis.criteo.com
dmp.adform.net
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsp.nrich.ai
dsum-sec.casalemedia.com
e.dlx.addthis.com
engine.widespace.com
eus.rubiconproject.com
exchange.buzzoola.com
file.adpartner.pro
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
green.erne.co
gum.criteo.com
i.bigmir.net
i.e-planning.net
i.i.ua
ib.adnxs.com
ic.tynt.com
idsync.admixer.co.kr
idsync.frontend.weborama.fr
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
inv-nets.admixer.net
ipac.ctnsnet.com
js.cookieless-data.com
loada.exelator.com
loadeu.exelator.com
m.trafmag.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
matching.truffle.bid
mug.criteo.com
mwzeom.zeotap.com
nashamama.com
obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com
odr.mookie1.com
onetag-sys.com
pa.tns-ua.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-eu.onaudience.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.rubiconproject.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
ps.eyeota.net
pubmatic-match.dotomi.com
r.i.ua
r.scoota.co
rtb.com.ru
rtb.mfadsrvr.com
rtb.openx.net
rtb0.doubleverify.com
s.adtelligent.com
s.console.adtarget.com.tr
s.e-planning.net
s.tribalfusion.com
s0.2mdn.net
scripts.go2net.com.ua
secure-assets.rubiconproject.com
secure.adnxs.com
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
ssum-sec.casalemedia.com
static.criteo.net
static.xx.fbcdn.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adtelligent.com
sync.console.adtarget.com.tr
sync.crwdcntrl.net
sync.ipredictive.com
sync.lemmatechnologies.com
sync.mathtag.com
sync.richaudience.com
sync.smartadserver.com
sync.srv.stackadapt.com
sync.teads.tv
sync.tidaltv.com
t.adx.opera.com
tags.bluekai.com
tags.crwdcntrl.net
token.rubiconproject.com
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-eu3.doubleverify.com
trc.taboola.com
u-ams03.e-planning.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
us.ck-ie.com
usermatch.krxd.net
vid.vidoomy.com
visitor.fiftyt.com
www.facebook.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googletagservices.com
www.gstatic.com
www.youtube.com
x.bidswitch.net
zdorovia.com.ua
104.18.2.81
104.18.33.19
108.128.22.128
13.32.99.36
141.94.171.212
141.94.240.141
142.250.184.226
142.250.185.194
144.76.118.200
146.0.227.107
146.0.227.109
15.235.15.221
151.101.194.49
162.55.233.29
173.194.76.157
178.250.0.163
178.250.2.146
178.62.202.251
18.195.183.89
18.198.69.109
183.110.238.136
185.172.90.250
185.172.90.251
185.172.90.252
185.184.8.90
185.239.172.58
185.29.134.244
185.64.189.110
185.64.190.78
185.64.190.79
185.64.190.80
185.64.190.87
185.80.39.216
185.83.70.2
185.86.137.131
188.42.34.64
193.200.65.6
193.239.68.97
193.239.71.100
194.247.175.26
195.5.165.20
198.47.127.20
199.115.119.227
2001:678:cb4:bbbb::11
205.234.175.175
212.82.100.182
212.83.160.162
213.155.156.169
213.19.147.44
23.203.77.3
23.205.235.133
23.23.180.179
23.35.236.201
