www.zdrave.bg Open in urlscan Pro
78.90.206.186  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

• http://relay-bg.ads.httpool.com/ HTTP 303
• http://tas-bg.toboads.com/js/adi-ec561a14.js

Request Chain 31

• http://connect.facebook.net/en_US/all.js HTTP 307
• https://connect.facebook.net/en_US/all.js

Request Chain 52

• http://www.facebook.com/plugins/likebox.php?id=194681971570&width=300&connections=10&stream=false&header=false&height=255 HTTP 307
• https://www.facebook.com/plugins/likebox.php?id=194681971570&width=300&connections=10&stream=false&header=false&height=255

Request Chain 53

• http://www.google-analytics.com/ga.js HTTP 307
• https://www.google-analytics.com/ga.js

Request Chain 60

• http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1155415227&utmhn=www.zdrave.bg&utmcs=windows-1251&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%B7%D0%B0%20%D0%B7%D0%B4%D1%80%D0%B0%D0%B2%D0%B5%D1%82%D0%BE%20%D0%BD%D0%B0%20%D0%B2%D1%81%D0%B5%D0%BA%D0%B8%2C%20%D0%B2%D1%81%D0%B5%D0%BA%D0%B8%20%D0%B4%D0%B5%D0%BD%20%7C%20%D0%B7%D0%B4%D1%80%D0%B0%D0%B2%D0%B5.bg&utmhid=1777696023&utmr=-&utmp=%2F&utmht=1621854094390&utmac=UA-324471-1&utmcc=__utma%3D2577403.341891908.1621854094.1621854094.1621854094.1%3B%2B__utmz%3D2577403.1621854094.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1007574412&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAQAAAAE~ HTTP 307
• https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1155415227&utmhn=www.zdrave.bg&utmcs=windows-1251&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%B7%D0%B0%20%D0%B7%D0%B4%D1%80%D0%B0%D0%B2%D0%B5%D1%82%D0%BE%20%D0%BD%D0%B0%20%D0%B2%D1%81%D0%B5%D0%BA%D0%B8%2C%20%D0%B2%D1%81%D0%B5%D0%BA%D0%B8%20%D0%B4%D0%B5%D0%BD%20%7C%20%D0%B7%D0%B4%D1%80%D0%B0%D0%B2%D0%B5.bg&utmhid=1777696023&utmr=-&utmp=%2F&utmht=1621854094390&utmac=UA-324471-1&utmcc=__utma%3D2577403.341891908.1621854094.1621854094.1621854094.1%3B%2B__utmz%3D2577403.1621854094.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1007574412&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAQAAAAE~

Request Chain 66

• http://gabg.hit.gemius.pl/fpdata.js?href=www.zdrave.bg HTTP 301
• https://gabg.hit.gemius.pl/_sslredir/fpdata.js?href=www.zdrave.bg

Request Chain 67

• http://pixel.sitescout.com/iap/ea24b8a97ba6cbd8 HTTP 302
• https://pixel.sitescout.com/iap/ea24b8a97ba6cbd8

Request Chain 68

• http://ib.adnxs.com/seg?add=9942225 HTTP 307
• https://ib.adnxs.com/sbounce?%2Fseg%3Fadd%3D9942225 HTTP 307
• https://ib.adnxs.com/bounce?%2Fsbounce%3F%252Fseg%253Fadd%253D9942225

Request Chain 69

• http://pixel.sitescout.com/iap/1dedaf03ba2c1838 HTTP 302
• https://pixel.sitescout.com/iap/1dedaf03ba2c1838

Request Chain 70

• http://ib.adnxs.com/seg?add=9922745 HTTP 307
• https://ib.adnxs.com/sbounce?%2Fseg%3Fadd%3D9922745 HTTP 307
• https://ib.adnxs.com/bounce?%2Fsbounce%3F%252Fseg%253Fadd%253D9922745

Request Chain 72

• http://gabg.hit.gemius.pl/_1621854094573/rexdot.js?l=100&id=ous70LtcMDg4hZBoeTML28UFPzHZvwdNi.i4cwExhdr.Y7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=http%3A%2F%2Fwww.zdrave.bg%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=4yVxobavvFrM9JvqPoCRDqUFqYKvscbR7HCVNccjEIL.f7&vis=1 HTTP 301
• https://gabg.hit.gemius.pl/_sslredir/_1621854094573/rexdot.js?l=100&id=ous70LtcMDg4hZBoeTML28UFPzHZvwdNi.i4cwExhdr.Y7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=http%3A%2F%2Fwww.zdrave.bg%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=4yVxobavvFrM9JvqPoCRDqUFqYKvscbR7HCVNccjEIL.f7&vis=1 HTTP 301
• https://gabg.hit.gemius.pl/__/_sslredir/_1621854094573/rexdot.js?l=100&id=ous70LtcMDg4hZBoeTML28UFPzHZvwdNi.i4cwExhdr.Y7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=http%3A%2F%2Fwww.zdrave.bg%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=4yVxobavvFrM9JvqPoCRDqUFqYKvscbR7HCVNccjEIL.f7&vis=1

Request Chain 117

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMizDyvqLbiH39w1myzXOK0&google_cver=1

Request Chain 118

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YKuHjyJIlPisyZ0Zar.7vQAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMizDyvqLbiH39w1myzXOK0&google_cver=1&google_hm=2

Request Chain 119

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESELuiBdG2i7FdGtXYCY3soCA&google_cver=1

Request Chain 120

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDc1NTc4MjQyMDIwNjIzNDQ2Mw%3D%3D

Request Chain 121

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMizDyvqLbiH39w1myzXOK0&google_cver=1

Request Chain 122

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YKuHjyJIlPisyZ0Zar.7vQAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMizDyvqLbiH39w1myzXOK0&google_cver=1&google_hm=2

Request Chain 123

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESELuiBdG2i7FdGtXYCY3soCA&google_cver=1

Request Chain 124

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDc1NTc4MjQyMDIwNjIzNDQ2Mw%3D%3D

Request Chain 125

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMizDyvqLbiH39w1myzXOK0&google_cver=1

Request Chain 126

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YKuHjyJIlPisyZ0Zar.7vQAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMizDyvqLbiH39w1myzXOK0&google_cver=1&google_hm=2

Request Chain 127

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESELuiBdG2i7FdGtXYCY3soCA&google_cver=1

Request Chain 128

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDc1NTc4MjQyMDIwNjIzNDQ2Mw%3D%3D

