urlscan.io logo urlscan.io
SecurityTrails logo

zdorovia.com.ua Open in urlscan Pro
91.210.190.92  Public Scan

Go To Rescan Add Verdict Report
URL: http://zdorovia.com.ua/
Submission: On August 12 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 97 IPs in 18 countries across 96 domains to perform 689 HTTP transactions. The main IP is 91.210.190.92, located in Ukraine and belongs to AS-EKVIA, UA. The main domain is zdorovia.com.ua.
This is the only time zdorovia.com.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
56 91.210.190.92 48440 (AS-EKVIA)
2 2a00:1450:400... 15169 (GOOGLE)
16 2a03:90c0:41:... 199524 (GCORE)
1 104.18.3.81 13335 (CLOUDFLAR...)
2 4 88.212.202.52 39134 (UNITEDNET)
2 2a00:1450:400... 15169 (GOOGLE)
6 28 51.83.220.94 16276 (OVH)
1 3 2a00:1450:400... 15169 (GOOGLE)
1 104.18.2.81 13335 (CLOUDFLAR...)
4 2a03:2880:f12... 32934 (FACEBOOK)
1 1 193.239.68.97 39468 (BIGMIR-IN...)
1 193.239.71.100 39468 (BIGMIR-IN...)
18 2a03:2880:f02... 32934 (FACEBOOK)
2 19 146.0.227.109 20773 (GODADDY)
18 146.0.227.107 20773 (GODADDY)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 10 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 185.64.190.79 62713 (AS-PUBMATIC)
1 3 185.184.8.90 204995 (RTB-HOUSE...)
11 16 185.89.210.122 29990 (ASN-APPNEX)
1 2 37.157.4.23 198622 (ADFORM)
3 2a02:2638::3 44788 (ASN-CRITE...)
2 6 5.178.65.246 50673 (SERVERIUS-AS)
10 51.89.9.254 16276 (OVH)
4 2a0c:5c81:513... 55081 (24SHELLS)
2 193.200.65.6 6681 (GIVEME-CLOUD)
4 2a0c:5c81:509... 55081 (24SHELLS)
2 8.2.110.206 46636 (NATCOWEB)
3 4 3.126.56.137 16509 (AMAZON-02)
7 8 18.193.145.56 16509 (AMAZON-02)
4 4 188.42.191.196 7979 (SERVERS-COM)
1 3 194.247.175.19 196831 (BEMOBILE-AS)
4 8.2.108.194 46636 (NATCOWEB)
1 83.222.114.186 42632 (MNOGOBYTE...)
2 82.145.213.8 39832 (NO-OPERA)
3 3 199.115.119.227 30633 (LEASEWEB-...)
2 2 35.210.53.219 15169 (GOOGLE)
1 1 49.12.13.182 24940 (HETZNER-AS)
6 8 104.18.19.126 13335 (CLOUDFLAR...)
4 72.251.249.14 32475 (SINGLEHOP...)
1 183.110.238.136 4766 (KIXS-AS-K...)
1 2 144.76.119.17 24940 (HETZNER-AS)
74 2a00:1450:400... 15169 (GOOGLE)
2 67.202.105.31 32748 (STEADFAST)
3 3 2606:4700::68... 13335 (CLOUDFLAR...)
4 25 62.149.0.72 15497 (COLOCALL ...)
4 23.35.236.201 16625 (AKAMAI-AS)
3 3 213.19.147.45 3356 (LEVEL3)
6 3.33.220.150 16509 (AMAZON-02)
3 6 35.186.253.211 15169 (GOOGLE)
6 2a02:6ea0:c70... 60068 (CDN77 ^_^)
3 3 18.185.190.16 16509 (AMAZON-02)
9 25 34.200.207.25 14618 (AMAZON-AES)
14 46.249.52.249 50673 (SERVERIUS-AS)
4 4 23.22.215.174 14618 (AMAZON-AES)
6 6 23.75.240.210 16625 (AKAMAI-AS)
12 23.205.235.133 16625 (AKAMAI-AS)
3 19 104.18.18.126 13335 (CLOUDFLAR...)
4 205.234.175.175 30081 (CACHENETW...)
37 2606:4700:10:... 13335 (CLOUDFLAR...)
5 77.123.132.26 35680 (VOLIA)
8 178.250.0.165 44788 (ASN-CRITE...)
1 2 37.157.4.28 198622 (ADFORM)
5 185.64.190.78 62713 (AS-PUBMATIC)
15 38 142.250.184.226 15169 (GOOGLE)
4 6 35.227.248.159 15169 (GOOGLE)
4 6 37.157.6.246 198622 (ADFORM)
2 2a04:4e42:200... 54113 (FASTLY)
2 2600:1f18:659... 14618 (AMAZON-AES)
4 4 2a05:d018:24:... 16509 (AMAZON-02)
4 4 34.247.103.17 16509 (AMAZON-02)
2 54.78.254.47 16509 (AMAZON-02)
2 2 151.1.205.165 3242 (ASN-ITNET)
2 2 85.114.159.118 24961 (MYLOC-AS ...)
4 4 34.111.131.239 15169 (GOOGLE)
2 185.15.245.83 24961 (MYLOC-AS ...)
4 8 52.208.103.128 16509 (AMAZON-02)
2 2 212.82.100.182 34010 (YAHOO-IRD)
2 2 52.17.63.11 16509 (AMAZON-02)
4 34.252.199.249 16509 (AMAZON-02)
2 168.119.79.223 24940 (HETZNER-AS)
3 5 151.101.130.49 54113 (FASTLY)
2 2 92.123.37.164 16625 (AKAMAI-AS)
2 2 3.229.243.180 14618 (AMAZON-AES)
2 4 52.95.125.22 16509 (AMAZON-02)
2 4 23.7.201.234 16625 (AKAMAI-AS)
4 4 54.155.95.209 16509 (AMAZON-02)
2 4 52.46.143.56 16509 (AMAZON-02)
1 1 50.31.142.255 22075 (AS-OUTBRAIN)
1 1 193.0.160.128 54312 (ROCKETFUEL)
1 141.226.228.48 200478 (TABOOLA-AS)
2 2 103.229.206.241 30419 (MEDIAMATH...)
2 185.89.210.82 29990 (ASN-APPNEX)
1 169.197.150.7 398989 (DEEPINTENT)
1 1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
6 69.173.144.138 26667 (RUBICONPR...)
8 5.178.65.253 50673 (SERVERIUS-AS)
19 2a00:1450:400... 15169 (GOOGLE)
8 13.225.78.47 16509 (AMAZON-02)
4 51.158.28.82 12876 (Online SAS)
3 5 69.173.144.139 26667 (RUBICONPR...)
1 2a05:d018:d29... 16509 (AMAZON-02)
1 1 2001:678:cb4:... 56396 (AMOBEE)
2 52.209.232.242 16509 (AMAZON-02)
4 4 162.19.80.92 16276 (OVH)
1 66.155.71.150 13768 (COGECO-PEER1)
3 142.250.186.162 15169 (GOOGLE)
4 4 2620:116:800d... 16509 (AMAZON-02)
1 2 169.50.137.184 36351 (SOFTLAYER)
1 34.95.81.168 15169 (GOOGLE)
1 44.196.141.245 14618 (AMAZON-AES)
35 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 34.98.64.218 15169 (GOOGLE)
2 23.47.209.72 16625 (AKAMAI-AS)
37 2a00:1450:400... 15169 (GOOGLE)
3 4 185.94.180.126 35220 (SPOTX-AMS)
4 8 3.125.70.222 16509 (AMAZON-02)
8 142.250.184.194 15169 (GOOGLE)
2 4 3.65.159.25 16509 (AMAZON-02)
2 2 18.195.201.66 16509 (AMAZON-02)
1 1 52.211.246.129 16509 (AMAZON-02)
2 35.244.174.68 15169 (GOOGLE)
1 2 2a05:d01c:1d8... 16509 (AMAZON-02)
1 172.217.18.98 ()
689 97
56    91.210.190.92 (Ukraine)

ASN48440 (AS-EKVIA, UA)
PTR: internetmedia.ua
zdorovia.com.ua
nashamama.com
2    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
16    2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)
scripts.go2net.com.ua
cdn.admixer.net
1    104.18.3.81 (None, )

ASN13335 (CLOUDFLARENET, US)
i.i.ua
4    88.212.202.52 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: host152.rax.ru
counter.yadro.ru
2    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
28    51.83.220.94 (France)

ASN16276 (OVH, FR)
PTR: app-ngx-pl-03.adpartner.pro
a4p.adpartner.pro
3    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    104.18.2.81 (None, )

ASN13335 (CLOUDFLARENET, US)
r.i.ua
4    2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    193.239.68.97 (Ukraine)

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: c.bigmir.net
c.bigmir.net
1    193.239.71.100 (Ukraine)

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: rs.img.com.ua
i.bigmir.net
18    2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
static.xx.fbcdn.net
scontent.xx.fbcdn.net
19    146.0.227.109 (Ascension Island)

ASN20773 (GODADDY, DE)
inv-nets.admixer.net
18    146.0.227.107 (Ascension Island)

ASN20773 (GODADDY, DE)
ads.go2net.com.ua
1    2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
10    2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
4    185.64.190.79 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
3    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
16    185.89.210.122 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
2    37.157.4.23 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
3    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
6    5.178.65.246 (Hilversum, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net
ads.us.e-planning.net
10    51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu
onetag-sys.com
4    2a0c:5c81:5139::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)
s.adtelligent.com
2    193.200.65.6 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: adforce.team
m.trafmag.com
4    2a0c:5c81:5095:0:225:90ff:fefa:245d (London, United Kingdom)

ASN55081 (24SHELLS, US)
s.console.adtarget.com.tr
2    8.2.110.206 (United States)

ASN46636 (NATCOWEB, US)
cs.mobfox.com
4    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
8    18.193.145.56 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-145-56.eu-central-1.compute.amazonaws.com
x.bidswitch.net
4    188.42.191.196 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
3    194.247.175.19 (Ukraine)

ASN196831 (BEMOBILE-AS, UA)
pa.tns-ua.com
4    8.2.108.194 (United States)

ASN46636 (NATCOWEB, US)
us.ck-ie.com
1    83.222.114.186 (Russian Federation)

ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU)
rtb.com.ru
2    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
3    199.115.119.227 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
sync.lemmatechnologies.com
2    35.210.53.219 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
PTR: 219.53.210.35.bc.googleusercontent.com
pool.admedo.com
1    49.12.13.182 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.182.13.12.49.clients.your-server.de
bidswitch-eu.splicky.com
8    104.18.19.126 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
ssum.casalemedia.com
4    72.251.249.14 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
1    183.110.238.136 (Korea, Republic Of)

ASN4766 (KIXS-AS-KR Korea Telecom, KR)
idsync.admixer.co.kr
2    144.76.119.17 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.17.119.76.144.clients.your-server.de
exchange.buzzoola.com
74    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
adservice.google.de
adservice.google.com
2    67.202.105.31 (United States)

ASN32748 (STEADFAST, US)
PTR: ip31.67-202-105.static.steadfastdns.net
ic.tynt.com
3    2606:4700::6813:ac6c (United States)

ASN13335 (CLOUDFLARENET, US)
csync.loopme.me
25    62.149.0.72 (Ukraine)

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)
PTR: 0-72.cc86365-03-tmp.cc.colocall.com
sync.adtelligent.com
sync.console.adtarget.com.tr
4    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
3    213.19.147.45 (Beverwijk, Netherlands)

ASN3356 (LEVEL3, US)
sync.1rx.io
6    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
6    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
6    2a02:6ea0:c700::19 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
vid.vidoomy.com
3    18.185.190.16 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-190-16.eu-central-1.compute.amazonaws.com
ad.360yield.com
25    34.200.207.25 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-207-25.compute-1.amazonaws.com
a.audrte.com
14    46.249.52.249 (Amsterdam, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net
u-ams02.e-planning.net
4    23.22.215.174 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-22-215-174.compute-1.amazonaws.com
ssp.disqus.com
6    23.75.240.210 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-75-240-210.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
12    23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
19    104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)
r.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
4    205.234.175.175 (Middleburg, United States)

ASN30081 (CACHENETWORKS, US)
PTR: vip1.G-anycast1.cachefly.net
i.e-planning.net
37    2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
5    77.123.132.26 (Kyiv, Ukraine)

ASN35680 (VOLIA, UA)
PTR: 26.132.123.77.colo.static.dcvolia.com
file.adpartner.pro
8    178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com
bidder.criteo.com
2    37.157.4.28 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
5    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
38    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
cm.g.doubleclick.net
6    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
6    37.157.6.246 (Denmark)

ASN198622 (ADFORM, DK)
dmp.adform.net
2    2a04:4e42:200::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
2    2600:1f18:6593:f602:4d5e:ab92:54cb:6c57 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dmp.v.fwmrm.net
4    2a05:d018:24:b002:d4fc:f527:7aed:872f (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.tidaltv.com
4    34.247.103.17 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-103-17.eu-west-1.compute.amazonaws.com
dpm.demdex.net
2    54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
loadeu.exelator.com
2    151.1.205.165 (Rogeno, Italy)

ASN3242 (ASN-ITNET, IT)
bn01.er.bemail.it
2    85.114.159.118 (Rottweil, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
4    34.111.131.239 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
2    185.15.245.83 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
dmp.theadex.com
8    52.208.103.128 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-103-128.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
2    212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com
cms.analytics.yahoo.com
2    52.17.63.11 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-63-11.eu-west-1.compute.amazonaws.com
aa.agkn.com
4    34.252.199.249 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-199-249.eu-west-1.compute.amazonaws.com
beacon.krxd.net
2    168.119.79.223 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.223.79.119.168.clients.your-server.de
sync.richaudience.com
5    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    92.123.37.164 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-37-164.deploy.static.akamaitechnologies.com
pixel.mathtag.com
2    3.229.243.180 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-229-243-180.compute-1.amazonaws.com
usermatch.krxd.net
4    52.95.125.22 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
4    23.7.201.234 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-7-201-234.deploy.static.akamaitechnologies.com
tags.bluekai.com
e.dlx.addthis.com
4    54.155.95.209 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-95-209.eu-west-1.compute.amazonaws.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
4    52.46.143.56 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    50.31.142.255 (Lincolnwood, United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
1    193.0.160.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
sync.taboola.com
2    103.229.206.241 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    185.89.210.82 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com
1    169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
1    2a02:fa8:8806:13::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
casale-match.dotomi.com
6    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
8    5.178.65.253 (Hilversum, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: i.e-planning.net
s.e-planning.net
19    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
8    13.225.78.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-47.fra2.r.cloudfront.net
tags.crwdcntrl.net
4    51.158.28.82 (Paris, France)

ASN12876 (Online SAS, FR)
PTR: 51-158-28-82.rev.poneytelecom.eu
js.cookieless-data.com
5    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
pixel.rubiconproject.com
1    2a05:d018:d29:3605:7c9:2a47:8cb6:50cb (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
2    52.209.232.242 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-232-242.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
4    162.19.80.92 (France)

ASN16276 (OVH, FR)
PTR: ns3011863.ip-162-19-80.eu
gu.dyntrk.com
1    66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
3    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
partner.googleadservices.com
4    2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
cms.quantserve.com
2    169.50.137.184 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b8.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
1    34.95.81.168 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 168.81.95.34.bc.googleusercontent.com
euexchangesync.digitaleast.mobi
1    44.196.141.245 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-196-141-245.compute-1.amazonaws.com
rtb.adentifi.com
35    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
4    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
2    23.47.209.72 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-47-209-72.deploy.static.akamaitechnologies.com
sync.teads.tv
37    2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
4    185.94.180.126 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
8    3.125.70.222 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-70-222.eu-central-1.compute.amazonaws.com
ps.eyeota.net
8    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
googleads4.g.doubleclick.net
4    3.65.159.25 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-159-25.eu-central-1.compute.amazonaws.com
d.adtriba.com
2    18.195.201.66 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-201-66.eu-central-1.compute.amazonaws.com
d.agkn.com
1    52.211.246.129 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-246-129.eu-west-1.compute.amazonaws.com
pixel.everesttech.net
2    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
2    2a05:d01c:1d8:8100:ef96:9ea8:1cfe:fd9 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
ag.innovid.com
1    172.217.18.98 (None, )

ASN- ()
ade.googlesyndication.com
Apex Domain
Subdomains		 Transfer
101 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 124
tpc.googlesyndication.com — Cisco Umbrella Rank: 160
ade.googlesyndication.com
1 MB
63 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 118
cm.g.doubleclick.net — Cisco Umbrella Rank: 208
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 313
181 KB
53 zdorovia.com.ua
zdorovia.com.ua
2 MB
37 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 289
778 KB
37 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 1856
mwzeom.zeotap.com — Cisco Umbrella Rank: 1478
11 KB
33 adpartner.pro
a4p.adpartner.pro — Cisco Umbrella Rank: 8094
file.adpartner.pro — Cisco Umbrella Rank: 258694
61 KB
32 e-planning.net
ads.us.e-planning.net — Cisco Umbrella Rank: 4971
u-ams02.e-planning.net — Cisco Umbrella Rank: 62489
i.e-planning.net — Cisco Umbrella Rank: 7366
s.e-planning.net — Cisco Umbrella Rank: 7332
14 KB
29 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1040
eus.rubiconproject.com — Cisco Umbrella Rank: 588
token.rubiconproject.com — Cisco Umbrella Rank: 707
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2288
pixel.rubiconproject.com — Cisco Umbrella Rank: 326
67 KB
28 go2net.com.ua
scripts.go2net.com.ua
ads.go2net.com.ua — Cisco Umbrella Rank: 311596
316 KB
27 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 453
ssum.casalemedia.com — Cisco Umbrella Rank: 1365
r.casalemedia.com — Cisco Umbrella Rank: 713
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 530
dsum.casalemedia.com — Cisco Umbrella Rank: 1258
26 KB
26 adtelligent.com
s.adtelligent.com — Cisco Umbrella Rank: 4875
sync.adtelligent.com — Cisco Umbrella Rank: 4266
13 KB
25 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2305
28 KB
25 admixer.net
cdn.admixer.net — Cisco Umbrella Rank: 41533
inv-nets.admixer.net — Cisco Umbrella Rank: 2584
103 KB
18 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 238
secure.adnxs.com — Cisco Umbrella Rank: 462
13 KB
18 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 557
scontent.xx.fbcdn.net — Cisco Umbrella Rank: 302
231 KB
16 crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 834
tags.crwdcntrl.net — Cisco Umbrella Rank: 1275
67 KB
16 google.com
www.google.com — Cisco Umbrella Rank: 10
adservice.google.com — Cisco Umbrella Rank: 98
5 KB
13 pubmatic.com
image8.pubmatic.com — Cisco Umbrella Rank: 577
ads.pubmatic.com — Cisco Umbrella Rank: 496
image6.pubmatic.com — Cisco Umbrella Rank: 636
24 KB
10 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 792
10 adform.net
adx.adform.net — Cisco Umbrella Rank: 3659
cm.adform.net — Cisco Umbrella Rank: 1657
dmp.adform.net — Cisco Umbrella Rank: 4473
5 KB
8 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 1014
8 KB
8 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1264
s.amazon-adsystem.com — Cisco Umbrella Rank: 288
6 KB
8 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 732
2 KB
8 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1516
us-u.openx.net — Cisco Umbrella Rank: 396
1 KB
8 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 292
4 KB
7 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 277
cms.analytics.yahoo.com — Cisco Umbrella Rank: 774
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474
3 KB
7 adtarget.com.tr
s.console.adtarget.com.tr — Cisco Umbrella Rank: 5005
sync.console.adtarget.com.tr — Cisco Umbrella Rank: 14310
3 KB
7 google.de
www.google.de — Cisco Umbrella Rank: 5596
adservice.google.de — Cisco Umbrella Rank: 8117
2 KB
6 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 623
pixel.everesttech.net — Cisco Umbrella Rank: 2926
2 KB
6 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 502
usermatch.krxd.net — Cisco Umbrella Rank: 1229
2 KB
6 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 469
1 KB
6 vidoomy.com
vid.vidoomy.com — Cisco Umbrella Rank: 5347
70 KB
6 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 381
2 KB
4 adtriba.com
d.adtriba.com — Cisco Umbrella Rank: 71430
1 KB
4 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 516
2 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 187
173 KB
4 quantserve.com
pixel.quantserve.com — Cisco Umbrella Rank: 465
cms.quantserve.com — Cisco Umbrella Rank: 1083
2 KB
4 dyntrk.com
gu.dyntrk.com — Cisco Umbrella Rank: 1344
2 KB
4 cookieless-data.com
js.cookieless-data.com — Cisco Umbrella Rank: 7074
2 KB
4 imrworldwide.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com — Cisco Umbrella Rank: 103105
856 B
4 mathtag.com
pixel.mathtag.com — Cisco Umbrella Rank: 968
sync.mathtag.com — Cisco Umbrella Rank: 484
3 KB
4 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 451
d.agkn.com — Cisco Umbrella Rank: 568
3 KB
4 weborama.fr
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 24215
1 KB
4 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 188
4 KB
4 tidaltv.com
sync.tidaltv.com — Cisco Umbrella Rank: 1201
1 KB
4 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 2479
969 B
4 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 679
1 KB
4 ck-ie.com
us.ck-ie.com — Cisco Umbrella Rank: 6152
516 B
4 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 2045
3 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 100
39 KB
4 yadro.ru
counter.yadro.ru — Cisco Umbrella Rank: 9467
3 KB
3 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 862
1 KB
3 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 653
sync.taboola.com — Cisco Umbrella Rank: 933
319 B
3 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 649
865 B
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 550
2 KB
3 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 929
1 KB
3 lemmatechnologies.com
sync.lemmatechnologies.com — Cisco Umbrella Rank: 5192
1 KB
3 tns-ua.com
pa.tns-ua.com — Cisco Umbrella Rank: 94078
642 B
3 criteo.net
static.criteo.net — Cisco Umbrella Rank: 627
40 KB
3 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 630
921 B
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 52
37 KB
3 nashamama.com
nashamama.com
40 KB
2 innovid.com
ag.innovid.com — Cisco Umbrella Rank: 1388
685 B
2 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 611
107 B
2 addthis.com
e.dlx.addthis.com — Cisco Umbrella Rank: 1751
1 KB
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 921
344 B
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 826
841 B
2 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 494
860 B
2 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 508
290 B
2 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 1972
719 B
2 theadex.com
dmp.theadex.com — Cisco Umbrella Rank: 19732
305 B
2 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1669
1 KB
2 bemail.it
bn01.er.bemail.it — Cisco Umbrella Rank: 118447
1 KB
2 exelator.com
loadeu.exelator.com — Cisco Umbrella Rank: 7524
648 B
2 fwmrm.net
dmp.v.fwmrm.net — Cisco Umbrella Rank: 12102
822 B
2 tynt.com
ic.tynt.com — Cisco Umbrella Rank: 4348
2 buzzoola.com
exchange.buzzoola.com — Cisco Umbrella Rank: 19354
543 B
2 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 5085
743 B
2 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 2161
839 B
2 mobfox.com
cs.mobfox.com — Cisco Umbrella Rank: 7763
1020 B
2 trafmag.com
m.trafmag.com — Cisco Umbrella Rank: 77882
702 B
2 bigmir.net
c.bigmir.net — Cisco Umbrella Rank: 150010
i.bigmir.net — Cisco Umbrella Rank: 288276
1 KB
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 111
54 KB
2 i.ua
i.i.ua — Cisco Umbrella Rank: 464476
r.i.ua — Cisco Umbrella Rank: 167556
4 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 267
91 KB
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1251
35 B
1 digitaleast.mobi
euexchangesync.digitaleast.mobi
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 597
191 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 791
425 B
1 dotomi.com
casale-match.dotomi.com — Cisco Umbrella Rank: 3082
187 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 903
44 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 741
753 B
1 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 551
317 B
1 admixer.co.kr
idsync.admixer.co.kr — Cisco Umbrella Rank: 3515
904 B
1 splicky.com
bidswitch-eu.splicky.com — Cisco Umbrella Rank: 26374
219 B
1 com.ru
rtb.com.ru — Cisco Umbrella Rank: 31333
adx.com.ru Failed
240 B
689 96
Domain Requested by
65 pagead2.googlesyndication.com scripts.go2net.com.ua
pagead2.googlesyndication.com
file.adpartner.pro
googleads.g.doubleclick.net
zdorovia.com.ua
tpc.googlesyndication.com
www.googletagservices.com
s0.2mdn.net
53 zdorovia.com.ua zdorovia.com.ua
38 cm.g.doubleclick.net 15 redirects spl.zeotap.com
r.casalemedia.com
googleads.g.doubleclick.net
37 s0.2mdn.net zdorovia.com.ua
s0.2mdn.net
googleads.g.doubleclick.net
35 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
zdorovia.com.ua
s0.2mdn.net
28 a4p.adpartner.pro 6 redirects zdorovia.com.ua
a4p.adpartner.pro
25 mwzeom.zeotap.com ads.us.e-planning.net
spl.zeotap.com
25 a.audrte.com 9 redirects ads.us.e-planning.net
a.audrte.com
zdorovia.com.ua
22 sync.adtelligent.com 2 redirects s.adtelligent.com
s.console.adtarget.com.tr
ads.us.e-planning.net
19 inv-nets.admixer.net 2 redirects scripts.go2net.com.ua
zdorovia.com.ua
ads.us.e-planning.net
18 ads.go2net.com.ua scripts.go2net.com.ua
zdorovia.com.ua
17 static.xx.fbcdn.net www.facebook.com
static.xx.fbcdn.net
16 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
zdorovia.com.ua
16 dsum-sec.casalemedia.com 3 redirects r.casalemedia.com
ssum.casalemedia.com
googleads.g.doubleclick.net
16 ib.adnxs.com 11 redirects zdorovia.com.ua
spl.zeotap.com
scripts.go2net.com.ua
googleads.g.doubleclick.net
14 u-ams02.e-planning.net ads.us.e-planning.net
r.casalemedia.com
ssum.casalemedia.com
vid.vidoomy.com
12 spl.zeotap.com ads.us.e-planning.net
spl.zeotap.com
12 eus.rubiconproject.com ads.us.e-planning.net
s.adtelligent.com
eus.rubiconproject.com
10 onetag-sys.com ads.go2net.com.ua
s.adtelligent.com
ads.us.e-planning.net
10 www.google.com 1 redirects tpc.googlesyndication.com
googleads.g.doubleclick.net
10 scripts.go2net.com.ua zdorovia.com.ua
scripts.go2net.com.ua
8 googleads4.g.doubleclick.net zdorovia.com.ua
googleads.g.doubleclick.net
8 ps.eyeota.net 4 redirects zdorovia.com.ua
8 tags.crwdcntrl.net s.e-planning.net
tags.crwdcntrl.net
8 s.e-planning.net ads.us.e-planning.net
8 bcp.crwdcntrl.net 4 redirects tags.crwdcntrl.net
8 bidder.criteo.com static.criteo.net
8 x.bidswitch.net 7 redirects ssum.casalemedia.com
6 adservice.google.com pagead2.googlesyndication.com
6 adservice.google.de pagead2.googlesyndication.com
6 token.rubiconproject.com eus.rubiconproject.com
6 dmp.adform.net 4 redirects spl.zeotap.com
6 pixel.tapad.com 4 redirects spl.zeotap.com
6 secure-assets.rubiconproject.com 6 redirects
6 vid.vidoomy.com s.adtelligent.com
ads.us.e-planning.net
6 rtb.openx.net 3 redirects googleads.g.doubleclick.net
6 match.adsrvr.org s.adtelligent.com
spl.zeotap.com
r.casalemedia.com
6 ads.us.e-planning.net 2 redirects ads.go2net.com.ua
s.adtelligent.com
6 cdn.admixer.net zdorovia.com.ua
scripts.go2net.com.ua
cdn.admixer.net
5 sync-tm.everesttech.net 3 redirects ads.us.e-planning.net
ssum.casalemedia.com
5 image6.pubmatic.com ads.pubmatic.com
spl.zeotap.com
googleads.g.doubleclick.net
5 file.adpartner.pro zdorovia.com.ua
a4p.adpartner.pro
4 d.adtriba.com 2 redirects googleads.g.doubleclick.net
4 sync.search.spotxchange.com 3 redirects googleads.g.doubleclick.net
4 www.googletagservices.com googleads.g.doubleclick.net
4 gu.dyntrk.com 4 redirects
4 pixel.rubiconproject.com 3 redirects eus.rubiconproject.com
4 js.cookieless-data.com s.e-planning.net
4 s.amazon-adsystem.com 2 redirects r.casalemedia.com
4 obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com 4 redirects
4 aax-eu.amazon-adsystem.com 2 redirects ads.us.e-planning.net
4 beacon.krxd.net spl.zeotap.com
ads.us.e-planning.net
4 idsync.frontend.weborama.fr 4 redirects
4 dpm.demdex.net 4 redirects
4 sync.tidaltv.com 4 redirects
4 i.e-planning.net ads.us.e-planning.net
4 ssum.casalemedia.com 2 redirects ads.us.e-planning.net
4 ssp.disqus.com 4 redirects
4 ads.pubmatic.com s.adtelligent.com
4 ap.lijit.com zdorovia.com.ua
s.adtelligent.com
4 ssum-sec.casalemedia.com 4 redirects
4 us.ck-ie.com zdorovia.com.ua
4 ads.betweendigital.com 4 redirects
4 ups.analytics.yahoo.com 3 redirects ssum.casalemedia.com
4 s.console.adtarget.com.tr zdorovia.com.ua
s.adtelligent.com
4 s.adtelligent.com ads.go2net.com.ua
s.adtelligent.com
4 image8.pubmatic.com zdorovia.com.ua
4 www.facebook.com zdorovia.com.ua
static.xx.fbcdn.net
4 counter.yadro.ru 2 redirects zdorovia.com.ua
3 cms.quantserve.com 3 redirects
3 partner.googleadservices.com pagead2.googlesyndication.com
3 sync.console.adtarget.com.tr 2 redirects s.console.adtarget.com.tr
3 ad.360yield.com 3 redirects
3 sync.1rx.io 3 redirects
3 csync.loopme.me 3 redirects
3 sync.lemmatechnologies.com 3 redirects
3 pa.tns-ua.com 1 redirects zdorovia.com.ua
scripts.go2net.com.ua
3 static.criteo.net scripts.go2net.com.ua
zdorovia.com.ua
3 creativecdn.com 1 redirects zdorovia.com.ua
scripts.go2net.com.ua
3 www.google-analytics.com 1 redirects zdorovia.com.ua
a4p.adpartner.pro
3 nashamama.com zdorovia.com.ua
2 ag.innovid.com 1 redirects googleads.g.doubleclick.net
2 id.rlcdn.com googleads.g.doubleclick.net
2 e.dlx.addthis.com 2 redirects
2 d.agkn.com 2 redirects
2 sync.teads.tv googleads.g.doubleclick.net
2 us-u.openx.net googleads.g.doubleclick.net
2 um.simpli.fi 1 redirects ssum.casalemedia.com
2 match.prod.bidr.io ssum.casalemedia.com
2 secure.adnxs.com r.casalemedia.com
ssum.casalemedia.com
2 sync.mathtag.com 2 redirects
2 tags.bluekai.com spl.zeotap.com
2 usermatch.krxd.net 2 redirects
2 pixel.mathtag.com 2 redirects
2 sync.richaudience.com spl.zeotap.com
2 aa.agkn.com 2 redirects
2 cms.analytics.yahoo.com 2 redirects
2 dmp.theadex.com spl.zeotap.com
2 dsp.adfarm1.adition.com 2 redirects
2 bn01.er.bemail.it 2 redirects
2 loadeu.exelator.com spl.zeotap.com
2 dmp.v.fwmrm.net spl.zeotap.com
2 trc.taboola.com spl.zeotap.com
2 cm.adform.net 1 redirects s.console.adtarget.com.tr
2 r.casalemedia.com ads.us.e-planning.net
2 ic.tynt.com s.adtelligent.com
2 exchange.buzzoola.com 1 redirects zdorovia.com.ua
2 pool.admedo.com 2 redirects
2 t.adx.opera.com zdorovia.com.ua
scripts.go2net.com.ua
2 cs.mobfox.com zdorovia.com.ua
scripts.go2net.com.ua
2 m.trafmag.com zdorovia.com.ua
2 adx.adform.net 1 redirects zdorovia.com.ua
2 www.youtube.com zdorovia.com.ua
www.youtube.com
2 ajax.googleapis.com zdorovia.com.ua
s0.2mdn.net
1 ade.googlesyndication.com zdorovia.com.ua
1 pixel.everesttech.net 1 redirects
1 rtb.adentifi.com ssum.casalemedia.com
1 euexchangesync.digitaleast.mobi ssum.casalemedia.com
1 pixel.quantserve.com 1 redirects
1 pixel-sync.sitescout.com ssum.casalemedia.com
1 ad.turn.com 1 redirects
1 pr-bh.ybp.yahoo.com ssum.casalemedia.com
1 pixel-eu.rubiconproject.com eus.rubiconproject.com
1 dsum.casalemedia.com r.casalemedia.com
1 casale-match.dotomi.com 1 redirects
1 match.deepintent.com r.casalemedia.com
1 sync.taboola.com r.casalemedia.com
1 p.rfihub.com 1 redirects
1 b1sync.zemanta.com 1 redirects
1 idsync.admixer.co.kr zdorovia.com.ua
1 bidswitch-eu.splicky.com 1 redirects
1 rtb.com.ru zdorovia.com.ua
1 www.google.de zdorovia.com.ua
1 stats.g.doubleclick.net 1 redirects
1 scontent.xx.fbcdn.net www.facebook.com
1 i.bigmir.net zdorovia.com.ua
1 c.bigmir.net 1 redirects
1 r.i.ua zdorovia.com.ua
1 i.i.ua zdorovia.com.ua
0 adx.com.ru Failed zdorovia.com.ua
689 140