23.35.237.56
2606:4700:10::6816:1857
2606:4700::6812:19ad
2607:ae80:128:1::48
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:803::2001
2a00:1450:4001:803::200a
2a00:1450:4001:806::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2002
2a00:1450:4001:811::2004
2a00:1450:4001:827::2002
2a00:1450:4001:828::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:831::2003
2a00:1450:4001:831::2006
2a00:1450:4001:831::200e
2a00:1450:400c:c00::9d
2a02:2638:1::3
2a02:2638::1c
2a02:2638::24
2a02:26f0:3500:d::1732:83c8
2a02:6ea0:c700::10
2a02:fa8:8806:12::1400
2a03:2880:f080:9:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a03:90c0:41:2801::254
2a04:4e42:600::300
2a05:d018:24:b002:eb7b:3a65:f7da:a48f
2a05:d018:d29:3602:2c64:3412:9e4:7e3a
3.125.70.222
3.126.56.137
3.248.82.49
3.33.220.150
34.102.253.54
34.111.129.221
34.111.131.239
34.149.12.213
34.230.201.103
34.254.143.3
34.91.62.186
34.98.67.61
35.156.8.143
35.157.182.139
35.186.193.173
35.186.253.211
35.201.96.126
35.214.223.115
35.227.248.159
35.244.159.8
37.157.3.20
37.157.6.254
37.252.171.149
37.252.171.85
44.194.228.115
5.161.54.172
51.68.39.188
51.83.220.94
51.89.9.251
52.72.183.146
54.171.34.58
54.229.209.150
54.235.189.154
54.239.33.158
54.76.86.77
54.77.35.234
62.149.1.122
65.9.66.97
66.155.71.150
67.202.105.33
69.173.144.138
69.173.144.139
69.192.160.219
72.251.241.196
72.251.249.9
77.123.132.42
77.243.60.138
8.2.108.194
8.2.110.206
82.145.213.8
83.222.114.187
85.114.159.93
88.212.201.198
88.212.202.52
91.210.190.92
99.81.119.147
99.81.44.108
0026543d44ddf1980bebbafaef0fe9e3af71abd168ac6307647f2677d805678d
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
01d3e0ef3e3f0d540a9307989f0fb7c522887b07743f7592bb532ff959e98d1b
022b03a09cbfb1b95106c1ce345502114f2906cc911a1f88cd35668e516d3075
0266c1016aab57da0da73d99d479449098897981b6e497db3bfba634a8f0f49b
0617bbce3914f05b57fc72a666965510b62cabdafa8e75037dde6ffdfbe2e513
0672b11390df88de7cbadb94341ff565402966fa32ebbeabda80700f91b24517
0726b88fd37009c618df7504905335c47114fb08eb103b8c7c44887cbf6327fc
0768a75f86278220d9ada6d37cce84a1e4d03ea55ee56e37d055e0dba59318a9
09e51ed5a577eba58559abf1c7fcc8667e59701c50f37d4f22a76e8ea9f6e8be
0a701542abb5708d4d103a2a2e2e1aadf61a8334b4b1705d2b09819c97d4ca6e
0ae325c13e2db3f0e709853835d0871e975e41b5a089a5393b18897fcf3fa144
0b4f1f20b8a1f326257348655b77d49c76385941f5df5d393dfa73c3f07fd74f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0de25efd930b02fd449159ebccd63c0bca2558b7812d8f66a7e24c7c79bb1d46
0e1f8ae81889e837e923d788176d1ffb9a5b8b766a45e699326a8d5b6e9a5686
0e25ca4c3ad355f772205763fb53be26f802a6df9ac04fd52ad7b5c6f30593f6
0eee0e9b3d32388a0e9c0a4a52b5aa73a9b1528e34c60f42f83a5266899aaddb
1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484
1189596b1e09f2494d07d567cb64761d51be0198a118cc4e951563f87585f345
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1320d80076e33e05d34b3e45c224388c99d34efc505e45751fc43f9e1ab007f6