182 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
4 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set / Show response www.zdrave.bg/	34 KB 10 KB	370ms 252ms	Document text/html	78.90.206.186 MEGALAN
General Check archive.org Show headers Download Go to Full URL http://www.zdrave.bg/ Protocol HTTP/1.1 Server 78.90.206.186 Sofia, Bulgaria, ASN35141 (MEGALAN, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash e7778e28d5291f08df66b364acaf564d12982c12ac050cfb3f7c31a59a46a6f8 Request headers Host www.zdrave.bg Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Server nginx Date Mon, 24 May 2021 11:01:33 GMT Content-Type text/html Content-Length 9500 Connection keep-alive Keep-Alive timeout=5 Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma no-cache Set-Cookie PHPSESSID=59f238645f8c3b54daa06ac7bb9c9bfb; path=/ Vary Accept-Encoding Content-Encoding gzip
GET H/1.1	200 OK	swfobject.js Show response www.zdrave.bg/js/	7 KB 3 KB	42ms 41ms	Script application/x-javascript	78.90.206.186 MEGALAN
General Check archive.org Show headers Download Go to Full URL http://www.zdrave.bg/js/swfobject.js Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol HTTP/1.1 Server 78.90.206.186 Sofia, Bulgaria, ASN35141 (MEGALAN, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash f2172868bc46d74ad32f2715bc25a8716e07a784b2ecb24d9d077d2125c6c993 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.zdrave.bg Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept */* Referer http://www.zdrave.bg/ Cookie PHPSESSID=59f238645f8c3b54daa06ac7bb9c9bfb Connection keep-alive Cache-Control no-cache Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 24 May 2021 11:01:33 GMT Content-Encoding gzip Last-Modified Fri, 02 Aug 2013 09:16:07 GMT Server nginx ETag W/"51fb78d7-1ae0" Vary Accept-Encoding Content-Type application/x-javascript Transfer-Encoding chunked Connection keep-alive Keep-Alive timeout=5
GET H/1.1	200 OK	jquery.js Show response www.zdrave.bg/js/	95 KB 33 KB	84ms 67ms	Script application/x-javascript	78.90.206.186 MEGALAN
General Check archive.org Show headers Download Go to Full URL http://www.zdrave.bg/js/jquery.js Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol HTTP/1.1 Server 78.90.206.186 Sofia, Bulgaria, ASN35141 (MEGALAN, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash 28cd1264bd1c0efccf4e7e030e8fc0dac7f2176f8d88ba60c8714ea738a8f550 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.zdrave.bg Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept */* Referer http://www.zdrave.bg/ Cookie PHPSESSID=59f238645f8c3b54daa06ac7bb9c9bfb Connection keep-alive Cache-Control no-cache Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 24 May 2021 11:01:33 GMT Content-Encoding gzip Last-Modified Fri, 02 Aug 2013 09:16:07 GMT Server nginx ETag W/"51fb78d7-17d59" Vary Accept-Encoding Content-Type application/x-javascript Transfer-Encoding chunked Connection keep-alive Keep-Alive timeout=5
GET H/1.1	200 OK	zdrave.js Show response www.zdrave.bg/js/	14 KB 5 KB	85ms 69ms	Script application/x-javascript	78.90.206.186 MEGALAN
General Check archive.org Show headers Download Go to Full URL http://www.zdrave.bg/js/zdrave.js Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol HTTP/1.1 Server 78.90.206.186 Sofia, Bulgaria, ASN35141 (MEGALAN, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash be6fd99e19aac74aa0fd01a271bae13e65496afad769c0df1e5648bd9a2cd950 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.zdrave.bg Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept */* Referer http://www.zdrave.bg/ Cookie PHPSESSID=59f238645f8c3b54daa06ac7bb9c9bfb Connection keep-alive Cache-Control no-cache Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 24 May 2021 11:01:33 GMT Content-Encoding gzip Last-Modified Fri, 02 Aug 2013 09:16:07 GMT Server nginx ETag W/"51fb78d7-39e0" Vary Accept-Encoding Content-Type application/x-javascript Transfer-Encoding chunked Connection keep-alive Keep-Alive timeout=5
GET H2	200	gpt.js Show response www.googletagservices.com/tag/js/	62 KB 21 KB	33ms 13ms	Script text/javascript	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/tag/js/gpt.js Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 195abda06e0dbd311a76c41c05bccb878c7fa83cc938e182ffac0991c69d742b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 24 May 2021 11:01:34 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "881 / 784 of 1000 / last-modified: 1621849242" vary Accept-Encoding content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 21340 x-xss-protection 0 expires Mon, 24 May 2021 11:01:34 GMT
GET H2	200	sportal.gdpr.js Show response gdpr.sportal.bg/	19 KB 8 KB	267ms 63ms	Script application/javascript	85.14.4.130 EVOLINK-AS
General Check archive.org Show headers Download Go to Full URL https://gdpr.sportal.bg/sportal.gdpr.js Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 85.14.4.130 , Bulgaria, ASN8262 (EVOLINK-AS, BG), Reverse DNS sportal.bg Software nginx / Resource Hash 782a77ad65b778b8745670755fa9b2bc96e05c865936460082e3e493ddfd72f9 Request headers Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 24 May 2021 11:01:34 GMT content-encoding gzip last-modified Wed, 05 Jun 2019 12:19:53 GMT server nginx etag W/"5cf7b369-4a2e" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript access-control-allow-origin * access-control-expose-headers Content-Length,Content-Range access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
GET H/1.1	200 OK	zdrave_styles.css www.zdrave.bg/css/	39 KB 9 KB	81ms 65ms	Stylesheet text/css	78.90.206.186 MEGALAN
General Check archive.org Show headers Download Go to Full URL http://www.zdrave.bg/css/zdrave_styles.css Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol HTTP/1.1 Server 78.90.206.186 Sofia, Bulgaria, ASN35141 (MEGALAN, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash 76fd4dd5c74aea6b02fc8ee6090b0bc6a59eda5f9d6ff38b02ed1eda91a99a48 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.zdrave.bg Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/css,*/*;q=0.1 Referer http://www.zdrave.bg/ Cookie PHPSESSID=59f238645f8c3b54daa06ac7bb9c9bfb Connection keep-alive Cache-Control no-cache Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 24 May 2021 11:01:33 GMT Content-Encoding gzip Last-Modified Fri, 02 Aug 2013 09:14:56 GMT Server nginx ETag W/"51fb7890-9b37" Vary Accept-Encoding Content-Type text/css Transfer-Encoding chunked Connection keep-alive Keep-Alive timeout=5
GET H/1.1	200 OK	zdrave_search_submit.gif www.zdrave.bg/images/	1 KB 2 KB	44ms 40ms	Image image/gif	78.90.206.186 MEGALAN
General Check archive.org Show headers Download Go to Show image Full URL http://www.zdrave.bg/images/zdrave_search_submit.gif Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol HTTP/1.1 Server 78.90.206.186 Sofia, Bulgaria, ASN35141 (MEGALAN, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash 58556977e7860db2b6db32a94b0f4549ef12839318d98455cc553b5e4bd32c65 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.zdrave.bg Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.zdrave.bg/ Cookie PHPSESSID=59f238645f8c3b54daa06ac7bb9c9bfb Connection keep-alive Cache-Control no-cache Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 24 May 2021 11:01:34 GMT Last-Modified Fri, 02 Aug 2013 09:06:43 GMT Server nginx ETag "51fb76a3-577" Content-Type image/gif Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 1399
GET H/1.1	200 OK	zdrave_header_logo.jpg www.zdrave.bg/images/	7 KB 8 KB	45ms 41ms	Image image/jpeg	78.90.206.186 MEGALAN
General Check archive.org Show headers Download Go to Show image Full URL http://www.zdrave.bg/images/zdrave_header_logo.jpg Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol HTTP/1.1 Server 78.90.206.186 Sofia, Bulgaria, ASN35141 (MEGALAN, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash 43135cf7c31641d06df7ff2d9a82cd764c227fc5fcd7ecfae563acb03dd7228c Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.zdrave.bg Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.zdrave.bg/ Cookie PHPSESSID=59f238645f8c3b54daa06ac7bb9c9bfb Connection keep-alive Cache-Control no-cache Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 24 May 2021 11:01:34 GMT Last-Modified Fri, 02 Aug 2013 09:06:42 GMT Server nginx ETag "51fb76a2-1dca" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 7626
GET H/1.1	200 OK	zdr_left_menu_header.gif www.zdrave.bg/images/	1 KB 1 KB	44ms 40ms	Image image/gif	78.90.206.186 MEGALAN
General Check archive.org Show headers Download Go to Show image Full URL http://www.zdrave.bg/images/zdr_left_menu_header.gif Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol HTTP/1.1 Server 78.90.206.186 Sofia, Bulgaria, ASN35141 (MEGALAN, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash 2def643052cff38eef41134268f401bcfcc4eeabfc3080fe3a3f0f7026b84a5c Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.zdrave.bg Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.zdrave.bg/ Cookie PHPSESSID=59f238645f8c3b54daa06ac7bb9c9bfb Connection keep-alive Cache-Control no-cache Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 24 May 2021 11:01:34 GMT Last-Modified Fri, 02 Aug 2013 09:06:42 GMT Server nginx ETag "51fb76a2-4ce" Content-Type image/gif Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 1230
GET H/1.1	200 OK	zdr_left_deseases_header.gif www.zdrave.bg/images/	1 KB 2 KB	45ms 41ms	Image image/gif	78.90.206.186 MEGALAN
General Check archive.org Show headers Download Go to Show image Full URL http://www.zdrave.bg/images/zdr_left_deseases_header.gif Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol HTTP/1.1 Server 78.90.206.186 Sofia, Bulgaria, ASN35141 (MEGALAN, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash 1c377127bcfa3c889dd0bf2b470b8e82892429dc22ddc8fd267f071dc74d3e42 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.zdrave.bg Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.zdrave.bg/ Cookie PHPSESSID=59f238645f8c3b54daa06ac7bb9c9bfb Connection keep-alive Cache-Control no-cache Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 24 May 2021 11:01:34 GMT Last-Modified Fri, 02 Aug 2013 09:06:43 GMT Server nginx ETag "51fb76a3-55f" Content-Type image/gif Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 1375
GET H/1.1	200 OK	zdr_header_rss.gif www.zdrave.bg/images/	699 B 953 B	86ms 66ms	Image image/gif	78.90.206.186 MEGALAN
General Check archive.org Show headers Download Go to Show image Full URL http://www.zdrave.bg/images/zdr_header_rss.gif Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol HTTP/1.1 Server 78.90.206.186 Sofia, Bulgaria, ASN35141 (MEGALAN, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash 473f3e92b1252dba029b6c5d036d7dbfd02b1c7d8e3fda3350c22045f21ed733 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.zdrave.bg Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.zdrave.bg/ Cookie PHPSESSID=59f238645f8c3b54daa06ac7bb9c9bfb Connection keep-alive Cache-Control no-cache Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 24 May 2021 11:01:34 GMT Last-Modified Fri, 02 Aug 2013 09:06:43 GMT Server nginx ETag "51fb76a3-2bb" Content-Type image/gif Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 699
GET H/1.1	200 OK	5782.jpg www.zdrave.bg/images/250/	16 KB 16 KB	83ms 64ms	Image image/jpeg	78.90.206.186 MEGALAN
General Check archive.org Show headers Download Go to Show image Full URL http://www.zdrave.bg/images/250/5782.jpg Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol HTTP/1.1 Server 78.90.206.186 Sofia, Bulgaria, ASN35141 (MEGALAN, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash 102423e1eefe81cf7be86b18c52ff4f91e0905b64277582386529dfaaa85e844 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.zdrave.bg Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.zdrave.bg/ Cookie PHPSESSID=59f238645f8c3b54daa06ac7bb9c9bfb Connection keep-alive Cache-Control no-cache Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 24 May 2021 11:01:34 GMT Last-Modified Fri, 02 Aug 2013 09:08:03 GMT Server nginx ETag "51fb76f3-3fb6" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 16310
GET H/1.1	200 OK	5447.jpg www.zdrave.bg/images/250/	14 KB 14 KB	88ms 40ms	Image image/jpeg	78.90.206.186 MEGALAN
General Check archive.org Show headers Download Go to Show image Full URL http://www.zdrave.bg/images/250/5447.jpg Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol HTTP/1.1 Server 78.90.206.186 Sofia, Bulgaria, ASN35141 (MEGALAN, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash 38c41f2a23606c4ac956be11f4ed1cb6fd451007b5afd53000bce1a9999ef273 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.zdrave.bg Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.zdrave.bg/ Cookie PHPSESSID=59f238645f8c3b54daa06ac7bb9c9bfb Connection keep-alive Cache-Control no-cache Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 24 May 2021 11:01:34 GMT Last-Modified Fri, 02 Aug 2013 09:08:17 GMT Server nginx ETag "51fb7701-37d8" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 14296
GET H/1.1	200 OK	5785.jpg www.zdrave.bg/images/250/	21 KB 21 KB	90ms 41ms	Image image/jpeg	78.90.206.186 MEGALAN
General Check archive.org Show headers Download Go to Show image Full URL http://www.zdrave.bg/images/250/5785.jpg Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol HTTP/1.1 Server 78.90.206.186 Sofia, Bulgaria, ASN35141 (MEGALAN, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash 9fec94b4ff143599afb447b8fd3a2c2b3ba59caee8670c59042fb7bd3433f58b Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.zdrave.bg Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.zdrave.bg/ Cookie PHPSESSID=59f238645f8c3b54daa06ac7bb9c9bfb Connection keep-alive Cache-Control no-cache Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 24 May 2021 11:01:34 GMT Last-Modified Fri, 02 Aug 2013 09:07:50 GMT Server nginx ETag "51fb76e6-530e" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 21262
GET H/1.1	200 OK	5783.jpg www.zdrave.bg/images/250/	18 KB 18 KB	90ms 41ms	Image image/jpeg	78.90.206.186 MEGALAN
General Check archive.org Show headers Download Go to Show image Full URL http://www.zdrave.bg/images/250/5783.jpg Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol HTTP/1.1 Server 78.90.206.186 Sofia, Bulgaria, ASN35141 (MEGALAN, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash bb998a86cbac87a0d49bb25b54abc93972824501d99531b2c69e2de3ecebc13a Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.zdrave.bg Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.zdrave.bg/ Cookie PHPSESSID=59f238645f8c3b54daa06ac7bb9c9bfb Connection keep-alive Cache-Control no-cache Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 24 May 2021 11:01:34 GMT Last-Modified Fri, 02 Aug 2013 09:07:59 GMT Server nginx ETag "51fb76ef-48d4" Content-Type image/jpeg Connection close Accept-Ranges bytes Content-Length 18644
GET H/1.1	200 OK	5707.jpg www.zdrave.bg/images/250/	21 KB 21 KB	42ms 41ms	Image image/jpeg	78.90.206.186 MEGALAN
General Check archive.org Show headers Download Go to Show image Full URL http://www.zdrave.bg/images/250/5707.jpg Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol HTTP/1.1 Server 78.90.206.186 Sofia, Bulgaria, ASN35141 (MEGALAN, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash 8d63fba992512d3d08c8a9f7b770fd6203622bdc6284e30af91d516f5a753eb9 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.zdrave.bg Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.zdrave.bg/ Cookie PHPSESSID=59f238645f8c3b54daa06ac7bb9c9bfb Connection keep-alive Cache-Control no-cache Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 24 May 2021 11:01:34 GMT Last-Modified Fri, 02 Aug 2013 09:07:24 GMT Server nginx ETag "51fb76cc-5442" Content-Type image/jpeg Connection close Accept-Ranges bytes Content-Length 21570
GET H/1.1	200 OK	zdr_arrow_left.gif www.zdrave.bg/images/	53 B 305 B	213ms 65ms	Image image/gif	78.90.206.186 MEGALAN
General Check archive.org Show headers Download Go to Show image Full URL http://www.zdrave.bg/images/zdr_arrow_left.gif Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol HTTP/1.1 Server 78.90.206.186 Sofia, Bulgaria, ASN35141 (MEGALAN, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash ab100b2b5cea43ed7e6d90205014fed9b4df8d7aa8c04dba39c61f3667d1adc8 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.zdrave.bg Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.zdrave.bg/ Cookie PHPSESSID=59f238645f8c3b54daa06ac7bb9c9bfb Connection keep-alive Cache-Control no-cache Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 24 May 2021 11:01:34 GMT Last-Modified Fri, 02 Aug 2013 09:06:43 GMT Server nginx ETag "51fb76a3-35" Content-Type image/gif Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 53
GET H/1.1	200 OK	zdr_arrow_right.gif www.zdrave.bg/images/	56 B 280 B	105ms 40ms	Image image/gif	78.90.206.186 MEGALAN
General Check archive.org Show headers Download Go to Show image Full URL http://www.zdrave.bg/images/zdr_arrow_right.gif Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol HTTP/1.1 Server 78.90.206.186 Sofia, Bulgaria, ASN35141 (MEGALAN, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash 4352dcef55a499ed21de78785c1d6c67db60bd24a37d5df8859d987682cb8fb1 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.zdrave.bg Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.zdrave.bg/ Cookie PHPSESSID=59f238645f8c3b54daa06ac7bb9c9bfb Connection keep-alive Cache-Control no-cache Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 24 May 2021 11:01:34 GMT Last-Modified Fri, 02 Aug 2013 09:06:43 GMT Server nginx ETag "51fb76a3-38" Content-Type image/gif Connection close Accept-Ranges bytes Content-Length 56
GET H/1.1	200 OK	zdr_center_more_header.gif www.zdrave.bg/images/	2 KB 2 KB	165ms 61ms	Image image/gif	78.90.206.186 MEGALAN
General Check archive.org Show headers Download Go to Show image Full URL http://www.zdrave.bg/images/zdr_center_more_header.gif Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol HTTP/1.1 Server 78.90.206.186 Sofia, Bulgaria, ASN35141 (MEGALAN, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash 5e0a6d389252a6a887d3b5e3c860d758d47162b44481550be199436d95079145 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.zdrave.bg Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.zdrave.bg/ Cookie PHPSESSID=59f238645f8c3b54daa06ac7bb9c9bfb Connection keep-alive Cache-Control no-cache Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 24 May 2021 11:01:34 GMT Last-Modified Fri, 02 Aug 2013 09:06:43 GMT Server nginx ETag "51fb76a3-889" Content-Type image/gif Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 2185
GET H/1.1	200 OK	6202.jpg www.zdrave.bg/images/80/	4 KB 4 KB	182ms 60ms	Image image/jpeg	78.90.206.186 MEGALAN
General Check archive.org Show headers Download Go to Show image Full URL http://www.zdrave.bg/images/80/6202.jpg Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol HTTP/1.1 Server 78.90.206.186 Sofia, Bulgaria, ASN35141 (MEGALAN, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash b5c9b565e21dce9ebed5eab5acfa741ba584d656fefad1e0766cf34ad869b8d8 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.zdrave.bg Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.zdrave.bg/ Cookie PHPSESSID=59f238645f8c3b54daa06ac7bb9c9bfb Connection keep-alive Cache-Control no-cache Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 24 May 2021 11:01:34 GMT Last-Modified Thu, 11 Feb 2021 15:12:50 GMT Server nginx ETag "60254972-108f" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 4239
GET H/1.1	200 OK	2219.jpg www.zdrave.bg/images/80/	4 KB 4 KB	102ms 40ms	Image image/jpeg	78.90.206.186 MEGALAN
General Check archive.org Show headers Download Go to Show image Full URL http://www.zdrave.bg/images/80/2219.jpg Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol HTTP/1.1 Server 78.90.206.186 Sofia, Bulgaria, ASN35141 (MEGALAN, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash e599f75928c9adfc5466b3a9391433e89623967d26665b7c7897ea69f2ebf0d4 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.zdrave.bg Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.zdrave.bg/ Cookie PHPSESSID=59f238645f8c3b54daa06ac7bb9c9bfb Connection keep-alive Cache-Control no-cache Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 24 May 2021 11:01:34 GMT Last-Modified Fri, 02 Aug 2013 09:11:04 GMT Server nginx ETag "51fb77a8-e21" Content-Type image/jpeg Connection close Accept-Ranges bytes Content-Length 3617
GET H/1.1	200 OK	zdr_u-know_header.gif www.zdrave.bg/images/	2 KB 2 KB	161ms 40ms	Image image/gif	78.90.206.186 MEGALAN
General Check archive.org Show headers Download Go to Show image Full URL http://www.zdrave.bg/images/zdr_u-know_header.gif Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol HTTP/1.1 Server 78.90.206.186 Sofia, Bulgaria, ASN35141 (MEGALAN, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash e47b9e815087e2fc99bbf6cbf261c70deb464a65398b4f20b20a12594fa1e479 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.zdrave.bg Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.zdrave.bg/ Cookie PHPSESSID=59f238645f8c3b54daa06ac7bb9c9bfb Connection keep-alive Cache-Control no-cache Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 24 May 2021 11:01:34 GMT Last-Modified Fri, 02 Aug 2013 09:06:43 GMT Server nginx ETag "51fb76a3-78a" Content-Type image/gif Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 1930
GET H/1.1	200 OK	5283.jpg www.zdrave.bg/images/60/	3 KB 3 KB	40ms 40ms	Image image/jpeg	78.90.206.186 MEGALAN
General Check archive.org Show headers Download Go to Show image Full URL http://www.zdrave.bg/images/60/5283.jpg Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol HTTP/1.1 Server 78.90.206.186 Sofia, Bulgaria, ASN35141 (MEGALAN, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash c12883dc07f971d67e5b7c0b6bbb496858e0721f94d05706bac6215bf9b6908b Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.zdrave.bg Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.zdrave.bg/ Cookie PHPSESSID=59f238645f8c3b54daa06ac7bb9c9bfb Connection keep-alive Cache-Control no-cache Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 24 May 2021 11:01:34 GMT Last-Modified Fri, 02 Aug 2013 09:11:41 GMT Server nginx ETag "51fb77cd-cc8" Content-Type image/jpeg Connection close Accept-Ranges bytes Content-Length 3272
GET H/1.1	200 OK	4665.jpg www.zdrave.bg/images/60/	2 KB 3 KB	39ms 38ms	Image image/jpeg	78.90.206.186 MEGALAN
General Check archive.org Show headers Download Go to Show image Full URL http://www.zdrave.bg/images/60/4665.jpg Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol HTTP/1.1 Server 78.90.206.186 Sofia, Bulgaria, ASN35141 (MEGALAN, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash 8a33f2d843dec50c117b7023802cfef9631c4e163bacdbd88b7eb6dc8512f6cf Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.zdrave.bg Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.zdrave.bg/ Cookie PHPSESSID=59f238645f8c3b54daa06ac7bb9c9bfb Connection keep-alive Cache-Control no-cache Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 24 May 2021 11:01:34 GMT Last-Modified Fri, 02 Aug 2013 09:11:40 GMT Server nginx ETag "51fb77cc-93f" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 2367
GET H/1.1	200 OK	677.jpg www.zdrave.bg/images/60/	3 KB 3 KB	39ms 38ms	Image image/jpeg	78.90.206.186 MEGALAN
General Check archive.org Show headers Download Go to Show image Full URL http://www.zdrave.bg/images/60/677.jpg Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol HTTP/1.1 Server 78.90.206.186 Sofia, Bulgaria, ASN35141 (MEGALAN, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash db9d01707fe76a51a28349eca999d875004049d3ba47686e7274fa1c79b0a869 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.zdrave.bg Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.zdrave.bg/ Cookie PHPSESSID=59f238645f8c3b54daa06ac7bb9c9bfb Connection keep-alive Cache-Control no-cache Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 24 May 2021 11:01:34 GMT Last-Modified Fri, 02 Aug 2013 09:11:20 GMT Server nginx ETag "51fb77b8-cf9" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 3321
GET H/1.1	200 OK	5289.jpg www.zdrave.bg/images/60/	3 KB 3 KB	42ms 41ms	Image image/jpeg	78.90.206.186 MEGALAN
General Check archive.org Show headers Download Go to Show image Full URL http://www.zdrave.bg/images/60/5289.jpg Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol HTTP/1.1 Server 78.90.206.186 Sofia, Bulgaria, ASN35141 (MEGALAN, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash 6d57e824e059301698f353db1cf92025de2a6d1e6f8c5abbffc24fc768e13550 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.zdrave.bg Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.zdrave.bg/ Cookie PHPSESSID=59f238645f8c3b54daa06ac7bb9c9bfb Connection keep-alive Cache-Control no-cache Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 24 May 2021 11:01:34 GMT Last-Modified Fri, 02 Aug 2013 09:11:41 GMT Server nginx ETag "51fb77cd-a79" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 2681
GET H/1.1	200 OK	3700.jpg www.zdrave.bg/images/60/	3 KB 3 KB	40ms 39ms	Image image/jpeg	78.90.206.186 MEGALAN