This site contains links to these domains. Also see Links.

Domain
vk.com
www.facebook.com
twitter.com
www.bigmir.net
www.i.ua
www.liveinternet.ru
Subject Issuer Validity Valid
*.go2net.com.ua
Sectigo RSA Domain Validation Secure Server CA		 2021-11-15 -
2022-12-05		 a year crt.sh
*.admixer.net
Sectigo RSA Domain Validation Secure Server CA		 2022-06-08 -
2023-06-21		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-05-21 -
2022-08-19		 3 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
adpartner.pro
R3		 2022-06-14 -
2022-09-12		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-21 -
2022-09-23		 3 months crt.sh
ads.us.e-planning.net
R3		 2022-07-12 -
2022-10-10		 3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
s.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-07-31 -
2022-10-29		 3 months crt.sh
*.trafmag.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-14 -
2023-06-14		 a year crt.sh
s.console.adtarget.com.tr
ZeroSSL ECC Domain Secure Site CA		 2022-07-27 -
2022-10-25		 3 months crt.sh
*.mobfox.com
R3		 2022-06-28 -
2022-09-26		 3 months crt.sh
ck-ie.com
Go Daddy Secure Certificate Authority - G2		 2021-11-12 -
2022-12-14		 a year crt.sh
rtb.com.ru
R3		 2022-05-26 -
2022-08-24		 3 months crt.sh
*.adx.opera.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-18 -
2023-06-18		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.admixer.co.kr
GeoTrust RSA CA 2018		 2022-04-29 -
2023-05-01		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
sync.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-07-28 -
2022-10-26		 3 months crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA		 2021-08-06 -
2022-09-05		 a year crt.sh
*.audrte.com
Amazon		 2022-02-24 -
2023-03-24		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-17 -
2023-04-04		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-23 -
2023-06-22		 a year crt.sh
i.e-planning.net
Sectigo RSA Domain Validation Secure Server CA		 2022-02-23 -
2023-02-03		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-15 -
2022-09-18		 3 months crt.sh
*.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-18 -
2023-06-16		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-29 -
2022-12-30		 a year crt.sh
*.exelator.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-08 -
2023-06-10		 a year crt.sh
*.tapad.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-13 -
2022-10-14		 a year crt.sh
dmp.theadex.com
R3		 2022-06-27 -
2022-09-25		 3 months crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-03 -
2022-11-02		 a year crt.sh
*.richaudience.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-11 -
2023-03-10		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2022-02-26 -
2023-03-01		 a year crt.sh
*.e-planning.net
R3		 2022-07-25 -
2022-10-23		 3 months crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-05-02 -
2023-06-03		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
*.cookieless-data.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-23 -
2023-03-22		 a year crt.sh
juke.mmi.tns-ua.com
R3		 2022-07-19 -
2022-10-17		 3 months crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-17 -
2023-04-12		 a year crt.sh
sync.console.adtarget.com.tr
ZeroSSL ECC Domain Secure Site CA		 2022-07-26 -
2022-10-24		 3 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-06-14 -
2022-12-07		 6 months crt.sh
*.match.prod.bidr.io
Amazon		 2022-01-27 -
2023-02-25		 a year crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-06-07 -
2022-11-30		 6 months crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-02-03 -
2023-03-07		 a year crt.sh
*.digitaleast.mobi
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-21 -
2023-03-26		 a year crt.sh
adentifi.com
Amazon		 2022-08-05 -
2023-09-03		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
teads.tv
R3		 2022-06-01 -
2022-08-30		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.innovid.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-15 -
2023-04-15		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh

This page contains 129 frames:

Primary Page: http://zdorovia.com.ua/
Frame ID: 494FF0911B7DEE8C590E49C7BFE487D0
Requests: 153 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FZdoroviacomua%252F%26tabs%3Dtimeline%26width%3D300%26height%3D600%26small_header%3Dtrue%26adapt_container_width%3Dtrue%26hide_cover%3Dtrue%26show_facepile%3Dtrue%26appId%3D348298842028226
Frame ID: 4CE795EC63BAF7628BD80650C8848D00
Requests: 31 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/48427/c.html?b=48427
Frame ID: 176F2F206E6F2E618556D09D3EC57923
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/48427/c.html?b=48427
Frame ID: C923563C5C4E43EABA5E1D7B332D70E9
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=1&session_id=2bae461f-e33d-4c87-af26-e960099a20a7&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F&referer=
Frame ID: 534C992C8DC9B52F587FD014F09E5CA7
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/branding/ls?branding=1550&bannerNum=2200341753400048&apuid=8469963f-cec3-4347-b6b2-35f049718f6d&session_pageview=1&session_id=2bae461f-e33d-4c87-af26-e960099a20a7&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Frame ID: A1EBF0441F6A2BE1F1A8356F09BDABCE
Requests: 3 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Frame ID: 4504CA89F9209B9D0A1EBE4CF8D4DFE6
Requests: 8 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59d216e971852f2
Frame ID: E462F9A07B068A0BFA478A7D5395386A
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=707176
Frame ID: 471D3CDA03FB72DF2F91BACCE35AAAAF
Requests: 10 HTTP requests in this frame

Frame: https://scripts.go2net.com.ua/scripts3/loader2.js
Frame ID: B452BA3BD086A219896B9270B4BC50F8
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: B609199D013FB467A534B4964E6E7893
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: 772CC44BE47F31B6E51C97405D08F281
Requests: 8 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Frame ID: 2EAB57D2F70039A34C39354B9E8FD106
Requests: 2 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/48427/c.html?b=48427
Frame ID: 969143F4AFA386BC5C411904DC2255F4
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Frame ID: 43D07F964A2C2B6E6F16EADBBC568F55
Requests: 1 HTTP requests in this frame

Frame: https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Frame ID: 06ABFB0BFB9FB3F6A0D1803CFA0C78EA
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=1434df1c-a4ef-46d8-bfd8-c394c675fbb7
Frame ID: B6577D127366905E03FC347134CBC80E
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=651796
Frame ID: 766FEF60C5B3EB601755ED6D559712CD
Requests: 2 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Frame ID: 672393C3156B78B9D7BC46089CFA6742
Requests: 8 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=755289
Frame ID: F16D695848AFD5558D8A54935B7D5411
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Frame ID: 086E24176E40483992F0715DCA3353D1
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Frame ID: 2D4C6EF3E52A8B804ABB1273B1E7B958
Requests: 3 HTTP requests in this frame

Frame: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0d8eb1f604441514%26uid%3D&s=190243&C=1
Frame ID: 67E726CB195835849C32788E26DEAF4C
Requests: 10 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: 31F6268EEA6744D26FC19C27ECEA38C5
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: F34A28801F33C104B6BDA7F18E32303C
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=611fdb6b-a91a-48af-6502-9a54b9594514&reqId=46bcbb39-347e-450d-593d-646b82e33105&zdid=1361&cmp=0
Frame ID: 026510F24840BA41D47F548741281065
Requests: 30 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/48427/c.html?b=48427
Frame ID: FEBBC5A40298233A14E383D6F3DD1326
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75a1922f904cc20
Frame ID: FF47273DDC5D8A639D521EC3FD7A9836
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: E26B50A02D651F85C6E8CE10F3C74905
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17184-d
Frame ID: DB4186963FFFB220DAC02EE4DEAE16A9
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Frame ID: 464F2103AD6B93E3637E439DE3FC60DA
Requests: 4 HTTP requests in this frame

Frame: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0d8eb1f604441514%26uid%3D&s=190243&C=1
Frame ID: 6C3527CBA077D74300638806F6ADB6E3
Requests: 10 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: F5A0595013B500A4157A5B84651F65D6
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: FE6B13DBCCFA0E8F668076E0EE068E29
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=edca303e-4dde-4b05-527e-8debcc82f85f&reqId=b3f79964-3c7d-46c2-5d00-57b84929d822&zdid=1361&cmp=0
Frame ID: 1FC05ADAE7207B87A71802CF70CE0498
Requests: 30 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%25225f9e8eb9-028a-4a7b-b2b7-6430ea96982b%2522%252C%2522event%2522%253A%2522visible_show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2297845%252C%2522rule_id%2522%253A209963%252C%2522show_id%2522%253A%25224ca1a630-85e7-46c6-b0e3-47b175c540f0%2522%257D%255D%252C%2522unit_id%2522%253A1550%252C%2522region_id%2522%253A86%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%25224ca1a630-85e7-46c6-b0e3-47b175c540f0%2522%252C%2522url%2522%253A%2522http%25253A%25252F%25252Fzdorovia.com.ua%25252F%2522%257D
Frame ID: 24791671E86A8383C3104BF58B7DF599
Requests: 1 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Frame ID: D69C68D528976CDFF37807FB93F1F636
Requests: 1 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: 8FA905ED2F99EBB64A6EDAADEAD8F792
Requests: 8 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/823cbe91964ba8ec/lotame20220804.html
Frame ID: A981CD792362672D2D8CE01B9358F292
Requests: 4 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: A94BAEE13AAFACB1BF021872C4124521
Requests: 2 HTTP requests in this frame

Frame: https://u-ams02.e-planning.net/um?dc=3ab023ac29ea5990&fi=0d8eb1f604441514&uid=f480e52263601e65ea80c40c597af449
Frame ID: D0B4E220569790E4B6432785E74B69D4
Requests: 2 HTTP requests in this frame

Frame: https://inv-nets.admixer.net/adxcm.aspx?ssp=D56DC09D-C39C-4BD6-BD73-03CAB4DA9C50&id=ADad1O%2frWZo0of0V
Frame ID: C6CAE13F2443AD4ABC9E758AC154CDC2
Requests: 1 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/823cbe91964ba8ec/lotame20220804.html
Frame ID: 68E5A7D677F3CB81D553C5CDC2CAEB75
Requests: 4 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: AAD63FBB046F33EB0AD51B14F0AB9B84
Requests: 2 HTTP requests in this frame

Frame: https://u-ams02.e-planning.net/um?dc=3ab023ac29ea5990&fi=0d8eb1f604441514&uid=f66c2b0869940a26a878505394b8e720
Frame ID: 8658D60AD777518D7E20CB3A49C8F0DF
Requests: 2 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=ADad1O%2frWZo0of0V
Frame ID: A13649580AD13580A6F15EE85AB45F77
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220809/r20190131/zrt_lookup.html
Frame ID: 2CEFFF30799CAAC77C544FC521DAC70C
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=2&session_id=2bae461f-e33d-4c87-af26-e960099a20a7&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F&referer=http%3A%2F%2Fzdorovia.com.ua%2F
Frame ID: 87BB3682775367C40BB9363D8D84A042
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/media/ls?mediaunit=7434&apuid=5f9e8eb9-028a-4a7b-b2b7-6430ea96982b&session_pageview=2&session_id=2bae461f-e33d-4c87-af26-e960099a20a7&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Frame ID: C88B0DC4091803A3B592E765A3B5C676
Requests: 2 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Frame ID: E858720BF72C7A8F8DDA75F2E62D7F79
Requests: 2 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=707176
Frame ID: 2EC2DE9F32D47F40C516CE6276454A00
Requests: 10 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Frame ID: B00D1842C39180055DC7F9EBE6D23793
Requests: 7 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59d216e971852f2
Frame ID: 3B98BE1590B7096D5C1C3AF5D1EC61E3
Requests: 1 HTTP requests in this frame

Frame: https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Frame ID: 757BA1F18790AB30629D613BF196DFDE
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Frame ID: 560515A3F9FF47E10EA255C8CDFE9D8C
Requests: 1 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=755289
Frame ID: 2F528F17299F08C2A16D7D46B561C931
Requests: 2 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=1434df1c-a4ef-46d8-bfd8-c394c675fbb7
Frame ID: 66221609C8B659A33EDC91E4C5F192AB
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Frame ID: 8D4D3A64E889E48BF75C0D1D28C7A112
Requests: 7 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=651796
Frame ID: 5FACD579436D7D88A0C378D5DCD19C5B
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Frame ID: 0F275E6E154C015A987E388A2C000610
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Frame ID: 4F2B78167DFE6237DEB025E5B242D579
Requests: 3 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D43a10520d0702469%26uid%3D
Frame ID: 78099FF4510C294E4240EAB446E7C8A5
Requests: 10 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: 75DF1A4E5028C0B74E35D60779D9D274
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: 8AA77FAD4196FBE749EDEE11EEF23E80
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=edca303e-4dde-4b05-527e-8debcc82f85f&reqId=40f71907-69b8-4414-6a69-be59bbd138e2&zdid=1361&cmp=0
Frame ID: 8E2E53713BC6F93BD11E5380516C5EE7
Requests: 4 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=2507871231717652556
Frame ID: 1E005679C156375B7874042642EEBDF4
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17184-d
Frame ID: AA5D3D962A35242C2681B27D9554DF80
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75a1922f904cc20
Frame ID: 40955A3AAA9B990E87A6EB68B7DD7D81
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: C47A7C6D0A192E977A8188835E88EE6C
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Frame ID: 79E529160BA33397AF22DF59E199ECF3
Requests: 3 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D43a10520d0702469%26uid%3D
Frame ID: C707CCAF8A7FB7AC5A88F09FB3199F50
Requests: 10 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: DDD566BC80705285F46586EB9E93F753
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: 5B617396F96A16D3D7FDB2A763BE917C
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=edca303e-4dde-4b05-527e-8debcc82f85f&reqId=c675a461-1777-404b-4e6d-c365ec37f086&zdid=1361&cmp=0
Frame ID: DFDBB473D8167FC3807009A239D76B88
Requests: 4 HTTP requests in this frame

Frame: https://file.adpartner.pro/2297/2297845/zdorovia.com.ua_160x600_br1.html?content_width=980px&background_size=1710.5454545454545&top_padding=0&side_width=310&bg_url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fbackground_empty.jpg&unit_num=1550_2200341753400048&url=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F1550%2F2297845%2F4ca1a630-85e7-46c6-b0e3-47b175c540f0%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjYwMjc5NDM5LCJzaG93X2lkIjoiNGNhMWE2MzAtODVlNy00NmM2LWIwZTMtNDdiMTc1YzU0MGYwIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiNWY5ZThlYjktMDI4YS00YTdiLWIyYjctNjQzMGVhOTY5ODJiIiwicmVnaW9uX2lkIjo4Niwic3ViX3JlZ2lvbl9pZCI6MCwiY2l0eV9pZCI6MCwiaXNfcmVmcmVzaCI6ZmFsc2V9%26hash%3Dc611b8bc13cbc64a8fc5dbf77c5a900e
Frame ID: D1D7AB18C4900D3C93CB3F5DA35794B2
Requests: 10 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/823cbe91964ba8ec/lotame20220804.html
Frame ID: 9D06B243FCCC95593F6B3EADD98FF29D
Requests: 4 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: EE0C75567B6546D9AAD0C3C5C3D5C340
Requests: 2 HTTP requests in this frame

Frame: https://u-ams02.e-planning.net/um?dc=3ab023ac29ea5990&fi=43a10520d0702469&uid=f480e52263601e65ea80c40c597af449
Frame ID: 521349490A3DC4611417E9898B3D84E8
Requests: 2 HTTP requests in this frame

Frame: https://inv-nets.admixer.net/adxcm.aspx?ssp=D56DC09D-C39C-4BD6-BD73-03CAB4DA9C50&id=ADad1O%2frWZo0of0V
Frame ID: 730802A6AB24CDE765D21D0F452E7510
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%25225f9e8eb9-028a-4a7b-b2b7-6430ea96982b%2522%252C%2522event%2522%253A%2522load%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2297845%252C%2522rule_id%2522%253A209963%252C%2522show_id%2522%253A%25224ca1a630-85e7-46c6-b0e3-47b175c540f0%2522%257D%255D%252C%2522unit_id%2522%253A1550%252C%2522region_id%2522%253A86%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%25224ca1a630-85e7-46c6-b0e3-47b175c540f0%2522%252C%2522url%2522%253A%2522http%25253A%25252F%25252Fzdorovia.com.ua%25252F%2522%257D
Frame ID: 0DBE97132FB9F07FF95202120BAA8A76
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%25225f9e8eb9-028a-4a7b-b2b7-6430ea96982b%2522%252C%2522event%2522%253A%2522show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2297845%252C%2522rule_id%2522%253A209963%252C%2522show_id%2522%253A%25224ca1a630-85e7-46c6-b0e3-47b175c540f0%2522%257D%255D%252C%2522unit_id%2522%253A1550%252C%2522region_id%2522%253A86%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%25224ca1a630-85e7-46c6-b0e3-47b175c540f0%2522%252C%2522url%2522%253A%2522http%25253A%25252F%25252Fzdorovia.com.ua%25252F%2522%257D
Frame ID: 0A668A2DB4386381293E5D68D6A16440
Requests: 1 HTTP requests in this frame