13e6bcaa4383496a55294262253de35d7d63557a92803d7787c62c330961b32d
140666625531e941e900caa4637eb21c39c9c812865382ca1ee0ceb764901502
14ac4ed00f600dad46a2cd434d5231d9b3037001da185063dc9f9e51b9030d11
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a
15b25322c978807eb0a01f7831091fd4b9add03a28f48236d309b42050a1aeac
1633363f53f8462023366ad43d16ea13269168a1d8622eba216e287527f45bee
16a23676970d407855056fe902bb769a180883b45db16e63247d0a8419931af0
17cbb5ff7abf82890eacd6dd6cdfaf4ea2e7f6dcd3dea4082d8cd3b290e251ee
17eba3ef8823dd7a29f9c217edb2feab54fc6bb5ab3759b43b325761e4d55d2c
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1a78e672eccdcf753dcd3efabcfa7d1ed12ab382ad2cfb92ff86229e47d4c8e7
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff
1c00acd1fc5308370f9b4774559fabfa6a6ab8cbb20977775b9c8ef82a2d87f3
1c25aef47c67b97e59beabef6f8710905a2cfa67f9579478ebde8bee5ffb57d3
1c45dbdb7b09412d6e8d0a108245bf284d53a80fe178119869ca65654c0621a1
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
1dd7796d72b2353ca592f216dca81af1aff9eed564a0c1ed5d7555af6f3bb34d
1eb72593541d2e8030368866e03471079975be3cb30aec0952baaeefd78fb293
1edd2056130bf39592f7afd73b29e6f61e96d4516e3a17049497f6cf7087c815
20bef4dcdad4a8b5b396910455695581c6abaa15d2a57c6fc0fe8c003621a33d
21d42027e662e530d67da764511f5675ae5810052db05e329445f039dc835849
221812a355ad9cfabb4c40792a5cbfe039935441f0278ec46005abaea2c63b01
234974ef7ff86c2e11dc738796ccf88501649f864fad7d2d30b45f10211cb8c8
2364e3bf74552def676f1c5086eca57ad57ea116854a53d324d59ae503c4c05b
240648823141e6beb3209a62567668f5566835ed5718f6ae9e404acd8c636d30
241129e5b635dc64e220763231bf80f258af802c44cdc89c905681df4297b6a7
2590c37a8df25d2ec796796a32a393e14a7fa4b5d6edd5529f6c05d4ec0b2692
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
292f50f919c43a55bc54544484bdf2bbb4487899dc20e1a531c003c33db23b74
29fb339b41ead4b4ebb877e441fcb4d3b706002446150d1774a35584f02af981
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2ad026871c717783703dfef98742b0c66eaa74c431a4b18015d73988a130fee1
2c19d105106bf6f55dd15da3523b88f88921e03cf54e1efaa138922fc12397c5
2c33f09a0d960da54b321cdba6a1bf844d46242c0b62f08f58fc8c35b787f3b7
2cf2c6cc4aa6512be5d445481334a4feae1b651c55f5b0800cf6340b4a259233
2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e50cbfdac28bb2bba9e2ad115f2b34236073ca8a1d968380c63600b92296656
2f477d8c00062b3fca30f847fb80e86ba63e9224848c5f3dd5aed3796c586b07
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f94354adb35be5e58296f25e2b8ae05c7b7a81885a01a78c76d8f370b875b88
306d5342ca0b82a5881ce148bbd99134d736d0fa462a683e56503801e36fdd93
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
322283ad195555b16f6338778f94914cc68906f495fa00ce0bf29ae731ea6cd3
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
348cad7c72440a6caa303509a97103d8460a4aba619211bcc5f9b81003e11a04
35e6db1c906dc81d695a6264be5cebf8df0d5451b97c3b39bfe1e3849517cf71