General Check archive.org Show headers Download Go to Show image Full URL http://www.zdrave.bg/images/60/3700.jpg Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol HTTP/1.1 Server 78.90.206.186 Sofia, Bulgaria, ASN35141 (MEGALAN, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash b583d05bbbb011366fea9dda74ebd9cf77ac7b83fc1736e7c8529d151e6277d5 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.zdrave.bg Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.zdrave.bg/ Cookie PHPSESSID=59f238645f8c3b54daa06ac7bb9c9bfb Connection keep-alive Cache-Control no-cache Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 24 May 2021 11:01:34 GMT Last-Modified Fri, 02 Aug 2013 09:11:51 GMT Server nginx ETag "51fb77d7-aa5" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 2725
GET H/1.1	200 OK	4977.jpg www.zdrave.bg/images/60/	3 KB 3 KB	51ms 41ms	Image image/jpeg	78.90.206.186 MEGALAN
General Check archive.org Show headers Download Go to Show image Full URL http://www.zdrave.bg/images/60/4977.jpg Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol HTTP/1.1 Server 78.90.206.186 Sofia, Bulgaria, ASN35141 (MEGALAN, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash a960c0aa92033ca3ecfdd81cec7a4443d8e73f7081f1d5fb91f165e05e2d58eb Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.zdrave.bg Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.zdrave.bg/ Cookie PHPSESSID=59f238645f8c3b54daa06ac7bb9c9bfb Connection keep-alive Cache-Control no-cache Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 24 May 2021 11:01:34 GMT Last-Modified Fri, 02 Aug 2013 09:11:48 GMT Server nginx ETag "51fb77d4-b56" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 2902
GET H/1.1	200 OK	5822.jpg www.zdrave.bg/images/80/	3 KB 3 KB	121ms 40ms	Image image/jpeg	78.90.206.186 MEGALAN
General Check archive.org Show headers Download Go to Show image Full URL http://www.zdrave.bg/images/80/5822.jpg Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol HTTP/1.1 Server 78.90.206.186 Sofia, Bulgaria, ASN35141 (MEGALAN, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash be8a61c5d7715ba61c258ac1b146a8e29da020251bd6dee9cc36424a050e560a Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.zdrave.bg Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.zdrave.bg/ Cookie PHPSESSID=59f238645f8c3b54daa06ac7bb9c9bfb Connection keep-alive Cache-Control no-cache Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 24 May 2021 11:01:34 GMT Last-Modified Fri, 02 Aug 2013 09:10:20 GMT Server nginx ETag "51fb777c-c31" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 3121
GET H/1.1	200 OK	adi-ec561a14.js Show response tas-bg.toboads.com/js/ Redirect Chain http://relay-bg.ads.httpool.com/ http://tas-bg.toboads.com/js/adi-ec561a14.js	121 KB 121 KB	77ms 37ms	Script text/javascript	91.209.18.100 HTTPOOL-NET-AS
General Check archive.org Show headers Download Go to Full URL http://tas-bg.toboads.com/js/adi-ec561a14.js Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol HTTP/1.1 Server 91.209.18.100 , Slovenia, ASN8558 (HTTPOOL-NET-AS, SI), Reverse DNS tas.toboads.com Software nginx / PHP/7.1.13 Resource Hash 02f3875150414ebd938aed56f5ec4998db2be8ed55f25751ea2d022c4c856243 Request headers Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 24 May 2021 11:01:34 GMT Last-Modified Wed, 14 Apr 2021 13:12:12 GMT Server nginx X-Powered-By PHP/7.1.13 ETag W/"ebadc3b25a8662991415a39814ec4260" Transfer-Encoding chunked P3P policyref="/w3c/p3p.xml", CP="httpool" Cache-Control private, max-age=21254400 Connection keep-alive Content-Type text/javascript;charset=UTF-8 Expires Thu, 16 Dec 2021 14:12:12 GMT Redirect headers Date Mon, 24 May 2021 11:01:34 GMT Last-Modified Mon, 24 May 2021 11:01:34 GMT Server nginx X-Powered-By PHP/7.1.13 Transfer-Encoding chunked Content-Type text/html; charset=UTF-8 Location http://tas-bg.toboads.com/js/adi-ec561a14.js Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0 Connection keep-alive
GET H/1.1	200 OK	zdr_right_quiz_vote.gif www.zdrave.bg/images/	734 B 988 B	72ms 66ms	Image image/gif	78.90.206.186 MEGALAN
General Check archive.org Show headers Download Go to Show image Full URL http://www.zdrave.bg/images/zdr_right_quiz_vote.gif Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol HTTP/1.1 Server 78.90.206.186 Sofia, Bulgaria, ASN35141 (MEGALAN, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash 581b5d3edb9fc27999b016832d576b42d39a6702eacf9e9ec60d8c0a6917e381 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.zdrave.bg Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.zdrave.bg/ Cookie PHPSESSID=59f238645f8c3b54daa06ac7bb9c9bfb Connection keep-alive Cache-Control no-cache Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 24 May 2021 11:01:34 GMT Last-Modified Fri, 02 Aug 2013 09:06:42 GMT Server nginx ETag "51fb76a2-2de" Content-Type image/gif Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 734
GET H2	200	all.js Show response connect.facebook.net/en_US/ Redirect Chain http://connect.facebook.net/en_US/all.js https://connect.facebook.net/en_US/all.js	3 KB 3 KB	21ms 6ms	Script application/x-javascript	2a03:2880:f02d:12:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/all.js Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 5ca792df66d9cba2835221b547f911cf39d9c1f5f5ef693feeed76120986164c Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff content-md5 7Avdykn20s6VhDJGIFbBcg== cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 1778 x-fb-rlafr 0 x-fb-debug JhgOPRZ+XCFnUSPGoNd1FB8B7k540kNG1nxEZ+Bhk96hkgB0t+axN8emA4XZrpswBY5rJ2du/9onHJQR4KXA0A== x-fb-trip-id 917726464 x-fb-content-md5 89afcaa30266d993c70fe7786b24fa18 x-frame-options DENY cross-origin-opener-policy same-origin-allow-popups cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" date Mon, 24 May 2021 11:01:34 GMT vary Accept-Encoding report-to {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]} content-type application/x-javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=1200,stale-while-revalidate=3600 etag "3131f6946f0b12d0e404f537bb234eb3" timing-allow-origin * priority u=3,i expires Mon, 24 May 2021 11:17:56 GMT Redirect headers Location https://connect.facebook.net/en_US/all.js#xfbml=1 Non-Authoritative-Reason HSTS
GET H/1.1	200 OK	bullet_orange_top_menu.gif www.zdrave.bg/images/	1 KB 1 KB	45ms 38ms	Image image/gif	78.90.206.186 MEGALAN
General Check archive.org Show headers Download Go to Show image Full URL http://www.zdrave.bg/images/bullet_orange_top_menu.gif Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/css/zdrave_styles.css Protocol HTTP/1.1 Server 78.90.206.186 Sofia, Bulgaria, ASN35141 (MEGALAN, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash 294a8041d261138b6673afb0ce72c680992d5a4091009aa655e6e79297f9d9df Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.zdrave.bg Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.zdrave.bg/css/zdrave_styles.css Cookie PHPSESSID=59f238645f8c3b54daa06ac7bb9c9bfb Connection keep-alive Cache-Control no-cache Referer http://www.zdrave.bg/css/zdrave_styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 24 May 2021 11:01:34 GMT Last-Modified Fri, 02 Aug 2013 09:06:44 GMT Server nginx ETag "51fb76a4-44c" Content-Type image/gif Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 1100
GET H/1.1	200 OK	zdrave_header_bottom_full_bg.gif www.zdrave.bg/images/	1 KB 2 KB	59ms 40ms	Image image/gif	78.90.206.186 MEGALAN
General Check archive.org Show headers Download Go to Show image Full URL http://www.zdrave.bg/images/zdrave_header_bottom_full_bg.gif Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/css/zdrave_styles.css Protocol HTTP/1.1 Server 78.90.206.186 Sofia, Bulgaria, ASN35141 (MEGALAN, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash 97b37c3497e067d19d97bdf7b62b5749b3e132ca56220e5698d8d66d90757dd5 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.zdrave.bg Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.zdrave.bg/css/zdrave_styles.css Cookie PHPSESSID=59f238645f8c3b54daa06ac7bb9c9bfb Connection keep-alive Cache-Control no-cache Referer http://www.zdrave.bg/css/zdrave_styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 24 May 2021 11:01:34 GMT Last-Modified Fri, 02 Aug 2013 09:06:43 GMT Server nginx ETag "51fb76a3-536" Content-Type image/gif Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 1334
GET H/1.1	200 OK	zdrave_header_container_bg.jpg www.zdrave.bg/images/	3 KB 3 KB	61ms 41ms	Image image/jpeg	78.90.206.186 MEGALAN
General Check archive.org Show headers Download Go to Show image Full URL http://www.zdrave.bg/images/zdrave_header_container_bg.jpg Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/css/zdrave_styles.css Protocol HTTP/1.1 Server 78.90.206.186 Sofia, Bulgaria, ASN35141 (MEGALAN, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash 85d4ef637cacccef5919fa290c3c104c8682d939e7f0b1e4d0cfb67f09307778 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.zdrave.bg Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.zdrave.bg/css/zdrave_styles.css Cookie PHPSESSID=59f238645f8c3b54daa06ac7bb9c9bfb Connection keep-alive Cache-Control no-cache Referer http://www.zdrave.bg/css/zdrave_styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 24 May 2021 11:01:34 GMT Last-Modified Fri, 02 Aug 2013 09:06:43 GMT Server nginx ETag "51fb76a3-be5" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 3045
GET H/1.1	200 OK	zdrave_dropdown_menu_bckgr_last.gif www.zdrave.bg/images/	169 B 422 B	61ms 41ms	Image image/gif	78.90.206.186 MEGALAN
General Check archive.org Show headers Download Go to Show image Full URL http://www.zdrave.bg/images/zdrave_dropdown_menu_bckgr_last.gif Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/css/zdrave_styles.css Protocol HTTP/1.1 Server 78.90.206.186 Sofia, Bulgaria, ASN35141 (MEGALAN, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash ff4c6510b024bdf4d4a38848129fe74137b0d2eb3acaee253854a51e385e2273 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.zdrave.bg Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.zdrave.bg/css/zdrave_styles.css Cookie PHPSESSID=59f238645f8c3b54daa06ac7bb9c9bfb Connection keep-alive Cache-Control no-cache Referer http://www.zdrave.bg/css/zdrave_styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 24 May 2021 11:01:34 GMT Last-Modified Fri, 02 Aug 2013 09:06:42 GMT Server nginx ETag "51fb76a2-a9" Content-Type image/gif Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 169
GET H/1.1	200 OK	zdrave_dropdown_menu_bckgr_circle.gif www.zdrave.bg/images/	49 B 301 B	101ms 41ms	Image image/gif	78.90.206.186 MEGALAN
General Check archive.org Show headers Download Go to Show image Full URL http://www.zdrave.bg/images/zdrave_dropdown_menu_bckgr_circle.gif Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/css/zdrave_styles.css Protocol HTTP/1.1 Server 78.90.206.186 Sofia, Bulgaria, ASN35141 (MEGALAN, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash e33d9e3eb211444580014e5a7ee28f61f8ad40ada8a191246ee2988cf9567285 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.zdrave.bg Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.zdrave.bg/css/zdrave_styles.css Cookie PHPSESSID=59f238645f8c3b54daa06ac7bb9c9bfb Connection keep-alive Cache-Control no-cache Referer http://www.zdrave.bg/css/zdrave_styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 24 May 2021 11:01:34 GMT Last-Modified Fri, 02 Aug 2013 09:06:43 GMT Server nginx ETag "51fb76a3-31" Content-Type image/gif Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 49
GET H/1.1	200 OK	zdr_left_menu_plus.gif www.zdrave.bg/images/	4 KB 4 KB	59ms 40ms	Image image/gif	78.90.206.186 MEGALAN
General Check archive.org Show headers Download Go to Show image Full URL http://www.zdrave.bg/images/zdr_left_menu_plus.gif Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/css/zdrave_styles.css Protocol HTTP/1.1 Server 78.90.206.186 Sofia, Bulgaria, ASN35141 (MEGALAN, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash 866adec983f3c77bb4f6584cbffc36290ba9e0252b7ea388240e5e58fd8e6876 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.zdrave.bg Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.zdrave.bg/css/zdrave_styles.css Cookie PHPSESSID=59f238645f8c3b54daa06ac7bb9c9bfb Connection keep-alive Cache-Control no-cache Referer http://www.zdrave.bg/css/zdrave_styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 24 May 2021 11:01:34 GMT Last-Modified Fri, 02 Aug 2013 09:06:43 GMT Server nginx ETag "51fb76a3-f34" Content-Type image/gif Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 3892
GET H/1.1	200 OK	zdr_center_top_header.gif www.zdrave.bg/images/	3 KB 3 KB	88ms 40ms	Image image/gif	78.90.206.186 MEGALAN
General Check archive.org Show headers Download Go to Show image Full URL http://www.zdrave.bg/images/zdr_center_top_header.gif Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/css/zdrave_styles.css Protocol HTTP/1.1 Server 78.90.206.186 Sofia, Bulgaria, ASN35141 (MEGALAN, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash 4f3a3090e0884756fa93224898619ab10c0bf0e216421914dc787287a76cedbc Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.zdrave.bg Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.zdrave.bg/css/zdrave_styles.css Cookie PHPSESSID=59f238645f8c3b54daa06ac7bb9c9bfb Connection keep-alive Cache-Control no-cache Referer http://www.zdrave.bg/css/zdrave_styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 24 May 2021 11:01:34 GMT Last-Modified Fri, 02 Aug 2013 09:06:43 GMT Server nginx ETag "51fb76a3-a4c" Content-Type image/gif Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 2636
GET H2	200	pubads_impl_2021051901.js Show response securepubads.g.doubleclick.net/gpt/	310 KB 109 KB	112ms 39ms	Script text/javascript	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051901.js?31061261 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software sffe / Resource Hash 6ac5dc61ad3c547afd1e7eb3594daecd75ab2eda5e53a15c5fb52bb2c60ddd13 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 24 May 2021 11:01:34 GMT content-encoding gzip x-content-type-options nosniff last-modified Wed, 19 May 2021 08:40:12 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control private, immutable, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 111403 x-xss-protection 0 expires Mon, 24 May 2021 11:01:34 GMT
GET H/1.1	200 OK	zdr_bullet_romb.gif www.zdrave.bg/images/	134 B 359 B	131ms 41ms	Image image/gif	78.90.206.186 MEGALAN
General Check archive.org Show headers Download Go to Show image Full URL http://www.zdrave.bg/images/zdr_bullet_romb.gif Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol HTTP/1.1 Server 78.90.206.186 Sofia, Bulgaria, ASN35141 (MEGALAN, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash 796c84eac5bb533e3ed7bf97fb67fa1d1ab6b6115f81a82c9d1994ea415f7a44 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.zdrave.bg Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.zdrave.bg/ Cookie PHPSESSID=59f238645f8c3b54daa06ac7bb9c9bfb Connection keep-alive Cache-Control no-cache Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 24 May 2021 11:01:34 GMT Last-Modified Fri, 02 Aug 2013 09:06:43 GMT Server nginx ETag "51fb76a3-86" Content-Type image/gif Connection close Accept-Ranges bytes Content-Length 134
GET H/1.1	200 OK	zdr_center_header_faq.gif www.zdrave.bg/images/	3 KB 3 KB	80ms 40ms	Image image/gif	78.90.206.186 MEGALAN
General Check archive.org Show headers Download Go to Show image Full URL http://www.zdrave.bg/images/zdr_center_header_faq.gif Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol HTTP/1.1 Server 78.90.206.186 Sofia, Bulgaria, ASN35141 (MEGALAN, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash 4d6f39ef46419482e924286a45ce79748ed22edb7de4bafa7575597214ef373b Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.zdrave.bg Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.zdrave.bg/ Cookie PHPSESSID=59f238645f8c3b54daa06ac7bb9c9bfb Connection keep-alive Cache-Control no-cache Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 24 May 2021 11:01:34 GMT Last-Modified Fri, 02 Aug 2013 09:06:43 GMT Server nginx ETag "51fb76a3-c4c" Content-Type image/gif Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 3148
GET H/1.1	200 OK	zdrave_advice_header.gif www.zdrave.bg/images/	1 KB 1 KB	184ms 66ms	Image image/gif	78.90.206.186 MEGALAN
General Check archive.org Show headers Download Go to Show image Full URL http://www.zdrave.bg/images/zdrave_advice_header.gif Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/css/zdrave_styles.css Protocol HTTP/1.1 Server 78.90.206.186 Sofia, Bulgaria, ASN35141 (MEGALAN, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash 9ba6247d89411f5e450c2348f4605a57f12122b29cf102671929c26c905e66b1 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.zdrave.bg Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.zdrave.bg/css/zdrave_styles.css Cookie PHPSESSID=59f238645f8c3b54daa06ac7bb9c9bfb Connection keep-alive Cache-Control no-cache Referer http://www.zdrave.bg/css/zdrave_styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 24 May 2021 11:01:34 GMT Last-Modified Fri, 02 Aug 2013 09:06:43 GMT Server nginx ETag "51fb76a3-43e" Content-Type image/gif Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 1086
GET H/1.1	200 OK	zdrave_topic_accent_header.gif www.zdrave.bg/images/	2 KB 2 KB	103ms 41ms	Image image/gif	78.90.206.186 MEGALAN
General Check archive.org Show headers Download Go to Show image Full URL http://www.zdrave.bg/images/zdrave_topic_accent_header.gif Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/css/zdrave_styles.css Protocol HTTP/1.1 Server 78.90.206.186 Sofia, Bulgaria, ASN35141 (MEGALAN, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash 350d86c0140550202426b067ebeb07ccdab9974634cd9679316cd8e72dcbfd7e Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.zdrave.bg Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.zdrave.bg/css/zdrave_styles.css Cookie PHPSESSID=59f238645f8c3b54daa06ac7bb9c9bfb Connection keep-alive Cache-Control no-cache Referer http://www.zdrave.bg/css/zdrave_styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 24 May 2021 11:01:34 GMT Last-Modified Fri, 02 Aug 2013 09:06:42 GMT Server nginx ETag "51fb76a2-7e7" Content-Type image/gif Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 2023
GET H/1.1	200 OK	bullet_yellow_green_bg.gif www.zdrave.bg/images/	131 B 384 B	147ms 43ms	Image image/gif	78.90.206.186 MEGALAN
General Check archive.org Show headers Download Go to Show image Full URL http://www.zdrave.bg/images/bullet_yellow_green_bg.gif Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/css/zdrave_styles.css Protocol HTTP/1.1 Server 78.90.206.186 Sofia, Bulgaria, ASN35141 (MEGALAN, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash 1de6e720901fe5ca658c1323b895ef2d0a14508e1403cbfc1b18d938c610d452 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.zdrave.bg Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.zdrave.bg/css/zdrave_styles.css Cookie PHPSESSID=59f238645f8c3b54daa06ac7bb9c9bfb Connection keep-alive Cache-Control no-cache Referer http://www.zdrave.bg/css/zdrave_styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 24 May 2021 11:01:34 GMT Last-Modified Fri, 02 Aug 2013 09:06:43 GMT Server nginx ETag "51fb76a3-83" Content-Type image/gif Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 131
GET H3-29	200	all.js Show response connect.facebook.net/en_US/	216 KB 64 KB	14ms 7ms	Script application/x-javascript	2a03:2880:f02d:12:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/all.js?hash=deaa5add8447b487281a061aebe01551&ua=modern_es6 Requested by Host: connect.facebook.net URL: http://connect.facebook.net/en_US/all.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 395038fcb61d6a8e7e30b6fa41998c9fb3e1966fc351fac3179b2c76ea50e712 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Origin http://www.zdrave.bg Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff content-md5 AEO2en1PruijNJam2f2S9Q== cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 65260 x-fb-rlafr 0 x-fb-debug jG/kngyjAr/3qn+gWWYu8jc7435SIWdrLqmejGI0YS4kmyIgp2EwK6YFOGkaCL3nIGCQnQbOGCmrIHk684EjPg== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" x-fb-content-md5 ef4626b1367a8b88128506b7607aafe1 cross-origin-opener-policy same-origin-allow-popups x-frame-options DENY date Mon, 24 May 2021 11:01:34 GMT vary Accept-Encoding report-to {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]} content-type application/x-javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=31536000,stale-while-revalidate=3600,immutable etag "4a9e291bf4e726e979514d40bd311a5f" timing-allow-origin * priority u=3,i expires Tue, 24 May 2022 10:45:18 GMT
GET H/1.1	200 OK	adl-d9566a3e.js Show response tas-bg.toboads.com/js/	367 B 759 B	50ms 50ms	Script text/javascript	91.209.18.100 HTTPOOL-NET-AS
General Check archive.org Show headers Download Go to Full URL http://tas-bg.toboads.com/js/adl-d9566a3e.js?b=1&rq=867eee0c-5657-f1b7-235e-900baf749b75&vt=0349963d-4423-4d7b-8799-ec4af31ad846&isf=false&zn=533338dda&tm=0&af=300x250&fv=undefined&nw=0&co=1&vh=1200&vw=1600&asc=0&srf=http%3A%2F%2Fwww.zdrave.bg%2F&loc=eq-srf&rn=13bf21b6-ee1c-f54b-1a2d-db0f785ed264&ct=320233a1-aa63-5f82-988e-8533ad99d205&c=hA_c_0_1158fe7c&ah=0& Requested by Host: URL: webpack:///../javascript/src/WindowManager.js? Protocol HTTP/1.1 Server 91.209.18.100 , Slovenia, ASN8558 (HTTPOOL-NET-AS, SI), Reverse DNS tas.toboads.com Software nginx / PHP/7.1.13 Resource Hash 7f70c2b102a8ecb57dfd926d500bb2520a121626c3c95223693616a3c44a3b1a Request headers Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers Pragma no-cache Date Mon, 24 May 2021 11:01:34 GMT Last-Modified Mon, 24 May 2021 11:01:34 GMT Server nginx X-Powered-By PHP/7.1.13 Transfer-Encoding chunked P3P policyref="/w3c/p3p.xml", CP="httpool" Cache-Control private, max-age: 0 Connection keep-alive Content-Type text/javascript; charset=utf-8 Expires Mon, 24 May 2021 10:01:34 GMT
GET H2	200	integrator.js Show response adservice.google.de/adsid/	107 B 799 B	37ms 16ms	Script application/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=www.zdrave.bg Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051901.js?31061261 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Mon, 24 May 2021 11:01:34 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 553 B	37ms 16ms	Script application/javascript	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.zdrave.bg Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051901.js?31061261 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Mon, 24 May 2021 11:01:34 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3-29	200	ads Show response securepubads.g.doubleclick.net/gampad/	161 KB 47 KB	658ms 618ms	XHR text/plain	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2356426311948798&correlator=3243174720164507&output=ldjh&impl=fifs&eid=31061261%2C31060997%2C31060840&vrg=2021051901&ptt=17&sc=0&sfv=1-0-38&ecs=20210524&iu_parts=26641721%2Czdrave.bg_160x600%2Czdrave.bg_300x250%2Czdrave.bg_branding_megaboard&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=160x600%2C300x600%7C300x250%2C1x1%7C728x90%7C980x200&cookie_enabled=1&bc=23&abxe=1&lmt=1621854094&dt=1621854094312&dlt=1621854093883&idt=399&frm=20&biw=1600&bih=1200&oid=3&adxs=310%2C990%2C562&adys=811%2C283%2C37&adks=210898386%2C3271815912%2C192288229&ucis=1%7C2%7C3&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.zdrave.bg%2F&vis=1&scr_x=0&scr_y=0&psz=160x600%7C300x0%7C728x90&msz=160x-1%7C300x0%7C728x0&ga_vid=341891908.1621854094&ga_sid=1621854094&ga_hid=1777696023&ga_fc=false&fws=0%2C0%2C0&ohw=0%2C0%2C0&btvi=0%7C0%7C0 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051901.js?31061261 Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash dfba29a4c3f1d0929fc9ec238a5bf7cddde8241c0cb8b79052f78230287b0525 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 24 May 2021 11:01:34 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 48583 x-xss-protection 0 google-lineitem-id -1,-1,-1 pragma no-cache server cafe google-creative-id -1,-1,-1 content-type text/plain; charset=UTF-8 access-control-allow-origin http://www.zdrave.bg cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/safeframe/1-0-38/html/	0 0	63ms 13ms	Other text/html	2a00:1450:4001:801::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051901.js?31061261 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H2	200	container.html tpc.googlesyndication.com/safeframe/1-0-38/html/	0 0	28ms 6ms	Other text/html	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051901.js?31061261 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H2	200	likebox.php Show response www.facebook.com/plugins/ Frame B59B Redirect Chain http://www.facebook.com/plugins/likebox.php?id=194681971570&width=300&connections=10&stream=false&header=false&height=255 https://www.facebook.com/plugins/likebox.php?id=194681971570&width=300&connections=10&stream=false&header=false&height=255	15 KB 7 KB	67ms 52ms	Document text/html	2a03:2880:f12d:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/plugins/likebox.php?id=194681971570&width=300&connections=10&stream=false&header=false&height=255 Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash ba07339914d5ba49e1e86f8e7e9749f1f7089a1cea2ee14ac49b806bfb16144e Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority www.facebook.com :scheme https :path /plugins/likebox.php?id=194681971570&width=300&connections=10&stream=false&header=false&height=255 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer http://www.zdrave.bg/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer http://www.zdrave.bg/ Response headers cache-control private, no-cache, no-store, must-revalidate content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; cross-origin-opener-policy-report-only same-origin-allow-popups;report-to="coop_report" x-xss-protection 0 content-encoding br x-content-type-options nosniff report-to {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true} strict-transport-security max-age=15552000; preload expires Sat, 01 Jan 2000 00:00:00 GMT vary Accept-Encoding pragma no-cache x-fb-rlafr 0 content-type text/html; charset="utf-8" x-fb-debug KRK4iXjPGtQSwbixNAzih+NbqiKxg2x0eJ+3A9jpiR/q7/f9SvDRhFTtn/5RGeKkKPF/FIaYk4ZR86fseviw7w== date Mon, 24 May 2021 11:01:34 GMT alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 Redirect headers Location https://www.facebook.com/plugins/likebox.php?id=194681971570&width=300&connections=10&stream=false&header=false&height=255 Non-Authoritative-Reason HSTS