Frame: https://file.adpartner.pro/2085/2085828/zdorovia.com.ua_970x250_ruslan1.html?adId=2085828&unitId=7434&link=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F7434%2F2085828%2F8006a2b9-932c-46a2-9df1-855ae58ed7eb%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjYwMjc5NDQwLCJzaG93X2lkIjoiODAwNmEyYjktOTMyYy00NmEyLTlkZjEtODU1YWU1OGVkN2ViIiwiYWRfdW5pdF9pZCI6NzQzNCwicnVsZV9pZCI6MTg0MzIzLCJhZF9pZCI6MjA4NTgyOCwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiNWY5ZThlYjktMDI4YS00YTdiLWIyYjctNjQzMGVhOTY5ODJiIiwicmVnaW9uX2lkIjo4Niwic3ViX3JlZ2lvbl9pZCI6MCwiY2l0eV9pZCI6MCwiaXNfcmVmcmVzaCI6ZmFsc2V9%26hash%3D249d0031e7a8c18be575fb13dc935642&showId=8006a2b9-932c-46a2-9df1-855ae58ed7eb&apuid=5f9e8eb9-028a-4a7b-b2b7-6430ea96982b
Frame ID: 96399706E73DB804DA1AA03E220E2A00
Requests: 8 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%25225f9e8eb9-028a-4a7b-b2b7-6430ea96982b%2522%252C%2522event%2522%253A%2522load%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2085828%252C%2522rule_id%2522%253A184323%252C%2522show_id%2522%253A%25228006a2b9-932c-46a2-9df1-855ae58ed7eb%2522%257D%255D%252C%2522unit_id%2522%253A7434%252C%2522region_id%2522%253A86%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%25228006a2b9-932c-46a2-9df1-855ae58ed7eb%2522%252C%2522url%2522%253A%2522http%253A%252F%252Fzdorovia.com.ua%252F%2522%257D
Frame ID: 575058A408E4AB545522F2F50584414D
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%25225f9e8eb9-028a-4a7b-b2b7-6430ea96982b%2522%252C%2522event%2522%253A%2522show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2085828%252C%2522rule_id%2522%253A184323%252C%2522show_id%2522%253A%25228006a2b9-932c-46a2-9df1-855ae58ed7eb%2522%257D%255D%252C%2522unit_id%2522%253A7434%252C%2522region_id%2522%253A86%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%25228006a2b9-932c-46a2-9df1-855ae58ed7eb%2522%252C%2522url%2522%253A%2522http%253A%252F%252Fzdorovia.com.ua%252F%2522%257D
Frame ID: 11BD23D164EF5D4A7906042286617B4D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417943&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1660279441&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1660279440660&bpp=3&bdt=1067&idt=336&shv=r20220809&mjsv=m202208090101&ptt=9&saldr=aa&correlator=7089674479857&frm=23&ife=5&pv=2&ga_vid=2117477704.1660279439&ga_sid=1660279439&ga_hid=1414994226&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763827%2C31068864%2C44766069%2C31062931&oid=2&pvsid=718410753625640&tmod=1497680027&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.kortct4z2o7u&fsb=1&dtd=348
Frame ID: 2E3F07E9AED3A4E9D6A15858319EC8AF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417942&pi=t.ma~as.7553037928&w=728&lmt=1660279441&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1660279440592&bpp=4&bdt=1010&idt=435&shv=r20220809&mjsv=m202208080101&ptt=9&saldr=aa&correlator=7089674479857&frm=23&ife=5&pv=1&ga_vid=2117477704.1660279439&ga_sid=1660279439&ga_hid=377329752&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531514&oid=2&pvsid=2828283966670232&tmod=1092595463&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.tx2bxs9y3cti&fsb=1&dtd=451
Frame ID: 75004C891BD20E67877DE046B259ECB5
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417948&pi=t.ma~as.6208660382&w=300&lmt=1660279441&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1660279440821&bpp=3&bdt=626&idt=287&shv=r20220809&mjsv=m202208090101&ptt=9&saldr=aa&correlator=7089674479857&frm=23&ife=5&pv=1&ga_vid=2117477704.1660279439&ga_sid=1660279439&ga_hid=1055133219&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=914&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068911%2C31062930&oid=2&pvsid=1068919097747722&tmod=471124192&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.nfvot6esipdg&fsb=1&dtd=298
Frame ID: 98AD4EBC514C64E63124BA2A3B6236BC
Requests: 16 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=3&session_id=2bae461f-e33d-4c87-af26-e960099a20a7&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F&referer=http%3A%2F%2Fzdorovia.com.ua%2F
Frame ID: 288567A8CE00FCC154340ECE987A2CAF
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/media/ls?mediaunit=7434&apuid=5f9e8eb9-028a-4a7b-b2b7-6430ea96982b&session_pageview=3&session_id=2bae461f-e33d-4c87-af26-e960099a20a7&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Frame ID: B2625507D626318878969187E0347337
Requests: 2 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/823cbe91964ba8ec/lotame20220804.html
Frame ID: 749F0F037B13A301A28E5A032B0A637B
Requests: 4 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: 97278FC29007235EC1AC45BB533A67D5
Requests: 2 HTTP requests in this frame

Frame: https://u-ams02.e-planning.net/um?dc=3ab023ac29ea5990&fi=43a10520d0702469&uid=f66c2b0869940a26a878505394b8e720
Frame ID: DB9D24EAC269590697D45E923D3FDF08
Requests: 2 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=ADad1O%2frWZo0of0V
Frame ID: 4DADE94C1BCA567688E1BCDB05411E7A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_1&adk=1620915178&adf=2429112188&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_2200341753400048%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F4ca1a630-85e7-46c6-b0e3-47b175c540f0%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjYwMjc5NDM5LCJzaG93X2lkIjoiNGNhMWE2MzAtODVlNy00NmM2LWIwZTMtNDdiMTc1YzU0MGYwIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiNWY5ZThlYjktMDI4YS00YTdiLWIyYjctNjQzMGVhOTY5ODJiIiwicmVnaW9uX2lkIjo4Niwic3ViX3JlZ2lvbl9pZCI6MCwiY2l0eV9pZCI6MCwiaXNfcmVmcmVzaCI6ZmFsc2V9%2526hash%253Dc611b8bc13cbc64a8fc5dbf77c5a900e&wgl=1&dt=1660279441267&bpp=9&bdt=189&idt=146&shv=r20220809&mjsv=m202208090101&ptt=5&saldr=sa&correlator=1223185058361&frm=22&ife=1&pv=2&ga_vid=473660744.1660279441&ga_sid=1660279441&ga_hid=197342225&ga_fc=0&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2299206776&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31068911&oid=2&pvsid=2581001340955888&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.hmreuie6nnsa&fsb=1&xpc=tjEdRDL2xw&p=https%3A//file.adpartner.pro&dtd=169
Frame ID: 9C110AF735CDC3BB65AA66AD3390BEE7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_2&adk=1974494150&adf=1045959009&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_2200341753400048%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F4ca1a630-85e7-46c6-b0e3-47b175c540f0%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjYwMjc5NDM5LCJzaG93X2lkIjoiNGNhMWE2MzAtODVlNy00NmM2LWIwZTMtNDdiMTc1YzU0MGYwIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiNWY5ZThlYjktMDI4YS00YTdiLWIyYjctNjQzMGVhOTY5ODJiIiwicmVnaW9uX2lkIjo4Niwic3ViX3JlZ2lvbl9pZCI6MCwiY2l0eV9pZCI6MCwiaXNfcmVmcmVzaCI6ZmFsc2V9%2526hash%253Dc611b8bc13cbc64a8fc5dbf77c5a900e&wgl=1&dt=1660279441398&bpp=3&bdt=320&idt=46&shv=r20220809&mjsv=m202208090101&ptt=5&saldr=sa&prev_slotnames=zdorovia.com.ua_160x600_br_1&correlator=1223185058361&frm=22&ife=1&pv=1&ga_vid=473660744.1660279441&ga_sid=1660279441&ga_hid=197342225&ga_fc=0&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2299206776&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31068911&oid=2&pvsid=2581001340955888&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.wpzwf3me484m&fsb=1&xpc=xkHm3l1nPu&p=https%3A//file.adpartner.pro&dtd=50
Frame ID: 0AF77EE9EE87D6AE3CB308E8DB581060
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F52BA884488F9159183CC5E0DA5CAA8A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7A143063426086AA83846C47351DF2EC
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B162B17CF802889FC5F3BD86F97F3BA8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3C73F8AC0B16BB9F4EE99B66043F3742
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 288A14E3A712CDCE18CCD2BD9596FB1B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 75F90B3BEAE124228B1053ECA9A09DCB
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEY2ajFwwEwAQ&v=APEucNXgYWvXakJVftMJp3kGb-HLrIN2g_DI7is1FwPvaJJV3mVabTpHZRWDnor0pAGC8r91lAskxE4BTysUu-QNBnf6zPhXLzJl0Of9l42U3GkYoW3clhFHeKAfmc7F4KkkMK169SIzJwaa_AcUd9ZyVCSqR4Do1IKnaX6XdUuL1ZGSK4l5u4o
Frame ID: 291F380ED7786CF5B35C2005D280A6FC
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY95z5xgEwAQ&v=APEucNXfPG63RH8pj8R-KlBqZWvI59w2QCerCJTL1y7wANCEZlu-6PoSomwl79UVwU9GEqDqwkZToDDdkqi4fx3PrCxrUHN61wgR_0dDP2jddtq797KY_xIJTappt2gZf1JegTZwzPt9X_Gi3tRri9gcmtl-OSejQNgD-cDkyc4mD1AwDoyPPYw
Frame ID: 5DE6EAA46D0C8DF0AAA7827C7A903668
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DhMS01b7E_WIWt3uyryJNstL4vq8lZ4xhdPeBX1fEAzIp-RScNA6_rJylzjyLJcdQlPAGXEOv4C5uN5iHfbQyWZpRMfqM5HAOicIYVZEiIl6FIQsnnP63NpwpQcWp6zkBiOd17yJj8gc1goQ5-d6SHrrwIVw&dbm_d=AKAmf-AMPPcNlUxjX16ugZszu-CL_7bzQ4YEmSl2ZI3sXMVKBJPthsm_z7Y0a7JUCKoy9Qs-RzxKP3j-LrYq5W00Fnfs1F-fHS5C_AadP3z32cTrwj31Ts4AXyarlfwRaZ9FCaNCyo8lW7-GC8i3d7qB2xssWsYIRlP8rGBuwy8r0F7fYOrDtyfog0Y5xySTawvi2DwR-KSNvqLULkxZmPiEDmj0b6bSBjsyee7IqzHpUBDt5CTiyremgqIpv3uB7V5ZMl4B4y0FN9Fgw6ZgtUaUgXnluqxfz_gy_x4WhGUCcE9ip0rxCSeA5pubYtFxE9aJQ1LrNl45sInuz3R9DSkIM_ZloReO-VZVKW-A0niJJ4z0SPO547gok302YRSLdiYKOx6d4SM38fguDUdWxmKQegkcW_UyoJLLkdIfojlIK13pCysEMnHY96BSzjhS5aPHEj90-VE3YHGB5P69YRnldBv6QSt8cTQgMPSsSoLrEqE0wDPYHjaArzvjMeCkj4WQxyf2L9txd4BT3l7vgro9PzUODSZzR_HvHvP9kNFf7Cn4TGUNaDQabfy8gft95GR3cBnSzplpjqNvY0VgpNYkXZQUjjNXa_jfgMLS4zR-wkXiMY6NJ8sZkc24STuhyxD_3fCVaCIxYy4ldkdD5RZoOOdlGHy3WsvwwqvQqmdWJbwYQZKhkeh3cUgy1Oir-_bnpG1AKNc_jI7MkkNZeSdsAhe9vtmJ6Gap_eQXvGmI8CMDV7OJXj6FSWCGZn-rajOJye-HYG1aKJi5KSUxWxIukU3hoMTySbOvmD4Vg_-PHwGvBIMgWzbHB9vXaZ97Y-DSa3uKVnJLIyCf4aVqruFmig6SPhTdMc4ubeFLlyfgJzHyTOUdN7IgxV5tPbyBqRptpcSITWUhfwkVGmPK_nBmyn9r46EdNxscmZ29UXQ8-og0Zlq9b4aMh8NOo5PyNI-RDqq5qW7fcD5X3ncUl5Vw0DISJKmFlX7IQAu-Jl8N65V8cXwGMnHcyBRqqRrmmTUsCywbVO6Zy4roZE-ppMVDK6wkARmr6hqpsS0r8qtr4MLeQb-9ec1LKeXIuQKDQTu_NO_F-6k2PpuacrojsZoL2Zu4Jf8pQHoReOU2WISQEgb-y76Guq6-i297NermuY_IQyA9tjJUTUlCNmz63bDz31Nislh3P1b72ZbY_1JqaUv0KR7Ydr3GBxsK1kJrj4XilJ1P7gVhoINJwIJvW6db2qaMjeoWXD3h8WbjnUyDtEo_9exWt9bLsZPj7NdVgiJPKF_jUBuYMqgkcYR9xMRAbX3QCVwdbuQEpXncJu0rKJ7y2BXo_ADtlhPbopMzoFdBXEA7MDZC5Us7F8RENUfavCHXffCQt96_LjyaNKiEzx37szWM8y4FBPo-6HbOK2DkIrJJT2A0fQQQ-8omqtqnT3oZrxokee60_QnD_BwbZzjm-Cv_4qv_vT-8sgfdXxCIRKJmEwj8Ta2T-B-_eJtZ3i3lqshR2yxRE8YKe2Jki9rpZ6Ev-M2ijBhATBqb-SaSvhZmMPFKi3tsyaw3yIbxUgCu-6IGGGxLkIc5K6gMTQ3Ox-qgmTnAnBanUP_BrTh401JPPnLUE_yvm2zSCbqEcez-FsCfEVFWIP3a8vHuKSJNZnjSkWovMsDIeUzQnrcdV8zM4m7CYJ80miZmwbBK7q5EfBKOaduOsSO62W7_fv1bkRvx-N8RvOdqvQjRZVXUrUk3RBfA5SdUyPHh7EkdYj4LF2EYyEtE-PvujRPlj4_HlHTklF0fgAyncA4V3hYpb_LnO3QJSiwRcLUL5ZrRKWK9jusC4mudsC9XZTdnaMKSmADeRNiFuU3eZAp-d9lt44GVktBItiwVuCQkbtVpOSesRMt2BBaxRrc8XYsw3yxrJjEl_eYgQz0BptZtUbqnSyrY_rl3lXJq26TWwF-VR5tVQ2KhjX8UVZJ_SXaupaat7t3oO8BJd2Ra5CU0jIjAjlc5UthErEKarRonuzOCurhBttfqnPXaFrVqWeyU2Xe-srhhkY0N6A_YPVomtvrLnR_nfLOv7y9CCfuVC2sSVJNj5Hpu5yEqHyk4PWfUSe4PXFXOq3weAvTz1-e1qGXLzVZj1uAuQuCfPuUHDR9-zurXavNQ1S7rRCXiy1s_5U85MSDwM35CbZdmA8OjtxeZKJhqSgJsbfF_NtzElfWrlp3PSI_EZ_EYrj0rNmb9oSppSVseIS5x7gyVJuwGkjgRJ8ZFTVdTyZMSZFWlpHp6yqBuH9AEu-aJD6oQmXu8UXwm-1nGIzbnANlIpte6-Q78CxLflyif7g6E2KNml3u6OBP9MZcrZJv5_4VNavo1TzDmMa3k5sBn_rC2hO9Y-UU4xC1GlSZtDPTZ5vWkk4BfiCitPc4PzcdqjQLD4u07k-XXOE9MqX21iLKaGXOfMI_fjNmaaT8jg2PP0alfbLAmLoLCQaGVCZieNbLu67uqSznPaJcvxpB_Ls0jRYaYCvOahkmZP3kpK23D6qGAoh_Ljjaql-wnD3aSrmqo_WIrEuVwnMd_Mv30V6A01lpwyAXDZqULnXdGShuT0IonC2UpIh5n26R5hCdylxgq36cdP3DBxy8y9fY9jWPQAgEEEQvhk4yYhqb90Y3UMVsGhioGFP6CjS8mCSIhvpFI8HS7CmMnkZh1scQjGhNp3lyIEbvfH8TOgKi3IwsW80CF5kgli8wVVAUiJpfgS1CVkT2hM17AE6OA_otpSkgnU3s28pK1MN20RzoEoDnmC9pAbce57Kh0e_VrAFT6wIyqr3PJBUVod_7SVp4eQ2sFYq4XAKinebtKytivGx1nk454AEXxQfuNjH-B46goZgythaPrIGVUdKog17m3RKQzq-C29ELG310itIQqsfVb-hQA-eY8MpL-8f3zg8mkMENoNOMI3VL_-0QhK839imydyvr-kO7_FGePTrcq9JX8yljkHh1pUPWSudvBJP7az2_6CsOgAbdFbpfs0ypvQu0z2J_kyVR2ujduWSVhXivb3chBOML39JHArMuWlWZGgWQ72A0rHkidDSh8tdNxU4E8n2Hzf4K6BToDH1TsVbyzAcOp2bYE8bFTEUb8Qwc2baHWuNEoVWsa61oR6l6PjxKepH88IwYdXKVttgBmOIuibDEuG3A9s_rGdbLi9YjBOe7KY2JHX3un2_U8LdzBLD4jdTorMiGElKq0SqcS5SzNIl6MHQgAUn73iAnn_MyNRwoUorGwvyTzLRiOkdjG2Yb6uNZc5Lk0qxn0aDrRdtZpEBUHQWps0HttemLeHYX1aiXJdo9Jgcw2sk4U0V9C-xLQw4b0-uaxkvjwMxdthoGs_ptLfniB98mnQl7mvw&cid=CAASEuRoCanhGbYWkuvlOR3cS7g3Tg&rfl=3%2Chttp%253A%252F%252Fzdorovia.com.ua%242%2Chttp%253A%252F%252Fzdorovia.com.ua%252F%240
Frame ID: 3AC629F64057C0DB1E565CCB2C310307
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155820319&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1660279441379&bpp=11&bdt=255&idt=159&shv=r20220809&mjsv=m202208080101&ptt=5&saldr=sa&correlator=6603141891572&frm=8&ife=1&pv=2&ga_vid=1281288135.1660279442&ga_sid=1660279442&ga_hid=296753254&ga_fc=0&nhd=2&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2716994411&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=1938943004259031&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.iia5htpsy5v0&fsb=1&dtd=170
Frame ID: F01F7E71E0CF71433A9B587CC2160F16
Requests: 1 HTTP requests in this frame

Frame: https://file.adpartner.pro/2085/2085828/zdorovia.com.ua_970x250_ruslan1.html?adId=2085828&unitId=7434&link=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F7434%2F2085828%2F04706a63-c19d-4030-a2be-7cdb146ad00d%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjYwMjc5NDQxLCJzaG93X2lkIjoiMDQ3MDZhNjMtYzE5ZC00MDMwLWEyYmUtN2NkYjE0NmFkMDBkIiwiYWRfdW5pdF9pZCI6NzQzNCwicnVsZV9pZCI6MTg0MzIzLCJhZF9pZCI6MjA4NTgyOCwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiNWY5ZThlYjktMDI4YS00YTdiLWIyYjctNjQzMGVhOTY5ODJiIiwicmVnaW9uX2lkIjo4Niwic3ViX3JlZ2lvbl9pZCI6MCwiY2l0eV9pZCI6MCwiaXNfcmVmcmVzaCI6ZmFsc2V9%26hash%3Db3cfc477defebddaa0f5c79963500259&showId=04706a63-c19d-4030-a2be-7cdb146ad00d&apuid=5f9e8eb9-028a-4a7b-b2b7-6430ea96982b
Frame ID: 369CDF4DE5F8DDC669E2158AF5E5DDD5
Requests: 8 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%25225f9e8eb9-028a-4a7b-b2b7-6430ea96982b%2522%252C%2522event%2522%253A%2522load%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2085828%252C%2522rule_id%2522%253A184323%252C%2522show_id%2522%253A%252204706a63-c19d-4030-a2be-7cdb146ad00d%2522%257D%255D%252C%2522unit_id%2522%253A7434%252C%2522region_id%2522%253A86%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%252204706a63-c19d-4030-a2be-7cdb146ad00d%2522%252C%2522url%2522%253A%2522http%253A%252F%252Fzdorovia.com.ua%252F%2522%257D
Frame ID: DB92C038DC3E58E1529BB0316EDAB6B6
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%25225f9e8eb9-028a-4a7b-b2b7-6430ea96982b%2522%252C%2522event%2522%253A%2522show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2085828%252C%2522rule_id%2522%253A184323%252C%2522show_id%2522%253A%252204706a63-c19d-4030-a2be-7cdb146ad00d%2522%257D%255D%252C%2522unit_id%2522%253A7434%252C%2522region_id%2522%253A86%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%252204706a63-c19d-4030-a2be-7cdb146ad00d%2522%252C%2522url%2522%253A%2522http%253A%252F%252Fzdorovia.com.ua%252F%2522%257D
Frame ID: E87F2A73B0BE5CB7FCB2D88E1D17FAA4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYjYjFwwEwAQ&v=APEucNVx3qEq-XZJFrdq4AzZ2PO5hfymXFTa8xSqxqXZoc8mYM3t4dqdwqIvH-gvIN__ZhDbWMHeFz7LZoDwvoGBPIf78oBLr_6e6D8hrbIDSaLn46l6SRY9woUh-VWsPtJn3hLZr5vRXDU1OpfH37Nvy7jcuVPNsPZk1QIXDycIwm_7ziAMhAk
Frame ID: C9FAB04DF64826407EA0CC3C0B1EAF7E
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 39C24CDC8EBC2BD8FB931D8D83AC2338
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 43B41E3425465213FDB7FB22E6A34B61
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155820292&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1660279441768&bpp=5&bdt=108&idt=211&shv=r20220809&mjsv=m202208080101&ptt=5&saldr=sa&correlator=7012374508926&frm=8&ife=1&pv=2&ga_vid=512157470.1660279442&ga_sid=1660279442&ga_hid=1939227915&ga_fc=0&nhd=2&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=450867083&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31064018&oid=2&pvsid=1101300467501551&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.xk6nio62alsx&fsb=1&dtd=221
Frame ID: 4C54C69A3DB0D99099239EC3B4B1F63E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E8FB93E08C0F9F55E9B0D197806AB9DC
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 51E5B945470F33BA69E489C65465D5FD
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17540355389342664024/index.html
Frame ID: 7F0B6FED1F83868912BE140BD5D4AB89
Requests: 11 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10562741012611280829/index.html?e=69&leftOffset=0&topOffset=0&c=3AyXPlNykl&t=1&renderingType=2&ev=01_247
Frame ID: DD8C0750BF3AA8EF74975B06D9C2B501
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D779A324435E03802F37E31468387FA7
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/1959314168492866429/index.html
Frame ID: B54669FB4B003D5BC24B9FB9E2F16C34
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 68A2F532E9D000A9B18B6D34E4624DC3
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CF5479C44B391DCADD4B5F22C86917C6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4CF52A55AAF8BD076C12A9AC3626DDA2
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9328E2A35ED275EAF15ECEA164CA7E93
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1BCA15066862201FDFB3AAF63FE27716
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK6UTBCgoVkYoduQrQEwAQ&v=APEucNUcWc1qTZu7zxtqEyDANCg42MwLXGfz2oPx1Ys5ifrQB75Qe8lDdCGmUiQEBASAQlG65UD88fyS6VEEDXNsGM7SZHr5Gg
Frame ID: 1E7B3D94B2709B472129D38827C4214B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BjTIP81iiS_TcbxAE1QJWmC0zh4jNZOnxp1caKulNwq-YiKc--4jKFN689p9lv_MzCIr7dng70tvqDe8FbnXF9zCu_Rt5jnHDM76klklZnBdPgAVXtx3l92OXCeG-guUKUuVtihOQYkuIJJwuN-oXR6gOHUA&cry=1&dbm_d=AKAmf-DqUSElatQF04SSpYDBDVGYQp1FhHFVdzvSzuY3u3QWOZaNDdjp5N8lj2-rH32Q4SIP5nLnAd_xJROOddbLPOCL5WzZ8NVEVyfUQen64FBA_3IuQvMgn6c3Ozo3cjw1xE1D6hH7Oggv_sVMpcJzyGXWFtGNwbiJ-ZW-Icyk2GkwZn-19YnvRXN7zE1HOyLVexYZEzbgKpfF-L8V6Vziiu9aOWpfPZYjklNpWsLhbC9wsCJ_Plob_jdde89-eYhRaUzrZ4okqV7TqQD3UVMjspCkrvhr8aEKTZCcV7ILxpr1mf7IdpD6LbsNyhXbd9R2hjSs9v4sgdyfFcZW0IN7MYZQlvEmK4REh8jCpuARSltHV_wyonx3dDUpssNfeG1bDFDibqnvhYmCM7EJ9_o9jDerdqHPnTO3C_lJKQ1AvVp-Ar_ekLcuw0mgp5Qvw2i0zCHE3wdAJScP47BIYxYkMz3qLkiJ9Yg8wOJhWHkxB4gV9k1_MtuvE4ix9HF6MX_YNYcJ_udeH7-C7f6OdJtXFcA4uS6rR9cMAo-isCRGE_lGY0jSw_VbMdFRDARsutQM6QiyVS2o3SLVUH8hqhZxGYm9pb8aMTHyLWkuRKfYlroQ-ukSpjhJskRni6em3ocM9YKzF6-sdX00dQ1geFt3Jsx1FWqyZAymRFORVwvAi-hXfLQrUM9z6j8YTZoe3q55f4B3lSzD-urhW1wiQVOpND8WrgdlyS3xQBs370fz53P5ptRCd33laJgxwSC8GIF0suTd75EK4pQNEuyEISZgUKPtw_8gOg2uT62iZONxQV11TNq6WXg8MBHrAz7PQDyAWlsA7hkrt-8TDOXppo-sPryj6cX3psztARi7Th0weyI0YpZC15EsdWVSSBq4AosX9_xFWS_TD4dg5dV6WuT-YJmuKKwLflODKEdZVnAh5H4a09TRhRSSSRZruofh2WmMrp5D55LoAbrCYNQEJ-C1fVB-mBmOZKBG7E3Pv0aNhRJ0vSaC6JcrmSNaLb6QffUqOD4bRxcxzUVoAAdXpY-oBsM7qe3idRC4kI_leaSgwSnik-W2GCZQV_CqeWWkID_t-5lj8ANOYJFz6G9kBt0I0DjtT1one5q92XSUU7PwEVpfWOCA8m1QL5Q1qh_mg1gFfOHK4hmLzBqlsCzHZ__G9lsJnAf-kKi6YNjaeW0h37IsbSPdey9ISbhzBpG7F0FEru0GRKpdyP6NZ45kJK6ABpa2smcgivd3JLlw3PY9TmzBm9MJT3u_u-dMQ_6fdxxN-k2ooGtkvH2HpDoQ7drE9wHCblIPgk9HD_O039hTLrWCzxouoEjHWFMJe7iGlG9XWeqpXHPvcCrVnf6DK9sjnRspei3LxqXUaOUvgfokBqUK9Jm4UJlmiurQjMgIJh1sFbR-mKlbxuU_oxkFRIzWgqWt6J8Oix5To0Tcw4frNijCO9NXOPkpnJrzaT0BqNB8EC3KQTp-4295bzO_UQdyokKN_WQ8RQ0Ifl570rlZejEbxYWQwz762afPJ4bzmtWZBguCRxTVmdLjYNPyZ-I5RnEgh_KysREr3IIda9NUppKQVwPRkFRdFAHZK4f-NEi9WIi9ibkOi4WQ7ddVpPsFQXLuk-Sdb13FNXyLWtxjcBJJXdNNy8Bh6WJtzY3gRkaOcMf25-HiwF1-W9lLlAAlwcliKsQVO2PyRT-7VdfU3R-Z2FhDthGpsAX5Q_t83ioKe3puqgEeh_5kjy8BihtYYxyVsRwOKlVWCi5SspGfHtSfUDJ_BgW8CHM6F9sxRvn_opK6MPmesyQH1CoNaeJ46MX7YvTN5k3JC-0TdRBbsRjF2_5hIxkraBCSDYLb9f_R1Z-Q9OHHPwOgKnakjqlAFQEhTKH7-jtv1_0fFLay0vkqCMV2qFCjd_VkRPUQRK2ahk3uYqnGgpKacyReHG3hEXOaS4Zi5pFYgV_RlK4Zcd8NPp-eQ3mV7ECoGdZXKGQKq8-9xJWZqeEcozT5zeMYp8DY8e5MQLOO87WWei_JPPhb8j0qoiA_YoUnrOAO1L-OHuVExbPLYQo1qp2cWFRM9CREuBkCcUTWJM3-gtNQxeBKH7j4w9FquiOQgRLiXiDGhOh_tJ7xE5ca4L4CHGVkqBuDqiVTHjDZiVYvPAaNmuXaQdF1Qsvj6zvzfMrUlIdUOLN_4Ttt29BxcE90zLQaqJLs_lj2Pz8C-Xso4gw9ixrJ8paAlgKfKs_s5bcqz93LOpZ5ac5zTterAi_19fY-i8I3ILrQMaeK4oif-Xwhc_EsjBvcUmVNl1xtR5KZdwZpse-_-u8Jc2ut9wJYdCCTTQQc1hlTLLzXGrRanZze3jxrWmYPOoscEiKrvM5Jt8iCTXoL9hotP3cIirOFhxsEnBq8A1Gb51Uw3jB4EVx52xOWirrmQf1zb_-eUV7N1IAfzA_AEJDYZ-Sg0LH8CefG-zcTpPnFIGTCSFDfZYMk5DNIPHAp2Him8tgzUOgwT_oKP7kA_XNbOEtvozQ9860Hmrz7cx3C5UPfJmjUXJw01dd1WCaBc6zmdb2KNKBxVKUzSgfA3F1-RBZnvZKXLn2YvZuBHDWQxKcKdzwGPpTmkuXgYt9ilCmmZBLx1oQsS4071A3PsEL3XBLrq2CuK55qeGv3GTIowRByZqrQF5Xx5UsG-rTEHjEHSKP6uDGA_UZBVBULLp_bnkiKZce7P5RUUCiE8hF3A1BjMRa0wc95u-aDAkRtA6RY7WpoQH8246uKFVLz6suHyFUu-hGi_2ULN-El7ZqfDSEYjW4FJTQFeV1zWg0kd_w0jNocTCtxb3PZTTi53WcSwh9M28uXdaJE18RyQXdVCevSdL3YsUq6zcxx7hy6nrbL-0I6yZxfgaH65fEwh7YKRThWhhoJoPPcQ7caXq0cMoXHHdFY9BKnkSPiXa0S_qvHxNAlRoDJCqcyIdKJ1nDY1BK0fVd0fEaloDC4BEV6cNPVpBO-90keRd8p08bQoY0dWl-jpCr6ieKx4kgrVw0X06i_H965rnXnd2WbhJm1ytJ8vB19G7E48IugbU44GAy9Tu51VQUvyP84H-DGTAlLqqck7BTIhxriyx_IB2CZnoOfmbh2ph2Lkm3rau040xQREBzOjcRSnZ-idOoYyszL8eHoc4naGGFgZEATMkpXopjawTtOD2ZfUJcvE4mxixWeYfqViloJKtpg0rL95Sp_3ViTtygdt7GF9u_35R4MNxsGHSZlMjSK1RVBGsBH7j8HfZ15hyOdlYKL5SbNoJxdvpNlF228BSAKqf-uwMSbICZ5l4kGnk_zRy0g2STWuoVDICmuqpYTI_SG_rgQemuZRWHPz3kiCDaxzbAmsc9Srg&cid=CAASEuRoWG6bghlOciiMvikgEpymyA&rfl=4%2Chttp%253A%252F%252Fzdorovia.com.ua%242%2C%2Chttps%253A%252F%252Ffile.adpartner.pro%252F%240
Frame ID: A448DDEB3F4BF8A9B0B8DB1B509E8D61
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: EB3493D2B1119F26196220DD376A5F0F
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js
Frame ID: B0CEE432CE4C3B0343AD314B7800B866
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C756F052B63003748A76368CBDDEFC91
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AE812C16E28C714007C980A6BA6A7E54
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Новини здоров'я, лікування та здорового харчування та очищення