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
375219458230d32bb6cc873daa53643fd9e4cccfb515abb9cc54f51c84dea2b6
3b426975dc79c14d36c3b55e126d204e0e43f2ab4e5a851c52e7b84ec4a80deb
3c514fa9a2ccf695321cd103d47a909f166dc769f849828a0a17c118b92e0123
3e25b0478e495776aeb31dbca4c92a9bffbad68161f91e261ef88aaf4ea2dd71
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
3fdfd345e3ed78cf17705978090e67853e52fd32f12c01e42b4c50667cdcaacf
40331291b51a5ec7e43b6e6c15f61d98fa0e79d2d3171be8c98ed13e0327111f
404c8904ba1b8499bf4b71abe05e20d81afd5cf440e0f4c668b79765559b69ed
413da4c8cc5856a5db4fae0f0f3f53465c744acc7381d8e61aba775cac912bcd
4176ef4b226ec3594ce67ea47c05d93f55c521a1eda62c074b15893484e86bdb
418722b79142332a7534dbc977edd758fc50a9e78af73dfaadacceabf484211b
44ae7ae6d0abe5b5ec86f36b1e74902602b727f21d836b64734e0e374ea0b9dd
468ea5692c104ef27d3ee52b0816083447e4d34acf2b272039a0f5d8809fbc80
47879e9a46a232ac6fa8931b17f3dbe8a09ea02497c2394abf2e45c431b9b5ac
47ae74293df7fbda5e9431bd22baa78cc98fb2dbebe81c1d5b59bbe2ab7a4e3a
4803ca05bf5d01dbd812e758881dc7cae6344da06c0fd9d19d42a341409a61e6
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4954ce6c864a98f07a4644ca74ae36f7c5e4afe7cf56526cb03fb589df7a082a
498d4a8a9610f606c29f97541aa92c90bcf97d91921fa9300316140fe09c788b
49dc19f45e451a9eda73c012751f5b9ed20764eeb5f584f14b126c7f35b0c67d
4a10cb2ee7fa86e617b49c012524c9a3fbefc08818fa6dff0062cc6a99278311
4ad0a1d9bb20358be18ad374a563021cb030d5d7ef1d1fb52c05a187340bce6d
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c25be0fe1ccdf4a63cae780de73a5c876aff58bc779fb6b5cd97f777318d2b0
4da97fe7ca853891147c5eb703ae1c9b27f97ae26e6f8f1ec4d1030546d990e5
4df4f831ed5cdb639c42779819720daea3b9850e12cafe851ea4b242ccaa166e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
518044b9079d6b70b8997035cc0d9b69d8e578f1b2ec43c8cc06e819f58857a1
5217a346bfde995972ffbca690e2517db4093be0ac357e5fb7fe7f10a6e6afda
526f6793ec42dc549644b9af32188bc5e0c54186692b35572ec8a450abfde2a4
52c8c21869d442e788b9ab4fcd5fba63de27e7b6d1ec511d27b633c9523652ac
53be360fb7a461b9ac1f3fae1814a10a35f962363ed99b985db7ae8d5b43711f
53d7124dc9dc690adfafcb93f1bcdfa0ba151f2f5d11893e190a49f68759c54f
548e4669812ab53bae5e50eee71c0d6d951b6dd8e5176cb8c08c36ce3dbf37d3
54e51249021fabff65b4ca7eb728f0a56cff080a37d9b0b13d1c401d5b9e6184
550c9751b35c73d20d0182c4d815d8353c2eb4871b31f4229ba40b0f1874c660
55450dd3fe4117d02269f4bcc9fef4a18ae8735289455f3dc43f81a146cdcbb7
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5709a58c62c296dfe2a5a7180ad302bad4667be33a9088a991dbe90aa51d5a84
57f8071d567a6a442c542d105766d3afb6f57214807c19d8a9aec5586b88a2b8
59053117517098dd6e7a88d4b1e778253236a2e08925c3923cda855f41137333
5af01027febcd2100334a4f79b5ac8add28c2e81dd926631619c0ed8b1f2aa8a
5d3e8c9562d27fc8c2f494caa91e665b16a5bc5ab098ca0a9df839049247c346
5e4785eb8a7cfe47178ef53ab653bd49742262523946b3eede81bd2f48183a43
5e9379c14acdda791b010f4cc98dcc476723bfe09616d92c85cc4fe14867adce