GET H2	200	ga.js Show response www.google-analytics.com/ Redirect Chain http://www.google-analytics.com/ga.js https://www.google-analytics.com/ga.js	45 KB 17 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:80e::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/ga.js Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Fri, 09 Apr 2021 23:59:54 GMT server Golfe2 age 426 date Mon, 24 May 2021 10:54:28 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 17168 expires Mon, 24 May 2021 12:54:28 GMT Redirect headers Location https://www.google-analytics.com/ga.js Non-Authoritative-Reason HSTS
GET H/1.1	200 OK	xgemius.js Show response gabg.hit.gemius.pl/	39 KB 11 KB	74ms 50ms	Script application/x-javascript	78.128.6.44 TELEPOINT
General Check archive.org Show headers Download Go to Full URL http://gabg.hit.gemius.pl/xgemius.js Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol HTTP/1.1 Server 78.128.6.44 , Bulgaria, ASN31083 (TELEPOINT, BG), Reverse DNS ip-6-44.telehouse.bg Software GHC / Resource Hash c228c36d795775c0690fa80b92d1ef651cb623772b3727ddb05cd5cd72aed1ef Request headers Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 24 May 2021 11:01:34 GMT Content-Encoding gzip Last-Modified Thu, 20 May 2021 12:09:44 GMT Server GHC Vary Accept-Encoding,Origin P3P CP="NOI DSP COR NID PSAo OUR IND" Cache-Control max-age=43200 Cross-Origin-Resource-Policy cross-origin Connection keep-alive Accept-Ranges none Content-Type application/x-javascript Keep-Alive timeout=10 Content-Length 10552 Expires Mon, 24 May 2021 23:01:34 GMT
GET H/1.1	200 OK	/ Show response bg.search.etargetnet.com/a/	574 B 1 KB	83ms 41ms	Script application/javascript	195.168.10.173 AS-BENESTRA Brati...
General Check archive.org Show headers Download Go to Full URL http://bg.search.etargetnet.com/a/?ref=69700 Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol HTTP/1.1 Server 195.168.10.173 Bratislava, Slovakia, ASN5578 (AS-BENESTRA Bratislava, Slovak Republic, SK), Reverse DNS a45.etarget.sh.cust.gts.sk Software nginx / Resource Hash b1a6d5f4ffb9218e749c18808d39035c35fd82bae68544aa27bf7ac9c1dba6a8 Request headers Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma cache Date Mon, 24 May 2021 11:01:34 GMT Content-Encoding gzip Server nginx Vary Accept-Encoding P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM", policyref="/w3c/p3p.xml" Y-Protected-By Bulbasaur/mblade01-01-c Cache-Control max-age=7200 Transfer-Encoding chunked Connection keep-alive X-Protected-By Bee/0.43 Content-Type application/javascript; charset=windows-1250 Expires Mon, 24 May 2021 13:01:34 GMT
GET H/1.1	200 OK	zdr_right_top_header.gif www.zdrave.bg/images/	2 KB 2 KB	39ms 39ms	Image image/gif	78.90.206.186 MEGALAN
General Check archive.org Show headers Download Go to Show image Full URL http://www.zdrave.bg/images/zdr_right_top_header.gif Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/css/zdrave_styles.css Protocol HTTP/1.1 Server 78.90.206.186 Sofia, Bulgaria, ASN35141 (MEGALAN, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash 9cc2a05d65d6805b9ea06989155a430932bf4d994915a617ecaeab4dd2dc5bdf Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.zdrave.bg Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.zdrave.bg/css/zdrave_styles.css Cookie PHPSESSID=59f238645f8c3b54daa06ac7bb9c9bfb; etargetTimedXbg69700=1 Connection keep-alive Cache-Control no-cache Referer http://www.zdrave.bg/css/zdrave_styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 24 May 2021 11:01:34 GMT Last-Modified Fri, 02 Aug 2013 09:06:44 GMT Server nginx ETag "51fb76a4-7de" Content-Type image/gif Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 2014
GET H/1.1	200 OK	zdr_right_quiz_header.gif www.zdrave.bg/images/	2 KB 2 KB	42ms 41ms	Image image/gif	78.90.206.186 MEGALAN
General Check archive.org Show headers Download Go to Show image Full URL http://www.zdrave.bg/images/zdr_right_quiz_header.gif Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/css/zdrave_styles.css Protocol HTTP/1.1 Server 78.90.206.186 Sofia, Bulgaria, ASN35141 (MEGALAN, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash 45f03badef9166a1e3a0a32d90c2142aa3426de23b7729770328ce8d0853f0bc Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.zdrave.bg Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.zdrave.bg/css/zdrave_styles.css Cookie PHPSESSID=59f238645f8c3b54daa06ac7bb9c9bfb; etargetTimedXbg69700=1 Connection keep-alive Cache-Control no-cache Referer http://www.zdrave.bg/css/zdrave_styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 24 May 2021 11:01:34 GMT Last-Modified Fri, 02 Aug 2013 09:06:42 GMT Server nginx ETag "51fb76a2-67a" Content-Type image/gif Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 1658
GET H/1.1	200 OK	bullet_orange.gif www.zdrave.bg/images/	53 B 305 B	42ms 41ms	Image image/gif	78.90.206.186 MEGALAN
General Check archive.org Show headers Download Go to Show image Full URL http://www.zdrave.bg/images/bullet_orange.gif Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/css/zdrave_styles.css Protocol HTTP/1.1 Server 78.90.206.186 Sofia, Bulgaria, ASN35141 (MEGALAN, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash 94e3d2444192a16a5440e24074941287108059b70bef2202a2bdcfd882f5a75b Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.zdrave.bg Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.zdrave.bg/css/zdrave_styles.css Cookie PHPSESSID=59f238645f8c3b54daa06ac7bb9c9bfb; etargetTimedXbg69700=1 Connection keep-alive Cache-Control no-cache Referer http://www.zdrave.bg/css/zdrave_styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 24 May 2021 11:01:34 GMT Last-Modified Fri, 02 Aug 2013 09:06:43 GMT Server nginx ETag "51fb76a3-35" Content-Type image/gif Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 53
GET H/1.1	200 OK	adl-d9566a3e.js Show response tas-bg.toboads.com/js/	235 B 626 B	39ms 39ms	Script text/javascript	91.209.18.100 HTTPOOL-NET-AS
General Check archive.org Show headers Download Go to Full URL http://tas-bg.toboads.com/js/adl-d9566a3e.js?b=2&rq=867eee0c-5657-f1b7-235e-900baf749b75&vt=0349963d-4423-4d7b-8799-ec4af31ad846&isf=false&zn=e45aec764&tm=0&af=0x0&fv=undefined&nw=0&co=1&vh=1200&vw=1600&asc=0&srf=http%3A%2F%2Fwww.zdrave.bg%2F&loc=eq-srf&rn=d675995d-b918-8eba-4ef1-93f7fb03111e&ct=aeedc140-50fa-c8f0-c362-6283ff3a5d97&c=hA_c_1_bc7246f8&ah=0& Requested by Host: URL: webpack:///../javascript/src/WindowManager.js? Protocol HTTP/1.1 Server 91.209.18.100 , Slovenia, ASN8558 (HTTPOOL-NET-AS, SI), Reverse DNS tas.toboads.com Software nginx / PHP/7.1.13 Resource Hash 2b4c6f1dad86c4064022d61d5fc4f916189c2be8419a9d331db0c517dd82d29c Request headers Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers Pragma no-cache Date Mon, 24 May 2021 11:01:34 GMT Last-Modified Mon, 24 May 2021 11:01:34 GMT Server nginx X-Powered-By PHP/7.1.13 Transfer-Encoding chunked P3P policyref="/w3c/p3p.xml", CP="httpool" Cache-Control private, max-age: 0 Connection keep-alive Content-Type text/javascript; charset=utf-8 Expires Mon, 24 May 2021 10:01:34 GMT
GET H3-29	200	__utm.gif www.google-analytics.com/r/ Redirect Chain http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1155415227&utmhn=www.zdrave.bg&utmcs=windows-1251&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=... https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1155415227&utmhn=www.zdrave.bg&utmcs=windows-1251&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt...	35 B 54 B	29ms 14ms	Image image/gif	2a00:1450:4001:80e::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1155415227&utmhn=www.zdrave.bg&utmcs=windows-1251&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%B7%D0%B0%20%D0%B7%D0%B4%D1%80%D0%B0%D0%B2%D0%B5%D1%82%D0%BE%20%D0%BD%D0%B0%20%D0%B2%D1%81%D0%B5%D0%BA%D0%B8%2C%20%D0%B2%D1%81%D0%B5%D0%BA%D0%B8%20%D0%B4%D0%B5%D0%BD%20%7C%20%D0%B7%D0%B4%D1%80%D0%B0%D0%B2%D0%B5.bg&utmhid=1777696023&utmr=-&utmp=%2F&utmht=1621854094390&utmac=UA-324471-1&utmcc=__utma%3D2577403.341891908.1621854094.1621854094.1621854094.1%3B%2B__utmz%3D2577403.1621854094.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1007574412&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAQAAAAE~ Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 24 May 2021 11:01:34 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1155415227&utmhn=www.zdrave.bg&utmcs=windows-1251&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%B7%D0%B0%20%D0%B7%D0%B4%D1%80%D0%B0%D0%B2%D0%B5%D1%82%D0%BE%20%D0%BD%D0%B0%20%D0%B2%D1%81%D0%B5%D0%BA%D0%B8%2C%20%D0%B2%D1%81%D0%B5%D0%BA%D0%B8%20%D0%B4%D0%B5%D0%BD%20%7C%20%D0%B7%D0%B4%D1%80%D0%B0%D0%B2%D0%B5.bg&utmhid=1777696023&utmr=-&utmp=%2F&utmht=1621854094390&utmac=UA-324471-1&utmcc=__utma%3D2577403.341891908.1621854094.1621854094.1621854094.1%3B%2B__utmz%3D2577403.1621854094.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1007574412&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAQAAAAE~ Non-Authoritative-Reason HSTS
GET H/1.1	200 OK	loadingAnimation.gif www.zdrave.bg/	6 KB 6 KB	43ms 43ms	Image image/gif	78.90.206.186 MEGALAN
General Check archive.org Show headers Download Go to Show image Full URL http://www.zdrave.bg/loadingAnimation.gif Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol HTTP/1.1 Server 78.90.206.186 Sofia, Bulgaria, ASN35141 (MEGALAN, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash e69abd7e0cc82f336e61fea889e406ecbbeb7ece1df960231b7a9ba0d1dd1676 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.zdrave.bg Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.zdrave.bg/ Cookie PHPSESSID=59f238645f8c3b54daa06ac7bb9c9bfb; etargetTimedXbg69700=1; __utmc=2577403; __utmz=2577403.1621854094.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utma=2577403.341891908.1621854094.1621854094.1621854094.1; __utmb=2577403.1.10.1621854094 Connection keep-alive Cache-Control no-cache Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 24 May 2021 11:01:34 GMT Last-Modified Fri, 02 Aug 2013 09:06:39 GMT Server nginx ETag "51fb769f-16fe" Content-Type image/gif Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 5886
GET H2	200	runtime.js Show response gdpr.sportal.bg/	1 KB 1 KB	60ms 57ms	Script application/javascript	85.14.4.130 EVOLINK-AS
General Check archive.org Show headers Download Go to Full URL https://gdpr.sportal.bg/runtime.js Requested by Host: gdpr.sportal.bg URL: https://gdpr.sportal.bg/sportal.gdpr.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 85.14.4.130 , Bulgaria, ASN8262 (EVOLINK-AS, BG), Reverse DNS sportal.bg Software nginx / Resource Hash 6b15ff8756e97e5bea28b6c68a88e362cc912702ac0e2a74b7f2fe0153fe95de Request headers Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 24 May 2021 11:01:34 GMT content-encoding gzip last-modified Thu, 22 Aug 2019 12:08:08 GMT server nginx etag W/"5d5e85a8-5de" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript access-control-allow-origin * access-control-expose-headers Content-Length,Content-Range access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
GET H2	200	dependencies.js Show response gdpr.sportal.bg/	345 KB 123 KB	69ms 68ms	Script application/javascript	85.14.4.130 EVOLINK-AS
General Check archive.org Show headers Download Go to Full URL https://gdpr.sportal.bg/dependencies.js Requested by Host: gdpr.sportal.bg URL: https://gdpr.sportal.bg/sportal.gdpr.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 85.14.4.130 , Bulgaria, ASN8262 (EVOLINK-AS, BG), Reverse DNS sportal.bg Software nginx / Resource Hash 529e7649235a7ada58f6f8e1ac45cc35a271ad3ca5f4e9499477d0039206b4e4 Request headers Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 24 May 2021 11:01:34 GMT content-encoding gzip last-modified Thu, 22 Aug 2019 12:08:08 GMT server nginx etag W/"5d5e85a8-5657d" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript access-control-allow-origin * access-control-expose-headers Content-Length,Content-Range access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
GET H2	200	app.js Show response gdpr.sportal.bg/	32 KB 9 KB	196ms 195ms	Script application/javascript	85.14.4.130 EVOLINK-AS
General Check archive.org Show headers Download Go to Full URL https://gdpr.sportal.bg/app.js Requested by Host: gdpr.sportal.bg URL: https://gdpr.sportal.bg/sportal.gdpr.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 85.14.4.130 , Bulgaria, ASN8262 (EVOLINK-AS, BG), Reverse DNS sportal.bg Software nginx / Resource Hash fe322532eb93c5b3c159a5f6456b53ebd4e8855e77964cccac8ae089e741f28a Request headers Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 24 May 2021 11:01:34 GMT content-encoding gzip last-modified Thu, 22 Aug 2019 12:08:08 GMT server nginx etag W/"5d5e85a8-7e7d" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript access-control-allow-origin * access-control-expose-headers Content-Length,Content-Range access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
GET H3-29	200	OKaFZw1LDFN.css www.facebook.com/rsrc.php/v3/yg/l/0,cross/ Frame B59B	26 KB 6 KB	14ms 7ms	Stylesheet text/css	2a03:2880:f12d:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/rsrc.php/v3/yg/l/0,cross/OKaFZw1LDFN.css?_nc_x=Ij3Wp8lg5Kz Requested by Host: www.facebook.com URL: https://www.facebook.com/plugins/likebox.php?id=194681971570&width=300&connections=10&stream=false&header=false&height=255 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 17764e99e1b1c1c6e65749a7b97b138557573de1a33cfe6449dbf6ca35b2eac2 Security Headers Name Value X-Content-Type-Options nosniff Request headers Origin https://www.facebook.com Referer https://www.facebook.com/plugins/likebox.php?id=194681971570&width=300&connections=10&stream=false&header=false&height=255 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 23 May 2021 18:58:47 GMT content-encoding br x-content-type-options nosniff content-md5 PQvfM7s9KWEkadVuTd/5BQ== cross-origin-resource-policy cross-origin content-length 6076 x-fb-rlafr 0 x-fb-debug PxzxjfMwUG1jAZxukZQK6HnfqNwFJ21eVgw5D2L2zqFBkjzMy+Sn8JXbiDabdkfXspWDaTDGdO/qQoC/QSlqrA== last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public,max-age=31536000,immutable timing-allow-origin * priority u=3,i expires Mon, 23 May 2022 18:58:47 GMT
GET H2	200	fpdata.js Show response gabg.hit.gemius.pl/_sslredir/ Redirect Chain http://gabg.hit.gemius.pl/fpdata.js?href=www.zdrave.bg https://gabg.hit.gemius.pl/_sslredir/fpdata.js?href=www.zdrave.bg	278 B 509 B	113ms 47ms	Script application/x-javascript	78.128.6.44 TELEPOINT
General Check archive.org Show headers Download Go to Full URL https://gabg.hit.gemius.pl/_sslredir/fpdata.js?href=www.zdrave.bg Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 78.128.6.44 , Bulgaria, ASN31083 (TELEPOINT, BG), Reverse DNS ip-6-44.telehouse.bg Software GHC / Resource Hash 8c3d83d0cd601f5cd6f405e13d69a0799ad7a4edadd2cd27fba762de877cc65f Request headers Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 24 May 2021 11:01:34 GMT last-modified Mon, 16 Jul 2012 10:03:40 GMT server GHC etag PRIVATE7520710249 p3p CP="NOI DSP COR NID PSAo OUR IND" cache-control private, max-age=2592000 cross-origin-resource-policy cross-origin accept-ranges none content-type application/x-javascript content-length 278 expires Wed, 23 Jun 2021 11:01:34 GMT Redirect headers Pragma no-cache Date Mon, 24 May 2021 11:01:34 GMT Server GHC P3P CP="NOI DSP COR NID PSAo OUR IND" Location https://gabg.hit.gemius.pl/_sslredir/fpdata.js?href=www.zdrave.bg Cache-Control no-store, no-cache, must-revalidate, max-age=0 Cross-Origin-Resource-Policy cross-origin Connection keep-alive Accept-Ranges none Keep-Alive timeout=10 Content-Length 0 Expires Sun, 23 May 2021 11:01:34 GMT
GET H2	204	ea24b8a97ba6cbd8 pixel.sitescout.com/iap/ Redirect Chain http://pixel.sitescout.com/iap/ea24b8a97ba6cbd8 https://pixel.sitescout.com/iap/ea24b8a97ba6cbd8	0 191 B	145ms 50ms	Image text/plain	66.155.71.25 COGECO-PEER1
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.sitescout.com/iap/ea24b8a97ba6cbd8 Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA), Reverse DNS Software AC1.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 24 May 2021 11:01:34 GMT cache-control max-age=0,no-cache,no-store server AC1.1 p3p CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml" expires Tue, 11 Oct 1977 12:34:56 GMT Redirect headers location https://pixel.sitescout.com/iap/ea24b8a97ba6cbd8 cache-control no-cache content-length 0
GET H/1.1	200 OK	bounce ib.adnxs.com/ Redirect Chain http://ib.adnxs.com/seg?add=9942225 https://ib.adnxs.com/sbounce?%2Fseg%3Fadd%3D9942225 https://ib.adnxs.com/bounce?%2Fsbounce%3F%252Fseg%253Fadd%253D9942225	43 B 1 KB	30ms 29ms	Image image/gif	37.252.172.37 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/bounce?%2Fsbounce%3F%252Fseg%253Fadd%253D9942225 Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.17.9 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Mon, 24 May 2021 11:01:34 GMT X-Proxy-Origin 91.132.139.60; 91.132.139.60; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.39:80 AN-X-Request-Uuid 1c8b79e0-8df9-4305-8347-d37930f8450d Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type image/gif Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers Pragma no-cache Date Mon, 24 May 2021 11:01:34 GMT X-Proxy-Origin 91.132.139.60; 91.132.139.60; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.14:80 AN-X-Request-Uuid 2ed21092-b3db-4080-9d9a-545c57d441f2 Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://ib.adnxs.com/bounce?%2Fsbounce%3F%252Fseg%253Fadd%253D9942225 Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	204	1dedaf03ba2c1838 pixel.sitescout.com/iap/ Redirect Chain http://pixel.sitescout.com/iap/1dedaf03ba2c1838 https://pixel.sitescout.com/iap/1dedaf03ba2c1838	0 191 B	145ms 50ms	Image text/plain	66.155.71.25 COGECO-PEER1
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.sitescout.com/iap/1dedaf03ba2c1838 Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA), Reverse DNS Software AC1.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 24 May 2021 11:01:34 GMT cache-control max-age=0,no-cache,no-store server AC1.1 p3p CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml" expires Tue, 11 Oct 1977 12:34:56 GMT Redirect headers location https://pixel.sitescout.com/iap/1dedaf03ba2c1838 cache-control no-cache content-length 0
GET H/1.1	200 OK	bounce ib.adnxs.com/ Redirect Chain http://ib.adnxs.com/seg?add=9922745 https://ib.adnxs.com/sbounce?%2Fseg%3Fadd%3D9922745 https://ib.adnxs.com/bounce?%2Fsbounce%3F%252Fseg%253Fadd%253D9922745	43 B 1 KB	37ms 37ms	Image image/gif	37.252.172.37 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/bounce?%2Fsbounce%3F%252Fseg%253Fadd%253D9922745 Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.17.9 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Mon, 24 May 2021 11:01:34 GMT X-Proxy-Origin 91.132.139.60; 91.132.139.60; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.16:80 AN-X-Request-Uuid fbd8946f-0cd0-4eab-8550-30d38ee4ed72 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type image/gif Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers Pragma no-cache Date Mon, 24 May 2021 11:01:34 GMT X-Proxy-Origin 91.132.139.60; 91.132.139.60; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.232:80 AN-X-Request-Uuid b36e72b4-3b59-4ade-8d93-d89f7dd9700b Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://ib.adnxs.com/bounce?%2Fsbounce%3F%252Fseg%253Fadd%253D9922745 Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	alt.php Show response tas-bg.toboads.com/ Frame 3CC0	5 KB 2 KB	30ms 30ms	Document text/html	91.209.18.100 HTTPOOL-NET-AS
General Check archive.org Show headers Download Go to Full URL http://tas-bg.toboads.com/alt.php?rq=867eee0c-5657-f1b7-235e-900baf749b75&vt=0349963d-4423-4d7b-8799-ec4af31ad846&brand=generic&af=300x250&clr_border=FFFFFF&clr_bg=FFFFFF&clr_title=4170a0&clr_link=fac588&clr_text=000000&nw=0&zn=533338dda& Requested by Host: URL: webpack:///../javascript/src/WindowManager.js? Protocol HTTP/1.1 Server 91.209.18.100 , Slovenia, ASN8558 (HTTPOOL-NET-AS, SI), Reverse DNS tas.toboads.com Software nginx / PHP/7.1.13 Resource Hash 6b1ef4fccff6168cf7ef61c86050808e9f1a905b89cbecec7428337e380c882f Request headers Host tas-bg.toboads.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer http://www.zdrave.bg/ Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer http://www.zdrave.bg/ Response headers Server nginx Content-Type text/html; charset=utf-8 Transfer-Encoding chunked Connection keep-alive X-Powered-By PHP/7.1.13 Cache-control private, max-age: 0 Date Mon, 24 May 2021 11:01:34 GMT Content-Encoding gzip
GET H2	200	rexdot.js Show response gabg.hit.gemius.pl/__/_sslredir/_1621854094573/ Redirect Chain http://gabg.hit.gemius.pl/_1621854094573/rexdot.js?l=100&id=ous70LtcMDg4hZBoeTML28UFPzHZvwdNi.i4cwExhdr.Y7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=http%3A%2F%2Fwww.zdrave... https://gabg.hit.gemius.pl/_sslredir/_1621854094573/rexdot.js?l=100&id=ous70LtcMDg4hZBoeTML28UFPzHZvwdNi.i4cwExhdr.Y7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=http%3A%2F%2... https://gabg.hit.gemius.pl/__/_sslredir/_1621854094573/rexdot.js?l=100&id=ous70LtcMDg4hZBoeTML28UFPzHZvwdNi.i4cwExhdr.Y7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=http%3A%2...	169 B 428 B	34ms 33ms	Script application/x-javascript	78.128.6.44 TELEPOINT
General Check archive.org Show headers Download Go to Full URL https://gabg.hit.gemius.pl/__/_sslredir/_1621854094573/rexdot.js?l=100&id=ous70LtcMDg4hZBoeTML28UFPzHZvwdNi.i4cwExhdr.Y7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=http%3A%2F%2Fwww.zdrave.bg%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=4yVxobavvFrM9JvqPoCRDqUFqYKvscbR7HCVNccjEIL.f7&vis=1 Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 78.128.6.44 , Bulgaria, ASN31083 (TELEPOINT, BG), Reverse DNS ip-6-44.telehouse.bg Software GHC / Resource Hash 8dd1fe8d30fb02873c9d731445283bc4da3773794a4552cbfc4130ea7247ddac Request headers Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 24 May 2021 11:01:34 GMT server GHC p3p CP="NOI DSP COR NID PSAo OUR IND" cache-control no-store, no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin accept-ranges none content-type application/x-javascript content-length 169 expires Sun, 23 May 2021 11:01:34 GMT Redirect headers pragma no-cache date Mon, 24 May 2021 11:01:34 GMT server GHC p3p CP="NOI DSP COR NID PSAo OUR IND" location /__/_sslredir/_1621854094573/rexdot.js?l=100&id=ous70LtcMDg4hZBoeTML28UFPzHZvwdNi.i4cwExhdr.Y7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=http%3A%2F%2Fwww.zdrave.bg%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=4yVxobavvFrM9JvqPoCRDqUFqYKvscbR7HCVNccjEIL.f7&vis=1 cache-control no-store, no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin accept-ranges none content-length 0 expires Sun, 23 May 2021 11:01:34 GMT
GET		purposes-bg.json vendorlist.consensu.org/	0 0
GET		vendorlist.json vendorlist.consensu.org/	0 0
GET H2	200	custom_purposes.json Show response gdpr.sportal.bg/	2 KB 1 KB	225ms 56ms	XHR application/json	85.14.4.130 EVOLINK-AS
General Check archive.org Show headers Download Go to Full URL https://gdpr.sportal.bg/custom_purposes.json Requested by Host: gdpr.sportal.bg URL: https://gdpr.sportal.bg/dependencies.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 85.14.4.130 , Bulgaria, ASN8262 (EVOLINK-AS, BG), Reverse DNS sportal.bg Software nginx / Resource Hash e9b220c805348a7838456a6b487e3b23fa3534437804888f46f504c221c2d006 Request headers Accept application/json, text/plain, */* Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 24 May 2021 11:01:34 GMT content-encoding gzip last-modified Wed, 05 Jun 2019 12:52:50 GMT server nginx etag W/"5cf7bb22-9f3" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/json access-control-allow-origin * access-control-expose-headers Content-Length,Content-Range access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