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

689
Requests

72 %
HTTPS

22 %
IPv6

96
Domains

140
Subdomains

97
IPs

18
Countries

5647 kB
Transfer

11730 kB
Size

131
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 57
  • http://a4p.adpartner.pro/branding?id=1550&0.6851788346757033 HTTP 301
  • https://a4p.adpartner.pro/branding?id=1550&0.6851788346757033
Request Chain 58
  • http://www.google-analytics.com/ga.js HTTP 307
  • https://www.google-analytics.com/ga.js
Request Chain 59
  • http://counter.yadro.ru/hit?r;s1600*1200*24;uhttp%3A//zdorovia.com.ua/;h%u041D%u043E%u0432%u0438%u043D%u0438%20%u0437%u0434%u043E%u0440%u043E%u0432%27%u044F%2C%20%u043B%u0456%u043A%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u0437%u0434%u043E%u0440%u043E%u0432%u043E%u0433%u043E%20%u0445%u0430%u0440%u0447%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u043E%u0447%u0438%u0449%u0435%u043D%u043D%u044F;0.09035336356987034 HTTP 302
  • https://counter.yadro.ru/hit?r;s1600*1200*24;uhttp%3A//zdorovia.com.ua/;h%u041D%u043E%u0432%u0438%u043D%u0438%20%u0437%u0434%u043E%u0440%u043E%u0432%27%u044F%2C%20%u043B%u0456%u043A%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u0437%u0434%u043E%u0440%u043E%u0432%u043E%u0433%u043E%20%u0445%u0430%u0440%u0447%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u043E%u0447%u0438%u0449%u0435%u043D%u043D%u044F;0.09035336356987034 HTTP 302
  • https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttp%3A//zdorovia.com.ua/;h%u041D%u043E%u0432%u0438%u043D%u0438%20%u0437%u0434%u043E%u0440%u043E%u0432%27%u044F%2C%20%u043B%u0456%u043A%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u0437%u0434%u043E%u0440%u043E%u0432%u043E%u0433%u043E%20%u0445%u0430%u0440%u0447%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u043E%u0447%u0438%u0449%u0435%u043D%u043D%u044F;0.09035336356987034
Request Chain 67
  • http://c.bigmir.net/?v16918126&s16916513&t1&c1&n321575&w0&y0&d24&r1600 HTTP 302
  • http://i.bigmir.net/cnt/01.png
Request Chain 89
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=288672721&utmhn=zdorovia.com.ua&utmcs=windows-1251&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%27%D1%8F%2C%20%D0%BB%D1%96%D0%BA%D1%83%D0%B2%D0%B0%D0%BD%D0%BD%D1%8F%20%D1%82%D0%B0%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D1%85%D0%B0%D1%80%D1%87%D1%83%D0%B2%D0%B0%D0%BD%D0%BD%D1%8F%20%D1%82%D0%B0%20%D0%BE%D1%87%D0%B8%D1%89%D0%B5%D0%BD%D0%BD%D1%8F&utmhid=570234826&utmr=-&utmp=%2F&utmht=1660279439244&utmac=UA-37123827-1&utmcc=__utma%3D148597372.2117477704.1660279439.1660279439.1660279439.1%3B%2B__utmz%3D148597372.1660279439.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1481137170&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=288672721&utmhn=zdorovia.com.ua&utmcs=windows-1251&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%27%D1%8F%2C%20%D0%BB%D1%96%D0%BA%D1%83%D0%B2%D0%B0%D0%BD%D0%BD%D1%8F%20%D1%82%D0%B0%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D1%85%D0%B0%D1%80%D1%87%D1%83%D0%B2%D0%B0%D0%BD%D0%BD%D1%8F%20%D1%82%D0%B0%20%D0%BE%D1%87%D0%B8%D1%89%D0%B5%D0%BD%D0%BD%D1%8F&utmhid=570234826&utmr=-&utmp=%2F&utmht=1660279439244&utmac=UA-37123827-1&utmcc=__utma%3D148597372.2117477704.1660279439.1660279439.1660279439.1%3B%2B__utmz%3D148597372.1660279439.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1481137170&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-37123827-1&cid=2117477704.1660279439&jid=1481137170&_v=5.7.2&z=288672721 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37123827-1&cid=2117477704.1660279439&jid=1481137170&_v=5.7.2&z=288672721 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37123827-1&cid=2117477704.1660279439&jid=1481137170&_v=5.7.2&z=288672721&slf_rd=1&random=2173906596
Request Chain 96
  • https://creativecdn.com/cm-notify?pi=admixer HTTP 302
  • https://creativecdn.com/cm-notify?pi=admixer&tc=1
Request Chain 97
  • https://ib.adnxs.com/setuid?entity=533&code=697b573e3a4444e5bed84c52be179dbd HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D533%26code%3D697b573e3a4444e5bed84c52be179dbd
Request Chain 101
  • https://adx.adform.net/adx/?rp=4&bWlkPTMyMzA0Mw&callback=globalAml.oid_306148&url=http%3A%2F%2Fzdorovia.com.ua%2F HTTP 302
  • https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTMyMzA0Mw&callback=globalAml.oid_306148&url=http%3A%2F%2Fzdorovia.com.ua%2F
Request Chain 103
  • https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID HTTP 302
  • https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Request Chain 109
  • https://ups.analytics.yahoo.com/ups/58613/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58613/occ?verify=true HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=C08DEACC-8D75-434A-AEB2-F33238E285A8&id=y-cOskCipE2uFQ9Vw._Ge8qrNe5pY8YUoYOgegRvg-~A
Request Chain 110
  • https://x.bidswitch.net/sync?ssp=admixer&user_id=697b573e3a4444e5bed84c52be179dbd&gdpr=&gdpr_consent=&us_privacy=[usPrivacy] HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=admixer&user_id=697b573e3a4444e5bed84c52be179dbd&gdpr=&gdpr_consent=&us_privacy=[usPrivacy] HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dadmixer%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D%26gdpr_consent%3D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dadmixer%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D%26gdpr_consent%3D&crf=1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=2c22421b-987f-52e0-9bc8-746df93daefd&ssp=admixer&expires=30&user_group=1&gdpr=&gdpr_consent= HTTP 302
  • https://inv-nets.admixer.net/bs/cm.aspx?id=4e746a59-ecec-4d7d-8e77-93fe461a88b0&gdpr=&consent=&gdpr_pd=
Request Chain 111
  • https://pa.tns-ua.com/bug/pic.gif?tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=697b573e3a4444e5bed84c52be179dbd HTTP 302
  • https://pa.tns-ua.com/bug/pic.gif?cookie_detect=Z7AECC9DE27F4B09B25CCA3E3826E864&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=697b573e3a4444e5bed84c52be179dbd
Request Chain 115
  • https://sync.lemmatechnologies.com/setuid?publisher=144&gdpr=&gdpr_consent=&redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D5EB91493-F210-4EA3-B3C6-1AE3BD948878%26id%3D697b573e3a4444e5bed84c52be179dbd HTTP 302
  • https://x.bidswitch.net/sync?ssp=lemma&user_id=623331ea-19f9-11ed-921f-801844df0ab8 HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=lemma&bsw_custom_parameter=4e746a59-ecec-4d7d-8e77-93fe461a88b0 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=lemma&bsw_custom_parameter=4e746a59-ecec-4d7d-8e77-93fe461a88b0 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=ff401483-6f8c-4fd5-9988-fe2aa262eaa1&user_group=1&ssp=lemma&bsw_param=4e746a59-ecec-4d7d-8e77-93fe461a88b0 HTTP 302
  • https://sync.lemmatechnologies.com/setuid?bidder=bidswitch&uid=4e746a59-ecec-4d7d-8e77-93fe461a88b0 HTTP 302
  • https://x.bidswitch.net/sync?ssp=lemma&user_id=623331ea-19f9-11ed-921f-801844df0ab8 HTTP 302
  • https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=lemma&bsw_custom_parameter=4e746a59-ecec-4d7d-8e77-93fe461a88b0 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=lemma&expires=10&bsw_param=4e746a59-ecec-4d7d-8e77-93fe461a88b0 HTTP 302
  • https://sync.lemmatechnologies.com/setuid?bidder=bidswitch&uid=4e746a59-ecec-4d7d-8e77-93fe461a88b0 HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5EB91493-F210-4EA3-B3C6-1AE3BD948878&id=697b573e3a4444e5bed84c52be179dbd623331ea-19f9-11ed-921f-801844df0ab8
Request Chain 116
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D5BDCF84A-C9CB-4519-8A23-C01743D4AC38%26id%3D%7Buser_id%7D HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5BDCF84A-C9CB-4519-8A23-C01743D4AC38&id=5f9e8eb9-028a-4a7b-b2b7-6430ea96982b
Request Chain 117
  • https://ssum-sec.casalemedia.com/usermatchredir?s=197200&cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D&s=197200&C=1 HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=FCC51D18-EB58-4B22-B884-02E238CDD6F2&id=YvXakKz3F3YJ2dwgSLqF7wAAFAUAAAIB
Request Chain 122
  • https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID} HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}&crf=1 HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=2c22421b-987f-52e0-9bc8-746df93daefd
Request Chain 124
  • https://exchange.buzzoola.com/cookiesync/ssp/admixer?uid=697b573e3a4444e5bed84c52be179dbd HTTP 307
  • https://exchange.buzzoola.com/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=697b573e3a4444e5bed84c52be179dbd
Request Chain 128
  • http://a4p.adpartner.pro/media?site_id=444&unit_id=7434 HTTP 301
  • https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Request Chain 142
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D HTTP 307
  • https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=1434df1c-a4ef-46d8-bfd8-c394c675fbb7
Request Chain 144
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID HTTP 302
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Request Chain 147
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=5293695457308570661
Request Chain 148
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent&zcc=1&cb=1660279439897 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3863332768
Request Chain 149
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D HTTP 302
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D&ox_sc=1 HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=88777dc4-d5ff-4dbb-8cc0-8c42d432606b
Request Chain 152
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=5f9e8eb9-028a-4a7b-b2b7-6430ea96982b
Request Chain 153
  • https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=515fe546-fda1-4cda-b8f5-a653c7415c4c
Request Chain 154
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=8060044100840261388
Request Chain 155
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D537e6283-e085-4397-a301-d96a66c270aa%26redir%3D1 HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=537e6283-e085-4397-a301-d96a66c270aa&redir=1 HTTP 302
  • https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=697b573e3a4444e5bed84c52be179dbd
Request Chain 157
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D0d8eb1f604441514%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fu-ams02.e-planning.net%252Fum%253Fdc%253D8103fa85295fbe60%2526fi%253D0d8eb1f604441514%2526uid%253D%2524UID HTTP 302
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=0d8eb1f604441514&uid=7799509249833577706
Request Chain 158
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D0d8eb1f604441514%26uid%3D%24UID&partner=eplanning HTTP 302
  • https://u-ams02.e-planning.net/um?dc=e64f73568d2b3c34&fi=0d8eb1f604441514&uid=ed27bfc3-410b-5185-50f1-7cf5c50d7e7b
Request Chain 159
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_eu&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Request Chain 160
  • https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0d8eb1f604441514%26uid%3D HTTP 302
  • https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0d8eb1f604441514%26uid%3D&s=190243&C=1
Request Chain 169
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184-d HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17184-d
Request Chain 173
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D0d8eb1f604441514%26uid%3D%24UID HTTP 302
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=0d8eb1f604441514&uid=8646964217463635939
Request Chain 174
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D0d8eb1f604441514%26uid%3D%24UID&partner=eplanning HTTP 302
  • https://u-ams02.e-planning.net/um?dc=e64f73568d2b3c34&fi=0d8eb1f604441514&uid=8c1f3c42-96cb-2277-b418-ec7d8d78108f
Request Chain 176
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_eu&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Request Chain 177
  • https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0d8eb1f604441514%26uid%3D HTTP 302
  • https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0d8eb1f604441514%26uid%3D&s=190243&C=1
Request Chain 188
  • https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=9688f602e7544b82
Request Chain 192
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D611fdb6b-a91a-48af-6502-9a54b9594514%26reqId%3D46bcbb39-347e-450d-593d-646b82e33105%26zdid%3D1361 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D611fdb6b-a91a-48af-6502-9a54b9594514%26reqId%3D46bcbb39-347e-450d-593d-646b82e33105%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=df84487a-2355-4213-b201-793328432e5b&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=611fdb6b-a91a-48af-6502-9a54b9594514&reqId=46bcbb39-347e-450d-593d-646b82e33105&zdid=1361
Request Chain 198
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=611fdb6b-a91a-48af-6502-9a54b9594514&reqId=46bcbb39-347e-450d-593d-646b82e33105&zdid=1361 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=611fdb6b-a91a-48af-6502-9a54b9594514&reqId=46bcbb39-347e-450d-593d-646b82e33105&zdid=1361&s_h=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=60336be5-dff1-4d63-a34e-5713ee366bca&zpartnerid=317&gdpr=1&gdpr_consent=
Request Chain 199
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=611fdb6b-a91a-48af-6502-9a54b9594514&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D611fdb6b-a91a-48af-6502-9a54b9594514%26reqId%3D46bcbb39-347e-450d-593d-646b82e33105%26zdid%3D1361 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=611fdb6b-a91a-48af-6502-9a54b9594514&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D611fdb6b-a91a-48af-6502-9a54b9594514%26reqId%3D46bcbb39-347e-450d-593d-646b82e33105%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=25590141703174413311879166072642084875&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=611fdb6b-a91a-48af-6502-9a54b9594514&reqId=46bcbb39-347e-450d-593d-646b82e33105&zdid=1361
Request Chain 201
  • https://bn01.er.bemail.it/zeotap.php?_bid=611fdb6b-a91a-48af-6502-9a54b9594514&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=611fdb6b-a91a-48af-6502-9a54b9594514&reqId=46bcbb39-347e-450d-593d-646b82e33105&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=BE1-2022081212-53725-0.777046001660301856-cb62a5fd2ecdeffdc32b401e7a02818a&zdid=533&env=mWeb
Request Chain 202
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D611fdb6b-a91a-48af-6502-9a54b9594514%26reqId%3D46bcbb39-347e-450d-593d-646b82e33105%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=7130845897030039694&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=611fdb6b-a91a-48af-6502-9a54b9594514&reqId=46bcbb39-347e-450d-593d-646b82e33105&zdid=1361
Request Chain 204
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=611fdb6b-a91a-48af-6502-9a54b9594514&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D611fdb6b-a91a-48af-6502-9a54b9594514%26reqId%3D46bcbb39-347e-450d-593d-646b82e33105%26zdid%3D1361 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=611fdb6b-a91a-48af-6502-9a54b9594514&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D611fdb6b-a91a-48af-6502-9a54b9594514%26reqId%3D46bcbb39-347e-450d-593d-646b82e33105%26zdid%3D1361&bounce=1&random=1611062563 HTTP 302
  • https://mwzeom.zeotap.com/mw?webouuid=oU.T46DVGHFMnJ9Hs3s3C.&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=611fdb6b-a91a-48af-6502-9a54b9594514&reqId=46bcbb39-347e-450d-593d-646b82e33105&zdid=1361
Request Chain 206
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=611fdb6b-a91a-48af-6502-9a54b9594514?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=611fdb6b-a91a-48af-6502-9a54b9594514&reqId=46bcbb39-347e-450d-593d-646b82e33105&zdid=1361 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=611fdb6b-a91a-48af-6502-9a54b9594514?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=611fdb6b-a91a-48af-6502-9a54b9594514&reqId=46bcbb39-347e-450d-593d-646b82e33105&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=611fdb6b-a91a-48af-6502-9a54b9594514&reqId=46bcbb39-347e-450d-593d-646b82e33105&zdid=1361
Request Chain 207
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=y-4VHwiSNE2ooZVPoN5962TdfZFuTvd1qlRA--~A&zpartnerid=570&env=mWeb
Request Chain 208
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=611fdb6b-a91a-48af-6502-9a54b9594514&reqId=46bcbb39-347e-450d-593d-646b82e33105&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=ZT%2FyN%2BHo8kRR7esHGDvBYwlrKETpHthx%2BS41iYitP1U%3D
Request Chain 211
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D611fdb6b-a91a-48af-6502-9a54b9594514%26reqId%3D46bcbb39-347e-450d-593d-646b82e33105%26zdid%3D1361 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D611fdb6b-a91a-48af-6502-9a54b9594514%26reqId%3D46bcbb39-347e-450d-593d-646b82e33105%26zdid%3D1361&_test=YvXakAAFzlpxkABC
Request Chain 212
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D611fdb6b-a91a-48af-6502-9a54b9594514%26reqId%3D46bcbb39-347e-450d-593d-646b82e33105%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=bb4c62f5-da90-4f00-8962-29c84b965f7b&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=611fdb6b-a91a-48af-6502-9a54b9594514&reqId=46bcbb39-347e-450d-593d-646b82e33105&zdid=1361
Request Chain 213
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=611fdb6b-a91a-48af-6502-9a54b9594514&reqId=46bcbb39-347e-450d-593d-646b82e33105&zdid=1361 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=611fdb6b-a91a-48af-6502-9a54b9594514&reqId=46bcbb39-347e-450d-593d-646b82e33105&zdid=1361
Request Chain 214
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=611fdb6b-a91a-48af-6502-9a54b9594514&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=611fdb6b-a91a-48af-6502-9a54b9594514&reqId=46bcbb39-347e-450d-593d-646b82e33105&zdid=1361 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=611fdb6b-a91a-48af-6502-9a54b9594514&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=611fdb6b-a91a-48af-6502-9a54b9594514&reqId=46bcbb39-347e-450d-593d-646b82e33105&zdid=1361&dcc=t
Request Chain 216
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D611fdb6b-a91a-48af-6502-9a54b9594514%26reqId%3D46bcbb39-347e-450d-593d-646b82e33105%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=611fdb6b-a91a-48af-6502-9a54b9594514&reqId=46bcbb39-347e-450d-593d-646b82e33105&zdid=1361
Request Chain 220
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dedca303e-4dde-4b05-527e-8debcc82f85f%26reqId%3Db3f79964-3c7d-46c2-5d00-57b84929d822%26zdid%3D1361 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dedca303e-4dde-4b05-527e-8debcc82f85f%26reqId%3Db3f79964-3c7d-46c2-5d00-57b84929d822%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=df84487a-2355-4213-b201-793328432e5b&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=edca303e-4dde-4b05-527e-8debcc82f85f&reqId=b3f79964-3c7d-46c2-5d00-57b84929d822&zdid=1361
Request Chain 226
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=edca303e-4dde-4b05-527e-8debcc82f85f&reqId=b3f79964-3c7d-46c2-5d00-57b84929d822&zdid=1361 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=edca303e-4dde-4b05-527e-8debcc82f85f&reqId=b3f79964-3c7d-46c2-5d00-57b84929d822&zdid=1361&s_h=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=60336be5-dff1-4d63-a34e-5713ee366bca&zpartnerid=317&gdpr=1&gdpr_consent=
Request Chain 227
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=edca303e-4dde-4b05-527e-8debcc82f85f&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dedca303e-4dde-4b05-527e-8debcc82f85f%26reqId%3Db3f79964-3c7d-46c2-5d00-57b84929d822%26zdid%3D1361 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=edca303e-4dde-4b05-527e-8debcc82f85f&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dedca303e-4dde-4b05-527e-8debcc82f85f%26reqId%3Db3f79964-3c7d-46c2-5d00-57b84929d822%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=77178267387971667252146531016147296694&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=edca303e-4dde-4b05-527e-8debcc82f85f&reqId=b3f79964-3c7d-46c2-5d00-57b84929d822&zdid=1361
Request Chain 229
  • https://bn01.er.bemail.it/zeotap.php?_bid=edca303e-4dde-4b05-527e-8debcc82f85f&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=edca303e-4dde-4b05-527e-8debcc82f85f&reqId=b3f79964-3c7d-46c2-5d00-57b84929d822&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=BE1-2022081212-22660-0.781430001660301856-49118fad7af6abb8098dfd0a9d638013&zdid=533&env=mWeb
Request Chain 230
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dedca303e-4dde-4b05-527e-8debcc82f85f%26reqId%3Db3f79964-3c7d-46c2-5d00-57b84929d822%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=7130845897029777548&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=edca303e-4dde-4b05-527e-8debcc82f85f&reqId=b3f79964-3c7d-46c2-5d00-57b84929d822&zdid=1361
Request Chain 232
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=edca303e-4dde-4b05-527e-8debcc82f85f&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dedca303e-4dde-4b05-527e-8debcc82f85f%26reqId%3Db3f79964-3c7d-46c2-5d00-57b84929d822%26zdid%3D1361 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=edca303e-4dde-4b05-527e-8debcc82f85f&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dedca303e-4dde-4b05-527e-8debcc82f85f%26reqId%3Db3f79964-3c7d-46c2-5d00-57b84929d822%26zdid%3D1361&bounce=1&random=3980700304 HTTP 302
  • https://mwzeom.zeotap.com/mw?webouuid=oU.T46DVGHFMnJ9Hs3s3C.&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=edca303e-4dde-4b05-527e-8debcc82f85f&reqId=b3f79964-3c7d-46c2-5d00-57b84929d822&zdid=1361
Request Chain 234
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=edca303e-4dde-4b05-527e-8debcc82f85f?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=edca303e-4dde-4b05-527e-8debcc82f85f&reqId=b3f79964-3c7d-46c2-5d00-57b84929d822&zdid=1361 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=edca303e-4dde-4b05-527e-8debcc82f85f?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=edca303e-4dde-4b05-527e-8debcc82f85f&reqId=b3f79964-3c7d-46c2-5d00-57b84929d822&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=edca303e-4dde-4b05-527e-8debcc82f85f&reqId=b3f79964-3c7d-46c2-5d00-57b84929d822&zdid=1361
Request Chain 235
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=y-4VHwiSNE2ooZVPoN5962TdfZFuTvd1qlRA--~A&zpartnerid=570&env=mWeb
Request Chain 236
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=edca303e-4dde-4b05-527e-8debcc82f85f&reqId=b3f79964-3c7d-46c2-5d00-57b84929d822&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=pp8lEGAxl3pR7esHGDvBY8Wg49Kfnd1v%2BS41iYitP1U%3D
Request Chain 239
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dedca303e-4dde-4b05-527e-8debcc82f85f%26reqId%3Db3f79964-3c7d-46c2-5d00-57b84929d822%26zdid%3D1361 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dedca303e-4dde-4b05-527e-8debcc82f85f%26reqId%3Db3f79964-3c7d-46c2-5d00-57b84929d822%26zdid%3D1361&_test=YvXakAAFzmZxkQBC HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YvXakAAFzmZxkQBC&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=edca303e-4dde-4b05-527e-8debcc82f85f&reqId=b3f79964-3c7d-46c2-5d00-57b84929d822&zdid=1361&_test=YvXakAAFzmZxkQBC
Request Chain 240
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dedca303e-4dde-4b05-527e-8debcc82f85f%26reqId%3Db3f79964-3c7d-46c2-5d00-57b84929d822%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=01f162f5-da90-4b00-bf77-b30c2d967a94&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=edca303e-4dde-4b05-527e-8debcc82f85f&reqId=b3f79964-3c7d-46c2-5d00-57b84929d822&zdid=1361
Request Chain 241
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=edca303e-4dde-4b05-527e-8debcc82f85f&reqId=b3f79964-3c7d-46c2-5d00-57b84929d822&zdid=1361 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=edca303e-4dde-4b05-527e-8debcc82f85f&reqId=b3f79964-3c7d-46c2-5d00-57b84929d822&zdid=1361
Request Chain 242
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=edca303e-4dde-4b05-527e-8debcc82f85f&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=edca303e-4dde-4b05-527e-8debcc82f85f&reqId=b3f79964-3c7d-46c2-5d00-57b84929d822&zdid=1361 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=edca303e-4dde-4b05-527e-8debcc82f85f&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=edca303e-4dde-4b05-527e-8debcc82f85f&reqId=b3f79964-3c7d-46c2-5d00-57b84929d822&zdid=1361&dcc=t
Request Chain 244
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dedca303e-4dde-4b05-527e-8debcc82f85f%26reqId%3Db3f79964-3c7d-46c2-5d00-57b84929d822%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=edca303e-4dde-4b05-527e-8debcc82f85f&reqId=b3f79964-3c7d-46c2-5d00-57b84929d822&zdid=1361
Request Chain 275
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YvXakJVS64o8VSWD8lgv6wAABI8AAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YvXakJVS64o8VSWD8lgv6wAABI8AAAAB&dcc=t
Request Chain 276
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YvXakKiDGI75kSTold2WjQAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YvXakKiDGI75kSTold2WjQAA&google_tc= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJxuiRNho_GtfQoPfHXO-r8&google_cver=1&gdpr=1
Request Chain 279
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=1&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
Request Chain 280
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5124322322778394884
Request Chain 282
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=9fb262f5-da91-4200-97b9-c87005860231&gdpr=1&gdpr_consent=
Request Chain 286
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YvXakKiDGI75kSTold2WjQAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YvXakKiDGI75kSTold2WjQAA&google_tc= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDPQnhd3Bj_-XAjGXSlhQoM&google_cver=1&gdpr=1
Request Chain 287
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YvXakKiDGI75kSTold2WjQAABHgAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YvXakKiDGI75kSTold2WjQAABHgAAAIB&dcc=t
Request Chain 290
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=1&gdpr_consent= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=1434df1c-a4ef-46d8-bfd8-c394c675fbb7&us_privacy=null&gdpr_consent=null&gdpr=1
Request Chain 291
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1660365840&gdpr=1
Request Chain 326
  • http://a4p.adpartner.pro/media?site_id=444&unit_id=7434 HTTP 301
  • https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Request Chain 338
  • https://rtb.com.ru/admixer-sync?uid=697b573e3a4444e5bed84c52be179dbd HTTP 302
  • https://rtb.com.ru/sync?noRedirect=&sspKey=36&sspUserID=697b573e3a4444e5bed84c52be179dbd HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adspend&google_cm&google_hm=62f5da90c52f155dcba8ff6e&r=https%3A%2F%2Fprodmp.ru%2Frefocus.gif%3Fdsp_provider_id%3D2%26uid%3D62f5da90c52f155dcba8ff6e%26duid%3D%26r%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253D6472613%2526id%253D62f5da90c52f155dcba8ff6e%2526dest%253Dhttps%25253A%25252F%25252Fdmg.digitaltarget.ru%25252F1%25252F224%25252Fi%25252Fi%25253Fa%25253D224%252526e%25253D62f5da90c52f155dcba8ff6e%252526i%25253D1216805155920772796%252526r%25253Dhttps%2525253A%2525252F%2525252Fsync.1dmp.io%2525252Fpixel.gif%2525253Fcid%2525253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%25252526pid%2525253Dw%25252526uid%2525253D62f5da90c52f155dcba8ff6e%25252526ru%2525253Dhttps%252525253A%252525252F%252525252Fcm.p.altergeo.ru%252525252Fspnd%252525253Faid%252525253D62f5da90c52f155dcba8ff6e%2525252526nc%252525253D2988939296500360700%2525252526url%252525253Dhttps%25252525253A%25252525252F%25252525252Fadx.com.ru%25252525252Fadspend-sync%25252525253Fuid%25252525253D62f5da90c52f155dcba8ff6e%252525252526r%25252525253Dhttps%2525252525253A%2525252525252F%2525252525252Fan.yandex.ru%2525252525252Fsetud%2525252525252Fadspend%2525252525252F8Qvfzrid7dtdBwbnPWMAiS%2525252525253Fsign%2525252525253D3082097917%25252525252526location%2525252525253Dhttps%252525252525253A%252525252525252F%252525252525252Ftop-fwz1.mail.ru%252525252525252Fcounter%252525252525253Fid%252525252525253D3138228%252525252525253Bpid%252525252525253D62f5da90c52f155dcba8ff6e HTTP 302