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
605f5f89b676c72ccda7a2bb2257f1b787f4fa4fcd111e652e81c8ba62026ac8
60c2457717b7a343e504f867029e4ef086ca66e324eda44dd72fe5ee89f9ebb7
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99
6241810443b19d546e0370b5517f6e70268bfc2ebc634f6c0b2f83f581006931
627eb9f093dbcfaa5bda1e358da29f3f8c3d7c440977ff5c3b5a39a9a2b33839
637fbbe914cdf6168600483b3686c9a57bb5503f2fe8ab8cbc03e39948920127
638da68d1a997a598941305c443568296ea3ddca5403770f4957e77c89176182
641f868e8046a0df91150d538385b89a10efcd41c7da0a8ae180d68f725ab8b1
6485b9866c2416c69175729429f327f43514e45fb09063798c4546e7359d6d9c
64cb32ed9eaa927a2ae4a80f89db64a205543f0c88570271cf416a5b0789502f
66af72ac1444896ce2702d7c4234d363c53a7194b53de5e762a202ae900bb038
677a715d4e055c66802a66488cb28d7a0c592e76e617ee16b3fa37deab1db577
680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51
68ce5e6b058eda223db621959ba983469abd481a2f9968fde08c42464fe225ff
6a3d04874e62000c66bf4ca845fbde04ecb011a85bb4cb54f0cdf5598529709a
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6aed3a238eccdba51ccad99da44ae89e563a5e561cff593bdaa35982b8cc16f5
6bde7c766dd93dbc350167dc63decbf345b851acdecff00f7466e55dd319e71b
6c63ede7b64d86ffb873b22c7e3785b1deb13a3aa9a653e47331bb2282a122d2
6c6f1489ac1576671d857841cf65a2c136c373d99c3cb48683abaf648e68f438
6d0aa15878ea81619e92027135cd494136fa7eed212bff8976e7debc916543fe
6d34527022d24611ac8cbff100361bc8db60c3ff26a1100e06e3d24039685f2e
6e14d95b934678236a48b74dd960a9b4084012dd1d8d16262167def06db150ce
6f0eb6f25c2c4efbe507a5ca728d9e786fdf949694d77ff288f2eacfa5284c91
700efefca9b33114872cf4050211d697e91f3af4ea592de3bdbdfc5ae17c655f
7028ce246826b7ed6bb35f54c2cd43b0c851b84278f8b8b64b03b95190e24356
714a28784e8adaaea2dc7278a01d9d05b28ca053190c596dd24b20601842d438
71849c671a5e607e906ff0d436236bdf6b14950397ad37e5daf0540eb9c84f58
72c7b409ca6e1844919949e7acfc6cde000cf7d88c0d162de77a5429f66a22db
72d15234d6dde5fbdb7b89852408b3223101eff94b68d8d8eae1616290d2418f
731bc189a064b79fa15c680fb951fb8ad5f5a4b09620d561e21df3a52b095ff7
734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a
73beea82cfc9c82edd5827d4406d003f3dedc875cf5645345dba95607ff2ff9b
7488095254184c79f6f35f2f57dc737d1fb49871bc37b05955f7d9b8aa36fec6
76479a92fd0a1fbae17b90c67d7ac394c12a92e1df57b486f296d81fb5489704
768a5e633568495ef3dadd6942b13471de2d77b42362d0d249b2f0b77f88026f
76de0cf400104505200cba6311ac061dfe553c0b37ece8d560c72e967989ede6
7728946db189aa5afd0b17d585fd24521909793a688ec2ef72c019a8bf92dc97
77305f658ab5c2aa938f50f54169181315668de2fb1494698573db1c7e30caca
77f5cc8d5212bbee762ef1891eb721aaff6c67aef7137a802f4f4d86555b82c5
78402b5c67996f9578809ef785810366f4da8c213b7bde00fc305a6ba68d416f
78a1ec728879bb4073d33280a1649cddadd24b1890a5da83323731380a1a5ba6
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
7946ec35cd8c68b3a830f4e2f33b33d7a549fbf53c0588c0abbad84df24d021b