GET H3-29	200	container.html Show response c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C1FB	6 KB 3 KB	21ms 7ms	Document text/html	2a00:1450:4001:801::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051901.js?31061261 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com :scheme https :path /safeframe/1-0-38/html/container.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer http://www.zdrave.bg/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer http://www.zdrave.bg/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin timing-allow-origin * content-length 3108 date Mon, 24 May 2021 11:01:34 GMT expires Tue, 24 May 2022 11:01:34 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, immutable, max-age=31536000 age 1 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	container.html Show response c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 754E	6 KB 3 KB	18ms 8ms	Document text/html	2a00:1450:4001:801::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051901.js?31061261 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com :scheme https :path /safeframe/1-0-38/html/container.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer http://www.zdrave.bg/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer http://www.zdrave.bg/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin timing-allow-origin * content-length 3108 date Mon, 24 May 2021 11:01:34 GMT expires Tue, 24 May 2022 11:01:34 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, immutable, max-age=31536000 age 1 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	container.html Show response c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1ABC	6 KB 3 KB	14ms 9ms	Document text/html	2a00:1450:4001:801::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051901.js?31061261 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com :scheme https :path /safeframe/1-0-38/html/container.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer http://www.zdrave.bg/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer http://www.zdrave.bg/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin timing-allow-origin * content-length 3108 date Mon, 24 May 2021 11:01:34 GMT expires Tue, 24 May 2022 11:01:34 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, immutable, max-age=31536000 age 1 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	osd.js Show response www.googletagservices.com/activeview/js/current/	73 KB 27 KB	28ms 14ms	Script text/javascript	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/osd.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051901.js?31061261 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4df2fd5c8b3681147087fa7506cef9c982c18edf99729a4412e41af2f98fe0b3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 24 May 2021 11:01:35 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1621597303326658" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 27994 x-xss-protection 0 expires Mon, 24 May 2021 11:01:35 GMT
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/	10 KB 8 KB	38ms 18ms	XHR application/json	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021051901&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051901.js?31061261 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 87b3455b79fa7eef9d0ddc98a436e6337844aa4640f37a3c1ae8d4aee2c846af Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Mon, 24 May 2021 11:01:35 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7599 x-xss-protection 0
GET H2	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame D5F9	624 B 559 B	37ms 17ms	Document text/html	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CPOW9wIQ7ubZ-gEYr5CSqgEwAQ&v=APEucNXcBe73f1eiKSM745zsnplS79kgR5dafDboZJPZgFOiJyKoeti2rdv8tY73xOZvyzRYTKl2MjfmjiY_-PWYSoClozsFUr55m2Kz3pufBSCoK5J4cf_mqevgOODy7QAbsTO2dPr1-zsAsnZj56IWG1OKDDmdH4YYiUYfhaS1m7dwyyvo-i-2ayEF3LRzfe-LyYlLC-aE9CJ9zCsgmqL2jIp0aAv6cw Requested by Host: c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com URL: https://c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /xbbe/pixel?d=CPOW9wIQ7ubZ-gEYr5CSqgEwAQ&v=APEucNXcBe73f1eiKSM745zsnplS79kgR5dafDboZJPZgFOiJyKoeti2rdv8tY73xOZvyzRYTKl2MjfmjiY_-PWYSoClozsFUr55m2Kz3pufBSCoK5J4cf_mqevgOODy7QAbsTO2dPr1-zsAsnZj56IWG1OKDDmdH4YYiUYfhaS1m7dwyyvo-i-2ayEF3LRzfe-LyYlLC-aE9CJ9zCsgmqL2jIp0aAv6cw pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US cookie test_cookie=CheckForPermission Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding gzip date Mon, 24 May 2021 11:01:35 GMT server cafe cache-control private content-length 276 x-xss-protection 0 set-cookie test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUkH884qYCgBL_tnHTTd57oQfVYmUXoUUzCj93XMqcM9lLP3FmbKavbgpGMa; expires=Sat, 18-Jun-2022 11:01:35 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Mon, 24 May 2021 11:01:35 GMT
GET H2	200	express_html_inpage_rendering_lib_200_271.js Show response s0.2mdn.net/879366/ Frame C1FB	111 KB 39 KB	29ms 6ms	Script text/javascript	2a00:1450:4001:801::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com Referer https://c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 23 May 2021 14:58:51 GMT content-encoding gzip x-content-type-options nosniff age 72164 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 39287 x-xss-protection 0 last-modified Wed, 14 Oct 2020 18:02:50 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * expires Mon, 24 May 2021 14:58:51 GMT
GET H2	200	omrhp_fy2019.js Show response pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/elements/html/ Frame C1FB	6 KB 3 KB	33ms 32ms	Script text/javascript	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/elements/html/omrhp_fy2019.js Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash 0dc4093b6b9286ebfc6c728ddd3a70812a726d79d6f41d60a506fd5b93c4929c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 24 May 2021 10:41:59 GMT content-encoding gzip x-content-type-options nosniff age 1176 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2661 x-xss-protection 0 server cafe etag 7752240862628680351 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 07 Jun 2021 10:41:59 GMT
GET H2	200	abg_lite_fy2019.js Show response pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/ Frame C1FB	17 KB 7 KB	32ms 32ms	Script text/javascript	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/abg_lite_fy2019.js Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash 3ac13025dc609fbe2671ff553cec81ea6e640efa3413d7c8944e461b718d1782 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 24 May 2021 10:55:04 GMT content-encoding gzip x-content-type-options nosniff age 391 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7009 x-xss-protection 0 server cafe etag 607056201285360291 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 07 Jun 2021 10:55:04 GMT
GET H3-29	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame C1FB	42 B 63 B	65ms 64ms	Image image/gif	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BwPo0jgbw_xr_SLdrYMqrFywDtbbofQ7gjJ2sp5Z341qDM51_IODm9z8ThbeLEUc8vyEr5Y50oOLBHPd5aDqw6Bf0iOa8pBSP11JQdO6tuqCL0fPU Requested by Host: c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com URL: https://c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 24 May 2021 11:01:35 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame C1FB	2 KB 1 KB	23ms 6ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/window_focus_fy2019.js Requested by Host: c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com URL: https://c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 24 May 2021 11:00:29 GMT content-encoding gzip x-content-type-options nosniff age 66 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1303 x-xss-protection 0 server cafe etag 14729628269804859526 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 07 Jun 2021 11:00:29 GMT
GET H3-29	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame C1FB	119 KB 36 KB	16ms 15ms	Script text/javascript	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com URL: https://c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0a4e15e0a382cdbfe1d63cbd77a59ce2f67660b54e926fbebc97fe0b7cebf869 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 24 May 2021 11:01:35 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1621597309435250" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37145 x-xss-protection 0 expires Mon, 24 May 2021 11:01:35 GMT
GET H3-29	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame C1FB	13 KB 6 KB	23ms 6ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/qs_click_protection_fy2019.js Requested by Host: c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com URL: https://c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 24 May 2021 10:56:53 GMT content-encoding gzip x-content-type-options nosniff age 282 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5621 x-xss-protection 0 server cafe etag 8169261014141303515 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 07 Jun 2021 10:56:53 GMT
GET H2	204	l www.google.com/ads/measurement/ Frame C1FB	0 0	14ms 13ms	Image text/html	2a00:1450:4001:80e::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaReRbbc9MlBcTZqe3-gd2MNYfn20CX5feFu_1RqD53bjElQOqC9NI0g5l4GuZvT_1qHeDRl Requested by Host: c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com URL: https://c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H2	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame B7EA	624 B 979 B	23ms 17ms	Document text/html	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CPOW9wIQ7ubZ-gEYvoiSqgEwAQ&v=APEucNXL3huH8tnjiW2Zvo93tHkNz6jxilCWZpw9Ouw397z2Ek6DkSTd4sbLv5QVWpm9u6wjQx9ZqzcBnGXeHZDqjf5pGTMEk_jaWGYKXVeolCwe4uZWDchEX9nTBZ6-eyqz7HeZgqtdqVYLvG0UtcjQ-2LiSZ0xVD9_JnyX1oCSCPW28IFSuupko9XE3xoanW0abCl8OP_cRmPPY1-v38ds8K1f4nf79Q Requested by Host: c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com URL: https://c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /xbbe/pixel?d=CPOW9wIQ7ubZ-gEYvoiSqgEwAQ&v=APEucNXL3huH8tnjiW2Zvo93tHkNz6jxilCWZpw9Ouw397z2Ek6DkSTd4sbLv5QVWpm9u6wjQx9ZqzcBnGXeHZDqjf5pGTMEk_jaWGYKXVeolCwe4uZWDchEX9nTBZ6-eyqz7HeZgqtdqVYLvG0UtcjQ-2LiSZ0xVD9_JnyX1oCSCPW28IFSuupko9XE3xoanW0abCl8OP_cRmPPY1-v38ds8K1f4nf79Q pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US cookie test_cookie=CheckForPermission Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding gzip date Mon, 24 May 2021 11:01:35 GMT server cafe cache-control private content-length 276 x-xss-protection 0 set-cookie test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUk8bKxD94G_CjDAXDMlg5wHa7mfNtwEbIogiLGOyPzrQiOf6JCmhz1_XSCC; expires=Sat, 18-Jun-2022 11:01:35 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Mon, 24 May 2021 11:01:35 GMT
GET H2	200	express_html_inpage_rendering_lib_200_271.js Show response s0.2mdn.net/879366/ Frame 1ABC	111 KB 38 KB	25ms 13ms	Script text/javascript	2a00:1450:4001:801::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com Referer https://c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 23 May 2021 14:58:51 GMT content-encoding gzip x-content-type-options nosniff age 72164 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 39287 x-xss-protection 0 last-modified Wed, 14 Oct 2020 18:02:50 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * expires Mon, 24 May 2021 14:58:51 GMT
GET H3-29	200	omrhp_fy2019.js Show response pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/elements/html/ Frame 1ABC	6 KB 3 KB	32ms 32ms	Script text/javascript	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/elements/html/omrhp_fy2019.js Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash 0dc4093b6b9286ebfc6c728ddd3a70812a726d79d6f41d60a506fd5b93c4929c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 24 May 2021 10:41:59 GMT content-encoding gzip x-content-type-options nosniff age 1176 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2661 x-xss-protection 0 server cafe etag 7752240862628680351 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 07 Jun 2021 10:41:59 GMT
GET H3-29	200	abg_lite_fy2019.js Show response pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/ Frame 1ABC	17 KB 7 KB	32ms 32ms	Script text/javascript	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/abg_lite_fy2019.js Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash 3ac13025dc609fbe2671ff553cec81ea6e640efa3413d7c8944e461b718d1782 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 24 May 2021 10:55:04 GMT content-encoding gzip x-content-type-options nosniff age 391 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7009 x-xss-protection 0 server cafe etag 607056201285360291 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 07 Jun 2021 10:55:04 GMT
GET H3-29	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 1ABC	42 B 63 B	88ms 88ms	Image image/gif	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Au0hgOp1sWBhYLgpdQ0SdbpoML86Igb6hNeMA4fHYAGL6IMa7cU4qRmR8WZe-Q5KJld3jTB4_KDS1H4by6Xc5ytVYACjgiqIvxFTxEXOYnGwMICw4 Requested by Host: c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com URL: https://c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 24 May 2021 11:01:35 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 1ABC	2 KB 1 KB	14ms 7ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/window_focus_fy2019.js Requested by Host: c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com URL: https://c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 24 May 2021 11:00:29 GMT content-encoding gzip x-content-type-options nosniff age 66 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1303 x-xss-protection 0 server cafe etag 14729628269804859526 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 07 Jun 2021 11:00:29 GMT
GET H3-29	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 1ABC	119 KB 36 KB	19ms 19ms	Script text/javascript	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com URL: https://c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0a4e15e0a382cdbfe1d63cbd77a59ce2f67660b54e926fbebc97fe0b7cebf869 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 24 May 2021 11:01:35 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1621597309435250" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37145 x-xss-protection 0 expires Mon, 24 May 2021 11:01:35 GMT
GET H3-29	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 1ABC	13 KB 6 KB	14ms 8ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/qs_click_protection_fy2019.js Requested by Host: c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com URL: https://c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 24 May 2021 10:56:53 GMT content-encoding gzip x-content-type-options nosniff age 282 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5621 x-xss-protection 0 server cafe etag 8169261014141303515 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 07 Jun 2021 10:56:53 GMT
GET H2	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame E154	624 B 558 B	17ms 16ms	Document text/html	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CPaA5gEQl4nqARjAi_psMAE&v=APEucNUbl2LK1atn_3nqmpK3zUwCDsenvc24zaUf9ErRb7ydzG8GAXggaTIaHNfSy1vHfzLf-OIYD1iFic3nta0CQK2Ti9zFC_SteHj4_OPXW9w2PTaW2MNKzNHTCtbeTIuMwzmi4T_d2tN-t-1Dp56DoxHjOZzswzalo4xRBJ3VZ0ZuMT74Q3ff9qzf47KFe0UoccvHmiFdCTSSK6MxSlx1xyxET6qXWg Requested by Host: c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com URL: https://c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /xbbe/pixel?d=CPaA5gEQl4nqARjAi_psMAE&v=APEucNUbl2LK1atn_3nqmpK3zUwCDsenvc24zaUf9ErRb7ydzG8GAXggaTIaHNfSy1vHfzLf-OIYD1iFic3nta0CQK2Ti9zFC_SteHj4_OPXW9w2PTaW2MNKzNHTCtbeTIuMwzmi4T_d2tN-t-1Dp56DoxHjOZzswzalo4xRBJ3VZ0ZuMT74Q3ff9qzf47KFe0UoccvHmiFdCTSSK6MxSlx1xyxET6qXWg pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US cookie test_cookie=CheckForPermission Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding gzip date Mon, 24 May 2021 11:01:35 GMT server cafe cache-control private content-length 276 x-xss-protection 0 set-cookie test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUnMM4-45AfYWY146WZLqr0qixf_4gJ1mnuYdJ1PhaPtaYQMINvhbgHhPNXr; expires=Sat, 18-Jun-2022 11:01:35 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Mon, 24 May 2021 11:01:35 GMT
GET H2	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame 754E	66 KB 25 KB	47ms 42ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DKoo1V1g4q5wnfAqv4p0ohaXBVJ3GjSkU3f7-2wgp1Hf46ykmPaivjzRL3Gb359uuetqRpDeCWg2nMJYptQsrzrTxZPnalDIgWcZbb7scUpl95CjXq67oYbCmbwYAuWvHQMCBMgmz63TsdhZHhPr9x3oYkYg&dbm_d=AKAmf-CvZ0QinVsU13gWNFrcsIPORouXYt6MZJcrXQARRQ9ObPnsywflOlN0vd2_h_ehAwdZDTvv8BtFJ0eeNuB9pR56YWU0CfPoAaosJHKqbMrDAX91pgYi_-RWRbTRcFJVOwHb-r3QOKdtMT54MfPv8vjkE8yS9nEAs1hTxyMfr5X6AtLkFJO6yJJoxz7sU7nA7zRyU6CTuaYWbWkyCqCre-apCSZn5ycxemjuNzxTXG-ccywl4FaApCpW6QahFYNJqYw-urL2WYSTMEpP-tQSEpO8DSplZqWbPA8XAE7EroSNf2Wl-uqFjLr3r18c2r-zXilBzKry_OSBm-oP6kv4yf4VwJh_we9oYd35KVSCkSZhS--2cPqVDb1iROXylIccqdwCVG4QTvQo_-x_zZ3pKPGh9QT3QFBrKr-W2dpequ4THPa8TL3dbD1dW7o17dLqeKsAkzu8xjHjQ7-AaS-gjUZJAyhYr7qvABCG-Clxv_exYpOC2N7NF3TIuhOqtnr9Vyuwm8jBXLRh1HIhi1KcwOspryThdK1zgA7OYWqt06zPcjGkQmDgXhZGXdv3X6d3jVFSdj1SMjdmKtdo2poZysz-VyUMv7uYRbzTo44kxxDV6c4807nW8Ap0K9EtEQrjFzv8S1PuaPuGita13t5Xcss4STYlIaUPqCx_yOx51iL1PF_naNl_Ni-LkHHVDDViLXbsFqd9pK4gDziTs4F5jiYv943gnjz5C6_0_NPv580I787AJ0sS_7gK3v6bsgoXeUb4fdJycN0kuvXU9EYh8yZmZhc8KG1EemNTahEyP-VMw7yRvs3j-B17JEH6cTke7j2m5_Aebxhco9i-2m1s_QEaEm7UEbmDX7AOXJvJ19VmROie9yPl9xhsTe8kNAfdbQlVRT7ZNm-ZD6-N3asm1-Lf5hjV9SKSXLdzdp6fUzC3oUscVX26KscMptK7nDgApFajb_eAC8GU_07LNLWc3G84zjidLR-UUW8PzRhjKyZSOlV_IKyvq6m-D-EwIIRECQRuZt82uBqvruSEpha06iDAsDoWpgw7i13peZiJ26WyBld839tHT70jL1yh8RkNzcl2cBaWetyFtmBcIcRToeoAhqQGeVqDlgbfdtxQA7RmVqg2PZrvesGnny9orL-7Pfoj2CXjJuo7M7WY7wdDzqRvVIKgUjdw0TRfsPjl-h9o8HrklC85PrqgAtNW4PRyn8LqPbUaY4eNKI-OLh1IO2kSrCcybEWIDCSKtEIG-6xod2DDEuR30QjWAqqzYJkh2tleu87UBBkSe4J8du_bY3CqaVtNr1zTVWZO0NLGB0rpLF6VrthD5aPHZru5_SJBxKdlf5Dqtkc_1a8CRdIZTJdUy3iiLmNA28xwuwrTA4fcPJ_ssM23tYcoKEYCnpmtQwLj7OQQt3XEJaXGAU64EapPapCWRMr3LJQgHQiyskoVPZQ-r1RRs-N-nhUoKdTkypVYtsy2YJwUG3hW-nnKCQTyVvAEBJRM33CnM2Lbzj_G_4dZJJbYe36EB33wnxKjeqOcVUF357fY32-4FpRxOyAMyoyB_6d34CmHzbqmveOWD-PpvDDBvtxCFW6D150LMia56t-xEw-DGJVx3vpGv-vIgFm_pll0Q_JzIMFcGLYg9ANL175PIkQMcvxCnpaUR7APY-eufzENTGk19y3slJDh8Cn2M56439aPT3Vz9jp__jD5ZhsKamieat55qqP_7BTvg-i-ErN2Gaqa-3KPvuLQMGzMpBfCJJwrVf2lJpUXDy8543--KqaDV80KyJrpkPnCZC4fyBfNzzzMKPD1QRdbiOIP-Chx9XM8LrgwSm7txgdbi3u7V5Nyj6-CWoP8zf5wopHuwbY5BIQ0vkePVB7OS_16o4_rkLvF3qRlfYDfrJe5vy8TUaJ97PRkC2YMTdv93H9VtG93HHSDGrKDCEPwjHv5sFUrjob7Fo7om6IOZwnuva5r931yE1vbq_NrNCW9NPTQb8ZuiStUzYevCKIdbMgTR8gyEi5hJggvVpzCs2WgwG39S4rPOHbnSmmJsgF5c8QOH3gStAlBxduf73LJmLzZSWV5vW_A5EnGs8ZqVYBynh84CWZc5P_XYhnJs9Ctql5yAWZ6N4idzW2n7zTZ8tyJYluc6MPONHweSj68lwXnFBQWVNU6jLWIDMEhBmArZRw8xCGJZySgTaBn-kNyvALFdlQHJByRxFzHC9oBMGcC_zw8qfItZN9rPHLFmAz6INKfayMVIDLlNSeCk7B_SPWl5s67bGBxLfY27AoA-uI3K57Yg9fkdcLsSCdQNdrqvzUi-Ny_SkBDqvHFpDSZJC4bpgDdIqmnQYHIihNAHUr5ETarwj3xj5T2DGIJJrQ0IDp-MDp_AwBpp0V-Lbkb8cfpa-v1k0pVcfKCXPS8_QpDJvNu0kpuUl2gf42AZ4fCQ5L5oRbNM40TLLPQ3jCalOmVIwt65GTIQ62Y4muwcOFBlE3rrz2TxmEC4KRdOYHSpH3wfz3n-if7a5EvpaXBnAo1coW07uLiWVIqj89igbQ0KykfbF1WsYSHZoE7UUjbh5KAMfSHd228oZAQEv7b7dqb9kb4EfsU5K__gHuXaiJfOPjI1aRLVne7JWGcAVX7M-Z4310noP9avu-wqs8_o6kUy0OiyNnc8DpLvnJ6Dpr5OERdid2i7ZyuIFoCoRo2hbdeyjSc43fdzZCNANfSNkCMII8bq3z3CKAQrLBnnsKlaTQRkNfD8uWFS_AT4NEqIRtJ6Pvm005VF1vmPTe2F_SJoBVvNSLDYWavhfjj85F7AQst6ISEtQpdrxtUa92SlBc1-6dfdPsmUsozMWtAv-LhiD32Et4iN6I6hnpANjCqzfovt_twoa7zbxkm0MMNQmvKnsqG9ALU0o31LgNIOJ-6cL8cP6Qm2LSqkm-FbaFmQAK1HfOvMU6r8a-ZeSKEZQkygZlk2oai6YS--3LC_Mj7yk8R4_pl8Edw4YX0d6ZOicTGyc-tRTY_Ydptt3icTpmIkvgIzoBgmOEgv3me9cVHssoCbDOMjitviMfuWXX855jB6LBEjGHjZHklK4J4ue2_U3McDqHEkFTaHN8aDIJfkg&cid=CAASPeRoCosFFhcuezdu8b8HoW2vMFPnGj_4xjh9I5MeUxrEgpXavlKCNq-5mZ_eyLd71aY7anVhq-IQFLPMP30&rfl=1%2Chttp%253A%252F%252Fwww.zdrave.bg%252F%240 Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f4a7c7ffe0ec53b3fb1322470b0b4d01f189cfe61d021b19bbe3798eec6e534d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 24 May 2021 11:01:35 GMT content-encoding br x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 25078 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 754E	42 B 63 B	92ms 88ms	Image image/gif	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AaU8BoKxTpHokdUxOFRgLLyIeT8_AljkNs1m3EhRT5Did0nZVnwqVO4M1rO3Kn2w_Wx-zZYu6KiylZqqrzIiI_LER5IOzKo-JyJj7RgHuAPZdrpGs Requested by Host: c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com URL: https://c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 24 May 2021 11:01:35 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 754E	2 KB 1 KB	15ms 13ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/window_focus_fy2019.js Requested by Host: c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com URL: https://c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 24 May 2021 11:00:29 GMT content-encoding gzip x-content-type-options nosniff age 66 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1303 x-xss-protection 0 server cafe etag 14729628269804859526 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 07 Jun 2021 11:00:29 GMT
GET H3-29	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 754E	119 KB 36 KB	18ms 16ms	Script text/javascript	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com URL: https://c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0a4e15e0a382cdbfe1d63cbd77a59ce2f67660b54e926fbebc97fe0b7cebf869 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 24 May 2021 11:01:35 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1621597309435250" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37145 x-xss-protection 0 expires Mon, 24 May 2021 11:01:35 GMT
GET H3-29	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 754E	13 KB 6 KB	11ms 9ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/qs_click_protection_fy2019.js Requested by Host: c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com URL: https://c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 24 May 2021 10:56:53 GMT content-encoding gzip x-content-type-options nosniff age 282 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5621 x-xss-protection 0 server cafe etag 8169261014141303515 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 07 Jun 2021 10:56:53 GMT
GET H3-29	204	l www.google.com/ads/measurement/ Frame 754E	0 0	18ms 16ms	Image text/html	2a00:1450:4001:80e::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaQex_PSS9njL_jHYvY1IVeSaoT0FZe163vtABid_ckO42rb7t3Y0rPI2RiWKovsB02i1WWp Requested by Host: c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com URL: https://c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H3-29	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 6 KB	14ms 14ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051901.js?31061261 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 24 May 2021 11:01:35 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1616005470650935" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6437 x-xss-protection 0 expires Mon, 24 May 2021 11:01:35 GMT
POST H2	200	view googleads4.g.doubleclick.net/pcs/ Frame C1FB	0 575 B	146ms 72ms	Ping image/gif	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstFRm5Jjcvynda0AN5LLHCKOvowQkNRXupxaDb370wvCkstfgv6HP3gsLjM8jiOwil66oHkr6dbz1h85snIm1LDWyTJRpO5UiZ9frG_h8Wp8Xe-cCDmBpuZ5Zdt4BNWkiSZ1LutaUjuQUKJN61sFcdmWa2wrmTtb67F6utPfRzfqihPIM_yjW7dBlnidY9em50ayfOqJGAWRbDbcimseQbeabZr9di6ONa8JfVV15UpCCeHcaWVoQ6pr_6iDiDS1NHuPR9vJ8FcSHoRl51OLMwia63Ir9XKNwgzXr2jOwceEpR4WjexYcjXI9pD_V1KNzxCTAFt85VdXb_AgaaCpA9l3XF0Mnx4Y0MLUFCmvYkf_b5ntVGvXYEl1VRm5d2PKm7YUFqgo8ZiyLO19fO8NFJg0BjyovhQwe4mPWWccx-XWKBI3krza1Z1PJIkx4xqU-zHsrPtl39iVLeW6tpoko48OkDrl6Io3ZhONKZf75bxW-lGyKECM6TNVDf6Q6g8T4P6VET3CEYiAD0NBn7zeHosWCw29JhF7TU3_8IsV9lxqgtcNshn_PSgzeqQ_IjD5uajg3xLskBHNMYbQribpOdxriDjjcEg6kk_C-YXLzpW9xEMiKH-J82L5QzGjiCZlx1S3GWfcLj6rCB-X4gZj31Ll9VPcGSf1uZ6FBZH-1vhYUEBMhJnYl-xdYi0Uj8KhSdhR1OdSmTXP-5vRFiveWscVxJPmihZ3M6Bh3QdQGlP73uIJlva0uzRGZTZy-cisxmcvSzFekazxRf4GLXDdyVS5_dJCYIeoMyTagedzGL2sfgtH7qyF6FMs-l9JhVDevYNlW8NCRx3jVTJQyinV4i-fuKySNu3viW3c8c5JwMUxFvSfjMvsO4HVP9Rr8bbNfXxGTcnrU_NWJgx-zUu0-3sE23eP9cyWRHtA30CWVJzNHETrSEYLUid9XD9t1jQzeqaUcTfDPGo4AcGpGoPzAI4Mb0Bg2zcEua_GQEnFPp29Zu9Y-QhMO4r7xvqqdEesS2_MEu2-x0XWoVK8BAcv1JVjMoYk8YmVICcvyXgCN9yOZX8dm-bdW4LygfoGIHd6KX5JjVLbBzoqmzSVCY0l_dkwSquLVo7qhjp76TQPvc_XWdwYkvQQKv63qwnNewqAK-2KPQOqx2ZuA&sai=AMfl-YRf88tzOwLEoWsZ3xu_dAoCRMbF3xYA_wtr2FlaldngJR9cmc3vFT_dcS-ooQStY-c6jWaCL2H4V_LOOPGS_nK_7pJ7KqeFNObFXzdD79TI_AJR1BTwK1AOgHwNFFhjV2pxyVWSrWu85N4vS7FVucZqXw4O4lVAalP2VO5VIe70q6SQlidiaZe012H6DnqLMpiwNjrfSOWhmKr9eAcqPjWu1uN64v7Bl_pooJBCaVUQnKZWYybxQyK9YEbqQ5XVfcNT_VfuHJAsHz2EhLKJWLfDTBLynVMKwff65aEW7zUigH2y35WFZ5j4V-EWImAyVVx6j_LOrvLBGiAVevhw5bpubt5taGIfS4EnhKP80KdZJgncSJRCXXPd48HhIuCbxdV54fh3&sig=Cg0ArKJSzCcmKp5Nr_fhEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=92&cbvp=1&cisv=r20210517.80847&adurl= Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version date Mon, 24 May 2021 11:01:35 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H3-29	200	14738646102007331591 s0.2mdn.net/simgad/ Frame C1FB	23 KB 23 KB	21ms 7ms	Image image/jpeg	2a00:1450:4001:801::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/simgad/14738646102007331591 Requested by Host: c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com URL: https://c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0df5dc441968fd9e878f70c21b5a53d55949b208cdaa930297fdf0c171b72c09 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 May 2021 10:02:53 GMT x-content-type-options nosniff age 349122 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 23429 x-xss-protection 0 last-modified Thu, 20 May 2021 08:10:59 GMT server sffe content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 20 May 2022 10:02:53 GMT