  • https://rtb.com.ru/adx-sync?r=https%3A%2F%2Fprodmp.ru%2Frefocus.gif%3Fdsp_provider_id%3D2%26uid%3D62f5da90c52f155dcba8ff6e%26duid%3D%26r%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253D6472613%2526id%253D62f5da90c52f155dcba8ff6e%2526dest%253Dhttps%25253A%25252F%25252Fdmg.digitaltarget.ru%25252F1%25252F224%25252Fi%25252Fi%25253Fa%25253D224%252526e%25253D62f5da90c52f155dcba8ff6e%252526i%25253D1216805155920772796%252526r%25253Dhttps%2525253A%2525252F%2525252Fsync.1dmp.io%2525252Fpixel.gif%2525253Fcid%2525253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%25252526pid%2525253Dw%25252526uid%2525253D62f5da90c52f155dcba8ff6e%25252526ru%2525253Dhttps%252525253A%252525252F%252525252Fcm.p.altergeo.ru%252525252Fspnd%252525253Faid%252525253D62f5da90c52f155dcba8ff6e%2525252526nc%252525253D2988939296500360700%2525252526url%252525253Dhttps%25252525253A%25252525252F%25252525252Fadx.com.ru%25252525252Fadspend-sync%25252525253Fuid%25252525253D62f5da90c52f155dcba8ff6e%252525252526r%25252525253Dhttps%2525252525253A%2525252525252F%2525252525252Fan.yandex.ru%2525252525252Fsetud%2525252525252Fadspend%2525252525252F8Qvfzrid7dtdBwbnPWMAiS%2525252525253Fsign%2525252525253D3082097917%25252525252526location%2525252525253Dhttps%252525252525253A%252525252525252F%252525252525252Ftop-fwz1.mail.ru%252525252525252Fcounter%252525252525253Fid%252525252525253D3138228%252525252525253Bpid%252525252525253D62f5da90c52f155dcba8ff6e&google_gid=CAESEL9kpT6BlrVkCEWe1igJECg&google_cver=1 HTTP 302
  • https://prodmp.ru/refocus.gif?dsp_provider_id=2&uid=62f5da90c52f155dcba8ff6e&duid=&r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D6472613%26id%3D62f5da90c52f155dcba8ff6e%26dest%3Dhttps%253A%252F%252Fdmg.digitaltarget.ru%252F1%252F224%252Fi%252Fi%253Fa%253D224%2526e%253D62f5da90c52f155dcba8ff6e%2526i%253D1216805155920772796%2526r%253Dhttps%25253A%25252F%25252Fsync.1dmp.io%25252Fpixel.gif%25253Fcid%25253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%252526pid%25253Dw%252526uid%25253D62f5da90c52f155dcba8ff6e%252526ru%25253Dhttps%2525253A%2525252F%2525252Fcm.p.altergeo.ru%2525252Fspnd%2525253Faid%2525253D62f5da90c52f155dcba8ff6e%25252526nc%2525253D2988939296500360700%25252526url%2525253Dhttps%252525253A%252525252F%252525252Fadx.com.ru%252525252Fadspend-sync%252525253Fuid%252525253D62f5da90c52f155dcba8ff6e%2525252526r%252525253Dhttps%25252525253A%25252525252F%25252525252Fan.yandex.ru%25252525252Fsetud%25252525252Fadspend%25252525252F8Qvfzrid7dtdBwbnPWMAiS%25252525253Fsign%25252525253D3082097917%252525252526location%25252525253Dhttps%2525252525253A%2525252525252F%2525252525252Ftop-fwz1.mail.ru%2525252525252Fcounter%2525252525253Fid%2525252525253D3138228%2525252525253Bpid%2525252525253D62f5da90c52f155dcba8ff6e HTTP 302
  • https://counter.yadro.ru/id127/refocusdmp-id.gif?uid=62f5da90c52f155dcba8ff6e&r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D6472613%26id%3D62f5da90c52f155dcba8ff6e%26dest%3Dhttps%253A%252F%252Fdmg.digitaltarget.ru%252F1%252F224%252Fi%252Fi%253Fa%253D224%2526e%253D62f5da90c52f155dcba8ff6e%2526i%253D1216805155920772796%2526r%253Dhttps%25253A%25252F%25252Fsync.1dmp.io%25252Fpixel.gif%25253Fcid%25253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%252526pid%25253Dw%252526uid%25253D62f5da90c52f155dcba8ff6e%252526ru%25253Dhttps%2525253A%2525252F%2525252Fcm.p.altergeo.ru%2525252Fspnd%2525253Faid%2525253D62f5da90c52f155dcba8ff6e%25252526nc%2525253D2988939296500360700%25252526url%2525253Dhttps%252525253A%252525252F%252525252Fadx.com.ru%252525252Fadspend-sync%252525253Fuid%252525253D62f5da90c52f155dcba8ff6e%2525252526r%252525253Dhttps%25252525253A%25252525252F%25252525252Fan.yandex.ru%25252525252Fsetud%25252525252Fadspend%25252525252F8Qvfzrid7dtdBwbnPWMAiS%25252525253Fsign%25252525253D3082097917%252525252526location%25252525253Dhttps%2525252525253A%2525252525252F%2525252525252Ftop-fwz1.mail.ru%2525252525252Fcounter%2525252525253Fid%2525252525253D3138228%2525252525253Bpid%2525252525253D62f5da90c52f155dcba8ff6e&dsp_provider_id=2 HTTP 302
  • https://prodmp.ru/li?guid=1D6CE891C37C3FB485FC&uid=62f5da90c52f155dcba8ff6e&r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D6472613%26id%3D62f5da90c52f155dcba8ff6e%26dest%3Dhttps%253A%252F%252Fdmg.digitaltarget.ru%252F1%252F224%252Fi%252Fi%253Fa%253D224%2526e%253D62f5da90c52f155dcba8ff6e%2526i%253D1216805155920772796%2526r%253Dhttps%25253A%25252F%25252Fsync.1dmp.io%25252Fpixel.gif%25253Fcid%25253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%252526pid%25253Dw%252526uid%25253D62f5da90c52f155dcba8ff6e%252526ru%25253Dhttps%2525253A%2525252F%2525252Fcm.p.altergeo.ru%2525252Fspnd%2525253Faid%2525253D62f5da90c52f155dcba8ff6e%25252526nc%2525253D2988939296500360700%25252526url%2525253Dhttps%252525253A%252525252F%252525252Fadx.com.ru%252525252Fadspend-sync%252525253Fuid%252525253D62f5da90c52f155dcba8ff6e%2525252526r%252525253Dhttps%25252525253A%25252525252F%25252525252Fan.yandex.ru%25252525252Fsetud%25252525252Fadspend%25252525252F8Qvfzrid7dtdBwbnPWMAiS%25252525253Fsign%25252525253D3082097917%252525252526location%25252525253Dhttps%2525252525253A%2525252525252F%2525252525252Ftop-fwz1.mail.ru%2525252525252Fcounter%2525252525253Fid%2525252525253D3138228%2525252525253Bpid%2525252525253D62f5da90c52f155dcba8ff6e&dsp_provider_id=2 HTTP 302
  • https://an.yandex.ru/mapuid/dmpmediadesk/62f5da90c52f155dcba8ff6e?sign=d2aa0353&location=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D6472613%26id%3D62f5da90c52f155dcba8ff6e%26dest%3Dhttps%253A%252F%252Fdmg.digitaltarget.ru%252F1%252F224%252Fi%252Fi%253Fa%253D224%2526e%253D62f5da90c52f155dcba8ff6e%2526i%253D1216805155920772796%2526r%253Dhttps%25253A%25252F%25252Fsync.1dmp.io%25252Fpixel.gif%25253Fcid%25253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%252526pid%25253Dw%252526uid%25253D62f5da90c52f155dcba8ff6e%252526ru%25253Dhttps%2525253A%2525252F%2525252Fcm.p.altergeo.ru%2525252Fspnd%2525253Faid%2525253D62f5da90c52f155dcba8ff6e%25252526nc%2525253D2988939296500360700%25252526url%2525253Dhttps%252525253A%252525252F%252525252Fadx.com.ru%252525252Fadspend-sync%252525253Fuid%252525253D62f5da90c52f155dcba8ff6e%2525252526r%252525253Dhttps%25252525253A%25252525252F%25252525252Fan.yandex.ru%25252525252Fsetud%25252525252Fadspend%25252525252F8Qvfzrid7dtdBwbnPWMAiS%25252525253Fsign%25252525253D3082097917%252525252526location%25252525253Dhttps%2525252525253A%2525252525252F%2525252525252Ftop-fwz1.mail.ru%2525252525252Fcounter%2525252525253Fid%2525252525253D3138228%2525252525253Bpid%2525252525253D62f5da90c52f155dcba8ff6e HTTP 302
  • https://an.yandex.ru/mapuid/dmpmediadesk/62f5da90c52f155dcba8ff6e?redir-setuniq=1&sign=d2aa0353&location=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D6472613%26id%3D62f5da90c52f155dcba8ff6e%26dest%3Dhttps%253A%252F%252Fdmg.digitaltarget.ru%252F1%252F224%252Fi%252Fi%253Fa%253D224%2526e%253D62f5da90c52f155dcba8ff6e%2526i%253D1216805155920772796%2526r%253Dhttps%25253A%25252F%25252Fsync.1dmp.io%25252Fpixel.gif%25253Fcid%25253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%252526pid%25253Dw%252526uid%25253D62f5da90c52f155dcba8ff6e%252526ru%25253Dhttps%2525253A%2525252F%2525252Fcm.p.altergeo.ru%2525252Fspnd%2525253Faid%2525253D62f5da90c52f155dcba8ff6e%25252526nc%2525253D2988939296500360700%25252526url%2525253Dhttps%252525253A%252525252F%252525252Fadx.com.ru%252525252Fadspend-sync%252525253Fuid%252525253D62f5da90c52f155dcba8ff6e%2525252526r%252525253Dhttps%25252525253A%25252525252F%25252525252Fan.yandex.ru%25252525252Fsetud%25252525252Fadspend%25252525252F8Qvfzrid7dtdBwbnPWMAiS%25252525253Fsign%25252525253D3082097917%252525252526location%25252525253Dhttps%2525252525253A%2525252525252F%2525252525252Ftop-fwz1.mail.ru%2525252525252Fcounter%2525252525253Fid%2525252525253D3138228%2525252525253Bpid%2525252525253D62f5da90c52f155dcba8ff6e HTTP 302
  • https://x01.aidata.io/0.gif?pid=6472613&id=62f5da90c52f155dcba8ff6e&dest=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F224%2Fi%2Fi%3Fa%3D224%26e%3D62f5da90c52f155dcba8ff6e%26i%3D1216805155920772796%26r%3Dhttps%253A%252F%252Fsync.1dmp.io%252Fpixel.gif%253Fcid%253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%2526pid%253Dw%2526uid%253D62f5da90c52f155dcba8ff6e%2526ru%253Dhttps%25253A%25252F%25252Fcm.p.altergeo.ru%25252Fspnd%25253Faid%25253D62f5da90c52f155dcba8ff6e%252526nc%25253D2988939296500360700%252526url%25253Dhttps%2525253A%2525252F%2525252Fadx.com.ru%2525252Fadspend-sync%2525253Fuid%2525253D62f5da90c52f155dcba8ff6e%25252526r%2525253Dhttps%252525253A%252525252F%252525252Fan.yandex.ru%252525252Fsetud%252525252Fadspend%252525252F8Qvfzrid7dtdBwbnPWMAiS%252525253Fsign%252525253D3082097917%2525252526location%252525253Dhttps%25252525253A%25252525252F%25252525252Ftop-fwz1.mail.ru%25252525252Fcounter%25252525253Fid%25252525253D3138228%25252525253Bpid%25252525253D62f5da90c52f155dcba8ff6e HTTP 302
  • https://x01.aidata.io/0.gif?pid=6472613&id=62f5da90c52f155dcba8ff6e&dest=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F224%2Fi%2Fi%3Fa%3D224%26e%3D62f5da90c52f155dcba8ff6e%26i%3D1216805155920772796%26r%3Dhttps%253A%252F%252Fsync.1dmp.io%252Fpixel.gif%253Fcid%253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%2526pid%253Dw%2526uid%253D62f5da90c52f155dcba8ff6e%2526ru%253Dhttps%25253A%25252F%25252Fcm.p.altergeo.ru%25252Fspnd%25253Faid%25253D62f5da90c52f155dcba8ff6e%252526nc%25253D2988939296500360700%252526url%25253Dhttps%2525253A%2525252F%2525252Fadx.com.ru%2525252Fadspend-sync%2525253Fuid%2525253D62f5da90c52f155dcba8ff6e%25252526r%2525253Dhttps%252525253A%252525252F%252525252Fan.yandex.ru%252525252Fsetud%252525252Fadspend%252525252F8Qvfzrid7dtdBwbnPWMAiS%252525253Fsign%252525253D3082097917%2525252526location%252525253Dhttps%25252525253A%25252525252F%25252525252Ftop-fwz1.mail.ru%25252525252Fcounter%25252525253Fid%25252525253D3138228%25252525253Bpid%25252525253D62f5da90c52f155dcba8ff6e&bounce=1 HTTP 302
  • https://dmg.digitaltarget.ru/1/224/i/i?a=224&e=62f5da90c52f155dcba8ff6e&i=1216805155920772796&r=https%3A%2F%2Fsync.1dmp.io%2Fpixel.gif%3Fcid%3Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%26pid%3Dw%26uid%3D62f5da90c52f155dcba8ff6e%26ru%3Dhttps%253A%252F%252Fcm.p.altergeo.ru%252Fspnd%253Faid%253D62f5da90c52f155dcba8ff6e%2526nc%253D2988939296500360700%2526url%253Dhttps%25253A%25252F%25252Fadx.com.ru%25252Fadspend-sync%25253Fuid%25253D62f5da90c52f155dcba8ff6e%252526r%25253Dhttps%2525253A%2525252F%2525252Fan.yandex.ru%2525252Fsetud%2525252Fadspend%2525252F8Qvfzrid7dtdBwbnPWMAiS%2525253Fsign%2525253D3082097917%25252526location%2525253Dhttps%252525253A%252525252F%252525252Ftop-fwz1.mail.ru%252525252Fcounter%252525253Fid%252525253D3138228%252525253Bpid%252525253D62f5da90c52f155dcba8ff6e HTTP 307
  • https://dmg.digitaltarget.ru/awg/custom/224/i/i?call_source=awg&a=224&e=62f5da90c52f155dcba8ff6e&i=1216805155920772796&r=https%3A%2F%2Fsync.1dmp.io%2Fpixel.gif%3Fcid%3Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%26pid%3Dw%26uid%3D62f5da90c52f155dcba8ff6e%26ru%3Dhttps%253A%252F%252Fcm.p.altergeo.ru%252Fspnd%253Faid%253D62f5da90c52f155dcba8ff6e%2526nc%253D2988939296500360700%2526url%253Dhttps%25253A%25252F%25252Fadx.com.ru%25252Fadspend-sync%25253Fuid%25253D62f5da90c52f155dcba8ff6e%252526r%25253Dhttps%2525253A%2525252F%2525252Fan.yandex.ru%2525252Fsetud%2525252Fadspend%2525252F8Qvfzrid7dtdBwbnPWMAiS%2525253Fsign%2525253D3082097917%25252526location%2525253Dhttps%252525253A%252525252F%252525252Ftop-fwz1.mail.ru%252525252Fcounter%252525253Fid%252525253D3138228%252525253Bpid%252525253D62f5da90c52f155dcba8ff6e HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=crossmedia_ddp&google_cm=&code=224&ts=mrb0YyOPR77TjO67ADfp&redirect=https%3A%2F%2Fsync.1dmp.io%2Fpixel.gif%3Fcid%3Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%26pid%3Dw%26uid%3D62f5da90c52f155dcba8ff6e%26ru%3Dhttps%253A%252F%252Fcm.p.altergeo.ru%252Fspnd%253Faid%253D62f5da90c52f155dcba8ff6e%2526nc%253D2988939296500360700%2526url%253Dhttps%25253A%25252F%25252Fadx.com.ru%25252Fadspend-sync%25253Fuid%25253D62f5da90c52f155dcba8ff6e%252526r%25253Dhttps%2525253A%2525252F%2525252Fan.yandex.ru%2525252Fsetud%2525252Fadspend%2525252F8Qvfzrid7dtdBwbnPWMAiS%2525253Fsign%2525253D3082097917%25252526location%2525253Dhttps%252525253A%252525252F%252525252Ftop-fwz1.mail.ru%252525252Fcounter%252525253Fid%252525253D3138228%252525253Bpid%252525253D62f5da90c52f155dcba8ff6e HTTP 302
  • https://dmg.digitaltarget.ru/awg/7162?a=155&e=CAESEHzwQjO1kvXvi6uqta2fK8o&ver=1&google_error=&code=224&ts=mrb0YyOPR77TjO67ADfp&redirect=https%3A%2F%2Fsync.1dmp.io%2Fpixel.gif%3Fcid%3Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%26pid%3Dw%26uid%3D62f5da90c52f155dcba8ff6e%26ru%3Dhttps%253A%252F%252Fcm.p.altergeo.ru%252Fspnd%253Faid%253D62f5da90c52f155dcba8ff6e%2526nc%253D2988939296500360700%2526url%253Dhttps%25253A%25252F%25252Fadx.com.ru%25252Fadspend-sync%25253Fuid%25253D62f5da90c52f155dcba8ff6e%252526r%25253Dhttps%2525253A%2525252F%2525252Fan.yandex.ru%2525252Fsetud%2525252Fadspend%2525252F8Qvfzrid7dtdBwbnPWMAiS%2525253Fsign%2525253D3082097917%25252526location%2525253Dhttps%252525253A%252525252F%252525252Ftop-fwz1.mail.ru%252525252Fcounter%252525253Fid%252525253D3138228%252525253Bpid%252525253D62f5da90c52f155dcba8ff6e HTTP 307
  • https://sync.1dmp.io/pixel.gif?cid=fe2375b0-c617-4a6d-ab2d-f9f457ba8100&pid=w&uid=62f5da90c52f155dcba8ff6e&ru=https%3A%2F%2Fcm.p.altergeo.ru%2Fspnd%3Faid%3D62f5da90c52f155dcba8ff6e%26nc%3D2988939296500360700%26url%3Dhttps%253A%252F%252Fadx.com.ru%252Fadspend-sync%253Fuid%253D62f5da90c52f155dcba8ff6e%2526r%253Dhttps%25253A%25252F%25252Fan.yandex.ru%25252Fsetud%25252Fadspend%25252F8Qvfzrid7dtdBwbnPWMAiS%25253Fsign%25253D3082097917%252526location%25253Dhttps%2525253A%2525252F%2525252Ftop-fwz1.mail.ru%2525252Fcounter%2525253Fid%2525253D3138228%2525253Bpid%2525253D62f5da90c52f155dcba8ff6e HTTP 302
  • https://sync.1dmp.io/pixel.gif?cid=fe2375b0-c617-4a6d-ab2d-f9f457ba8100&pid=w&uid=62f5da90c52f155dcba8ff6e&ru=https%3A%2F%2Fcm.p.altergeo.ru%2Fspnd%3Faid%3D62f5da90c52f155dcba8ff6e%26nc%3D2988939296500360700%26url%3Dhttps%253A%252F%252Fadx.com.ru%252Fadspend-sync%253Fuid%253D62f5da90c52f155dcba8ff6e%2526r%253Dhttps%25253A%25252F%25252Fan.yandex.ru%25252Fsetud%25252Fadspend%25252F8Qvfzrid7dtdBwbnPWMAiS%25253Fsign%25253D3082097917%252526location%25253Dhttps%2525253A%2525252F%2525252Ftop-fwz1.mail.ru%2525252Fcounter%2525253Fid%2525253D3138228%2525253Bpid%2525253D62f5da90c52f155dcba8ff6e&cs=1 HTTP 302
  • https://cm.p.altergeo.ru/spnd?aid=62f5da90c52f155dcba8ff6e&nc=2988939296500360700&url=https%3A%2F%2Fadx.com.ru%2Fadspend-sync%3Fuid%3D62f5da90c52f155dcba8ff6e%26r%3Dhttps%253A%252F%252Fan.yandex.ru%252Fsetud%252Fadspend%252F8Qvfzrid7dtdBwbnPWMAiS%253Fsign%253D3082097917%2526location%253Dhttps%25253A%25252F%25252Ftop-fwz1.mail.ru%25252Fcounter%25253Fid%25253D3138228%25253Bpid%25253D62f5da90c52f155dcba8ff6e HTTP 302
  • https://cm.p.altergeo.ru/spnd?aid=62f5da90c52f155dcba8ff6e&nc=2988939296500360700&url=https%3A%2F%2Fadx.com.ru%2Fadspend-sync%3Fuid%3D62f5da90c52f155dcba8ff6e%26r%3Dhttps%253A%252F%252Fan.yandex.ru%252Fsetud%252Fadspend%252F8Qvfzrid7dtdBwbnPWMAiS%253Fsign%253D3082097917%2526location%253Dhttps%25253A%25252F%25252Ftop-fwz1.mail.ru%25252Fcounter%25253Fid%25253D3138228%25253Bpid%25253D62f5da90c52f155dcba8ff6e&cc=1 HTTP 302
  • https://adx.com.ru/adspend-sync?uid=62f5da90c52f155dcba8ff6e&r=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fadspend%2F8Qvfzrid7dtdBwbnPWMAiS%3Fsign%3D3082097917%26location%3Dhttps%253A%252F%252Ftop-fwz1.mail.ru%252Fcounter%253Fid%253D3138228%253Bpid%253D62f5da90c52f155dcba8ff6e
Request Chain 345
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D43a10520d0702469%26uid%3D%24UID&partner=eplanning HTTP 302
  • https://u-ams02.e-planning.net/um?dc=e64f73568d2b3c34&fi=43a10520d0702469&uid=8c1f3c42-96cb-2277-b418-ec7d8d78108f
Request Chain 348
  • https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=515fe546-fda1-4cda-b8f5-a653c7415c4c
Request Chain 349
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=5f9e8eb9-028a-4a7b-b2b7-6430ea96982b
Request Chain 350
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2480457412
Request Chain 351
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=88777dc4-d5ff-4dbb-8cc0-8c42d432606b
Request Chain 352
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=7799509249833577706
Request Chain 354
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D HTTP 307
  • https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=1434df1c-a4ef-46d8-bfd8-c394c675fbb7
Request Chain 358
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=7799509249833577706
Request Chain 359
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D537e6283-e085-4397-a301-d96a66c270aa%26redir%3D1 HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=537e6283-e085-4397-a301-d96a66c270aa&redir=1 HTTP 302
  • https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=697b573e3a4444e5bed84c52be179dbd
Request Chain 362
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_eu&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Request Chain 368
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID HTTP 303
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=2507871231717652556
Request Chain 369
  • https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=9688f602e7544b82
Request Chain 371
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D43a10520d0702469%26uid%3D%24UID&partner=eplanning HTTP 302
  • https://u-ams02.e-planning.net/um?dc=e64f73568d2b3c34&fi=43a10520d0702469&uid=8c1f3c42-96cb-2277-b418-ec7d8d78108f
Request Chain 372
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dedca303e-4dde-4b05-527e-8debcc82f85f%26reqId%3D40f71907-69b8-4414-6a69-be59bbd138e2%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=edca303e-4dde-4b05-527e-8debcc82f85f&reqId=40f71907-69b8-4414-6a69-be59bbd138e2&zdid=1361
Request Chain 374
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184-d HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17184-d
Request Chain 380
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_eu&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Request Chain 394
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4014191389595819986
Request Chain 396
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=7f2862f5-da91-4100-85d5-55d68aef2b2f&gdpr=1&gdpr_consent=
Request Chain 397
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Request Chain 411
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dedca303e-4dde-4b05-527e-8debcc82f85f%26reqId%3Dc675a461-1777-404b-4e6d-c365ec37f086%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=edca303e-4dde-4b05-527e-8debcc82f85f&reqId=c675a461-1777-404b-4e6d-c365ec37f086&zdid=1361
Request Chain 426
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=eX0GRisuWUJieVQRK3xNQCp_AUVifVZLLn0ILlFZ
Request Chain 427
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
  • https://um.simpli.fi/no_match_opted_out
Request Chain 429
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Request Chain 495
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJxuiRNho_GtfQoPfHXO-r8&google_cver=1
Request Chain 496
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YvXakKiDGI75kSTold2WjQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJxuiRNho_GtfQoPfHXO-r8&google_cver=1
Request Chain 497
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELjpikXBpHFHNi7rIyt3EPc&google_cver=1
Request Chain 498
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzc5OTUwOTI0OTgzMzU3NzcwNg%3D%3D
Request Chain 499
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKmt6XLQ1lCWmaTVNQJyBVY&google_cver=1
Request Chain 501
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEDJVjqjs_urMDMa6h24-YX4&google_cver=1
Request Chain 530
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEDmav9T-r49XS59or3ioT7w&google_cver=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEDmav9T-r49XS59or3ioT7w&google_cver=1&__user_check__=1&sync_id=63a7dcb9-19f9-11ed-929e-1a7cb9e30206
Request Chain 531
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=63a7e2cb-19f9-11ed-a11e-1d21b9eb0406 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NjNhN2RjODItMTlmOS0xMWVkLTkyOWUtMWE3Y2I5ZTMwMjA2
Request Chain 532
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1lRUpmR2x0RTJ1RXZhN3kzTm1WNThQT0U0X1REZmVHbH5B
Request Chain 534
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=3i36soJlC-gQ-qk8155oIRZQg&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=3i36soJlC-gQ-qk8155oIRZQg&gdpr=0&gdpr_consent=&google_gid=CAESEI-6XlN7DtuiMh33d456ojE&google_cver=1 HTTP 302
  • https://a.audrte.com/p
Request Chain 535
  • https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=3i36soJlC-gQ-qk8155oIRZQg&gdpr=0&gdpr_consent= HTTP 302
  • https://ps.eyeota.net/pixel/bounce/?pid=kh51m51&t=ajs&uid=3i36soJlC-gQ-qk8155oIRZQg&gdpr=0&gdpr_consent=
Request Chain 536
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=2507871231717652556 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=&google_gid=CAESEI-6XlN7DtuiMh33d456ojE&google_cver=1 HTTP 302
  • https://a.audrte.com/p
Request Chain 553
  • https://d.adtriba.com/collect?atb_ptid=f65079e0&atb_dcaid=202202_es_ukraine_dv_pros_330033531&atb_dpuid=di_dv&gdpr=&gdpr_consent= HTTP 302
  • https://d.adtriba.com/px.gif
Request Chain 554
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEJUmIRGewR8GkQ1HootNU2Q&google_cver=1&google_push=AehlK4Dv9p2y9auvYcLqTOEZ7gc5k6lYEfMm3MEBpTOlSc0Cpg66tC6KZHROaAaA88YMQBjmW5KH2mseOGYWaPyzNFtCxc3fafyp HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AehlK4Dv9p2y9auvYcLqTOEZ7gc5k6lYEfMm3MEBpTOlSc0Cpg66tC6KZHROaAaA88YMQBjmW5KH2mseOGYWaPyzNFtCxc3fafyp&google_hm=-2HsBqsFYpG3LNkN0TiArw
Request Chain 555
  • https://d.agkn.com/pixel/2175/?google_gid=CAESENBSQd3UWm0ulR9b0IwHL7k&google_cver=1&google_push=AehlK4A9byakA5svxBfhVa8KC9kIZvIRXU9skiRUCRoMDM0JezPNfT1fpe-WaOqD58CqxlZQKE7p1rs-6PcT5cASzJdww9CHGGRk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4A9byakA5svxBfhVa8KC9kIZvIRXU9skiRUCRoMDM0JezPNfT1fpe-WaOqD58CqxlZQKE7p1rs-6PcT5cASzJdww9CHGGRk&google_hm=Q0FFU0VOQlNRZDNVV20wdWxSOWIwSXdITDdr
Request Chain 556
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4DV02QV5ltNw1CKcv6Lx3tbAboDvJzguneSB2sxtOwawzLcUZmOgxdU67pYSv5C9wNrxckPfZlPteMssEw2cnuTnzhCE77y&google_gid=CAESEI3KY2zZA7GAh0BHOeSMJgo&google_cver=1 HTTP 302
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4DV02QV5ltNw1CKcv6Lx3tbAboDvJzguneSB2sxtOwawzLcUZmOgxdU67pYSv5C9wNrxckPfZlPteMssEw2cnuTnzhCE77y&google_gid=CAESEI3KY2zZA7GAh0BHOeSMJgo&google_cver=1&rd=Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA4MTIwNDQ0MDIwMDAxNTcxNTU4NTI0NQ%3D%3D&google_push=AehlK4DV02QV5ltNw1CKcv6Lx3tbAboDvJzguneSB2sxtOwawzLcUZmOgxdU67pYSv5C9wNrxckPfZlPteMssEw2cnuTnzhCE77y
Request Chain 559
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEH9w_mGwe5QdVYu5Sw87G0I&google_cver=1&google_push=AehlK4DK-ya5mF2qcZQ2xWNugdKJxUDNDVaxyb1leggZGXKgcQT6M9l93kpiNHHEXNFqcNYQEeN7sTeqA1jmH3Rs-6fBzPUOyEzl HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZQWklHRVctQS1EWVE4&google_push=AehlK4DK-ya5mF2qcZQ2xWNugdKJxUDNDVaxyb1leggZGXKgcQT6M9l93kpiNHHEXNFqcNYQEeN7sTeqA1jmH3Rs-6fBzPUOyEzl
Request Chain 560
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELf1ITfet1dn7EA3YNlnV2I&google_cver=1&google_push=AehlK4COx9h8EYPEdM_EAAeNJ86c3EihtC2T9UotMCfN9LnR6yLb_bwp-oYwkpZKiikuJe-3BXlz027-cH5uaKEWUMVm9CEKkPAM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELf1ITfet1dn7EA3YNlnV2I&google_hm=YvXakKiDGI75kSTold2WjQAABHgAAAIB&google_nid=index&google_push=AehlK4COx9h8EYPEdM_EAAeNJ86c3EihtC2T9UotMCfN9LnR6yLb_bwp-oYwkpZKiikuJe-3BXlz027-cH5uaKEWUMVm9CEKkPAM
Request Chain 562
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEJUmIRGewR8GkQ1HootNU2Q&google_cver=1&google_push=AehlK4DeCUeUytkRYBozSM3M0bqoZSpDkAIF023lDmFSczuL4CwHSdCt5qPnT5fNntU2q9873lyLvIUK1qYjoRgJgbhJxuG_wmaCEQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AehlK4DeCUeUytkRYBozSM3M0bqoZSpDkAIF023lDmFSczuL4CwHSdCt5qPnT5fNntU2q9873lyLvIUK1qYjoRgJgbhJxuG_wmaCEQ&google_hm=-2HsBqsFYpG3LNkN0TiArw
Request Chain 563
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAehlK4DMCAen067fnb-upMj_d6-kiJ5rEEfgYRvjPTrpJqv4Wwkilhzb4x6nl7flO7mnc9TF6Z-F8i2graWy_PkYmFgChpwEiQ9uJw&google_gid=CAESELBbSQROyiNkep20R5Y22Rs&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXZYYWtBQUZ6bVp4a1FCQw&google_push=AehlK4DMCAen067fnb-upMj_d6-kiJ5rEEfgYRvjPTrpJqv4Wwkilhzb4x6nl7flO7mnc9TF6Z-F8i2graWy_PkYmFgChpwEiQ9uJw
Request Chain 564
  • https://d.agkn.com/pixel/2175/?google_gid=CAESENBSQd3UWm0ulR9b0IwHL7k&google_cver=1&google_push=AehlK4B4rnq3PUq-k5EjH07_4WXJ9uJcqYA46XSZbRzGpknoURCPK0Mzikka4jigaZLe74nCXN38a8rkijQalWW4uGIN4qWhwa8J HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4B4rnq3PUq-k5EjH07_4WXJ9uJcqYA46XSZbRzGpknoURCPK0Mzikka4jigaZLe74nCXN38a8rkijQalWW4uGIN4qWhwa8J&google_hm=Q0FFU0VOQlNRZDNVV20wdWxSOWIwSXdITDdr
Request Chain 567
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEH9w_mGwe5QdVYu5Sw87G0I&google_cver=1&google_push=AehlK4DOK5d0jCGDl3ihOeEHNcxOv_SqZ2fhGzzEvRQiIJR79jZDUQBJNmtttR0-6k-VTHE6WHE9vsyAAmbbGMq54pUu0k2G1siM_A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZQWklHSFQtMTQtQlA4VQ==&google_push=AehlK4DOK5d0jCGDl3ihOeEHNcxOv_SqZ2fhGzzEvRQiIJR79jZDUQBJNmtttR0-6k-VTHE6WHE9vsyAAmbbGMq54pUu0k2G1siM_A
Request Chain 571
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=2507871231717652556 HTTP 302
  • https://a.audrte.com/p
Request Chain 572
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=3i3FnTdTx5aSWKdcGOBmmkjnQ&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=3i3FnTdTx5aSWKdcGOBmmkjnQ&gdpr=0&gdpr_consent=&google_gid=CAESEI-6XlN7DtuiMh33d456ojE&google_cver=1 HTTP 302
  • https://a.audrte.com/p
Request Chain 573
  • https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=3i3FnTdTx5aSWKdcGOBmmkjnQ&gdpr=0&gdpr_consent= HTTP 302
  • https://ps.eyeota.net/pixel/bounce/?pid=kh51m51&t=ajs&uid=3i3FnTdTx5aSWKdcGOBmmkjnQ&gdpr=0&gdpr_consent=
Request Chain 580
  • https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=3i36soJlC-gQ-qk8155oIRZQg&gdpr=0&gdpr_consent= HTTP 302
  • https://ps.eyeota.net/pixel/bounce/?pid=kh51m51&t=ajs&uid=3i36soJlC-gQ-qk8155oIRZQg&gdpr=0&gdpr_consent=
Request Chain 581
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=2507871231717652556 HTTP 302
  • https://a.audrte.com/p
Request Chain 582
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=3i36soJlC-gQ-qk8155oIRZQg&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=3i36soJlC-gQ-qk8155oIRZQg&gdpr=0&gdpr_consent=&google_gid=CAESEI-6XlN7DtuiMh33d456ojE&google_cver=1 HTTP 302
  • https://a.audrte.com/p
Request Chain 584
  • https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=3i36soJlC-gQ-qk8155oIRZQg&gdpr=0&gdpr_consent= HTTP 302
  • https://ps.eyeota.net/pixel/bounce/?pid=kh51m51&t=ajs&uid=3i36soJlC-gQ-qk8155oIRZQg&gdpr=0&gdpr_consent=
Request Chain 585
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=2507871231717652556 HTTP 302
  • https://a.audrte.com/p
Request Chain 586
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=3i36soJlC-gQ-qk8155oIRZQg&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=3i36soJlC-gQ-qk8155oIRZQg&gdpr=0&gdpr_consent=&google_gid=CAESEI-6XlN7DtuiMh33d456ojE&google_cver=1 HTTP 302
  • https://a.audrte.com/p
Request Chain 589
  • https://d.adtriba.com/collect?atb_ptid=f65079e0&atb_dcaid=202202_es_ukraine_dv_pros_330033534&atb_dpuid=di_dv&gdpr=&gdpr_consent= HTTP 302
  • https://d.adtriba.com/px.gif
Request Chain 599
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEJUmIRGewR8GkQ1HootNU2Q&google_cver=1&google_push=AehlK4Bnqa9CLycvZsdhg7qpf4hv6TS6dotRjIpx74_hOF_Rs-uuX9nZB4YN_EYMuBJVrFCyLXvaxU-FY55jXPikYonuQirx9iXr HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AehlK4Bnqa9CLycvZsdhg7qpf4hv6TS6dotRjIpx74_hOF_Rs-uuX9nZB4YN_EYMuBJVrFCyLXvaxU-FY55jXPikYonuQirx9iXr&google_hm=-2HsBqsFYpG3LNkN0TiArw
Request Chain 603
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEH9w_mGwe5QdVYu5Sw87G0I&google_cver=1&google_push=AehlK4D03ODvaOybsjBj9OrEg5S3WwYHDU_bnb_FQeFmhqIelQvArkVuDtiFtV4JUYpH57m6b6aP8JMy4A_tvpQDC9XkJC11k5UH HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZQWklIMDktSi00S1dG&google_push=AehlK4D03ODvaOybsjBj9OrEg5S3WwYHDU_bnb_FQeFmhqIelQvArkVuDtiFtV4JUYpH57m6b6aP8JMy4A_tvpQDC9XkJC11k5UH
Request Chain 604
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELf1ITfet1dn7EA3YNlnV2I&google_cver=1&google_push=AehlK4AqufdTMyM48Im1sVAgCumqOkxDZsxFTmvO18M1mKzo7O9ixxkDfXSghDSy7bAznIM-5u4JhgtEqz8zFvM9lAkB1D2Ei7k HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELf1ITfet1dn7EA3YNlnV2I&google_hm=YvXakKiDGI75kSTold2WjQAABHgAAAIB&google_nid=index&google_push=AehlK4AqufdTMyM48Im1sVAgCumqOkxDZsxFTmvO18M1mKzo7O9ixxkDfXSghDSy7bAznIM-5u4JhgtEqz8zFvM9lAkB1D2Ei7k
Request Chain 605
  • https://ag.innovid.com/trk?tid=11711&google_gid=CAESEDTn3M2_hxS3E3PVK04r81Y&google_cver=1&google_push=AehlK4Cyq4DAMUBrgczABYTOpAir-l-F9oEMKMi2iGxp04VDmYgZt6rgYfEL9AMKtgofmw7N8bKGwA-xcuvQDlPPr2MRxxFG-Tj4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AehlK4Cyq4DAMUBrgczABYTOpAir-l-F9oEMKMi2iGxp04VDmYgZt6rgYfEL9AMKtgofmw7N8bKGwA-xcuvQDlPPr2MRxxFG-Tj4&google_hm=mB1xi_olTX2YG8cQtqyJdg