79a78139d71522672ff7ac53d27d942533511ed7eb7a83dc08a6e33d4b7dc6b0
7a525c52ebccd4a3e95e0bb433242298300312acc3e5ea424e87429d82e0c695
7c9eb72021ef29dc13bdc410152cd7c2003983bcedbbdae64d5be142eeacab9c
7dc2f5e7cae7a1e20249f7624c440a190bdc76f3a11ac17e6676cc5acd8eedb4
7e1da3001c1d7484341e80948c4a269ba4036a4e8df423b246b557db27286fca
80a5b042b9ee82093acbdff9c732d2ea7d65435e2f9dfa9a67757542f94db573
80be87288b81ef66258e8f79ef62758528d8f7ba1fa65f1a0d3378b3f960a324
8275905f60376cf5cc89fc61dc70ad9cc19eeb185dcee8f44041b05327d4caf3
82f3fa7c45c7a92732a70cd7185c1a439b0cf6c61119a1323bacb651b1d35301
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
853053c3e9c21bad0b07e4b8f922911cb98280c5d2489f961e055ba9b37f270a
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
85f220acef8d714cb7847dee24c04996b5f5ab4d0993b2dc73ca7c7662986306
86785aca6fc8dddf864d7181f70ccee6f8b23b862ac3f78df065ed909c5b746e
87f31cded62015a1d11cce6be7a32b77405de2fb36f4b8a7c2c5a4ccabd6a403
89e8415fbb63c06d0a5f9d2f6e6abab9e383f6c2d3d69d3deff7d82df1c6e0e9
8b2ab6a7fe3ae86fb84fb7cebcf072592cef358bb73db32fdf2acc0758d63539
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e08984827880362adfc91ffa926564622b531b407f35ac60fa4bdaf650f3835
8f0a19ee8c606b35a10904951e0a27da1896eafe33c6e88cb7bcbe455f05a24a
8f4b262ea13458af3f7508f3c93ac3589bbc01793104d9bfc041de85fcef79f2
90efd1fdff3ea28dee1f9eefc4b5a2740f3dbc8043ca9b5d0eac7004c97f30e1
94510223561aeac6e0dbc30e9a6d5fd2c5fe11e800caebd6c4a5d13754c3a710
967f424dab7736bcf334a6c64fa7274abcd3d7709338d363876a3bba9759c2bc
968e85bf2bc7e5a3bb2df7fda90431e82d36f50d2e746f0756ec76804b8aef08
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
96f087922f32e82fb25fbf87070e7d0c7b67442807c7c319581373b49684e5e6
9707866be52edc480c66c2ba065ba9b9863b5fa86609e3e7eeef94bd4df5bf80
970dc1781d1e759a9ca2597c7c633b83812a7bd2576eb81b03a43bc25c493d36
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98c633a4d855ceac1290eca1456d279134387f7ec0801385e530ccd9dcb5d866
99507b31a0efe2b33d28b8eefe8aab9c7a38fb3a22ac8bd5a6732b515ed72c37
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99e14d8cb52ef0f1ba9693fd83dddaf3d7650d8da4ea8fedeaf826ea66cfec93
9a0892b35b35c21f9f0c2e8161697703d6a19b0cb13ea647086e0f9d772a4da2
9a1e4bc172b3058865cfe10541ed9e1db75bfb03e5ef235e8da5e577b75056b9
9a7aa18a2f7f0a129b00c19f6dd2ee464a3ace905218ce1a2222c7b6a410f51f
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9cfaeaebc3d35cd957192c74bad8805c3cc4d2600778b02ef6e3da9f200396dc
9d9f69b458097c709f4c00bebf9040036f09ac49fb8f6543755dbb36227a7041
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a29306e7be8b3e743bf8a8431491142e215bf9bb31a004b13f591a4e1c9acc06
a46e02aed78b4773f4039ad8807da53fed0c2384a53b5e2afe6ad6ada85d4336
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5a4d7ec31e1eafeba8c3ab6589cf8b8b2b624b4c1afb7a62428aff04ada249e
a601b0d09f6c99008ebc6a11074d8b7c3d07658aa3bab00b56358a51ea6f7657
a6a995e2362237e8d60dd5177242713e50fee4a162496ac53fa5b6668f045df6