GET H3-29	200	html_inpage_rendering_lib_200_271.js Show response s0.2mdn.net/879366/ Frame 754E	176 KB 61 KB	21ms 7ms	Script text/javascript	2a00:1450:4001:801::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_271.js Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e2f126a8957c32db99e94d1bf7c9ed09fcd38ba99bd632ebd048f01f9c5f9c9b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com Referer https://c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 24 May 2021 08:50:58 GMT content-encoding gzip x-content-type-options nosniff age 7837 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 62241 x-xss-protection 0 last-modified Wed, 14 Oct 2020 18:02:47 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * expires Tue, 25 May 2021 08:50:58 GMT
GET H3-29	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/elements/html/ Frame 754E	8 KB 3 KB	31ms 31ms	Script text/javascript	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/elements/html/omrhp.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DKoo1V1g4q5wnfAqv4p0ohaXBVJ3GjSkU3f7-2wgp1Hf46ykmPaivjzRL3Gb359uuetqRpDeCWg2nMJYptQsrzrTxZPnalDIgWcZbb7scUpl95CjXq67oYbCmbwYAuWvHQMCBMgmz63TsdhZHhPr9x3oYkYg&dbm_d=AKAmf-CvZ0QinVsU13gWNFrcsIPORouXYt6MZJcrXQARRQ9ObPnsywflOlN0vd2_h_ehAwdZDTvv8BtFJ0eeNuB9pR56YWU0CfPoAaosJHKqbMrDAX91pgYi_-RWRbTRcFJVOwHb-r3QOKdtMT54MfPv8vjkE8yS9nEAs1hTxyMfr5X6AtLkFJO6yJJoxz7sU7nA7zRyU6CTuaYWbWkyCqCre-apCSZn5ycxemjuNzxTXG-ccywl4FaApCpW6QahFYNJqYw-urL2WYSTMEpP-tQSEpO8DSplZqWbPA8XAE7EroSNf2Wl-uqFjLr3r18c2r-zXilBzKry_OSBm-oP6kv4yf4VwJh_we9oYd35KVSCkSZhS--2cPqVDb1iROXylIccqdwCVG4QTvQo_-x_zZ3pKPGh9QT3QFBrKr-W2dpequ4THPa8TL3dbD1dW7o17dLqeKsAkzu8xjHjQ7-AaS-gjUZJAyhYr7qvABCG-Clxv_exYpOC2N7NF3TIuhOqtnr9Vyuwm8jBXLRh1HIhi1KcwOspryThdK1zgA7OYWqt06zPcjGkQmDgXhZGXdv3X6d3jVFSdj1SMjdmKtdo2poZysz-VyUMv7uYRbzTo44kxxDV6c4807nW8Ap0K9EtEQrjFzv8S1PuaPuGita13t5Xcss4STYlIaUPqCx_yOx51iL1PF_naNl_Ni-LkHHVDDViLXbsFqd9pK4gDziTs4F5jiYv943gnjz5C6_0_NPv580I787AJ0sS_7gK3v6bsgoXeUb4fdJycN0kuvXU9EYh8yZmZhc8KG1EemNTahEyP-VMw7yRvs3j-B17JEH6cTke7j2m5_Aebxhco9i-2m1s_QEaEm7UEbmDX7AOXJvJ19VmROie9yPl9xhsTe8kNAfdbQlVRT7ZNm-ZD6-N3asm1-Lf5hjV9SKSXLdzdp6fUzC3oUscVX26KscMptK7nDgApFajb_eAC8GU_07LNLWc3G84zjidLR-UUW8PzRhjKyZSOlV_IKyvq6m-D-EwIIRECQRuZt82uBqvruSEpha06iDAsDoWpgw7i13peZiJ26WyBld839tHT70jL1yh8RkNzcl2cBaWetyFtmBcIcRToeoAhqQGeVqDlgbfdtxQA7RmVqg2PZrvesGnny9orL-7Pfoj2CXjJuo7M7WY7wdDzqRvVIKgUjdw0TRfsPjl-h9o8HrklC85PrqgAtNW4PRyn8LqPbUaY4eNKI-OLh1IO2kSrCcybEWIDCSKtEIG-6xod2DDEuR30QjWAqqzYJkh2tleu87UBBkSe4J8du_bY3CqaVtNr1zTVWZO0NLGB0rpLF6VrthD5aPHZru5_SJBxKdlf5Dqtkc_1a8CRdIZTJdUy3iiLmNA28xwuwrTA4fcPJ_ssM23tYcoKEYCnpmtQwLj7OQQt3XEJaXGAU64EapPapCWRMr3LJQgHQiyskoVPZQ-r1RRs-N-nhUoKdTkypVYtsy2YJwUG3hW-nnKCQTyVvAEBJRM33CnM2Lbzj_G_4dZJJbYe36EB33wnxKjeqOcVUF357fY32-4FpRxOyAMyoyB_6d34CmHzbqmveOWD-PpvDDBvtxCFW6D150LMia56t-xEw-DGJVx3vpGv-vIgFm_pll0Q_JzIMFcGLYg9ANL175PIkQMcvxCnpaUR7APY-eufzENTGk19y3slJDh8Cn2M56439aPT3Vz9jp__jD5ZhsKamieat55qqP_7BTvg-i-ErN2Gaqa-3KPvuLQMGzMpBfCJJwrVf2lJpUXDy8543--KqaDV80KyJrpkPnCZC4fyBfNzzzMKPD1QRdbiOIP-Chx9XM8LrgwSm7txgdbi3u7V5Nyj6-CWoP8zf5wopHuwbY5BIQ0vkePVB7OS_16o4_rkLvF3qRlfYDfrJe5vy8TUaJ97PRkC2YMTdv93H9VtG93HHSDGrKDCEPwjHv5sFUrjob7Fo7om6IOZwnuva5r931yE1vbq_NrNCW9NPTQb8ZuiStUzYevCKIdbMgTR8gyEi5hJggvVpzCs2WgwG39S4rPOHbnSmmJsgF5c8QOH3gStAlBxduf73LJmLzZSWV5vW_A5EnGs8ZqVYBynh84CWZc5P_XYhnJs9Ctql5yAWZ6N4idzW2n7zTZ8tyJYluc6MPONHweSj68lwXnFBQWVNU6jLWIDMEhBmArZRw8xCGJZySgTaBn-kNyvALFdlQHJByRxFzHC9oBMGcC_zw8qfItZN9rPHLFmAz6INKfayMVIDLlNSeCk7B_SPWl5s67bGBxLfY27AoA-uI3K57Yg9fkdcLsSCdQNdrqvzUi-Ny_SkBDqvHFpDSZJC4bpgDdIqmnQYHIihNAHUr5ETarwj3xj5T2DGIJJrQ0IDp-MDp_AwBpp0V-Lbkb8cfpa-v1k0pVcfKCXPS8_QpDJvNu0kpuUl2gf42AZ4fCQ5L5oRbNM40TLLPQ3jCalOmVIwt65GTIQ62Y4muwcOFBlE3rrz2TxmEC4KRdOYHSpH3wfz3n-if7a5EvpaXBnAo1coW07uLiWVIqj89igbQ0KykfbF1WsYSHZoE7UUjbh5KAMfSHd228oZAQEv7b7dqb9kb4EfsU5K__gHuXaiJfOPjI1aRLVne7JWGcAVX7M-Z4310noP9avu-wqs8_o6kUy0OiyNnc8DpLvnJ6Dpr5OERdid2i7ZyuIFoCoRo2hbdeyjSc43fdzZCNANfSNkCMII8bq3z3CKAQrLBnnsKlaTQRkNfD8uWFS_AT4NEqIRtJ6Pvm005VF1vmPTe2F_SJoBVvNSLDYWavhfjj85F7AQst6ISEtQpdrxtUa92SlBc1-6dfdPsmUsozMWtAv-LhiD32Et4iN6I6hnpANjCqzfovt_twoa7zbxkm0MMNQmvKnsqG9ALU0o31LgNIOJ-6cL8cP6Qm2LSqkm-FbaFmQAK1HfOvMU6r8a-ZeSKEZQkygZlk2oai6YS--3LC_Mj7yk8R4_pl8Edw4YX0d6ZOicTGyc-tRTY_Ydptt3icTpmIkvgIzoBgmOEgv3me9cVHssoCbDOMjitviMfuWXX855jB6LBEjGHjZHklK4J4ue2_U3McDqHEkFTaHN8aDIJfkg&cid=CAASPeRoCosFFhcuezdu8b8HoW2vMFPnGj_4xjh9I5MeUxrEgpXavlKCNq-5mZ_eyLd71aY7anVhq-IQFLPMP30&rfl=1%2Chttp%253A%252F%252Fwww.zdrave.bg%252F%240 Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash 966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 24 May 2021 11:01:10 GMT content-encoding gzip x-content-type-options nosniff age 25 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3124 x-xss-protection 0 server cafe etag 4537136162986801320 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 07 Jun 2021 11:01:10 GMT
GET H3-29	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/ Frame 754E	22 KB 8 KB	31ms 31ms	Script text/javascript	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/abg_lite.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DKoo1V1g4q5wnfAqv4p0ohaXBVJ3GjSkU3f7-2wgp1Hf46ykmPaivjzRL3Gb359uuetqRpDeCWg2nMJYptQsrzrTxZPnalDIgWcZbb7scUpl95CjXq67oYbCmbwYAuWvHQMCBMgmz63TsdhZHhPr9x3oYkYg&dbm_d=AKAmf-CvZ0QinVsU13gWNFrcsIPORouXYt6MZJcrXQARRQ9ObPnsywflOlN0vd2_h_ehAwdZDTvv8BtFJ0eeNuB9pR56YWU0CfPoAaosJHKqbMrDAX91pgYi_-RWRbTRcFJVOwHb-r3QOKdtMT54MfPv8vjkE8yS9nEAs1hTxyMfr5X6AtLkFJO6yJJoxz7sU7nA7zRyU6CTuaYWbWkyCqCre-apCSZn5ycxemjuNzxTXG-ccywl4FaApCpW6QahFYNJqYw-urL2WYSTMEpP-tQSEpO8DSplZqWbPA8XAE7EroSNf2Wl-uqFjLr3r18c2r-zXilBzKry_OSBm-oP6kv4yf4VwJh_we9oYd35KVSCkSZhS--2cPqVDb1iROXylIccqdwCVG4QTvQo_-x_zZ3pKPGh9QT3QFBrKr-W2dpequ4THPa8TL3dbD1dW7o17dLqeKsAkzu8xjHjQ7-AaS-gjUZJAyhYr7qvABCG-Clxv_exYpOC2N7NF3TIuhOqtnr9Vyuwm8jBXLRh1HIhi1KcwOspryThdK1zgA7OYWqt06zPcjGkQmDgXhZGXdv3X6d3jVFSdj1SMjdmKtdo2poZysz-VyUMv7uYRbzTo44kxxDV6c4807nW8Ap0K9EtEQrjFzv8S1PuaPuGita13t5Xcss4STYlIaUPqCx_yOx51iL1PF_naNl_Ni-LkHHVDDViLXbsFqd9pK4gDziTs4F5jiYv943gnjz5C6_0_NPv580I787AJ0sS_7gK3v6bsgoXeUb4fdJycN0kuvXU9EYh8yZmZhc8KG1EemNTahEyP-VMw7yRvs3j-B17JEH6cTke7j2m5_Aebxhco9i-2m1s_QEaEm7UEbmDX7AOXJvJ19VmROie9yPl9xhsTe8kNAfdbQlVRT7ZNm-ZD6-N3asm1-Lf5hjV9SKSXLdzdp6fUzC3oUscVX26KscMptK7nDgApFajb_eAC8GU_07LNLWc3G84zjidLR-UUW8PzRhjKyZSOlV_IKyvq6m-D-EwIIRECQRuZt82uBqvruSEpha06iDAsDoWpgw7i13peZiJ26WyBld839tHT70jL1yh8RkNzcl2cBaWetyFtmBcIcRToeoAhqQGeVqDlgbfdtxQA7RmVqg2PZrvesGnny9orL-7Pfoj2CXjJuo7M7WY7wdDzqRvVIKgUjdw0TRfsPjl-h9o8HrklC85PrqgAtNW4PRyn8LqPbUaY4eNKI-OLh1IO2kSrCcybEWIDCSKtEIG-6xod2DDEuR30QjWAqqzYJkh2tleu87UBBkSe4J8du_bY3CqaVtNr1zTVWZO0NLGB0rpLF6VrthD5aPHZru5_SJBxKdlf5Dqtkc_1a8CRdIZTJdUy3iiLmNA28xwuwrTA4fcPJ_ssM23tYcoKEYCnpmtQwLj7OQQt3XEJaXGAU64EapPapCWRMr3LJQgHQiyskoVPZQ-r1RRs-N-nhUoKdTkypVYtsy2YJwUG3hW-nnKCQTyVvAEBJRM33CnM2Lbzj_G_4dZJJbYe36EB33wnxKjeqOcVUF357fY32-4FpRxOyAMyoyB_6d34CmHzbqmveOWD-PpvDDBvtxCFW6D150LMia56t-xEw-DGJVx3vpGv-vIgFm_pll0Q_JzIMFcGLYg9ANL175PIkQMcvxCnpaUR7APY-eufzENTGk19y3slJDh8Cn2M56439aPT3Vz9jp__jD5ZhsKamieat55qqP_7BTvg-i-ErN2Gaqa-3KPvuLQMGzMpBfCJJwrVf2lJpUXDy8543--KqaDV80KyJrpkPnCZC4fyBfNzzzMKPD1QRdbiOIP-Chx9XM8LrgwSm7txgdbi3u7V5Nyj6-CWoP8zf5wopHuwbY5BIQ0vkePVB7OS_16o4_rkLvF3qRlfYDfrJe5vy8TUaJ97PRkC2YMTdv93H9VtG93HHSDGrKDCEPwjHv5sFUrjob7Fo7om6IOZwnuva5r931yE1vbq_NrNCW9NPTQb8ZuiStUzYevCKIdbMgTR8gyEi5hJggvVpzCs2WgwG39S4rPOHbnSmmJsgF5c8QOH3gStAlBxduf73LJmLzZSWV5vW_A5EnGs8ZqVYBynh84CWZc5P_XYhnJs9Ctql5yAWZ6N4idzW2n7zTZ8tyJYluc6MPONHweSj68lwXnFBQWVNU6jLWIDMEhBmArZRw8xCGJZySgTaBn-kNyvALFdlQHJByRxFzHC9oBMGcC_zw8qfItZN9rPHLFmAz6INKfayMVIDLlNSeCk7B_SPWl5s67bGBxLfY27AoA-uI3K57Yg9fkdcLsSCdQNdrqvzUi-Ny_SkBDqvHFpDSZJC4bpgDdIqmnQYHIihNAHUr5ETarwj3xj5T2DGIJJrQ0IDp-MDp_AwBpp0V-Lbkb8cfpa-v1k0pVcfKCXPS8_QpDJvNu0kpuUl2gf42AZ4fCQ5L5oRbNM40TLLPQ3jCalOmVIwt65GTIQ62Y4muwcOFBlE3rrz2TxmEC4KRdOYHSpH3wfz3n-if7a5EvpaXBnAo1coW07uLiWVIqj89igbQ0KykfbF1WsYSHZoE7UUjbh5KAMfSHd228oZAQEv7b7dqb9kb4EfsU5K__gHuXaiJfOPjI1aRLVne7JWGcAVX7M-Z4310noP9avu-wqs8_o6kUy0OiyNnc8DpLvnJ6Dpr5OERdid2i7ZyuIFoCoRo2hbdeyjSc43fdzZCNANfSNkCMII8bq3z3CKAQrLBnnsKlaTQRkNfD8uWFS_AT4NEqIRtJ6Pvm005VF1vmPTe2F_SJoBVvNSLDYWavhfjj85F7AQst6ISEtQpdrxtUa92SlBc1-6dfdPsmUsozMWtAv-LhiD32Et4iN6I6hnpANjCqzfovt_twoa7zbxkm0MMNQmvKnsqG9ALU0o31LgNIOJ-6cL8cP6Qm2LSqkm-FbaFmQAK1HfOvMU6r8a-ZeSKEZQkygZlk2oai6YS--3LC_Mj7yk8R4_pl8Edw4YX0d6ZOicTGyc-tRTY_Ydptt3icTpmIkvgIzoBgmOEgv3me9cVHssoCbDOMjitviMfuWXX855jB6LBEjGHjZHklK4J4ue2_U3McDqHEkFTaHN8aDIJfkg&cid=CAASPeRoCosFFhcuezdu8b8HoW2vMFPnGj_4xjh9I5MeUxrEgpXavlKCNq-5mZ_eyLd71aY7anVhq-IQFLPMP30&rfl=1%2Chttp%253A%252F%252Fwww.zdrave.bg%252F%240 Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash a4c0938e087a40c05a99d723eaf012958e03b048659bed9b36a2bc63f766d32b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 24 May 2021 10:59:45 GMT content-encoding gzip x-content-type-options nosniff age 110 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8593 x-xss-protection 0 server cafe etag 3013172215444160546 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 07 Jun 2021 10:59:45 GMT
GET H3-29	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/222/ Frame DCD5	12 KB 5 KB	6ms 6ms	Document text/html	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/sodar2/222/runner.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer http://www.zdrave.bg/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer http://www.zdrave.bg/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin content-length 5022 date Mon, 24 May 2021 10:59:37 GMT expires Tue, 24 May 2022 10:59:37 GMT last-modified Wed, 20 Jan 2021 19:23:06 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 118 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	aframe Show response www.google.com/recaptcha/api2/ Frame 6441	783 B 530 B	16ms 15ms	Document text/html	2a00:1450:4001:80e::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 3759a87fdceed91b7000136e64bc60227dfb99bac61fa6956215107b42cfeb4c Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-axCaqkhf+rplPuv0J9qy+A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority www.google.com :scheme https :path /recaptcha/api2/aframe pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer http://www.zdrave.bg/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer http://www.zdrave.bg/ Response headers expires Mon, 24 May 2021 11:01:35 GMT date Mon, 24 May 2021 11:01:35 GMT cache-control private, max-age=300 content-type text/html; charset=utf-8 content-security-policy script-src 'report-sample' 'nonce-axCaqkhf+rplPuv0J9qy+A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 511 server GSE alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
POST H2	200	view googleads4.g.doubleclick.net/pcs/ Frame 1ABC	0 61 B	163ms 108ms	Ping image/gif	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstHbWvAQCFHImlMxHIXBpkYq4C3Pginm7hh7XreFM1dmlwniIT5BSoT9r-LnABuzPYVtUiiWXn4jjfZxrO9KBgJIBek1IHEwa-E0dgmnIc57cJDduqvyi7YcLl28JcB5QhaNIKxEwfgVpHhJYuhJilrg0v0ks2e8S1a7cuw1eRcjSzFr3xJTqgSbr9SuS3c_LGorHk5lkPM8RCq_-END2uOr9KjH-JTAvIUb6bju3-21k69qnTrpi80mIH1rn2ehc-Eqn1aP95G4WQlt_G0ouL0PAiNAWNvVEnDnjgqnN3DELJVm4LPOcgnuhvSYZ_YSWGDM60ZxS1FB3-8X_YPdJPjAshY_bXlw0PaTKpVSTPo9w-o75UKqNf21Xp2QuWEDseE8478OXnF3oS7hFWMkTHRe1wQOUPy-kPl1yWznEQOkcsO4f6rqnTc2u8YM9dGsEQPagw6BnW6jd_87ftQRbQgav8PqLRIq-hOXZifOQzz_mjoQewMNG9NvelIUj9g04GtJSd7WGCEGRCQiJA5PNLIhJWsDEbrSpNV7dKehUNo08jZjfFP1vYEUN_m9acQEYI0PzSgJbtlMgPCJKc8H3dwlUwsbQ2yeemDZwP-jW_n57hzmNSbQMK-c9n4ZeibRhclVp0ivha2BtsdONHjpNm9mjxkYAidX0mTNnuPCkS-B-fsg5pvz4h5AocRKdGSybhpEDM4-ITkORd5MJ7MXdib1FNZdyP8_dXhvnSm5X6lAzp45xlCfPFwk2ejin7uglczaBER6P6rmd9fB_Ou5xliFnFHGzj_82bgkQRBfF4HAWXzHv2KHBmX3po6GBQOqO2L2eob-u2hPZ9Rll6YUiPVGXDSp3yQFZGq-TUhdDtPDq67hJVlYK4Zsjqw-Ahkgm-D13zVfxTzmT1jwrqFofmZ7MTQAQbmuAjVgSQVXgDVkikI_u762ysgoYSXDo-QRYd5VOhUS6HSTM57oy8kp-dzP-1qnkA89fb-NAT-4oSnQIFRb99Qd9Q0hB0Y3gwL2sl-USVE3-FiVEA1V5tkdxq3o9bNDzF1wQNXI3ZWpx4gkTEHWAYTRArO6QPUT7M3nSg0oTDzOQ7-8iTqGUErOPdhsxAX8zKwVZ-OkBXgO3SXRdU05gcMdAA_vTpW6LWVQl2pCdcKtIYpvD9f&sai=AMfl-YSiMdYIWzH4-1nJrPcZezgbF6Vgg_5Ah5W36Ha8BlwGLZyBcPaWyY6YMdFxwxM1J_FMb_Goz-o9EpkPIDhjdkuRuI3bxtn5nBnI2J8U3wmYBnsyv2i-lQWYAkP9ev93_vLKPyYyb6S1NpZzpWy45G6gcYfIqXGdyG1Tf-tpEz7BW2WuLO8IsHzO0566KygiTEutL7wffbJC13SAuFu9KU6mytkkVds29wjsnSi4Rs4PhvWREtBCtb8j7aNnoFB3krgF7KeTvurDCCytnb0dZcc71LMdxJf8KBj1N2bJt4SETBHqG_x-yabJnRH9vFwocztZpD-rww1ke-kMcSbTV9sS1Q6b-SLI5wmB560uZnKb1IdDkKKetJbdGsgMpU9K_wwKYcdN&sig=Cg0ArKJSzGu6Hy_UNoLkEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=100&cbvp=1&cisv=r20210517.74463&adurl= Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version date Mon, 24 May 2021 11:01:35 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H3-29	200	9978099517826932917 s0.2mdn.net/simgad/ Frame 1ABC	18 KB 18 KB	7ms 7ms	Image image/jpeg	2a00:1450:4001:801::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/simgad/9978099517826932917 Requested by Host: c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com URL: https://c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 21c5e42db8ea5fa72eda3b96d29a630822edbb8d701b0d526d938995a88cffa7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 May 2021 10:02:43 GMT x-content-type-options nosniff age 349132 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 18626 x-xss-protection 0 last-modified Thu, 20 May 2021 08:10:43 GMT server sffe content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 20 May 2022 10:02:43 GMT
GET H3-29	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame C1FB	41 KB 15 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com URL: https://c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 24 May 2021 08:14:30 GMT content-encoding gzip x-content-type-options nosniff age 10025 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 24 May 2022 08:14:30 GMT
GET DATA	200 OK	truncated / Frame C1FB	213 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash dd41552af571167d5c6cc79d4341d4524b09beb4664500a4c98c1a1f45f96321 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame B7EA Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMizDyvqLbiH39w1myzXOK0&google_cver=1	43 B 1014 B	91ms 35ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMizDyvqLbiH39w1myzXOK0&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPOW9wIQ7ubZ-gEYvoiSqgEwAQ&v=APEucNXL3huH8tnjiW2Zvo93tHkNz6jxilCWZpw9Ouw397z2Ek6DkSTd4sbLv5QVWpm9u6wjQx9ZqzcBnGXeHZDqjf5pGTMEk_jaWGYKXVeolCwe4uZWDchEX9nTBZ6-eyqz7HeZgqtdqVYLvG0UtcjQ-2LiSZ0xVD9_JnyX1oCSCPW28IFSuupko9XE3xoanW0abCl8OP_cRmPPY1-v38ds8K1f4nf79Q Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Mon, 24 May 2021 11:01:35 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Mon, 24 May 2021 11:01:35 GMT Redirect headers pragma no-cache date Mon, 24 May 2021 11:01:35 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMizDyvqLbiH39w1myzXOK0&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame B7EA Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YKuHjyJIlPisyZ0Zar.7vQAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMizDyvqLbiH39w1myzXOK0&google_cver=1&google_hm=2	43 B 894 B	35ms 34ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMizDyvqLbiH39w1myzXOK0&google_cver=1&google_hm=2 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPOW9wIQ7ubZ-gEYvoiSqgEwAQ&v=APEucNXL3huH8tnjiW2Zvo93tHkNz6jxilCWZpw9Ouw397z2Ek6DkSTd4sbLv5QVWpm9u6wjQx9ZqzcBnGXeHZDqjf5pGTMEk_jaWGYKXVeolCwe4uZWDchEX9nTBZ6-eyqz7HeZgqtdqVYLvG0UtcjQ-2LiSZ0xVD9_JnyX1oCSCPW28IFSuupko9XE3xoanW0abCl8OP_cRmPPY1-v38ds8K1f4nf79Q Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Mon, 24 May 2021 11:01:35 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Mon, 24 May 2021 11:01:35 GMT Redirect headers pragma no-cache date Mon, 24 May 2021 11:01:35 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMizDyvqLbiH39w1myzXOK0&google_cver=1&google_hm=2 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 329 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	setuid ib.adnxs.com/ Frame B7EA Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESELuiBdG2i7FdGtXYCY3soCA&google_cver=1	43 B 1022 B	29ms 28ms	Image image/gif	37.252.172.37 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=101&code=CAESELuiBdG2i7FdGtXYCY3soCA&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPOW9wIQ7ubZ-gEYvoiSqgEwAQ&v=APEucNXL3huH8tnjiW2Zvo93tHkNz6jxilCWZpw9Ouw397z2Ek6DkSTd4sbLv5QVWpm9u6wjQx9ZqzcBnGXeHZDqjf5pGTMEk_jaWGYKXVeolCwe4uZWDchEX9nTBZ6-eyqz7HeZgqtdqVYLvG0UtcjQ-2LiSZ0xVD9_JnyX1oCSCPW28IFSuupko9XE3xoanW0abCl8OP_cRmPPY1-v38ds8K1f4nf79Q Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.17.9 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Mon, 24 May 2021 11:01:35 GMT X-Proxy-Origin 91.132.139.60; 91.132.139.60; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.90:80 AN-X-Request-Uuid 1224e98c-010d-4d14-b907-df5a82e334dd Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type image/gif Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Mon, 24 May 2021 11:01:35 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://ib.adnxs.com/setuid?entity=101&code=CAESELuiBdG2i7FdGtXYCY3soCA&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 290 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame B7EA Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDc1NTc4MjQyMDIwNjIzNDQ2Mw%3D%3D	170 B 232 B	71ms 45ms	Image image/png	172.217.23.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDc1NTc4MjQyMDIwNjIzNDQ2Mw%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPOW9wIQ7ubZ-gEYvoiSqgEwAQ&v=APEucNXL3huH8tnjiW2Zvo93tHkNz6jxilCWZpw9Ouw397z2Ek6DkSTd4sbLv5QVWpm9u6wjQx9ZqzcBnGXeHZDqjf5pGTMEk_jaWGYKXVeolCwe4uZWDchEX9nTBZ6-eyqz7HeZgqtdqVYLvG0UtcjQ-2LiSZ0xVD9_JnyX1oCSCPW28IFSuupko9XE3xoanW0abCl8OP_cRmPPY1-v38ds8K1f4nf79Q Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s45-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 24 May 2021 11:01:35 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Mon, 24 May 2021 11:01:35 GMT X-Proxy-Origin 91.132.139.60; 91.132.139.60; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.247:80 AN-X-Request-Uuid 52b3bcf0-3dcd-41e6-9517-5bd2130b55f4 Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDc1NTc4MjQyMDIwNjIzNDQ2Mw%3D%3D Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame D5F9 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMizDyvqLbiH39w1myzXOK0&google_cver=1	43 B 1014 B	92ms 37ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMizDyvqLbiH39w1myzXOK0&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPOW9wIQ7ubZ-gEYr5CSqgEwAQ&v=APEucNXcBe73f1eiKSM745zsnplS79kgR5dafDboZJPZgFOiJyKoeti2rdv8tY73xOZvyzRYTKl2MjfmjiY_-PWYSoClozsFUr55m2Kz3pufBSCoK5J4cf_mqevgOODy7QAbsTO2dPr1-zsAsnZj56IWG1OKDDmdH4YYiUYfhaS1m7dwyyvo-i-2ayEF3LRzfe-LyYlLC-aE9CJ9zCsgmqL2jIp0aAv6cw Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Mon, 24 May 2021 11:01:35 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Mon, 24 May 2021 11:01:35 GMT Redirect headers pragma no-cache date Mon, 24 May 2021 11:01:35 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMizDyvqLbiH39w1myzXOK0&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame D5F9 Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YKuHjyJIlPisyZ0Zar.7vQAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMizDyvqLbiH39w1myzXOK0&google_cver=1&google_hm=2	43 B 894 B	34ms 34ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMizDyvqLbiH39w1myzXOK0&google_cver=1&google_hm=2 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPOW9wIQ7ubZ-gEYr5CSqgEwAQ&v=APEucNXcBe73f1eiKSM745zsnplS79kgR5dafDboZJPZgFOiJyKoeti2rdv8tY73xOZvyzRYTKl2MjfmjiY_-PWYSoClozsFUr55m2Kz3pufBSCoK5J4cf_mqevgOODy7QAbsTO2dPr1-zsAsnZj56IWG1OKDDmdH4YYiUYfhaS1m7dwyyvo-i-2ayEF3LRzfe-LyYlLC-aE9CJ9zCsgmqL2jIp0aAv6cw Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Mon, 24 May 2021 11:01:35 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Mon, 24 May 2021 11:01:35 GMT Redirect headers pragma no-cache date Mon, 24 May 2021 11:01:35 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMizDyvqLbiH39w1myzXOK0&google_cver=1&google_hm=2 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 329 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	setuid ib.adnxs.com/ Frame D5F9 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESELuiBdG2i7FdGtXYCY3soCA&google_cver=1	43 B 1023 B	30ms 29ms	Image image/gif	37.252.172.37 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=101&code=CAESELuiBdG2i7FdGtXYCY3soCA&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPOW9wIQ7ubZ-gEYr5CSqgEwAQ&v=APEucNXcBe73f1eiKSM745zsnplS79kgR5dafDboZJPZgFOiJyKoeti2rdv8tY73xOZvyzRYTKl2MjfmjiY_-PWYSoClozsFUr55m2Kz3pufBSCoK5J4cf_mqevgOODy7QAbsTO2dPr1-zsAsnZj56IWG1OKDDmdH4YYiUYfhaS1m7dwyyvo-i-2ayEF3LRzfe-LyYlLC-aE9CJ9zCsgmqL2jIp0aAv6cw Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.17.9 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Mon, 24 May 2021 11:01:35 GMT X-Proxy-Origin 91.132.139.60; 91.132.139.60; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.232:80 AN-X-Request-Uuid 61ac706c-3660-4dc0-be15-9c871a3c4384 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type image/gif Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Mon, 24 May 2021 11:01:35 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://ib.adnxs.com/setuid?entity=101&code=CAESELuiBdG2i7FdGtXYCY3soCA&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 290 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame D5F9 Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDc1NTc4MjQyMDIwNjIzNDQ2Mw%3D%3D	170 B 243 B	68ms 44ms	Image image/png	172.217.23.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDc1NTc4MjQyMDIwNjIzNDQ2Mw%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPOW9wIQ7ubZ-gEYr5CSqgEwAQ&v=APEucNXcBe73f1eiKSM745zsnplS79kgR5dafDboZJPZgFOiJyKoeti2rdv8tY73xOZvyzRYTKl2MjfmjiY_-PWYSoClozsFUr55m2Kz3pufBSCoK5J4cf_mqevgOODy7QAbsTO2dPr1-zsAsnZj56IWG1OKDDmdH4YYiUYfhaS1m7dwyyvo-i-2ayEF3LRzfe-LyYlLC-aE9CJ9zCsgmqL2jIp0aAv6cw Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s45-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 24 May 2021 11:01:35 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Mon, 24 May 2021 11:01:35 GMT X-Proxy-Origin 91.132.139.60; 91.132.139.60; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.241:80 AN-X-Request-Uuid 14631760-2b2d-4dd3-bfb5-c5be82d6b742 Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDc1NTc4MjQyMDIwNjIzNDQ2Mw%3D%3D Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame E154 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMizDyvqLbiH39w1myzXOK0&google_cver=1	43 B 1014 B	90ms 34ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMizDyvqLbiH39w1myzXOK0&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPaA5gEQl4nqARjAi_psMAE&v=APEucNUbl2LK1atn_3nqmpK3zUwCDsenvc24zaUf9ErRb7ydzG8GAXggaTIaHNfSy1vHfzLf-OIYD1iFic3nta0CQK2Ti9zFC_SteHj4_OPXW9w2PTaW2MNKzNHTCtbeTIuMwzmi4T_d2tN-t-1Dp56DoxHjOZzswzalo4xRBJ3VZ0ZuMT74Q3ff9qzf47KFe0UoccvHmiFdCTSSK6MxSlx1xyxET6qXWg Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Mon, 24 May 2021 11:01:35 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Mon, 24 May 2021 11:01:35 GMT Redirect headers pragma no-cache date Mon, 24 May 2021 11:01:35 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMizDyvqLbiH39w1myzXOK0&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame E154 Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YKuHjyJIlPisyZ0Zar.7vQAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMizDyvqLbiH39w1myzXOK0&google_cver=1&google_hm=2	43 B 894 B	35ms 35ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMizDyvqLbiH39w1myzXOK0&google_cver=1&google_hm=2 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPaA5gEQl4nqARjAi_psMAE&v=APEucNUbl2LK1atn_3nqmpK3zUwCDsenvc24zaUf9ErRb7ydzG8GAXggaTIaHNfSy1vHfzLf-OIYD1iFic3nta0CQK2Ti9zFC_SteHj4_OPXW9w2PTaW2MNKzNHTCtbeTIuMwzmi4T_d2tN-t-1Dp56DoxHjOZzswzalo4xRBJ3VZ0ZuMT74Q3ff9qzf47KFe0UoccvHmiFdCTSSK6MxSlx1xyxET6qXWg Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Mon, 24 May 2021 11:01:35 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Mon, 24 May 2021 11:01:35 GMT Redirect headers pragma no-cache date Mon, 24 May 2021 11:01:35 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMizDyvqLbiH39w1myzXOK0&google_cver=1&google_hm=2 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 329 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	setuid ib.adnxs.com/ Frame E154 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESELuiBdG2i7FdGtXYCY3soCA&google_cver=1	43 B 1023 B	29ms 29ms	Image image/gif	37.252.172.37 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=101&code=CAESELuiBdG2i7FdGtXYCY3soCA&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPaA5gEQl4nqARjAi_psMAE&v=APEucNUbl2LK1atn_3nqmpK3zUwCDsenvc24zaUf9ErRb7ydzG8GAXggaTIaHNfSy1vHfzLf-OIYD1iFic3nta0CQK2Ti9zFC_SteHj4_OPXW9w2PTaW2MNKzNHTCtbeTIuMwzmi4T_d2tN-t-1Dp56DoxHjOZzswzalo4xRBJ3VZ0ZuMT74Q3ff9qzf47KFe0UoccvHmiFdCTSSK6MxSlx1xyxET6qXWg Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.17.9 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Mon, 24 May 2021 11:01:35 GMT X-Proxy-Origin 91.132.139.60; 91.132.139.60; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.250:80 AN-X-Request-Uuid 9e1da091-a4a7-4c90-8d71-82e13effdd20 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type image/gif Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Mon, 24 May 2021 11:01:35 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://ib.adnxs.com/setuid?entity=101&code=CAESELuiBdG2i7FdGtXYCY3soCA&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 290 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame E154 Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDc1NTc4MjQyMDIwNjIzNDQ2Mw%3D%3D	170 B 232 B	41ms 41ms	Image image/png	172.217.23.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDc1NTc4MjQyMDIwNjIzNDQ2Mw%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPaA5gEQl4nqARjAi_psMAE&v=APEucNUbl2LK1atn_3nqmpK3zUwCDsenvc24zaUf9ErRb7ydzG8GAXggaTIaHNfSy1vHfzLf-OIYD1iFic3nta0CQK2Ti9zFC_SteHj4_OPXW9w2PTaW2MNKzNHTCtbeTIuMwzmi4T_d2tN-t-1Dp56DoxHjOZzswzalo4xRBJ3VZ0ZuMT74Q3ff9qzf47KFe0UoccvHmiFdCTSSK6MxSlx1xyxET6qXWg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s45-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 24 May 2021 11:01:35 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Mon, 24 May 2021 11:01:35 GMT X-Proxy-Origin 91.132.139.60; 91.132.139.60; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.28:80 AN-X-Request-Uuid 21d2073b-63ac-4cbc-ae54-0756e371d96b Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDc1NTc4MjQyMDIwNjIzNDQ2Mw%3D%3D Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H3-29	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame 1ABC	41 KB 15 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com URL: https://c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 24 May 2021 08:14:30 GMT content-encoding gzip x-content-type-options nosniff age 10025 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 24 May 2022 08:14:30 GMT