689 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
zdorovia.com.ua/ 		89 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 / PHP/5.4.45-0+deb7u14
Resource Hash
9abc73488a88b4f7477f12b8d41eba35669364704b55e5ff2d71533d330d47b0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=Windows-1251
Date
Fri, 12 Aug 2022 04:43:58 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
nginx/1.12.1
Transfer-Encoding
chunked
X-Powered-By
PHP/5.4.45-0+deb7u14
cache-control
private
video-js.min.css
zdorovia.com.ua/engine/plugins/bb_media/players/videojs/lib/ 		38 KB
39 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://zdorovia.com.ua/engine/plugins/bb_media/players/videojs/lib/video-js.min.css
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
0e1f8ae81889e837e923d788176d1ffb9a5b8b766a45e699326a8d5b6e9a5686

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:43:58 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-9996"
Content-Type
text/css
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
39318
Expires
Sun, 11 Sep 2022 04:43:58 GMT
videojs-ie8.min.js
zdorovia.com.ua/engine/plugins/bb_media/players/videojs/lib/ie8/ 		27 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://zdorovia.com.ua/engine/plugins/bb_media/players/videojs/lib/ie8/videojs-ie8.min.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
2364e3bf74552def676f1c5086eca57ad57ea116854a53d324d59ae503c4c05b

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:43:58 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-6a8f"
Content-Type
application/javascript
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27279
Expires
Sun, 11 Sep 2022 04:43:58 GMT
video.min.js
zdorovia.com.ua/engine/plugins/bb_media/players/videojs/lib/ 		267 KB
267 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://zdorovia.com.ua/engine/plugins/bb_media/players/videojs/lib/video.min.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
518044b9079d6b70b8997035cc0d9b69d8e578f1b2ec43c8cc06e819f58857a1

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:43:58 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-42b5b"
Content-Type
application/javascript
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
273243
Expires
Sun, 11 Sep 2022 04:43:58 GMT
youtube.min.js
zdorovia.com.ua/engine/plugins/bb_media/players/videojs/lib/plugins/youtube/ 		12 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://zdorovia.com.ua/engine/plugins/bb_media/players/videojs/lib/plugins/youtube/youtube.min.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
a5a4d7ec31e1eafeba8c3ab6589cf8b8b2b624b4c1afb7a62428aff04ada249e

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:43:58 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-30ec"
Content-Type
application/javascript
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12524
Expires
Sun, 11 Sep 2022 04:43:58 GMT
core-mama.css
zdorovia.com.ua/templates/default3/css/ 		64 KB
64 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://zdorovia.com.ua/templates/default3/css/core-mama.css?nc=6758493
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
4ad0a1d9bb20358be18ad374a563021cb030d5d7ef1d1fb52c05a187340bce6d

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:43:58 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-10047"
Content-Type
text/css
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
65607
Expires
Sun, 11 Sep 2022 04:43:58 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.5.2/ 		84 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js?ver=3.3.2
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f0a19ee8c606b35a10904951e0a27da1896eafe33c6e88cb7bcbe455f05a24a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 05 Aug 2022 15:07:28 GMT
X-Content-Type-Options
nosniff
Age
567390
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy
cross-origin
Content-Length
85925
X-XSS-Protection
0
Last-Modified
Tue, 03 Mar 2020 19:15:00 GMT
Server
sffe
Vary
Accept-Encoding
Report-To
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Cross-Origin-Opener-Policy-Report-Only
same-origin; report-to="hosted-libraries-pushers"
Expires
Sat, 05 Aug 2023 15:07:28 GMT
jcarousellite_1.0.1_mod.js
zdorovia.com.ua/templates/default3/css/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://zdorovia.com.ua/templates/default3/css/jcarousellite_1.0.1_mod.js?ver=3.3.2
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
548e4669812ab53bae5e50eee71c0d6d951b6dd8e5176cb8c08c36ce3dbf37d3

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:43:58 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-10d9"
Content-Type
application/javascript
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4313
Expires
Sun, 11 Sep 2022 04:43:58 GMT
scripts.js
zdorovia.com.ua/templates/default3/css/ 		16 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://zdorovia.com.ua/templates/default3/css/scripts.js?ver=3.3.2
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
d57b72eab46863e9c71c04589510c2e4b8e68d928f054421bddc11b8a0102a02

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:43:58 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-4055"
Content-Type
application/javascript
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16469
Expires
Sun, 11 Sep 2022 04:43:58 GMT
media.js
zdorovia.com.ua/templates/default3/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://zdorovia.com.ua/templates/default3/js/media.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:43:58 GMT
Content-Encoding
gzip
Server
nginx/1.12.1
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html
functions.js
zdorovia.com.ua/engine/includes/js/ 		13 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://zdorovia.com.ua/engine/includes/js/functions.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
b45c62c7ea907efdd19b2ba950d0a8f261a514e34195a1e3b547ba8876b83862

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:43:58 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-32f0"
Content-Type
application/javascript
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13040
Expires
Sun, 11 Sep 2022 04:43:58 GMT
ajax.js
zdorovia.com.ua/engine/includes/js/ 		7 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://zdorovia.com.ua/engine/includes/js/ajax.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
99507b31a0efe2b33d28b8eefe8aab9c7a38fb3a22ac8bd5a6732b515ed72c37

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:43:58 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-1d7d"
Content-Type
application/javascript
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7549
Expires
Sun, 11 Sep 2022 04:43:58 GMT
loader2.js
scripts.go2net.com.ua/scripts3/ 		176 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.go2net.com.ua/scripts3/loader2.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
1ea07232a647fbecd84a909c84a191bad02240c049f64109face6d822674fa75

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc35
date
Fri, 12 Aug 2022 04:43:58 GMT
content-encoding
gzip
last-modified
Thu, 28 Jul 2022 13:08:58 GMT
server
nginx
etag
W/"62e28a6a-2c101"
x-cached-since
2022-08-09T21:44:48+00:00
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=600
cache
HIT
expires
Thu, 28 Jul 2022 21:30:00 GMT
loader2.js
cdn.admixer.net/scripts3/ 		176 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/loader2.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
1ea07232a647fbecd84a909c84a191bad02240c049f64109face6d822674fa75

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc28
date
Fri, 12 Aug 2022 04:43:59 GMT
content-encoding
gzip
last-modified
Thu, 28 Jul 2022 13:08:58 GMT
server
nginx
etag
W/"62e28a6a-2c101"
x-cached-since
2022-08-12T04:40:58+00:00
content-type
application/javascript
cache-control
max-age=600
cache
HIT
expires
Thu, 28 Jul 2022 13:20:15 GMT
loading.gif
zdorovia.com.ua/templates/default3/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/templates/default3/images/loading.gif
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
b70c6c2ed793b5c4a9e9a7d543b489f810cfbcfba4fa326fc5730d2291fc5e38

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:43:58 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-6f7"
Content-Type
image/gif
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1783
Expires
Sun, 11 Sep 2022 04:43:58 GMT
sochnyj-arbuz1.jpg
zdorovia.com.ua/uploads/dsn/5f/e9/001/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/5f/e9/001/sochnyj-arbuz1.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
3329f8d11b17f51fe1754c846d84be4eb890082f19b7e06564ef973d7ca1a58c

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:43:58 GMT
Last-Modified
Wed, 10 Aug 2022 21:14:22 GMT
Server
nginx/1.12.1
ETag
"62f41fae-5dac"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23980
Expires
Sun, 11 Sep 2022 04:43:58 GMT
680_61546193282e11.jpg
zdorovia.com.ua/uploads/dsn/be/b9/002/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/be/b9/002/680_61546193282e11.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
0f551bf4c3ae48fba2a996ea6488bdc0135d72f74b096f441e982bb0cf3729af

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:43:58 GMT
Last-Modified
Tue, 09 Aug 2022 08:56:13 GMT
Server
nginx/1.12.1
ETag
"62f2212d-7ebf"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
32447
Expires
Sun, 11 Sep 2022 04:43:58 GMT
17749531b26a6aee47fb65861d57e45c1.jpeg
zdorovia.com.ua/uploads/dsn/06/41/001/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/06/41/001/17749531b26a6aee47fb65861d57e45c1.jpeg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
ef41ea915012b489db33d3f99dec488378dfb9780bda6f0ae9cbb4ecad9afa5e

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:43:58 GMT
Last-Modified
Mon, 08 Aug 2022 09:28:15 GMT
Server
nginx/1.12.1
ETag
"62f0d72f-49fe"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18942
Expires
Sun, 11 Sep 2022 04:43:58 GMT
kava-11.jpg
zdorovia.com.ua/uploads/dsn/8c/e8/001/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/8c/e8/001/kava-11.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
a99c19bad36e3f00e24eeb39de21c28240dd78cf1bc62f9f5512bb6f8648a7b5

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:43:58 GMT
Last-Modified
Fri, 05 Aug 2022 07:23:13 GMT
Server
nginx/1.12.1
ETag
"62ecc561-ac46"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
44102
Expires
Sun, 11 Sep 2022 04:43:58 GMT
back-pain-main-640x3601.jpg
zdorovia.com.ua/uploads/dsn/6a/ee/001/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/6a/ee/001/back-pain-main-640x3601.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
fc90b97c332ebea117c9304b72afcb165c336c08e9ab6db4a41bb71b54ba4f55

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:43:58 GMT
Last-Modified
Thu, 04 Aug 2022 08:37:07 GMT
Server
nginx/1.12.1
ETag
"62eb8533-3163"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12643
Expires
Sun, 11 Sep 2022 04:43:58 GMT
img_gfx__no_1.jpg
zdorovia.com.ua/uploads/dsn/4b/e0/002/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/4b/e0/002/img_gfx__no_1.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
4b59790bffc099e93409fb1f064ec7d2e7939610436f4413ff7388e11a6ddf6e