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa2e6d7260e270393b7b3f3426f0c8217e6eda69d9fbe7bfaf07de071cfc024f
ab4f33a78ee38adc77329be0b5ad3916c146c376544020dd93c304d8bfae5e69
ac21479523f870f1d11d82e5f218409ec04e6f8afed07debb0ec9f1da3a18d7c
acff2f7ced83945dfb1b2227c926ec6a29d4c9ef436b6cd78a0d0d7447286a09
aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13
b03ce3d833cdc7cb662b4af5266d43554fa0d3a9beaa08a2c2ce2add99ba651b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b196da55a321ca277688ffe8ad59490c8738ad96b17d9752992c8bdcd39468fb
b247e56de8d6629754d2b60988a1619771a2e349df86b118e81ff52968549f4f
b2ed9be156e0197fd74963e34335e177410163848ebaa40a7a455e7e12667c44
b2fe93272131aeb06507915b3113a1e5d109fc2415ddc20bf1b63f2d8633b9e0
b3d07383eaafa1a28161e0d58a2cce46a6adb2836603eea46f3676b54cc0cd49
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b45c62c7ea907efdd19b2ba950d0a8f261a514e34195a1e3b547ba8876b83862
b70c6c2ed793b5c4a9e9a7d543b489f810cfbcfba4fa326fc5730d2291fc5e38
b795e4fc14556245392afb52171502e7ad56c0c135504cb7d22a1f4f69093f60
bbcd1a424e97e69a4764812daf3e344781dc891f941b0f22ddb46a8b6447987c
bc9316039e195480aa7580b1acd1619b0d1290c164abcd64ce536f15a32f0996
bcf90fe8f18479b8d6b29b13ff4e20049625c79d173f91397beaf3cbf77894b5
bd6940b01e8f16e98a67c6bee5e18114ea82e5405718d3d74ebec84551afcb12
be09e8f92d60fdcad5a77543e8cccfccb4b1944c4f8a5737e6fff75b5e41de62
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2d5e2508552270d4e4a199fb5a520d567c17f0d9bb4d66669f36b2be2f637c4
c2da1bde386dc1e71e6f0cf3ddcce6650ba703109c5194f52c991f48755ad806
c4d4b840badba266575f6b5aa1e3a4a74e8aa3a440ca025627a9fb892f006aa0
c50ba511be87bc42f2ae747b074bb99131a090377b74d7902af06b8f55bbeb9c
c5d4259a9a1c294c7bb439cf797c81be723d972dbd1f649f9da9b53694a558f2
c81fbf2b06f6326c32e87ba241cfe1896ba100116a79c3d0727bd981dbb13597
c8aaca53e33884fc56290823e191ce81c25c4fff391fc98d023105b5ecdacfe7
c8c4b37f1b71adfb6ac9540af3d5e8a896b78e182de8533ec375fbb121769729
c8e5941c51bb3df3352c89721215f1d518984cba8fefd2048a37988da2dea241
c9a290d9b6213e394d2d308a9e193b06f2773b1ac247317f41df41211e6bc77a
cccd6bbd7a7c7ab4a3080322d70ac63c386ba9c37740cc8c2be220c157216b1c
ce26367d20022f13f017e45972a6e3c87024e9e7612c2231c38c9516251af2c2
ce47e2bfcfcdd077dd715215cbf5e8f0dd160c35a459d133a002b15e631cad87
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfc60dd767df46642d486d217f0b5583fcc74aa75c02d397079aaec211d6d0eb
d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d3ac4865d2c09c0e87497b5fc86890c2dcbd95324200689449495a41dd337dfc
d3be9cdda0336a9e173b08ce4ab6eb5ec6e32c97e4f0d8496aa86f3a969ba057
d4759891f9c9268b21702e96256b9c1095f67c5cf70a40b8cb5113ffd8dcf1e7
d485c4dc543229efe5d97016e8b0efec6824111dbc9aca88d586ece94fa7ab11
d57b72eab46863e9c71c04589510c2e4b8e68d928f054421bddc11b8a0102a02
d69f9244c8053f228c6e086a4106e1f696bb8ed21fe6e210e76b612cac784733
d8ed748859a20af156216b18113f0837aa9d0ffeb1652af5925c3815a38e2182