GET DATA	200 OK	truncated / Frame 1ABC	213 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 148db4ea5f15182bfa81bd75e64ac3f49ce6f0198642a8b64b7f94f533ad136b Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET H3-29	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame AB78	22 KB 8 KB	6ms 6ms	Document text/html	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/Enqz_20U.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin timing-allow-origin * content-length 8395 date Mon, 24 May 2021 08:58:31 GMT expires Tue, 24 May 2022 08:58:31 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 7384 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame 0185	22 KB 8 KB	7ms 6ms	Document text/html	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/Enqz_20U.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin timing-allow-origin * content-length 8395 date Mon, 24 May 2021 08:58:31 GMT expires Tue, 24 May 2022 08:58:31 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 7384 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	index.html Show response s0.2mdn.net/sadbundle/15743601408852623360/ Frame E3AF	80 KB 22 KB	15ms 14ms	Document text/html	2a00:1450:4001:801::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/15743601408852623360/index.html?e=69&leftOffset=0&topOffset=0&c=e7D9nr5Zoe&t=1&renderingType=2 Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_271.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b42652fabe2fa543f37308cf595e4624cd65832febe986598d22936123067fdd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority s0.2mdn.net :scheme https :path /sadbundle/15743601408852623360/index.html?e=69&leftOffset=0&topOffset=0&c=e7D9nr5Zoe&t=1&renderingType=2 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-type text/html access-control-allow-origin * cross-origin-resource-policy cross-origin timing-allow-origin * date Mon, 24 May 2021 11:01:35 GMT expires Tue, 24 May 2022 11:01:35 GMT cache-control public, max-age=31536000 last-modified Wed, 01 Apr 2020 08:17:02 GMT x-content-type-options nosniff x-dns-prefetch-control off content-encoding gzip server sffe x-xss-protection 0 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
POST H3-29	200	view googleads4.g.doubleclick.net/pcs/ Frame 754E	0 24 B	125ms 85ms	Ping image/gif	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvqSFpkH757boIk1b3GSvJl7HWYoh6tH-llYQTBnJn3kKiMhKNcrNU4cNCmF4vxwjlxHPbpLg8vowYDELh_fv9gT9cwZXtj6h7ozqlCAFsaqgcxeo1Ba3D3Fo1StsHNwjxc_4JKGSA5txGAgZPk4wCwu8CzIjmctX_XJz3DUkGMciyMbO8JOdDKEgBApxB7NK7VstaNshr0GqPBCOZqBKWejE1wJFThE4LohkGNymVlNxj66_5-H3Xa82_7gQojFLbVep5GHpczdsWNvuQG7CHr5bW6t3zkQ5ycOkj8EtDNN_8IDF1aJHag1LcgJHyxIcFnwY3yAqVrFQiZVRIqfx51wmKN35Huiu1_svaCsgY0BdKVRzRaj3qD4VMQcT4GtHpUhSWnO2CUT3G0Fmt4jNxI0dFGYDWHRJxsz8Fx18KeBXRBr68ZiGugRMGrUWH71TtVq_DehtMNdjPHx8Fkw0ITHn0tchcHYA1rb08ZBcYvRBgBycqw2MeLdKG1ET3LoxQ7KVybIWS-gnGaQ0HzCCEimZH5B1ApqvvBeerBaIBUn08c_lgwSDsyo4vbeVo0VJ1U529BGgzzMAZViSTDvrNEcWm0sdD4EcyBnY2vZVK0GwGQPzst22IdD6YsCIaZbVkSqP9zPDSrvKndeeNxidLTjneRSSVf22IV5BkBjWK8Izp67oSKgVZh_tLcM8wDSZEz4UFEqW_D9Tc0K6Le0-BZSDM2MyGBQba7ZC0jsCBQbdtQ-xLPvIxn2QXjEzqFSxJ6ZTnNBP7IKOLDFsa3ebXvgoXE1bl7z1GSHq9USssouExwrmVXLXsbBkJ2ZQ3QpxQPlBA1sS2sWqn6i_WVNIZiRiwpI0BO-7hWnd488pZrcGbL7uLQQwlciLctspTxTE7BCh_iGIRp-lBI9d92D0ufhPAXoJFIi4CWx3CnqWidWBPPT5fSFdNHw18oRgrcRmxfWWA5Efj9KS50fvBgBPKKbmuFF7WPRToZmpf6Jtsrau3_3NchOm9I3aQLeUh7jTekDkNWno9ywUK8s9-de1NrEA9VqF8k5ax19TMweacH7d_WuzfhGJtTL2BSGlHxin76zCfiDOtrE_rT0xS6Yb87i9f1lk-izHrFYd42btTKS-DJOAWuNHv5xOhysp8ihJki3h8a_drJVU0D6t-bNtWp6aCSA9kr7lKAVS5cS7Qqxnp_pmdKBugbYQ&sai=AMfl-YTluEvGEELBvyWBN2TnDuaEblVqRk6m3k576XgpZO3iAnC-r1I5XZMo1nmIKDJBVKrz41Y0ifG_yZ3_cEjhUVyODnwqEmNAIQGsjo2SWXF9cAXtpFC92xr5nLg5K1_bwTyEXd_oqj6pqujxdill36KYRhFGZ1pi5ObMjx2K-ShaW6guAT44OpvdRTfL6NsuQ3hDhnwkl3VMh-g34DuEQfoNgF4yEOGCim2PESDVHQ&sig=Cg0ArKJSzKuism7xu9bIEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=147&cbvp=1&cstd=141&cisv=r20210517.79798&adurl= Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version date Mon, 24 May 2021 11:01:35 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H3-29	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame 754E	41 KB 15 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com URL: https://c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 24 May 2021 08:14:30 GMT content-encoding gzip x-content-type-options nosniff age 10025 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 24 May 2022 08:14:30 GMT
GET DATA	200 OK	truncated / Frame 754E	215 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash f6c474d065de4f6165608ce8cc65c35b2499334f4983c50f5f176e7f8f63e2b4 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET H3-29	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame 8D95	22 KB 8 KB	6ms 6ms	Document text/html	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/Enqz_20U.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin timing-allow-origin * content-length 8395 date Mon, 24 May 2021 08:58:31 GMT expires Tue, 24 May 2022 08:58:31 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 7384 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	css fonts.googleapis.com/ Frame E3AF	5 KB 782 B	15ms 14ms	Stylesheet text/css	2a00:1450:4001:82f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Raleway:regular,800|EB+Garamond:500 Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/15743601408852623360/index.html?e=69&leftOffset=0&topOffset=0&c=e7D9nr5Zoe&t=1&renderingType=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 44c7123ade4abb91d08593cea447f996c16eda49981808448b80b99e21d5e96f Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Mon, 24 May 2021 09:58:38 GMT server ESF date Mon, 24 May 2021 11:01:35 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 24 May 2021 11:01:35 GMT
GET H3-29	200	Enabler_01_242.js Show response s0.2mdn.net/879366/ Frame E3AF	107 KB 37 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:801::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/Enabler_01_242.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/15743601408852623360/index.html?e=69&leftOffset=0&topOffset=0&c=e7D9nr5Zoe&t=1&renderingType=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d7effa4abb1004ac11058d1fc73b1ebb9cbf993bc96dd96be50ba81ba895bd69 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/sadbundle/15743601408852623360/index.html?e=69&leftOffset=0&topOffset=0&c=e7D9nr5Zoe&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 24 May 2021 10:12:03 GMT content-encoding gzip x-content-type-options nosniff age 2972 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37452 x-xss-protection 0 last-modified Thu, 06 Feb 2020 15:49:50 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * expires Tue, 25 May 2021 10:12:03 GMT
GET H3-29	200	0eWRs9v2owYuE6yDy88utlgh72O1yDgkHmBZb7_hHjI.js Show response pagead2.googlesyndication.com/bg/ Frame DCD5	14 KB 6 KB	31ms 31ms	Script text/javascript	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/0eWRs9v2owYuE6yDy88utlgh72O1yDgkHmBZb7_hHjI.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software sffe / Resource Hash d1e591b3dbf6a3062e13ac83cbcf2eb65821ef63b5c838241e60596fbfe11e32 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 23 May 2021 18:33:32 GMT content-encoding br x-content-type-options nosniff last-modified Wed, 12 May 2021 09:08:00 GMT server sffe age 59283 vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5773 x-xss-protection 0 expires Mon, 23 May 2022 18:33:32 GMT
GET H3-29	200	NEBu3pajZdeXNrzBMTKKpDrnjihkyh5N8uMAWlauysY.js Show response pagead2.googlesyndication.com/bg/ Frame AB78	14 KB 6 KB	32ms 31ms	Script text/javascript	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/NEBu3pajZdeXNrzBMTKKpDrnjihkyh5N8uMAWlauysY.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software sffe / Resource Hash 34406ede96a365d79736bcc131328aa43ae78e2864ca1e4df2e3005a56aecac6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 24 May 2021 10:29:55 GMT content-encoding br x-content-type-options nosniff last-modified Wed, 12 May 2021 09:08:00 GMT server sffe age 1900 vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5770 x-xss-protection 0 expires Tue, 24 May 2022 10:29:55 GMT
GET H3-29	200	NEBu3pajZdeXNrzBMTKKpDrnjihkyh5N8uMAWlauysY.js Show response pagead2.googlesyndication.com/bg/ Frame 0185	14 KB 6 KB	31ms 31ms	Script text/javascript	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/NEBu3pajZdeXNrzBMTKKpDrnjihkyh5N8uMAWlauysY.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software sffe / Resource Hash 34406ede96a365d79736bcc131328aa43ae78e2864ca1e4df2e3005a56aecac6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 24 May 2021 10:29:55 GMT content-encoding br x-content-type-options nosniff last-modified Wed, 12 May 2021 09:08:00 GMT server sffe age 1900 vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5770 x-xss-protection 0 expires Tue, 24 May 2022 10:29:55 GMT
GET H2	200	1Ptug8zYS_SKggPNyC0ITw.woff2 fonts.gstatic.com/s/raleway/v19/ Frame E3AF	46 KB 46 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/raleway/v19/1Ptug8zYS_SKggPNyC0ITw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Raleway:regular,800|EB+Garamond:500 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1824e38c8fe9b23fb54ed5deafd63f31fcceed673d89111bebc8f05d1aa7b126 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://s0.2mdn.net Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 May 2021 02:03:02 GMT x-content-type-options nosniff last-modified Thu, 28 Jan 2021 22:37:32 GMT server sffe age 377913 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 47272 x-xss-protection 0 expires Fri, 20 May 2022 02:03:02 GMT
GET H2	200	SlGDmQSNjdsmc35JDF1K5E55YMjF_7DPuGi-2fRkBI9_.woff2 fonts.gstatic.com/s/ebgaramond/v15/ Frame E3AF	30 KB 30 KB	9ms 9ms	Font font/woff2	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/ebgaramond/v15/SlGDmQSNjdsmc35JDF1K5E55YMjF_7DPuGi-2fRkBI9_.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Raleway:regular,800|EB+Garamond:500 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3e09f5b58905d6e08f85cf8aa46b82bd7b3d2cbb00bdd5934591381dfa71df61 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://s0.2mdn.net Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 23 May 2021 10:03:50 GMT x-content-type-options nosniff last-modified Thu, 28 Jan 2021 21:09:04 GMT server sffe age 89865 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 30328 x-xss-protection 0 expires Mon, 23 May 2022 10:03:50 GMT
GET H3-29	200	0eWRs9v2owYuE6yDy88utlgh72O1yDgkHmBZb7_hHjI.js Show response pagead2.googlesyndication.com/bg/ Frame 8D95	14 KB 6 KB	31ms 31ms	Script text/javascript	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/0eWRs9v2owYuE6yDy88utlgh72O1yDgkHmBZb7_hHjI.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software sffe / Resource Hash d1e591b3dbf6a3062e13ac83cbcf2eb65821ef63b5c838241e60596fbfe11e32 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 23 May 2021 18:33:32 GMT content-encoding br x-content-type-options nosniff last-modified Wed, 12 May 2021 09:08:00 GMT server sffe age 59283 vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5773 x-xss-protection 0 expires Mon, 23 May 2022 18:33:32 GMT
POST H3-29	200	view googleads4.g.doubleclick.net/pcs/ Frame 754E	0 23 B	69ms 69ms	Ping image/gif	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvqSFpkH757boIk1b3GSvJl7HWYoh6tH-llYQTBnJn3kKiMhKNcrNU4cNCmF4vxwjlxHPbpLg8vowYDELh_fv9gT9cwZXtj6h7ozqlCAFsaqgcxeo1Ba3D3Fo1StsHNwjxc_4JKGSA5txGAgZPk4wCwu8CzIjmctX_XJz3DUkGMciyMbO8JOdDKEgBApxB7NK7VstaNshr0GqPBCOZqBKWejE1wJFThE4LohkGNymVlNxj66_5-H3Xa82_7gQojFLbVep5GHpczdsWNvuQG7CHr5bW6t3zkQ5ycOkj8EtDNN_8IDF1aJHag1LcgJHyxIcFnwY3yAqVrFQiZVRIqfx51wmKN35Huiu1_svaCsgY0BdKVRzRaj3qD4VMQcT4GtHpUhSWnO2CUT3G0Fmt4jNxI0dFGYDWHRJxsz8Fx18KeBXRBr68ZiGugRMGrUWH71TtVq_DehtMNdjPHx8Fkw0ITHn0tchcHYA1rb08ZBcYvRBgBycqw2MeLdKG1ET3LoxQ7KVybIWS-gnGaQ0HzCCEimZH5B1ApqvvBeerBaIBUn08c_lgwSDsyo4vbeVo0VJ1U529BGgzzMAZViSTDvrNEcWm0sdD4EcyBnY2vZVK0GwGQPzst22IdD6YsCIaZbVkSqP9zPDSrvKndeeNxidLTjneRSSVf22IV5BkBjWK8Izp67oSKgVZh_tLcM8wDSZEz4UFEqW_D9Tc0K6Le0-BZSDM2MyGBQba7ZC0jsCBQbdtQ-xLPvIxn2QXjEzqFSxJ6ZTnNBP7IKOLDFsa3ebXvgoXE1bl7z1GSHq9USssouExwrmVXLXsbBkJ2ZQ3QpxQPlBA1sS2sWqn6i_WVNIZiRiwpI0BO-7hWnd488pZrcGbL7uLQQwlciLctspTxTE7BCh_iGIRp-lBI9d92D0ufhPAXoJFIi4CWx3CnqWidWBPPT5fSFdNHw18oRgrcRmxfWWA5Efj9KS50fvBgBPKKbmuFF7WPRToZmpf6Jtsrau3_3NchOm9I3aQLeUh7jTekDkNWno9ywUK8s9-de1NrEA9VqF8k5ax19TMweacH7d_WuzfhGJtTL2BSGlHxin76zCfiDOtrE_rT0xS6Yb87i9f1lk-izHrFYd42btTKS-DJOAWuNHv5xOhysp8ihJki3h8a_drJVU0D6t-bNtWp6aCSA9kr7lKAVS5cS7Qqxnp_pmdKBugbYQ&sai=AMfl-YTluEvGEELBvyWBN2TnDuaEblVqRk6m3k576XgpZO3iAnC-r1I5XZMo1nmIKDJBVKrz41Y0ifG_yZ3_cEjhUVyODnwqEmNAIQGsjo2SWXF9cAXtpFC92xr5nLg5K1_bwTyEXd_oqj6pqujxdill36KYRhFGZ1pi5ObMjx2K-ShaW6guAT44OpvdRTfL6NsuQ3hDhnwkl3VMh-g34DuEQfoNgF4yEOGCim2PESDVHQ&sig=Cg0ArKJSzKuism7xu9bIEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=271&vt=11&dtpt=124&dett=3&cstd=141&cisv=r20210517.79798&adurl= Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * date Mon, 24 May 2021 11:01:35 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H3-29	200	prod_studio_01_242_configurablemodule.js Show response s0.2mdn.net/879366/ Frame E3AF	30 KB 10 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:801::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/prod_studio_01_242_configurablemodule.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/Enabler_01_242.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 68a1eb809781154c2c6dd9ef157e3ffa54c45afade2bb70edd006707d28c3a7c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/sadbundle/15743601408852623360/index.html?e=69&leftOffset=0&topOffset=0&c=e7D9nr5Zoe&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 24 May 2021 07:49:58 GMT content-encoding gzip x-content-type-options nosniff age 11497 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10358 x-xss-protection 0 last-modified Thu, 06 Feb 2020 15:49:49 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * expires Tue, 25 May 2021 07:49:58 GMT
POST H3-29	200	view googleads4.g.doubleclick.net/pcs/ Frame 1ABC	0 23 B	68ms 68ms	Ping image/gif	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstHbWvAQCFHImlMxHIXBpkYq4C3Pginm7hh7XreFM1dmlwniIT5BSoT9r-LnABuzPYVtUiiWXn4jjfZxrO9KBgJIBek1IHEwa-E0dgmnIc57cJDduqvyi7YcLl28JcB5QhaNIKxEwfgVpHhJYuhJilrg0v0ks2e8S1a7cuw1eRcjSzFr3xJTqgSbr9SuS3c_LGorHk5lkPM8RCq_-END2uOr9KjH-JTAvIUb6bju3-21k69qnTrpi80mIH1rn2ehc-Eqn1aP95G4WQlt_G0ouL0PAiNAWNvVEnDnjgqnN3DELJVm4LPOcgnuhvSYZ_YSWGDM60ZxS1FB3-8X_YPdJPjAshY_bXlw0PaTKpVSTPo9w-o75UKqNf21Xp2QuWEDseE8478OXnF3oS7hFWMkTHRe1wQOUPy-kPl1yWznEQOkcsO4f6rqnTc2u8YM9dGsEQPagw6BnW6jd_87ftQRbQgav8PqLRIq-hOXZifOQzz_mjoQewMNG9NvelIUj9g04GtJSd7WGCEGRCQiJA5PNLIhJWsDEbrSpNV7dKehUNo08jZjfFP1vYEUN_m9acQEYI0PzSgJbtlMgPCJKc8H3dwlUwsbQ2yeemDZwP-jW_n57hzmNSbQMK-c9n4ZeibRhclVp0ivha2BtsdONHjpNm9mjxkYAidX0mTNnuPCkS-B-fsg5pvz4h5AocRKdGSybhpEDM4-ITkORd5MJ7MXdib1FNZdyP8_dXhvnSm5X6lAzp45xlCfPFwk2ejin7uglczaBER6P6rmd9fB_Ou5xliFnFHGzj_82bgkQRBfF4HAWXzHv2KHBmX3po6GBQOqO2L2eob-u2hPZ9Rll6YUiPVGXDSp3yQFZGq-TUhdDtPDq67hJVlYK4Zsjqw-Ahkgm-D13zVfxTzmT1jwrqFofmZ7MTQAQbmuAjVgSQVXgDVkikI_u762ysgoYSXDo-QRYd5VOhUS6HSTM57oy8kp-dzP-1qnkA89fb-NAT-4oSnQIFRb99Qd9Q0hB0Y3gwL2sl-USVE3-FiVEA1V5tkdxq3o9bNDzF1wQNXI3ZWpx4gkTEHWAYTRArO6QPUT7M3nSg0oTDzOQ7-8iTqGUErOPdhsxAX8zKwVZ-OkBXgO3SXRdU05gcMdAA_vTpW6LWVQl2pCdcKtIYpvD9f&sai=AMfl-YSiMdYIWzH4-1nJrPcZezgbF6Vgg_5Ah5W36Ha8BlwGLZyBcPaWyY6YMdFxwxM1J_FMb_Goz-o9EpkPIDhjdkuRuI3bxtn5nBnI2J8U3wmYBnsyv2i-lQWYAkP9ev93_vLKPyYyb6S1NpZzpWy45G6gcYfIqXGdyG1Tf-tpEz7BW2WuLO8IsHzO0566KygiTEutL7wffbJC13SAuFu9KU6mytkkVds29wjsnSi4Rs4PhvWREtBCtb8j7aNnoFB3krgF7KeTvurDCCytnb0dZcc71LMdxJf8KBj1N2bJt4SETBHqG_x-yabJnRH9vFwocztZpD-rww1ke-kMcSbTV9sS1Q6b-SLI5wmB560uZnKb1IdDkKKetJbdGsgMpU9K_wwKYcdN&sig=Cg0ArKJSzGu6Hy_UNoLkEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=542&vt=11&dtpt=442&dett=3&cstd=541&cisv=r20210517.74463&adurl= Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * date Mon, 24 May 2021 11:01:35 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H3-29	200	index.html Show response s0.2mdn.net/sadbundle/6850067813765477778/ Frame C2B9	6 KB 2 KB	7ms 7ms	Document text/html	2a00:1450:4001:801::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/6850067813765477778/index.html Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 74410bd7770424377b0162fb09bc4b3babf7ebe896f067882f3b1f09da17542c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority s0.2mdn.net :scheme https :path /sadbundle/6850067813765477778/index.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-type text/html access-control-allow-origin * cross-origin-resource-policy cross-origin timing-allow-origin * content-length 1749 date Thu, 20 May 2021 10:02:43 GMT expires Fri, 20 May 2022 10:02:43 GMT last-modified Thu, 20 May 2021 08:10:40 GMT x-content-type-options nosniff x-dns-prefetch-control off content-encoding gzip server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 349132 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
POST H3-29	200	view googleads4.g.doubleclick.net/pcs/ Frame C1FB	0 23 B	95ms 95ms	Ping image/gif	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstFRm5Jjcvynda0AN5LLHCKOvowQkNRXupxaDb370wvCkstfgv6HP3gsLjM8jiOwil66oHkr6dbz1h85snIm1LDWyTJRpO5UiZ9frG_h8Wp8Xe-cCDmBpuZ5Zdt4BNWkiSZ1LutaUjuQUKJN61sFcdmWa2wrmTtb67F6utPfRzfqihPIM_yjW7dBlnidY9em50ayfOqJGAWRbDbcimseQbeabZr9di6ONa8JfVV15UpCCeHcaWVoQ6pr_6iDiDS1NHuPR9vJ8FcSHoRl51OLMwia63Ir9XKNwgzXr2jOwceEpR4WjexYcjXI9pD_V1KNzxCTAFt85VdXb_AgaaCpA9l3XF0Mnx4Y0MLUFCmvYkf_b5ntVGvXYEl1VRm5d2PKm7YUFqgo8ZiyLO19fO8NFJg0BjyovhQwe4mPWWccx-XWKBI3krza1Z1PJIkx4xqU-zHsrPtl39iVLeW6tpoko48OkDrl6Io3ZhONKZf75bxW-lGyKECM6TNVDf6Q6g8T4P6VET3CEYiAD0NBn7zeHosWCw29JhF7TU3_8IsV9lxqgtcNshn_PSgzeqQ_IjD5uajg3xLskBHNMYbQribpOdxriDjjcEg6kk_C-YXLzpW9xEMiKH-J82L5QzGjiCZlx1S3GWfcLj6rCB-X4gZj31Ll9VPcGSf1uZ6FBZH-1vhYUEBMhJnYl-xdYi0Uj8KhSdhR1OdSmTXP-5vRFiveWscVxJPmihZ3M6Bh3QdQGlP73uIJlva0uzRGZTZy-cisxmcvSzFekazxRf4GLXDdyVS5_dJCYIeoMyTagedzGL2sfgtH7qyF6FMs-l9JhVDevYNlW8NCRx3jVTJQyinV4i-fuKySNu3viW3c8c5JwMUxFvSfjMvsO4HVP9Rr8bbNfXxGTcnrU_NWJgx-zUu0-3sE23eP9cyWRHtA30CWVJzNHETrSEYLUid9XD9t1jQzeqaUcTfDPGo4AcGpGoPzAI4Mb0Bg2zcEua_GQEnFPp29Zu9Y-QhMO4r7xvqqdEesS2_MEu2-x0XWoVK8BAcv1JVjMoYk8YmVICcvyXgCN9yOZX8dm-bdW4LygfoGIHd6KX5JjVLbBzoqmzSVCY0l_dkwSquLVo7qhjp76TQPvc_XWdwYkvQQKv63qwnNewqAK-2KPQOqx2ZuA&sai=AMfl-YRf88tzOwLEoWsZ3xu_dAoCRMbF3xYA_wtr2FlaldngJR9cmc3vFT_dcS-ooQStY-c6jWaCL2H4V_LOOPGS_nK_7pJ7KqeFNObFXzdD79TI_AJR1BTwK1AOgHwNFFhjV2pxyVWSrWu85N4vS7FVucZqXw4O4lVAalP2VO5VIe70q6SQlidiaZe012H6DnqLMpiwNjrfSOWhmKr9eAcqPjWu1uN64v7Bl_pooJBCaVUQnKZWYybxQyK9YEbqQ5XVfcNT_VfuHJAsHz2EhLKJWLfDTBLynVMKwff65aEW7zUigH2y35WFZ5j4V-EWImAyVVx6j_LOrvLBGiAVevhw5bpubt5taGIfS4EnhKP80KdZJgncSJRCXXPd48HhIuCbxdV54fh3&sig=Cg0ArKJSzCcmKp5Nr_fhEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=559&vt=11&dtpt=467&dett=3&cstd=559&cisv=r20210517.80847&adurl= Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * date Mon, 24 May 2021 11:01:35 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H3-29	200	index.html Show response s0.2mdn.net/sadbundle/15183235434496415763/ Frame 2DE3	6 KB 2 KB	7ms 6ms	Document text/html	2a00:1450:4001:801::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/15183235434496415763/index.html Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash eeca11361ccb71b36bd139c494e62f32432676dee573217fde3a25ab555e9f42 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority s0.2mdn.net :scheme https :path /sadbundle/15183235434496415763/index.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-type text/html access-control-allow-origin * content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-doubleclick-media cross-origin-resource-policy cross-origin timing-allow-origin * content-length 1757 date Thu, 20 May 2021 10:02:55 GMT expires Fri, 20 May 2022 10:02:55 GMT last-modified Thu, 20 May 2021 08:10:56 GMT x-content-type-options nosniff x-dns-prefetch-control off content-encoding gzip server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 349120 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	17893905191705556908 s0.2mdn.net/simgad/ Frame E3AF	9 KB 9 KB	7ms 6ms	Image image/png	2a00:1450:4001:801::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/simgad/17893905191705556908 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d269737cf0b0ef26dad7fe8d8d66c38715e751bc9ba7cc376b184963edd0df7e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/sadbundle/15743601408852623360/index.html?e=69&leftOffset=0&topOffset=0&c=e7D9nr5Zoe&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 18 May 2021 09:58:12 GMT x-content-type-options nosniff age 522203 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9637 x-xss-protection 0 last-modified Wed, 08 Apr 2020 09:27:13 GMT server sffe content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 18 May 2022 09:58:12 GMT
GET H3-29	200	11287498311743949427 s0.2mdn.net/simgad/ Frame E3AF	9 KB 9 KB	8ms 7ms	Image image/png	2a00:1450:4001:801::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/simgad/11287498311743949427 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7d632526f0ca2c9d07d82b76547da5c10b46ad3bf4cc48418a92dd99f59f254d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/sadbundle/15743601408852623360/index.html?e=69&leftOffset=0&topOffset=0&c=e7D9nr5Zoe&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 17 May 2021 14:42:45 GMT x-content-type-options nosniff age 591530 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8752 x-xss-protection 0 last-modified Wed, 08 Apr 2020 09:26:51 GMT server sffe content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 17 May 2022 14:42:45 GMT
GET H3-29	200	11259598296026678853 s0.2mdn.net/simgad/ Frame E3AF	75 KB 75 KB	8ms 7ms	Image image/jpeg	2a00:1450:4001:801::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/simgad/11259598296026678853 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a58bc77b33bda4fc44854577dd9b840aec926b80387af5b1bef377cafd5a0ce6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/sadbundle/15743601408852623360/index.html?e=69&leftOffset=0&topOffset=0&c=e7D9nr5Zoe&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 18 May 2021 10:05:51 GMT x-content-type-options nosniff age 521744 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 76688 x-xss-protection 0 last-modified Wed, 08 Apr 2020 08:42:50 GMT server sffe content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 18 May 2022 10:05:51 GMT
GET H3-29	200	hp_styles.css s0.2mdn.net/sadbundle/6850067813765477778/ Frame C2B9	2 KB 759 B	9ms 8ms	Stylesheet text/css	2a00:1450:4001:801::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/6850067813765477778/hp_styles.css Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/6850067813765477778/index.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 18255b774b4999acd66ce68140a485ef5fe49854f14b626f2c8013b5cf3ced7d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/sadbundle/6850067813765477778/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 May 2021 10:02:43 GMT content-encoding gzip x-content-type-options nosniff age 349132 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 732 x-xss-protection 0 last-modified Thu, 20 May 2021 08:10:40 GMT server sffe vary Accept-Encoding content-type text/css access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 20 May 2022 10:02:43 GMT