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:43:59 GMT
Last-Modified
Wed, 03 Aug 2022 10:08:15 GMT
Server
nginx/1.12.1
ETag
"62ea490f-a80c"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43020
Expires
Sun, 11 Sep 2022 04:43:59 GMT
9efe0b11f96be0de9380fbfcc9917e631.jpg
zdorovia.com.ua/uploads/dsn/e2/7d/007/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/e2/7d/007/9efe0b11f96be0de9380fbfcc9917e631.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
8a6b6aff4bba252a270317ba862f916d38766de33f6b982a58b79ef06fa48ef6

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:43:59 GMT
Last-Modified
Tue, 02 Aug 2022 19:28:26 GMT
Server
nginx/1.12.1
ETag
"62e97ada-3c58"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15448
Expires
Sun, 11 Sep 2022 04:43:59 GMT
zhuliasi.jpg
zdorovia.com.ua/uploads/dsn/42/c5/001/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/42/c5/001/zhuliasi.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
f4726e859dd2230293e1d3b48e9432dbb22afd5ee9672b5318258b53803c580f

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:43:59 GMT
Last-Modified
Mon, 06 Jun 2022 10:12:41 GMT
Server
nginx/1.12.1
ETag
"629dd319-31cd"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12749
Expires
Sun, 11 Sep 2022 04:43:59 GMT
madrid.jpg
zdorovia.com.ua/uploads/dsn/e4/09/003/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/e4/09/003/madrid.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
e760cc70aa82d03ecbb3f7c1a228e2229dbaa94b232c230fcaee2ae2b4aa7e8a

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:43:59 GMT
Last-Modified
Sun, 27 Feb 2022 11:06:17 GMT
Server
nginx/1.12.1
ETag
"621b5b29-7236"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
29238
Expires
Sun, 11 Sep 2022 04:43:59 GMT
ivzhao.jpg
zdorovia.com.ua/uploads/dsn/d0/d9/001/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/d0/d9/001/ivzhao.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
15b25322c978807eb0a01f7831091fd4b9add03a28f48236d309b42050a1aeac

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:43:59 GMT
Last-Modified
Sat, 26 Feb 2022 13:02:08 GMT
Server
nginx/1.12.1
ETag
"621a24d0-77ae"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
30638
Expires
Sun, 11 Sep 2022 04:43:59 GMT
ziimaa.jpg
zdorovia.com.ua/uploads/dsn/27/b1/001/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/27/b1/001/ziimaa.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
17cbb5ff7abf82890eacd6dd6cdfaf4ea2e7f6dcd3dea4082d8cd3b290e251ee

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:43:59 GMT
Last-Modified
Mon, 10 Jan 2022 11:53:19 GMT
Server
nginx/1.12.1
ETag
"61dc1e2f-5fd2"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24530
Expires
Sun, 11 Sep 2022 04:43:59 GMT
poomadi.jpg
zdorovia.com.ua/uploads/dsn/98/11/003/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/98/11/003/poomadi.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
dccaeb8aa4f4c779e6d9f2b0d51445b928b8f3d5275f673ea8f9559348dbe612

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:43:59 GMT
Last-Modified
Sun, 10 Oct 2021 16:18:32 GMT
Server
nginx/1.12.1
ETag
"61631258-3506"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13574
Expires
Sun, 11 Sep 2022 04:43:59 GMT
ukra.jpg
zdorovia.com.ua/uploads/dsn/d3/8d/001/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/d3/8d/001/ukra.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
641f868e8046a0df91150d538385b89a10efcd41c7da0a8ae180d68f725ab8b1

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:43:59 GMT
Last-Modified
Wed, 29 Sep 2021 06:17:59 GMT
Server
nginx/1.12.1
ETag
"61540517-560c"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22028
Expires
Sun, 11 Sep 2022 04:43:59 GMT
kor.jpg
zdorovia.com.ua/uploads/dsn/3b/80/005/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/3b/80/005/kor.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
8a08cb864af8c4a6ef3e24802901f7874e0c114c820c1c18bc09abeab75f6fe6

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:43:59 GMT
Last-Modified
Wed, 08 Sep 2021 08:44:53 GMT
Server
nginx/1.12.1
ETag
"61387805-4f89"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20361
Expires
Sun, 11 Sep 2022 04:43:59 GMT
doglyad.jpg
zdorovia.com.ua/uploads/dsn/dd/14/018/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/dd/14/018/doglyad.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
b238ff3fb792b2efa823989c3273b89670a87da10632d6be9c81c43206f86fdf

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:43:59 GMT
Last-Modified
Fri, 29 Jan 2021 10:09:42 GMT
Server
nginx/1.12.1
ETag
"6013dee6-4655"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18005
Expires
Sun, 11 Sep 2022 04:43:59 GMT
shud.jpg
zdorovia.com.ua/uploads/dsn/9f/63/014/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/9f/63/014/shud.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
f0caa9d92eaf74f0d6486888d5dffce099f088c30f6e5a567e3d58ef88e3c41a

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:43:59 GMT
Last-Modified
Wed, 27 Jan 2021 13:56:56 GMT
Server
nginx/1.12.1
ETag
"60117128-3ff4"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16372
Expires
Sun, 11 Sep 2022 04:43:59 GMT
5.jpg
zdorovia.com.ua/uploads/dsn/03/2b/055/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/03/2b/055/5.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
61bdfd54a6b568d5a806fc9347514ca721b887d02f7458bb3b0a15165e9b2612

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:43:59 GMT
Last-Modified
Fri, 15 Jan 2021 10:50:41 GMT
Server
nginx/1.12.1
ETag
"60017381-84f8"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
34040
Expires
Sun, 11 Sep 2022 04:43:59 GMT
b03af6c2bdab3173da68203c5fe1f71c8cdd899b1.jpg
zdorovia.com.ua/uploads/dsn/41/69/002/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/41/69/002/b03af6c2bdab3173da68203c5fe1f71c8cdd899b1.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
0dc2a95d49f4854773ee37f6c1168a9e90d639f81b882b0327f490c291a9cfa3

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:43:59 GMT
Last-Modified
Mon, 18 Apr 2022 19:59:33 GMT
Server
nginx/1.12.1
ETag
"625dc325-3b39"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15161
Expires
Sun, 11 Sep 2022 04:43:59 GMT
8a8e43085b0550d25e3865ac22b6dd60fe8e54dd1.jpg
zdorovia.com.ua/uploads/dsn/09/11/001/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/09/11/001/8a8e43085b0550d25e3865ac22b6dd60fe8e54dd1.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
2590c37a8df25d2ec796796a32a393e14a7fa4b5d6edd5529f6c05d4ec0b2692

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:43:59 GMT
Last-Modified
Mon, 11 Apr 2022 21:30:23 GMT
Server
nginx/1.12.1
ETag
"62549def-2ea4"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11940
Expires
Sun, 11 Sep 2022 04:43:59 GMT
c99af04251d77ccba2694c784f28943e111ba0702.jpg
zdorovia.com.ua/uploads/dsn/f2/b9/003/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/f2/b9/003/c99af04251d77ccba2694c784f28943e111ba0702.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
140666625531e941e900caa4637eb21c39c9c812865382ca1ee0ceb764901502

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:43:59 GMT
Last-Modified
Thu, 07 Apr 2022 18:23:42 GMT
Server
nginx/1.12.1
ETag
"624f2c2e-369f"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13983
Expires
Sun, 11 Sep 2022 04:43:59 GMT
ovsyanaya-kasha1.jpg
zdorovia.com.ua/uploads/dsn/d3/81/004/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/d3/81/004/ovsyanaya-kasha1.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
366bd4dcbc5cb7bc3af8d7c0d046abdd245b6c33564393d89a7ff5334223faea

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:43:59 GMT
Last-Modified
Mon, 18 Jul 2022 18:33:46 GMT
Server
nginx/1.12.1
ETag
"62d5a78a-7c12"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
31762
Expires
Sun, 11 Sep 2022 04:43:59 GMT
aoumi.jpg
zdorovia.com.ua/uploads/dsn/41/be/002/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/41/be/002/aoumi.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
f5c1252657d569220b7abaf36abd9d3c30550c7935f1af14d43a358d309c557a

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:43:59 GMT
Last-Modified
Mon, 18 Jul 2022 06:27:33 GMT
Server
nginx/1.12.1
ETag
"62d4fd55-4c5a"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19546
Expires
Sun, 11 Sep 2022 04:43:59 GMT
400_0_1586789587-35421.jpg
zdorovia.com.ua/uploads/dsn/03/98/001/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/03/98/001/400_0_1586789587-35421.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
ba4902e59d784ddfe29c2564bafa8ab1c7a6446d4adb6d92f4bb7a8ef3366635

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:43:59 GMT
Last-Modified
Tue, 09 Aug 2022 09:22:12 GMT
Server
nginx/1.12.1
ETag
"62f22744-373f"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14143
Expires
Sun, 11 Sep 2022 04:43:59 GMT
2.png
zdorovia.com.ua/uploads/dsn/fb/5c/001/ 		272 KB
272 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/fb/5c/001/2.png
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
7d102e486d52dfb71540ecaebf48ae846974d8f8edb1ab30dd661df7931ba159

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:43:59 GMT
Last-Modified
Mon, 08 Aug 2022 06:47:31 GMT
Server
nginx/1.12.1
ETag
"62f0b183-43f81"
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
278401
Expires
Sun, 11 Sep 2022 04:43:59 GMT
82811ed320c1dec04c32cd8c7f08d3eb8f2849d31.jpg
zdorovia.com.ua/uploads/dsn/2f/2f/003/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/2f/2f/003/82811ed320c1dec04c32cd8c7f08d3eb8f2849d31.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
9d63c21b199a414fea406678bff2a06c5e754b4f7a999b94399cd9d3e4336bcf

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:43:59 GMT
Last-Modified
Tue, 12 Jul 2022 11:08:21 GMT
Server
nginx/1.12.1
ETag
"62cd5625-60e4"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24804
Expires
Sun, 11 Sep 2022 04:43:59 GMT
1544646592_dytyna_jpgkpdomi.jpg
zdorovia.com.ua/uploads/dsn/60/0f/001/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/60/0f/001/1544646592_dytyna_jpgkpdomi.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
f1fd3ef73029fbe138f1368b5ac1622fb89e8f88d1c212d451f6c421553e4b31

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:43:59 GMT
Last-Modified
Thu, 11 Aug 2022 14:04:10 GMT
Server
nginx/1.12.1
ETag
"62f50c5a-5d10"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23824
Expires
Sun, 11 Sep 2022 04:43:59 GMT
zhulam.jpeg
zdorovia.com.ua/uploads/dsn/f5/f3/005/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/f5/f3/005/zhulam.jpeg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
56ac7cb4fd40188f02743361007ee943e7749fa58ae458133736be4e93f5f241

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:43:59 GMT
Last-Modified
Thu, 11 Aug 2022 12:18:00 GMT
Server
nginx/1.12.1
ETag
"62f4f378-32f9"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13049
Expires
Sun, 11 Sep 2022 04:43:59 GMT
klzhum.jpg
zdorovia.com.ua/uploads/dsn/48/59/002/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/48/59/002/klzhum.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
6d169fb4ccb87851ddbc032b7df13ac2aa7976be4d774ac93a11a09a1df1b2b0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:43:59 GMT
Last-Modified
Thu, 11 Aug 2022 12:13:23 GMT
Server
nginx/1.12.1
ETag
"62f4f263-546a"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21610
Expires
Sun, 11 Sep 2022 04:43:59 GMT
uadmot.jpg
zdorovia.com.ua/uploads/dsn/ad/a8/001/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/ad/a8/001/uadmot.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
87e7831816831bbf4b0a4ac5d2058d08cd5d50f61107753845bcc5ae302a92b8

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:43:59 GMT
Last-Modified
Thu, 11 Aug 2022 12:03:35 GMT
Server
nginx/1.12.1
ETag
"62f4f017-4d8d"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19853
Expires
Sun, 11 Sep 2022 04:43:59 GMT
d780f6138f72f02943620ea757c9f5ae_w6401.jpg
zdorovia.com.ua/uploads/dsn/9d/d2/001/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/9d/d2/001/d780f6138f72f02943620ea757c9f5ae_w6401.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
58b6892215d902e6d62c64ae69a83f3e75692443a179652b38527f509abf6086

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:43:59 GMT
Last-Modified
Mon, 08 Aug 2022 08:58:50 GMT
Server
nginx/1.12.1
ETag
"62f0d04a-69d1"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27089
Expires
Sun, 11 Sep 2022 04:43:59 GMT
zhltreva.jpg
zdorovia.com.ua/uploads/dsn/67/79/001/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/67/79/001/zhltreva.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
24d8a174b47136800c41d7b2ce4debb7b88f6edc64a09077cfbad45981098add

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:43:59 GMT
Last-Modified
Mon, 01 Aug 2022 13:10:46 GMT
Server
nginx/1.12.1
ETag
"62e7d0d6-438e"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17294
Expires
Sun, 11 Sep 2022 04:43:59 GMT
kucsac.jpg
zdorovia.com.ua/uploads/dsn/b2/46/001/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/b2/46/001/kucsac.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
a6a3a85c0741871af4321668b2da710f89abc6ca0e9165e1b6c7439444c203d8

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:43:59 GMT
Last-Modified
Tue, 02 Aug 2022 05:57:45 GMT
Server
nginx/1.12.1
ETag
"62e8bcd9-5e8d"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24205
Expires
Sun, 11 Sep 2022 04:43:59 GMT
kmpoi.jpg
zdorovia.com.ua/uploads/dsn/a5/24/001/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/a5/24/001/kmpoi.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
a35f3a8ace7962a26b325e9e5c038100d8ec5b58395b0b6a4d4e7f5e0a411ec9

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:43:59 GMT
Last-Modified
Mon, 01 Aug 2022 13:22:14 GMT
Server
nginx/1.12.1
ETag
"62e7d386-7178"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
29048
Expires
Sun, 11 Sep 2022 04:43:59 GMT
style.css
zdorovia.com.ua/engine/plugins/diseases/style/ 		5 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://zdorovia.com.ua/engine/plugins/diseases/style/style.css
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
306d5342ca0b82a5881ce148bbd99134d736d0fa462a683e56503801e36fdd93

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:43:58 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-121b"
Content-Type
text/css
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4635
Expires
Sun, 11 Sep 2022 04:43:58 GMT
style.css
zdorovia.com.ua/engine/plugins/medicines/style/ 		5 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://zdorovia.com.ua/engine/plugins/medicines/style/style.css
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
234974ef7ff86c2e11dc738796ccf88501649f864fad7d2d30b45f10211cb8c8

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:43:58 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-135c"
Content-Type
text/css
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4956
Expires
Sun, 11 Sep 2022 04:43:58 GMT
4630_1.jpg
zdorovia.com.ua/uploads/images/default/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/images/default/4630_1.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
8b2ab6a7fe3ae86fb84fb7cebcf072592cef358bb73db32fdf2acc0758d63539

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:43:59 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-78ec"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
30956
Expires
Sun, 11 Sep 2022 04:43:59 GMT
7849_vk.jpg
nashamama.com/uploads/images/default/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://nashamama.com/uploads/images/default/7849_vk.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
aa2e6d7260e270393b7b3f3426f0c8217e6eda69d9fbe7bfaf07de071cfc024f

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:43:59 GMT
Last-Modified
Sun, 21 Dec 2014 01:49:38 GMT
Server
nginx/1.12.1
ETag
"54962732-3463"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13411
Expires
Sun, 11 Sep 2022 04:43:59 GMT
1540_fb.jpg
nashamama.com/uploads/images/default/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://nashamama.com/uploads/images/default/1540_fb.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
eb49762bac0f22b332fc93eb47e3e4799e052b05f07073b8be9f1616baf75162

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:43:59 GMT
Last-Modified
Sun, 21 Dec 2014 01:49:30 GMT
Server
nginx/1.12.1
ETag
"5496272a-33c2"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13250
Expires
Sun, 11 Sep 2022 04:43:59 GMT
5194_tv.jpg
nashamama.com/uploads/images/default/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://nashamama.com/uploads/images/default/5194_tv.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
b3d07383eaafa1a28161e0d58a2cce46a6adb2836603eea46f3676b54cc0cd49

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:43:59 GMT
Last-Modified
Sun, 21 Dec 2014 01:49:47 GMT
Server
nginx/1.12.1
ETag
"5496273b-359d"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13725
Expires
Sun, 11 Sep 2022 04:43:59 GMT
3_1_3.png
i.i.ua/r/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://i.i.ua/r/3_1_3.png
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
104.18.3.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a46e02aed78b4773f4039ad8807da53fed0c2384a53b5e2afe6ad6ada85d4336

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:43:59 GMT
CF-Cache-Status
HIT
Last-Modified
Thu, 28 Sep 2006 16:33:08 GMT
Server
cloudflare
Age
4812719
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
73968d9dceb38924-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
2143
Expires
Sat, 17 Jun 2023 11:52:00 GMT
logo
counter.yadro.ru/ 		672 B
896 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://counter.yadro.ru/logo?57.1
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
88.212.202.52 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host152.rax.ru
Software
0W/0.8c /
Resource Hash
3e25b0478e495776aeb31dbca4c92a9bffbad68161f91e261ef88aaf4ea2dd71

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:43:59 GMT
Last-Modified
Sun, 09 Sep 2001 01:46:40 GMT
Server
0W/0.8c
Connection
Close
Content-Type
image/gif
Content-Length
672
Expires
Fri, 11 Aug 2023 21:00:00 GMT
iframe_api
www.youtube.com/ 		980 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/engine/plugins/bb_media/players/videojs/lib/plugins/youtube/youtube.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
24481621c8f6db79f5adc401cca02af739a0a6a86ad173cf8e523194381788a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:43:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info."
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
ESF
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type
text/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Fri, 12 Aug 2022 04:43:59 GMT
vast.js
cdn.admixer.net/scripts3/r/ 		136 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.admixer.net/scripts3/r/vast.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
e2cbfcacc9d5d0f8871ee8f217873a4dc579c80403940429af11fbe2ec021b12

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

X-ID
fr5-up-gc17
Date
Fri, 12 Aug 2022 04:43:59 GMT
Content-Encoding
gzip
Last-Modified
Thu, 18 Jan 2018 13:43:44 GMT
Server
nginx
ETag
W/"5a60a490-21e4b"
Vary
Accept-Encoding
X-Cached-Since
2022-07-28T13:15:59+00:00
Content-Type
application/javascript
Cache-Control
max-age=31622400
Transfer-Encoding
chunked
Connection
keep-alive
Cache
HIT
Expires
Sat, 29 Jul 2023 13:15:59 GMT
branding
a4p.adpartner.pro/
Redirect Chain
  • http://a4p.adpartner.pro/branding?id=1550&0.6851788346757033
  • https://a4p.adpartner.pro/branding?id=1550&0.6851788346757033
11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/branding?id=1550&0.6851788346757033
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
64a30eed5ef4a2b99ad87961c11feea289400aa8c202c40276b9c1c778d73c70

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:43:59 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
text/html; charset=utf-8

Redirect headers

Location
https://a4p.adpartner.pro/branding?id=1550&0.6851788346757033
Date
Fri, 12 Aug 2022 04:43:59 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=20
Content-Length
162
Content-Type
text/html
ga.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/ga.js
  • https://www.google-analytics.com/ga.js
45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/ga.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
3677
date
Fri, 12 Aug 2022 03:42:42 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Fri, 12 Aug 2022 05:42:42 GMT

Redirect headers

Location
https://www.google-analytics.com/ga.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
hit
counter.yadro.ru/
Redirect Chain
  • http://counter.yadro.ru/hit?r;s1600*1200*24;uhttp%3A//zdorovia.com.ua/;h%u041D%u043E%u0432%u0438%u043D%u0438%20%u0437%u0434%u043E%u0440%u043E%u0432%27%u044F%2C%20%u043B%u0456%u043A%u0443%u0432%u043...
  • https://counter.yadro.ru/hit?r;s1600*1200*24;uhttp%3A//zdorovia.com.ua/;h%u041D%u043E%u0432%u0438%u043D%u0438%20%u0437%u0434%u043E%u0440%u043E%u0432%27%u044F%2C%20%u043B%u0456%u043A%u0443%u0432%u04...
  • https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttp%3A//zdorovia.com.ua/;h%u041D%u043E%u0432%u0438%u043D%u0438%20%u0437%u0434%u043E%u0440%u043E%u0432%27%u044F%2C%20%u043B%u0456%u043A%u0443%u0432%u...
43 B
528 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttp%3A//zdorovia.com.ua/;h%u041D%u043E%u0432%u0438%u043D%u0438%20%u0437%u0434%u043E%u0440%u043E%u0432%27%u044F%2C%20%u043B%u0456%u043A%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u0437%u0434%u043E%u0440%u043E%u0432%u043E%u0433%u043E%20%u0445%u0430%u0440%u0447%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u043E%u0447%u0438%u0449%u0435%u043D%u043D%u044F;0.09035336356987034
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
88.212.202.52 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host152.rax.ru
Software
nginx/1.17.9 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 04:43:59 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin
*
Cache-control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 11 Aug 2021 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 04:43:59 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Location
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttp%3A//zdorovia.com.ua/;h%u041D%u043E%u0432%u0438%u043D%u0438%20%u0437%u0434%u043E%u0440%u043E%u0432%27%u044F%2C%20%u043B%u0456%u043A%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u0437%u0434%u043E%u0440%u043E%u0432%u043E%u0433%u043E%20%u0445%u0430%u0440%u0447%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u043E%u0447%u0438%u0449%u0435%u043D%u043D%u044F;0.09035336356987034
Cache-control
no-cache
Connection
keep-alive
Content-Type
text/html
Content-Length
32
Expires
Wed, 11 Aug 2021 21:00:00 GMT
s
r.i.ua/ 		43 B
852 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://r.i.ua/s?u152465&p0&n0.1952009842469351&c1&d24&w1600&h1200&rzdorovia.com.ua/
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 04:43:59 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Transfer-Encoding
chunked
P3P
policyref="http://i.i.ua/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Content-Type
image/gif
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
CF-RAY
73968d9db83a7702-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Expires
0
/
zdorovia.com.ua/ 		89 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 / PHP/5.4.45-0+deb7u14
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 04:43:59 GMT
Content-Encoding
gzip
Server
nginx/1.12.1
X-Powered-By
PHP/5.4.45-0+deb7u14
Transfer-Encoding
chunked
Content-Type
text/html; charset=Windows-1251
cache-control
private
Connection
keep-alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT
header-searchform-button.png
zdorovia.com.ua/templates/default3/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/templates/default3/img/header-searchform-button.png
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/templates/default3/css/core-mama.css?nc=6758493
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
e58dd6001ec35b05f71949fda9688eaf3a6a9e01a60f07b7bc99dd030485735c

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/templates/default3/css/core-mama.css?nc=6758493
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:43:59 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-ba5"
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2981
Expires
Sun, 11 Sep 2022 04:43:59 GMT
logo-header.png
zdorovia.com.ua/templates/default3/images/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/templates/default3/images/logo-header.png
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
a29306e7be8b3e743bf8a8431491142e215bf9bb31a004b13f591a4e1c9acc06

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:43:59 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-67ad"
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
26541
Expires
Sun, 11 Sep 2022 04:43:59 GMT
arrows.png
zdorovia.com.ua/templates/default3/img/ 		251 B
583 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/templates/default3/img/arrows.png
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/templates/default3/css/core-mama.css?nc=6758493
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
d485c4dc543229efe5d97016e8b0efec6824111dbc9aca88d586ece94fa7ab11

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/templates/default3/css/core-mama.css?nc=6758493
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:43:59 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-fb"
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
251
Expires
Sun, 11 Sep 2022 04:43:59 GMT
link-arrow.png
zdorovia.com.ua/templates/default3/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/templates/default3/img/link-arrow.png
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/templates/default3/css/core-mama.css?nc=6758493
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
1c25aef47c67b97e59beabef6f8710905a2cfa67f9579478ebde8bee5ffb57d3

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/templates/default3/css/core-mama.css?nc=6758493
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:43:59 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-bcd"
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3021
Expires
Sun, 11 Sep 2022 04:43:59 GMT
page.php
www.facebook.com/plugins/ Frame 4CE7 		51 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FZdoroviacomua%2F&tabs=timeline&width=300&height=600&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=348298842028226
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e747c2a5c6c3dab1862b2d02a764e6e9447bc7ba3ab2e270c8032c10dbeaffe4
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
date
Fri, 12 Aug 2022 04:43:59 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
DiZIrKNrvjtryerQl+zv2N36AeOWdiWpEDTAEuelRqvol2oNI1evFg6K3o45lJYIebms9UXLTCKjVkAL1zleKw==
x-fb-rlafr
0
x-xss-protection
0
01.png
i.bigmir.net/cnt/
Redirect Chain
  • http://c.bigmir.net/?v16918126&s16916513&t1&c1&n321575&w0&y0&d24&r1600
  • http://i.bigmir.net/cnt/01.png
769 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://i.bigmir.net/cnt/01.png
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS
rs.img.com.ua
Software
nginx /
Resource Hash
1dd7796d72b2353ca592f216dca81af1aff9eed564a0c1ed5d7555af6f3bb34d