d9ffbda85f08bf40579c3ac519a6267284db79f2796e541fcdf9fd85221cc0ea
da5a6aaf22887d6be1d6aaf85b1bf31db6372817faeef47bd9f21b89fcb78109
da7050bb017b5f4c54018984094cf4d8b66a2c68c6b98bdb5d9a30b5a39e3e8c
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
dcc460bac24020747a63b7621ab7b0e94965116029aed92c2f6c6f72c9078349
dccaeb8aa4f4c779e6d9f2b0d51445b928b8f3d5275f673ea8f9559348dbe612
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e2cbfcacc9d5d0f8871ee8f217873a4dc579c80403940429af11fbe2ec021b12
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e413796b28aee3bc574491511981adaeaa6a9eb15b2281d0a8f3b4fc01350d45
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e4c87115834c3f04ac6e40927af4b0bcf6b839058344964a2eba9c787360ebc6
e529d34dab4cc363863f9184f1efb466d358086d0340e007693f881ecdb174df
e58dd6001ec35b05f71949fda9688eaf3a6a9e01a60f07b7bc99dd030485735c
e74616fef38e60a9cefcbd0e69dbcb68d416fd13a51c2f9720c5c31ab83bd69f
e760cc70aa82d03ecbb3f7c1a228e2229dbaa94b232c230fcaee2ae2b4aa7e8a
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
e945da9e2d2430b58f3d4d6f33a8ea49e0b1c2091f3c044d39fc46176dd08d0b
e9d52551d0d3969a369c1b4ba9172cbfa8cb3f2c56a95c59b116196506564912
eb49762bac0f22b332fc93eb47e3e4799e052b05f07073b8be9f1616baf75162
eb5f6fa57de34cddd8d42ff39ab45adee5b31426b3e706b1f706742bb9d20388
eb6d0bc02b71c902df98ebbffeafa724d0a9b46a1eeb7010e41b1cfb1fe8da1b
ebb33715c0dd71b3cc1109db4f08e93ebf83acb378f37a1f2a2359b066458af2
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2
ed0b0fe09a9dd4169fdc0c4e994c64522cdec9d516b1cbdd083f7a36573dc046
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef1c3f512d332ab4b488a0f601f870589d712b0e1c3a2531e3beabdcce4ed1a3
ef982e31e2efe3284c0e33d1dd5843633accf6c7c97e27cab254520cad53822a
f11a61f03ad744fcf390f6ce8e6963a91574b4fea728283b343a6f8c70a2dffa
f2e892ca68c6d486d8df7cabfa1a525c6e4490726084b9007ec88bd933d3d5a4
f3b7e1ee41b3a3451de52cefe8da3a36dc50d9e36499a295a6edc97f7ab275b0
f4726e859dd2230293e1d3b48e9432dbb22afd5ee9672b5318258b53803c580f
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b
f717f0ba337be92df13265158cbd189c5a8e45d256775f44b3175f87282449e9
f7cb14fe4c16904e02657276e33531299092b2bf165bafca51409da607cd470c
f856495ad86cd108feb0b63db29fcca3796b00e41a9407255e28b046563e5e21
f9cfea25d2790d45520c5c94c8bd182da470a1fc903009f539d996a6ec324ae8
fa4365f9098aa5351bbf4bab30eb7982b16ab10322cfa69a30edaa211eec29b5
fcbd2ad507245d0858967d08e4465973290ea279594e442db3e03c28387aba2b
fd5bf180d1a30434f545450f12ec490ab2b9c3004d8e13734e6a85da254e6c11
fd658331ab7602d68bed82df63548665d24a638e948e141cdf3baad7bdbf0cb0
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb
fdca945e53e22f07741a3ad330c2ef07699d9befcf6670f6a6d9d9d611747ee6
fe62c3f45302ba6868ea0e01f2ee5985893b406749a8371fe44a66394d0122be
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
ffe8ae9017db31a98d9664dfbb508dac285b719f1044dc21c12176f1dc28d912