GET H3-29	200	tweenmax_2.1.2_min.js Show response s0.2mdn.net/ads/studio/cached_libs/ Frame C2B9	113 KB 39 KB	16ms 16ms	Script text/javascript	2a00:1450:4001:801::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.1.2_min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/6850067813765477778/index.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a863a77e9ee263a0ec9c1e792bb33ed0f663582b7369f472261df7b6040990c4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/sadbundle/6850067813765477778/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 24 May 2021 11:01:35 GMT content-encoding gzip x-content-type-options nosniff age 0 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 39910 x-xss-protection 0 last-modified Mon, 11 Mar 2019 14:29:26 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=0 accept-ranges bytes timing-allow-origin * expires Mon, 24 May 2021 11:01:35 GMT
GET H3-29	200	hp_main.js Show response s0.2mdn.net/sadbundle/6850067813765477778/ Frame C2B9	3 KB 815 B	10ms 9ms	Script application/x-javascript	2a00:1450:4001:801::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/6850067813765477778/hp_main.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/6850067813765477778/index.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 74ae031317e53bf393bf471edb200ba9c79c333dc85fa37304bec3a1a5bf6c7f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/sadbundle/6850067813765477778/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 May 2021 10:02:43 GMT content-encoding gzip x-content-type-options nosniff age 349132 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 788 x-xss-protection 0 last-modified Thu, 20 May 2021 08:10:40 GMT server sffe vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 20 May 2022 10:02:43 GMT
GET H3-29	200	hp_styles.css s0.2mdn.net/sadbundle/15183235434496415763/ Frame 2DE3	2 KB 762 B	9ms 8ms	Stylesheet text/css	2a00:1450:4001:801::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/15183235434496415763/hp_styles.css Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/15183235434496415763/index.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ebc0afe5540091b1c267fbd47aef48c658ceecbe0043587de55d737885eb1428 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/sadbundle/15183235434496415763/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 May 2021 10:02:55 GMT content-encoding gzip x-content-type-options nosniff age 349120 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 735 x-xss-protection 0 last-modified Thu, 20 May 2021 08:10:56 GMT server sffe vary Accept-Encoding content-type text/css access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 20 May 2022 10:02:55 GMT
GET H3-29	200	tweenmax_2.1.2_min.js Show response s0.2mdn.net/ads/studio/cached_libs/ Frame 2DE3	113 KB 39 KB	17ms 17ms	Script text/javascript	2a00:1450:4001:801::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.1.2_min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/15183235434496415763/index.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a863a77e9ee263a0ec9c1e792bb33ed0f663582b7369f472261df7b6040990c4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/sadbundle/15183235434496415763/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 24 May 2021 11:01:35 GMT content-encoding gzip x-content-type-options nosniff age 0 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 39910 x-xss-protection 0 last-modified Mon, 11 Mar 2019 14:29:26 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=0 accept-ranges bytes timing-allow-origin * expires Mon, 24 May 2021 11:01:35 GMT
GET H3-29	200	hp_main.js Show response s0.2mdn.net/sadbundle/15183235434496415763/ Frame 2DE3	3 KB 914 B	9ms 8ms	Script application/x-javascript	2a00:1450:4001:801::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/15183235434496415763/hp_main.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/15183235434496415763/index.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2832872b64699e12743fc8b57de8265e052df9d31391b5f8a3f08bcd8d548a9d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/sadbundle/15183235434496415763/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 May 2021 10:02:55 GMT content-encoding gzip x-content-type-options nosniff age 349120 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 887 x-xss-protection 0 last-modified Thu, 20 May 2021 08:10:56 GMT server sffe vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 20 May 2022 10:02:55 GMT
GET H3-29	200	11259598296026678853 s0.2mdn.net/simgad/ Frame E3AF	75 KB 75 KB	6ms 6ms	Image image/jpeg	2a00:1450:4001:801::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/simgad/11259598296026678853 Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/15743601408852623360/index.html?e=69&leftOffset=0&topOffset=0&c=e7D9nr5Zoe&t=1&renderingType=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a58bc77b33bda4fc44854577dd9b840aec926b80387af5b1bef377cafd5a0ce6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/sadbundle/15743601408852623360/index.html?e=69&leftOffset=0&topOffset=0&c=e7D9nr5Zoe&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 18 May 2021 10:05:51 GMT x-content-type-options nosniff age 521744 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 76688 x-xss-protection 0 last-modified Wed, 08 Apr 2020 08:42:50 GMT server sffe content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 18 May 2022 10:05:51 GMT
GET DATA	200 OK	truncated / Frame E3AF	43 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/gif
GET H3-29	200	Img01_1.jpg s0.2mdn.net/sadbundle/6850067813765477778/ Frame C2B9	13 KB 13 KB	8ms 7ms	Image image/jpeg	2a00:1450:4001:801::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/6850067813765477778/Img01_1.jpg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/6850067813765477778/hp_styles.css Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9984a0341e1ba4625eff9e91bd4092fbf67bb0bb9202b2c413375eeecdc9a0b3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/sadbundle/6850067813765477778/hp_styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 May 2021 10:02:43 GMT x-content-type-options nosniff age 349132 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13155 x-xss-protection 0 last-modified Thu, 20 May 2021 08:10:40 GMT server sffe content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 20 May 2022 10:02:43 GMT
GET H3-29	200	Img01_2.jpg s0.2mdn.net/sadbundle/6850067813765477778/ Frame C2B9	16 KB 16 KB	11ms 10ms	Image image/jpeg	2a00:1450:4001:801::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/6850067813765477778/Img01_2.jpg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/6850067813765477778/hp_styles.css Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0d62893bd58aec627670aa52e90eeb8b1650787d80ec813fd669450a590091a1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/sadbundle/6850067813765477778/hp_styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 May 2021 10:02:43 GMT x-content-type-options nosniff age 349132 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15923 x-xss-protection 0 last-modified Thu, 20 May 2021 08:10:40 GMT server sffe content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 20 May 2022 10:02:43 GMT
GET H3-29	200	txt02.png s0.2mdn.net/sadbundle/6850067813765477778/ Frame C2B9	3 KB 3 KB	10ms 9ms	Image image/png	2a00:1450:4001:801::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/6850067813765477778/txt02.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/6850067813765477778/hp_styles.css Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ca6ee53a1f9af113fa1f0850c54c0582fcd1e67c309ff3c0c62b3f2eeadd0cc3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/sadbundle/6850067813765477778/hp_styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 May 2021 10:02:43 GMT x-content-type-options nosniff age 349132 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2594 x-xss-protection 0 last-modified Thu, 20 May 2021 08:10:40 GMT server sffe content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 20 May 2022 10:02:43 GMT
GET H3-29	200	badge.png s0.2mdn.net/sadbundle/6850067813765477778/ Frame C2B9	3 KB 3 KB	10ms 9ms	Image image/png	2a00:1450:4001:801::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/6850067813765477778/badge.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/6850067813765477778/hp_styles.css Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f482cecad0c4159b201122a69e87083987387cad3f78852f33e1ed85f67e667a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/sadbundle/6850067813765477778/hp_styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 May 2021 10:02:43 GMT x-content-type-options nosniff age 349132 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3201 x-xss-protection 0 last-modified Thu, 20 May 2021 08:10:40 GMT server sffe content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 20 May 2022 10:02:43 GMT
GET H3-29	200	cta.png s0.2mdn.net/sadbundle/6850067813765477778/ Frame C2B9	1 KB 1 KB	9ms 8ms	Image image/png	2a00:1450:4001:801::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/6850067813765477778/cta.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/6850067813765477778/hp_styles.css Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7f148b98b26ea2a715a60fe26a5a04c6a8aa0e4bab43bc160538d6b7ab98622f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/sadbundle/6850067813765477778/hp_styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 May 2021 10:02:43 GMT x-content-type-options nosniff age 349132 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1069 x-xss-protection 0 last-modified Thu, 20 May 2021 08:10:40 GMT server sffe content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 20 May 2022 10:02:43 GMT
GET H3-29	200	logo.png s0.2mdn.net/sadbundle/6850067813765477778/ Frame C2B9	9 KB 9 KB	8ms 8ms	Image image/png	2a00:1450:4001:801::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/6850067813765477778/logo.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/6850067813765477778/hp_styles.css Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 68ac1fbaaada9cb32ca1b7a863dfb13be98be092908264be65b9896500484770 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/sadbundle/6850067813765477778/hp_styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 May 2021 10:02:43 GMT x-content-type-options nosniff age 349132 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8769 x-xss-protection 0 last-modified Thu, 20 May 2021 08:10:40 GMT server sffe content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 20 May 2022 10:02:43 GMT
GET H3-29	200	Img01_1.jpg s0.2mdn.net/sadbundle/15183235434496415763/ Frame 2DE3	54 KB 54 KB	11ms 10ms	Image image/jpeg	2a00:1450:4001:801::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/15183235434496415763/Img01_1.jpg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/15183235434496415763/hp_styles.css Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9f870c18ac6962b108073db77fd2d4fdfbd1534571ba880f313ca73ecb81fcc2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/sadbundle/15183235434496415763/hp_styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 May 2021 10:02:56 GMT x-content-type-options nosniff age 349119 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 54998 x-xss-protection 0 last-modified Thu, 20 May 2021 08:10:56 GMT server sffe content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 20 May 2022 10:02:56 GMT
GET H3-29	200	Img01_2.jpg s0.2mdn.net/sadbundle/15183235434496415763/ Frame 2DE3	25 KB 25 KB	10ms 9ms	Image image/jpeg	2a00:1450:4001:801::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/15183235434496415763/Img01_2.jpg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/15183235434496415763/hp_styles.css Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 838b223d12fd6e5ed2fdd1f3d7a10ba9957017c52e6d54c4af2fb69b3056ec9f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/sadbundle/15183235434496415763/hp_styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 May 2021 10:02:56 GMT x-content-type-options nosniff age 349119 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 25868 x-xss-protection 0 last-modified Thu, 20 May 2021 08:10:56 GMT server sffe content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 20 May 2022 10:02:56 GMT
GET H3-29	200	badge.png s0.2mdn.net/sadbundle/15183235434496415763/ Frame 2DE3	4 KB 4 KB	11ms 10ms	Image image/png	2a00:1450:4001:801::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/15183235434496415763/badge.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/15183235434496415763/hp_styles.css Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7e6ea4b517aae781d7883729d730ba5be2e921fd1dad28bcb4f63095dfd1ee3c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/sadbundle/15183235434496415763/hp_styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 May 2021 10:02:56 GMT x-content-type-options nosniff age 349119 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4387 x-xss-protection 0 last-modified Thu, 20 May 2021 08:10:56 GMT server sffe content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 20 May 2022 10:02:56 GMT
GET H3-29	200	txt02.png s0.2mdn.net/sadbundle/15183235434496415763/ Frame 2DE3	2 KB 2 KB	10ms 9ms	Image image/png	2a00:1450:4001:801::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/15183235434496415763/txt02.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/15183235434496415763/hp_styles.css Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 97f701beb443b7383b89b626f8a4043b3df05ff429fd41d33a571dbce29520b5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/sadbundle/15183235434496415763/hp_styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 May 2021 10:02:56 GMT x-content-type-options nosniff age 349119 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2216 x-xss-protection 0 last-modified Thu, 20 May 2021 08:10:56 GMT server sffe content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 20 May 2022 10:02:56 GMT
GET H3-29	200	cta.png s0.2mdn.net/sadbundle/15183235434496415763/ Frame 2DE3	912 B 942 B	9ms 8ms	Image image/png	2a00:1450:4001:801::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/15183235434496415763/cta.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/15183235434496415763/hp_styles.css Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 78a25322d1655d1f3509b8d0b1e432382035ad053f3ebf84ccffccfde029e1ce Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/sadbundle/15183235434496415763/hp_styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 May 2021 10:02:56 GMT x-content-type-options nosniff age 349119 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 912 x-xss-protection 0 last-modified Thu, 20 May 2021 08:10:56 GMT server sffe content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 20 May 2022 10:02:56 GMT
GET H3-29	200	logo.png s0.2mdn.net/sadbundle/15183235434496415763/ Frame 2DE3	3 KB 3 KB	11ms 11ms	Image image/png	2a00:1450:4001:801::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/15183235434496415763/logo.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/15183235434496415763/hp_styles.css Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0dd8a3889af40ff69924d787b5ba1e38953225c9b0c6e896e5906ee72239ffd3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/sadbundle/15183235434496415763/hp_styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 May 2021 10:02:56 GMT x-content-type-options nosniff age 349119 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3199 x-xss-protection 0 last-modified Thu, 20 May 2021 08:10:56 GMT server sffe content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 20 May 2022 10:02:56 GMT
GET H3-29	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame AB78	0 20 B	89ms 89ms	Image image/gif	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BC0o9joerYLOfGdSpx_AP9LCqiAgAAAAAOAHgBAI&bg=!AwClAETNAAZ7hX_Ue4U7ACkAdvg8WmygH8ENVoDyuXq95qNluhMlQEVWjGC4hjmaANcYpNPuawCj7AIAAAFvUgAAADtoAQcKAEUjRf0XjNK6exIZ9CJsaq5tWK7uw2WTkHGGN-eo20bEDyLzSdbKH267-kDEhJHMjPEkIXOFPqbvgUO7ZPg-eQ0dnvrRosqZAo_8_c1G6a59PKVXEWVRRAs9kNdztvR6AZfaKQilpTdd4UamANu47TLUieg1v3cn_C9fwZv9X-R4LG3jonS0CSbkTw4kIgCuwV5KrurA5XaRghw3a0PMENgWUE7_BcQi-sbWccUVEQwNoXlwzL4ouQHmx8qt9-nL87qehokaZ9pyNKmRBog_F_djsxd6asdrR2aeItvfZsDWbmMlxeARC4cXTUBstCBl5qOYIsSr_H1dHrUjebZr0GmPCdGsI5tdefsQDDQYWOgsNn6Tvs-yz4fw4AYy-8ioy3bRK3PEOhcpbLJ1Pg-XBWyR5_j-fM3nXkH4XGAdyls_1h23J7cp2bLEPZzLHbX3mspILhpt6J7WhhgMvE97ohBZ59xdyMsKPgHdzotnz2HmdJ9D4QMWL6_rV3EAUqa3BMTNhkNWqUc2GMheNUZVwUt7BSLRv-k1x1NN1nTO_YhWOZEN-ZmMy6oZFO_3pn88nXxP8DUuG4cXZd6zXYesL5UdzX_tXqtKJHRrN3Q9YkrrhqsxwJNpejkbJp7LGAncaaVFHI4g-kBN1PtHO-T4qJo7rHqpOuvVbog-Ww1PBv2SghBckS8BPn8smpcjCAXZYwrG9TPJvDzNZMoZFayE4DRIjZOTmvAIon3PnxHIvPdzb0Gjso7HP4KM0-tAveKGFX8mTWmG49dupALD8aDxE0olLgKy8ifZtD4cpiHgRvk4nqRmUVdryeVPuOv_dmdqcyraI8WYo6Kx0zHNMF9xrFWcXtfxZlEURax3pgXJ5Ogm0oRUVrdUFHiDRzDuE5yu4lv5YYMB1bSDsdhJsZnUnDnL9rxE1gqz9SG60qudbZJ73fSYCkKi_l1TbxxZqbKsmgVF5xkepwms Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 24 May 2021 11:01:36 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	97ms 97ms	Image image/gif	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021051901&jk=2356426311948798&bg=!LyylLGjNAAZ7hX_Ue4U7ACkAdvg8WvRA9wCEabMkk5NSkl8-WvdcJBwmu1u-dhHRIGLqKXUd3HQGlAIAAAF5UgAAADpoAQeZAkAjXa2pK7wC4_NN8ZuoHulAd-WSsqPjycbI14921ip6ywS7dKjQdkGUPcTs38RAC1Q0sez2KpzBG9EemZ8SSZZl9ArZsg-3rtp3quKTbgNqSdJXkJ1viMQqipSdSQJfVuCYH_lEzXHAFrarouggadGkl0mG42GaooJD5wd-AFUmA0IoyJPWKnfGPVbjtF0DXjTO_VoDE1qL5UTPtJhFx1d408teeRnJCQ13iniR-uU-aT3hRrpMbwsSf8dttKsaQN8MSsALiuglelzsDsYL_4PifjPZSk2Lb1WRLkyi0iNG5fS3jxeFvZIxM6JfJoR6Osze5UoIF6anMKwy7lIOyqyh4ASEw163pVQ8SjXCAX8fyD4sFGZfUzv9VQUiM2uv6wswS1b6npr2FB-UDD6Uodna1d4RXeM0L-i9VJORS5zPh8RnEvqQmApW7BT131iA0GB491yrOsiqUyklinN_lIFUhNc_iXYjFIsXwjeHbxJvl6CuFhGfjGN8hIi9FsyPJCF4712Pr2ek1x0BC34ZiTzJnEiWbhRz0rfv1bIsPZvLJZsc17BseGslT5KgxIkHa8sMVsuNCUaalQGlMGocvKvdmzBTfr-jathXdQ1H9rY4U94dKdh4eXzsUENxSGnibwdOD-TIVqqu1XaR9_vQbuSutmfFcfi_gTQB1mQ42PREeUV7h2XchGgmYDjx1qW-otS3jR1ojnCRN8MMoX7uPImH3Nignji8KtbD-0JeSeK607w2GY2nOTNTg4lLKoDQky8 Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 24 May 2021 11:01:36 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 0185	0 20 B	95ms 95ms	Image image/gif	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BaF99joerYLWfGdSpx_AP9LCqiAgAAAAAOAHgBAI&bg=!1Nel15PNAAZ7hX_Ue4U7ACkAdvg8WoHNh9odpKlh041bfJbpAXC4Rsa6w5s3-vaaLoahLoGKOGiMpQIAAAF7UgAAAC1oAQcKABgxCpEIljsGbtjz8wc8-99lAmlhcmEcg7qZAogUkCCGT3fZUNjYsD235Td7d_BUL__Aygh2Ijf7YeLTtaSdEnyVhjT9BcJZiwGCmuTdcqpYVLx1jg4or6BQn54lMUYG5wHCY2my6N_JDlEujGK2JIlj_lvSgB3_u__1bru8PrvYyqaueNmtZg5ftYkkZhwOsHODKFEX89hyptjowFuDnpEyjsDHnC2ExmpJgr1mIZqTZgjjd8757y8yiUKu-GZlYRJ9bXrA1ztCNywZl01er2Ws2IFwRKLid5BNAxVRQafMMMqvVcTSyyMFswee6xp1zRrjUfMlz2mg_gYJx8oQ5xTTHD9OWUbil71b59Y3joICtI_XCvwYrnYbQrMJen9tjzl7v7Tp5sVWIeEAEnX8hWBuQKKQbId4XLdKT2kDgQfkzW29l33tzKl1cJzFW_1KmOzNi6qdeip0W91gj4k7KyF7igRuF8dCvHdXzZGBe0SNwx_alN8MferJaTlD2J9DvFgJGjJPqbguTxJOEhiYlWTGsEgbl9jN3mIWsmfzorHb6rr5Iu9mFblULV8G2LBK9ClPiYTZtcx92hG2-9t8wS1AOprjpCBjRT34jDEdiBlDO0Pm2Ey6b79JO2DZEYOppFAIWx-9CdnsMZ4slUwRMEncFWNcQ-7L_dtpv7yLrDKUTD8f0nOhYjqNbLHo4eYdLUgM8EFr7DJGL8l86N7AWqND17PnhV3FKzwkudk8yWcKdsNGhRVF_p1P32bdzRMaoa3kVw7c8SBBQ6VtsRN9EK3UNpoIMD5injPhLl0eEqZJP_4NsMbZZjuXdUuwhl0l9yGl566kYxjvcS30e8LOcNA2JGjlCBtKV_KsR2ulwvPkFH1xb3noqjhHmWIRhUMN2eY6vdg Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 24 May 2021 11:01:36 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 8D95	0 20 B	90ms 89ms	Image image/gif	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BXYYoj4erYOD3Bs_V3wPClbKwAgAAAAA4AeAEAg&bg=!2Nul25_NAAZ7hX_Ue4U7ACkAdvg8Ws4Boir_V09kfDRRwXwE9u1wyN4btcQ4igMZseqCS0V8crZI_QIAAAFwUgAAAA1oAQeZAoZ-fehJn4WltVazrYQ2GdVm-i1jAXCP-Ncp_57YVQYvz3Hyebrn9VoQZrq2NIB2xu8rfBVBETxdDct9_ZQKJTA49tTEEfO2dO64A_laYQ33rwfmxe3o4Ob9RMSDPF4Zf_rgy8k1uuATRwfhvbbdQiJGInweWlwRvwfTntNbSeH5FcffV79aJgvw7sqE-CxxvrsnSQhHwl4iZJOArfy77ip7MoPW5ENuSbCNwYkFjox1LrbPGBvTTS4A5gbxrTV1PcjtSfH0D6BDsXxxVNfkOo7u7NercDQFcNHoqR5LomGwWXFE-xYIFi-ABSO_BqmUKCY7MDbIJ3YM0uVxqpROPTzRPTa3ePWQYES8FWCcmou6touNzHjQrUPNTb-8MhsjMVNb32YEjseuToPuU-YATj0UtZE7QUcR-hJSMpf2d0N_V3tg5e_AqxEvKWZPluf2gEgM7AAiD6hh0p7TJ30D7BMB6xAw7kGzs1eGsSre2wwzeEZi3TYWkLqqK4KH67MxGdaIIsHK1Sf0bGnnUXR6HGlz9Lgkdvv4tEFr05K05EtLPExCuEN0FOoeertoGKBmPuqfT8sjfepZJC0IsfkMqE6PkRipVr3sRrBrTcAB0fYDqTvHqn-isPjfK1ecR7_hAIfEllFzsYPrQAWYXZ4BI2CoSuEUUeeUMg--jqeX7sigYs7FIIIcCTVZPLcQweghlyuYLS5P7gHo-24hphdq1ul2Zw7Z7HAoUcaEs9t5uqqpQbT8Mg9TWRpUrdxgHNyojo8LID6tVgmOHZXF9mQBuPoXq_RWf1ax9lnFBg2P4VUvZmDACB5lIvOr9D43xTgD7OqFheX3GJR9PWpo4oN2r1xZFtJ_Dedy Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 24 May 2021 11:01:36 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 1ABC	42 B 64 B	31ms 17ms	Fetch image/gif	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst6Stu8jSxKp85LmNT5BV6WbHOsqW9pvdu9n5tJ9jgPK7BqUp7ClVj1JcO1gVzAobkD6ThgsVkq6gs7htEDFWLO99oljAjLfDyIqn0dKfwq_sAmhuzUoZe79pXZ7A&sai=AMfl-YSpMYMqSlyjU8OdUJOCaZqJmv74T6_Opuq1ti1Zf0hfBDsS7JGW5VWZGXI34q_ECnlxu3lSbrWwc3b9D1w5WJUzmA6RpXF4GbR34HIwerpdHqiaASNTtNeAY6TO9iWl&sig=Cg0ArKJSzFH7a6jPnssTEAE&cid=CAASPeRovrPQ3L7e4y5_m3k-IhvXWboFs1hIi2yPYq3VdVldpQ63OxzJTKMvwLneZb8-a91F-jqWyOTgZGZful8&id=lidar2&mcvt=1001&p=37,562,127,1290&mtos=644,1001,1001,1001,1001&tos=644,357,0,0,0&v=20210521&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=192288229&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1621854095046&dlt=16&rpt=243&isd=0&msd=0&r=v&fum=1 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 24 May 2021 11:01:36 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame C1FB	42 B 64 B	57ms 45ms	Fetch image/gif	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst6r3lrANt9Jb8bTgYLBzSX6JfJFDadTVP4dvLdpMgrIDZxras3mbHc9hHEBNFErFtlrI04w8Cvi88Pg3N6PYYXiJw2R1gTs9rx23NrlnDIpJ6TRf_Sv8HOWGTDjA&sai=AMfl-YS7nsrY8_-CBQ91sLktTGdzcN9PV6zqdHYYoWTUhKJbYlee35qCrhfcNUT6ZjfhyCUOhcu7dOWNivcmf36tW1oyk_MGvtaIZn-63q7lXJE8n6U54CgK_r_AB60qbYRv&sig=Cg0ArKJSzK1dtbrgxw_KEAE&cid=CAASPeRoBKixutP8jTyG90vLoIpy3wpqJAGH0b-owENfpays0XBaAGBJwaLy5gIF3-cegROgcwC_Dp5gc4c1ZA4&id=lidar2&mcvt=1003&p=811,310,1415,470&mtos=0,0,1003,1003,1003&tos=0,0,1003,0,0&v=20210521&bin=7&avms=nio&bs=0,0&mc=0.64&if=1&app=0&itpl=20&adk=210898386&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1621854095044&dlt=14&rpt=240&isd=0&msd=0&r=v&fum=1 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 24 May 2021 11:01:36 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 754E	42 B 64 B	17ms 16ms	Fetch image/gif	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssWzK-PEUkZkPAc6SYIe9J4F5AAPMR9W860nRn4f1CVCL_MTWojeJHsZKTM_UTfBoij0SMUXGYLVxtCpj768Z_hcmrksFoMAGGA9RUSb-siiLNr6ttiYHDPDu01TA&sai=AMfl-YT4oGaeZTe0Aq8JvflkUBqP43WIYB7jSejlCw4g9qQ_7OTKvQutHc3m9d6AVC0KxdppldzpD8G0vR4kcS4QQx1LwUnwsu_88SKTWV0nKwC0alQMLCHyAzhXMjWQGllL&sig=Cg0ArKJSzOg-dakcC1xaEAE&cid=CAASPeRoCosFFhcuezdu8b8HoW2vMFPnGj_4xjh9I5MeUxrEgpXavlKCNq-5mZ_eyLd71aY7anVhq-IQFLPMP30&id=lidar2&mcvt=1000&p=283,990,883,1290&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210521&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3271815912&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1621854095046&dlt=21&rpt=320&isd=0&msd=0&r=v&fum=1 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 24 May 2021 11:01:36 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	dc_oe=ChMIoPvdqZXi8AIVz-p3Ch3CigwmEAAYACCElLo-QhMItJ6zqZXi8AIV1NQRCB10mAqB;met=1;&timestamp=1621854105553;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10; ade.googlesyndication.com/ddm/activity/ Frame 754E	42 B 498 B	137ms 65ms	Image image/gif	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIoPvdqZXi8AIVz-p3Ch3CigwmEAAYACCElLo-QhMItJ6zqZXi8AIV1NQRCB10mAqB;met=1;&timestamp=1621854105553;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10; Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 24 May 2021 11:01:45 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	dc_oe=ChMItZ6zqZXi8AIV1NQRCB10mAqBEAEYACCbxZNI;met=1;&timestamp=1621854105638;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10; ade.googlesyndication.com/ddm/activity/ Frame 1ABC	42 B 107 B	64ms 64ms	Image image/gif	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMItZ6zqZXi8AIV1NQRCB10mAqBEAEYACCbxZNI;met=1;&timestamp=1621854105638;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10; Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 24 May 2021 11:01:45 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	dc_oe=ChMIs56zqZXi8AIV1NQRCB10mAqBEAEYACCexZNI;met=1;&timestamp=1621854105643;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10; ade.googlesyndication.com/ddm/activity/ Frame C1FB	42 B 107 B	65ms 65ms	Image image/gif	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIs56zqZXi8AIV1NQRCB10mAqBEAEYACCexZNI;met=1;&timestamp=1621854105643;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10; Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://c48a9eeca9a12a8b25deca831ee31506.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 24 May 2021 11:01:45 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

vendorlist.consensu.org

URL

https://vendorlist.consensu.org/purposes-bg.json

Domain

vendorlist.consensu.org

URL

https://vendorlist.consensu.org/vendorlist.json