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:43:59 GMT
Last-Modified
Sun, 02 Oct 2005 23:04:59 GMT
Server
nginx
ETag
"4340679b-301"
Content-Type
image/png
Cache-Control
max-age=259200
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
769
Expires
Mon, 15 Aug 2022 04:43:59 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 04:43:59 GMT
Server
nginx
Transfer-Encoding
chunked
Location
//i.bigmir.net/cnt/01.png
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=5
Expires
0
c.html
cdn.admixer.net/scripts3/48427/ Frame 176F 		738 B
519 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/48427/c.html?b=48427
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache
HIT
cache-control
max-age=31622400
content-encoding
gzip
content-type
text/html
date
Fri, 12 Aug 2022 04:43:59 GMT
etag
W/"62e28a7b-2e2"
expires
Sat, 29 Jul 2023 13:10:16 GMT
last-modified
Thu, 28 Jul 2022 13:09:15 GMT
server
nginx
vary
Accept-Encoding
x-cached-since
2022-07-28T13:10:16+00:00
x-id
fr5-up-gc28
a21031c0f6a0994b3314.b.js
scripts.go2net.com.ua/scripts3/48427/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.go2net.com.ua/scripts3/48427/a21031c0f6a0994b3314.b.js
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc35
date
Fri, 12 Aug 2022 04:43:59 GMT
content-encoding
gzip
last-modified
Thu, 28 Jul 2022 13:09:13 GMT
server
nginx
etag
W/"62e28a79-5d41"
vary
Accept-Encoding
x-cached-since
2022-08-10T04:09:13+00:00
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31622400
cache
HIT
expires
Sat, 29 Jul 2023 21:27:39 GMT
0a75d04ce9f53a1a35b6.b.js
scripts.go2net.com.ua/scripts3/48427/ 		75 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.go2net.com.ua/scripts3/48427/0a75d04ce9f53a1a35b6.b.js
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc35
date
Fri, 12 Aug 2022 04:43:59 GMT
content-encoding
gzip
last-modified
Thu, 28 Jul 2022 13:09:02 GMT
server
nginx
etag
W/"62e28a6e-12c39"
vary
Accept-Encoding
x-cached-since
2022-08-10T04:09:13+00:00
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31622400
cache
HIT
expires
Sat, 29 Jul 2023 21:27:39 GMT
c.html
cdn.admixer.net/scripts3/48427/ Frame C923 		738 B
405 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/48427/c.html?b=48427
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache
HIT
cache-control
max-age=31622400
content-encoding
gzip
content-type
text/html
date
Fri, 12 Aug 2022 04:43:59 GMT
etag
W/"62e28a7b-2e2"
expires
Sat, 29 Jul 2023 13:10:16 GMT
last-modified
Thu, 28 Jul 2022 13:09:15 GMT
server
nginx
vary
Accept-Encoding
x-cached-since
2022-07-28T13:10:16+00:00
x-id
fr5-up-gc28
SfNdS3jYA2M.css
static.xx.fbcdn.net/rsrc.php/v3/yV/l/0,cross/ Frame 4CE7 		19 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yV/l/0,cross/SfNdS3jYA2M.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FZdoroviacomua%2F&tabs=timeline&width=300&height=600&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=348298842028226
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
26e62a17399b1a9ab21e130b14fdb4b4756d9cc3bcb93943cc791b6696280d5a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:43:59 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
Qr+HEwJNGRkXXxTlh4oGyQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
4864
x-fb-rlafr
0
x-fb-debug
F7JSWpX9wXg1wM5Z+5A9K+ZI4138/vjEQK9XHUpMo9eSC7vkxwCEMg/nj0VdiSrjAfNph0VGgSe/FHSd3/KaKQ==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 11 Aug 2023 16:57:41 GMT
5d4eZbVHxAY.css
static.xx.fbcdn.net/rsrc.php/v3/yg/l/0,cross/ Frame 4CE7 		2 KB
1022 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yg/l/0,cross/5d4eZbVHxAY.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FZdoroviacomua%2F&tabs=timeline&width=300&height=600&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=348298842028226
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
239a83f36e0eb1c181c4ec174b9a05ce02b44afc5685aa3dc828aa581ea3d7a0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:43:59 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
qp62alFG777So/ro/wbkaA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
829
x-fb-rlafr
0
x-fb-debug
dANLMFJZIY3/MZlSUTol8OacWdTMnCIDc9dXUh+5n/v5Wubgs4GUPAhpEtzdgphGCZ1ApRGG8ohJgxwXnXUeBQ==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 04 Aug 2023 21:11:28 GMT
RI5Ki3mPi72.js
static.xx.fbcdn.net/rsrc.php/v3/ys/r/ Frame 4CE7 		320 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/ys/r/RI5Ki3mPi72.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FZdoroviacomua%2F&tabs=timeline&width=300&height=600&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=348298842028226
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7ecaefadad41efb3fb2dcc127d919af777b4f1de15254b69d8b1c89a52744b7f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:43:59 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
sYtIdvJpFKzfzbH/vnqsWA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
88180
x-fb-rlafr
0
x-fb-debug
do5u9zNjnerDKkb35Ts6GRPrk+n16i6mg19Cq3BjgOIVAbwVInyFHRQoh/U1BfmIl+/rEmrJkE/42wB/GR7mFw==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Fri, 04 Aug 2023 19:34:17 GMT
GG1Y0sYc7My.js
static.xx.fbcdn.net/rsrc.php/v3/yv/r/ Frame 4CE7 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FZdoroviacomua%2F&tabs=timeline&width=300&height=600&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=348298842028226
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
90fc0d4d2666d3f5b0ce950a759f03f7755f52012ba11c5d68bad84ab0ea9a3d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:43:59 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
FvCDsjtWXbnS8g0a11kzwQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1657
x-fb-rlafr
0
x-fb-debug
+UOPs65r9JqxnaS1UxcdYZQ3xJ2gKhtXwNNLRV7kbvGbB7ue8bQeDQ6b+myT4rcPixoiGEUb4uChn8Qnko10Ew==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Tue, 08 Aug 2023 14:44:24 GMT
Nwy6sCQlQHc.js
static.xx.fbcdn.net/rsrc.php/v3/yt/r/ Frame 4CE7 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/Nwy6sCQlQHc.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FZdoroviacomua%2F&tabs=timeline&width=300&height=600&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=348298842028226
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
593fa553d116f4269a8fc8b7fc11dc49efdb71da04c896b6e5872841c5ffa2d1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:43:59 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
gGCr/wNTBczQB/gXHhl0Fg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
12174
x-fb-rlafr
0
x-fb-debug
TdDLY9cYkUciDbDHvcCIWYMAIs4wSQLIBvZJILLNk/ExhaXSjzEIQexROtZdh6d+lcbe3b0GvmL8ro3BN0F3mw==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 10 Aug 2023 19:46:26 GMT
xC6UV9vW9nN.js
static.xx.fbcdn.net/rsrc.php/v3/ya/r/ Frame 4CE7 		52 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/xC6UV9vW9nN.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FZdoroviacomua%2F&tabs=timeline&width=300&height=600&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=348298842028226
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d840ef1927c7aad49210faefc97f7005e3862dd4853cded03388216c009f01a2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:43:59 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
NzYsclW6SE+LKLuYhprflQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
16330
x-fb-rlafr
0
x-fb-debug
afwexFklCh5Gwu2ub5U0HNLfFe1uz5XkGi4X0orwkG6nKYPaZIE8TFHIUzKZ7ldBvrRwCoPdUjhaMxZSgsM++w==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 04 Aug 2023 20:42:12 GMT
B_NVcyTI_MI.js
static.xx.fbcdn.net/rsrc.php/v3/y5/r/ Frame 4CE7 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y5/r/B_NVcyTI_MI.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FZdoroviacomua%2F&tabs=timeline&width=300&height=600&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=348298842028226
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1efb14d89d5411e02729fd72359b8f5b0502c42590cede7e2fc2496ebf3c430a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:43:59 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
lKvodylxXP7ERKWQruaVew==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
7382
x-fb-rlafr
0
x-fb-debug
r2do20w17UTt/DsNWtrPwj1ZS4+miROuJsrN4v27l52140WptFSUudqJKk0sEcBJcFieEPipvi/04sIhURtfVw==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Fri, 11 Aug 2023 14:59:23 GMT
ROuPWD3Xari.js
static.xx.fbcdn.net/rsrc.php/v3/yO/r/ Frame 4CE7 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yO/r/ROuPWD3Xari.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FZdoroviacomua%2F&tabs=timeline&width=300&height=600&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=348298842028226
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2322498b4c15c8fa2583255ee24318ed39a56af26c9e0e6a0c3675da1e81809d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:43:59 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
v7UyX22AR50Q2gx3tw9f7g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
8514
x-fb-rlafr
0
x-fb-debug
n4eEioNPdRnvwoQAQFqtHWQSznmxjC1OrAzmRVsPYezEvw57/Ae80O5RdvXPcKCwXjIsLiRLo3+oyxC+JDiRGQ==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 04 Aug 2023 20:10:07 GMT
rDnka0k4fWA.js
static.xx.fbcdn.net/rsrc.php/v3/y2/r/ Frame 4CE7 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y2/r/rDnka0k4fWA.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FZdoroviacomua%2F&tabs=timeline&width=300&height=600&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=348298842028226
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3221bcff01fb4818dcde2e92e8473dad0cec69c3d4d2232d52c68a63025bc282
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:43:59 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
TeQOvqE7WFL0gM9ysgWm7g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
5939
x-fb-rlafr
0
x-fb-debug
bhre7I8vY/JivrEgsZyJgjHE9UGLIaMtU1oadtqrwS1nem0P11BtC/5D+j5rCycO44fUOghzPsN/JKnzXjasrg==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 11 Aug 2023 14:59:23 GMT
p55HfXW__mM.js
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 4CE7 		588 B
530 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FZdoroviacomua%2F&tabs=timeline&width=300&height=600&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=348298842028226
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2a3d13042506b014659c201105249b75f7101f0c3175eea254b8f33bb5ea7bd8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:43:59 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
dvWT6EJnf3PNCgYjKHSyww==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
338
x-fb-rlafr
0
x-fb-debug
/sxKeaLboTYGqiWI+ayIu4zcJPS1tuM8XS9+gJQEuJskXOtDI/1Krp03hpEh9tKdcQ4nl8JUHhZz0no0H1TvYA==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Fri, 04 Aug 2023 18:54:52 GMT
UQf8KwbqJif.js
static.xx.fbcdn.net/rsrc.php/v3iLl54/yw/l/en_GB/ Frame 4CE7 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iLl54/yw/l/en_GB/UQf8KwbqJif.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FZdoroviacomua%2F&tabs=timeline&width=300&height=600&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=348298842028226
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7aaf5eaabdcf648af4b408b192e3fb2fb5152a635a7dddb1c7241147cadaf304
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:43:59 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
Gy3ZTwVQwTuEyAOt/+NHxA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
7089
x-fb-rlafr
0
x-fb-debug
8EjeetxFzQL+X7RwMJZaMMkNbDIlpKuFNC61huyavdRd0krVlFZnZfGxMNBSY39fH3JjUf6aju/ZjJgrv2kFqA==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Fri, 04 Aug 2023 21:11:29 GMT
rO5GFi_p774.js
static.xx.fbcdn.net/rsrc.php/v3i7244/yC/l/en_GB/ Frame 4CE7 		81 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3i7244/yC/l/en_GB/rO5GFi_p774.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FZdoroviacomua%2F&tabs=timeline&width=300&height=600&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=348298842028226
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
78020b8b9caf1fcf75e1a48241481104b27310fa4121790a134f95f03b5b046c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:43:59 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
0zbk+KajPVus6yHp0A0PHA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
22619
x-fb-rlafr
0
x-fb-debug
x3upuZ3RoVPfg2/MBWhDcvCPWshRcEHP79Vc/e0uif+MzZ0UQbdexw2ZBzMmi0Zt6lHQCF1nhoNbb+tj/mOAjg==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sat, 12 Aug 2023 00:42:16 GMT
udGrGZmnkeP.js
static.xx.fbcdn.net/rsrc.php/v3/yT/r/ Frame 4CE7 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yT/r/udGrGZmnkeP.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FZdoroviacomua%2F&tabs=timeline&width=300&height=600&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=348298842028226
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
72c0a71edbb9542e13bd1b95045d742d7acee3ce8f78aa51399f61cee7e492fb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:43:59 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
9/1BV1sP73df0/E1dlv9rg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
7224
x-fb-rlafr
0
x-fb-debug
DNnLMrCvEBhraVvh2pFoF37pnjeZ8aG2n8p6Fk0hqLL4gZxYEbFVR+puq5r8308DZZE0FWxwiGAW5ZeqJtmLmw==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Fri, 04 Aug 2023 18:54:49 GMT
26169268_2027047760843857_7213779766090150706_n.png
scontent.xx.fbcdn.net/v/t1.18169-1/ Frame 4CE7 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent.xx.fbcdn.net/v/t1.18169-1/26169268_2027047760843857_7213779766090150706_n.png?stp=cp0_dst-png_p50x50&_nc_cat=101&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=VbHzpdt-H3kAX9jTAK0&_nc_ht=scontent.xx&edm=ADwHzz8EAAAA&oh=00_AT8tBfzy5RUukRkJRm8xYjY-Hd7BhiiBdNXJZra-8metUw&oe=6319FEF3
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FZdoroviacomua%2F&tabs=timeline&width=300&height=600&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=348298842028226
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6cb706286d335d6c1c71f0dfa2da12a28563585c6184d68b0294a8f976222b85

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-haystack-needlechecksum
953752327
date
Fri, 12 Aug 2022 04:43:59 GMT
x-fb-trip-id
917726464
last-modified
Wed, 03 Jan 2018 18:33:52 GMT
content-type
image/png
access-control-allow-origin
*
content-digest
adler32=3394686489
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
3790524336
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1986
www-widgetapi.js
www.youtube.com/s/player/324f67b9/www-widgetapi.vflset/ 		161 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/324f67b9/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a198693aa43d0892ffd3e66179f8107f44e3f4b3d10f1bec4eff7eca2d6abd59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 03:06:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
5843
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53260
x-xss-protection
0
last-modified
Wed, 10 Aug 2022 00:25:28 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 12 Aug 2023 03:06:36 GMT
dsp.aspx
inv-nets.admixer.net/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=7755257720550983&cpv=60ab3e5b-9323-226a-a8a1-1ab67bc92080&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%22d8fc4a3a-5dec-ce36-a35c-cc4caf1d1ca3%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fzdorovia.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2292b5673d-04ea-4272-df41-289279264345%22%2C%22tagid%22%3A%222d179f8a-367f-49ed-9a1f-d77deb57f009%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_2d179f8a367f49ed9a1fd77deb57f009_zone_2586_sect_360_site_360%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%2C%7B%22id%22%3A%22eb248c9a-b895-9e55-60f9-ea663623ebdc%22%2C%22tagid%22%3A%22cdadfe55-ba49-47d5-9918-cc04aa357b98%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_cdadfe55ba4947d59918cc04aa357b98_zone_3636_sect_360_site_360%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%2C%7B%22id%22%3A%229b69439b-3d21-fd20-ff71-5cb28beef893%22%2C%22tagid%22%3A%2293ae9d99-966b-415b-9964-9dc2489da01f%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_93ae9d99966b415b99649dc2489da01f_zone_6048_sect_360_site_360%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%5D%2C%22allimps%22%3A3%7D&am-uid=null&3rdEnabled=true&3rd=true
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
d00195600440f2b310c1761d6c41af906070e402bec01f430f4c558ba424da5f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:43:59 GMT
Content-Encoding
gzip
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Keep-Alive
timeout=25
Content-Length
1710
X-Xss-Protection
0
dsp.aspx
ads.go2net.com.ua/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.go2net.com.ua/dsp.aspx?sender=go2net&rct=4&v=2.0&rnd=9739587402311622&cpv=60ab3e5b-9323-226a-a8a1-1ab67bc92080&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%22fee6aa5b-5bc6-bdbd-c9f0-86d9442687ac%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fzdorovia.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22e9d502c8-f68d-aab6-899b-552d92ae2ddb%22%2C%22tagid%22%3A%22ed2476d6-dc6a-46b4-b1f9-1613392c7015%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_ed2476d6dc6a46b4b1f91613392c7015_zone_13171_sect_3977_site_3547%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22go2net%22%7D%2C%7B%22id%22%3A%22ebd37de1-87e4-c9fd-cd1b-ff422037c8d5%22%2C%22tagid%22%3A%22211243eb-11ba-464c-a0c6-ba847f55b0ad%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_211243eb11ba464ca0c6ba847f55b0ad_zone_13175_sect_3977_site_3547%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22go2net%22%7D%5D%2C%22allimps%22%3A2%7D&am-uid=null&3rdEnabled=true&3rd=true
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
c005f271c9e93c4dc1288b196c12f6e037e6ddae04e421a2053dc5ae30597646
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:43:59 GMT
Content-Encoding
gzip
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Keep-Alive
timeout=25
Content-Length
3341
X-Xss-Protection
0
ga-audiences
www.google.de/ads/
Redirect Chain
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=288672721&utmhn=zdorovia.com.ua&utmcs=windows-1251&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt...
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=288672721&utmhn=zdorovia.com.ua&utmcs=windows-1251&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmd...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-37123827-1&cid=2117477704.1660279439&jid=1481137170&_v=5.7.2&z=288672721
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37123827-1&cid=2117477704.1660279439&jid=1481137170&_v=5.7.2&z=288672721
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37123827-1&cid=2117477704.1660279439&jid=1481137170&_v=5.7.2&z=288672721&slf_rd=1&random=2173906596
42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37123827-1&cid=2117477704.1660279439&jid=1481137170&_v=5.7.2&z=288672721&slf_rd=1&random=2173906596
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:43:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:43:59 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37123827-1&cid=2117477704.1660279439&jid=1481137170&_v=5.7.2&z=288672721&slf_rd=1&random=2173906596
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
e1eee23f36481a69453f.b.js
scripts.go2net.com.ua/scripts3/48427/ 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.go2net.com.ua/scripts3/48427/e1eee23f36481a69453f.b.js
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc35
date
Fri, 12 Aug 2022 04:43:59 GMT
content-encoding
gzip
last-modified
Thu, 28 Jul 2022 13:09:18 GMT
server
nginx
etag
W/"62e28a7e-702f"
vary
Accept-Encoding
x-cached-since
2022-08-10T04:09:14+00:00
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31622400
cache
HIT
expires
Sat, 29 Jul 2023 21:27:45 GMT
fdabe098f34289659a17.b.js
scripts.go2net.com.ua/scripts3/48427/ 		42 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.go2net.com.ua/scripts3/48427/fdabe098f34289659a17.b.js
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc35
date
Fri, 12 Aug 2022 04:43:59 GMT
content-encoding
gzip
last-modified
Thu, 28 Jul 2022 13:09:19 GMT
server
nginx
etag
W/"62e28a7f-a793"
vary
Accept-Encoding
x-cached-since
2022-08-10T04:09:14+00:00
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31622400
cache
HIT
expires
Sat, 29 Jul 2023 21:27:45 GMT
84011c43c3075e543c6d.b.js
scripts.go2net.com.ua/scripts3/48427/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.go2net.com.ua/scripts3/48427/84011c43c3075e543c6d.b.js
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc35
date
Fri, 12 Aug 2022 04:43:59 GMT
content-encoding
gzip
last-modified
Thu, 28 Jul 2022 13:09:11 GMT
server
nginx
etag
W/"62e28a77-326c"
vary
Accept-Encoding
x-cached-since
2022-08-10T04:09:14+00:00
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31622400
cache
HIT
expires
Sat, 29 Jul 2023 21:27:45 GMT
7103cce7fa6705169441.b.js
scripts.go2net.com.ua/scripts3/48427/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.go2net.com.ua/scripts3/48427/7103cce7fa6705169441.b.js
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
da5a6aaf22887d6be1d6aaf85b1bf31db6372817faeef47bd9f21b89fcb78109

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc35
date
Fri, 12 Aug 2022 04:43:59 GMT
content-encoding
gzip
last-modified
Thu, 28 Jul 2022 13:09:10 GMT
server
nginx
etag
W/"62e28a76-2a79"
vary
Accept-Encoding
x-cached-since
2022-08-10T04:09:14+00:00
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31622400
cache
HIT
expires
Sat, 29 Jul 2023 21:27:45 GMT
5927ef40e4a80e0040be.b.js
scripts.go2net.com.ua/scripts3/48427/ 		215 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.go2net.com.ua/scripts3/48427/5927ef40e4a80e0040be.b.js
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
4d1f56b3032e5c392c0a0e812c52d5fcc3da8d9f157d1e21d78434196f58495e

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc35
date
Fri, 12 Aug 2022 04:43:59 GMT
content-encoding
gzip
last-modified
Thu, 28 Jul 2022 13:09:08 GMT
server
nginx
etag
W/"62e28a74-35ac7"
vary
Accept-Encoding
x-cached-since
2022-08-10T04:09:14+00:00
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31622400
cache
HIT
expires
Sat, 29 Jul 2023 21:27:45 GMT
ImgSync
image8.pubmatic.com/AdServer/ 		0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=160846&gdpr={gdpr}&gdpr_consent={consent}&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D160846%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Finv-nets.admixer.net%252Fadxcm.aspx%253Fssp%253D8B7CB874-411E-4307-9BD3-661F1CB0A0E6%2526id%253D%2523PMUID
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:43:59 GMT
content-length
0
cm-notify
creativecdn.com/
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=admixer
  • https://creativecdn.com/cm-notify?pi=admixer&tc=1
42 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creativecdn.com/cm-notify?pi=admixer&tc=1
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:43:59 GMT, Fri, 12 Aug 2022 04:43:59 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-type
image/gif
content-length
42
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://creativecdn.com/cm-notify?pi=admixer&tc=1
date
Fri, 12 Aug 2022 04:43:59 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
bounce
ib.adnxs.com/
Redirect Chain
  • https://ib.adnxs.com/setuid?entity=533&code=697b573e3a4444e5bed84c52be179dbd
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D533%26code%3D697b573e3a4444e5bed84c52be179dbd
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D533%26code%3D697b573e3a4444e5bed84c52be179dbd
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 04:43:59 GMT
X-Proxy-Origin
82.199.130.41; 82.199.130.41; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
264d3a8f-c6eb-438f-9857-c77a72d74b61
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 04:43:59 GMT
X-Proxy-Origin
82.199.130.41; 82.199.130.41; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
9526c514-551f-4ff9-afb7-7ad71556ccf6
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D533%26code%3D697b573e3a4444e5bed84c52be179dbd
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
branding.min.js
a4p.adpartner.pro/apstc/ 		13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/apstc/branding.min.js?v=1.1.423
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/branding?id=1550&0.6851788346757033
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
c9a290d9b6213e394d2d308a9e193b06f2773b1ac247317f41df41211e6bc77a

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:43:59 GMT
cache-control
no-store no-transform
last-modified
Tue, 15 Mar 2022 16:47:24 GMT
server
nginx
content-encoding
br
etag
W/"6230c31c-35bf"
content-type
application/javascript
tt
a4p.adpartner.pro/ Frame 534C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=1&session_id=2bae461f-e33d-4c87-af26-e960099a20a7&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F&referer=
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/branding?id=1550&0.6851788346757033
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store no-transform
date
Fri, 12 Aug 2022 04:43:59 GMT
server
nginx
ls
a4p.adpartner.pro/branding/ Frame A1EB 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/branding/ls?branding=1550&bannerNum=2200341753400048&apuid=8469963f-cec3-4347-b6b2-35f049718f6d&session_pageview=1&session_id=2bae461f-e33d-4c87-af26-e960099a20a7&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/branding?id=1550&0.6851788346757033
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
ec7fadf3dab689a8e4be94a7f5f85c86b77b3b90f5388f3f4e5cfc591bab2c49

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store no-transform
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 12 Aug 2022 04:43:59 GMT
server
nginx
/
adx.adform.net/adx/
Redirect Chain
  • https://adx.adform.net/adx/?rp=4&bWlkPTMyMzA0Mw&callback=globalAml.oid_306148&url=http%3A%2F%2Fzdorovia.com.ua%2F
  • https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTMyMzA0Mw&callback=globalAml.oid_306148&url=http%3A%2F%2Fzdorovia.com.ua%2F
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTMyMzA0Mw&callback=globalAml.oid_306148&url=http%3A%2F%2Fzdorovia.com.ua%2F
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e76d2c65d057cfe0ffe5494fd398d46eee545b7e70fb06010f0adaf64176507d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:00 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:00 GMT
server
nginx
location
https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTMyMzA0Mw&callback=globalAml.oid_306148&url=http%3A%2F%2Fzdorovia.com.ua%2F
access-control-max-age
86400
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
publishertag.js
static.criteo.net/js/ld/ 		119 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
18da79f767f5a603e9b235ec78993380e8c00aaf1ec855049e8a79107e3013c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:43:59 GMT
content-encoding
gzip
last-modified
Tue, 02 Aug 2022 12:51:26 GMT
server
nginx
etag
W/"62e91dce-1dc2b"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 13 Aug 2022 04:43:59 GMT
55453de97a118ce9
ads.us.e-planning.net/uspd/1/ Frame 4504
Redirect Chain
  • https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
  • https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Requested by
Host: ads.go2net.com.ua
URL: https://ads.go2net.com.ua/dsp.aspx?sender=go2net&rct=4&v=2.0&rnd=9739587402311622&cpv=60ab3e5b-9323-226a-a8a1-1ab67bc92080&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%22fee6aa5b-5bc6-bdbd-c9f0-86d9442687ac%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fzdorovia.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22e9d502c8-f68d-aab6-899b-552d92ae2ddb%22%2C%22tagid%22%3A%22ed2476d6-dc6a-46b4-b1f9-1613392c7015%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_ed2476d6dc6a46b4b1f91613392c7015_zone_13171_sect_3977_site_3547%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22go2net%22%7D%2C%7B%22id%22%3A%22ebd37de1-87e4-c9fd-cd1b-ff422037c8d5%22%2C%22tagid%22%3A%22211243eb-11ba-464c-a0c6-ba847f55b0ad%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_211243eb11ba464ca0c6ba847f55b0ad_zone_13175_sect_3977_site_3547%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22go2net%22%7D%5D%2C%22allimps%22%3A2%7D&am-uid=null&3rdEnabled=true&3rd=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.246 Hilversum, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
2abb534d22e24dae520b3bd3d1b39be706c890c380a876dfbc876dcfeb90bdd4

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Fri, 12 Aug 2022 04:43:59 GMT
expires
Fri, 12 Aug 2022 04:43:59 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-602

Redirect headers

content-type
text/html; charset=iso-8859-1
date
Fri, 12 Aug 2022 04:43:59 GMT
location
/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-602
/
onetag-sys.com/usync/ Frame E462 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=59d216e971852f2
Requested by
Host: ads.go2net.com.ua
URL: https://ads.go2net.com.ua/dsp.aspx?sender=go2net&rct=4&v=2.0&rnd=9739587402311622&cpv=60ab3e5b-9323-226a-a8a1-1ab67bc92080&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%22fee6aa5b-5bc6-bdbd-c9f0-86d9442687ac%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fzdorovia.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22e9d502c8-f68d-aab6-899b-552d92ae2ddb%22%2C%22tagid%22%3A%22ed2476d6-dc6a-46b4-b1f9-1613392c7015%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_ed2476d6dc6a46b4b1f91613392c7015_zone_13171_sect_3977_site_3547%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22go2net%22%7D%2C%7B%22id%22%3A%22ebd37de1-87e4-c9fd-cd1b-ff422037c8d5%22%2C%22tagid%22%3A%22211243eb-11ba-464c-a0c6-ba847f55b0ad%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_211243eb11ba464ca0c6ba847f55b0ad_zone_13175_sect_3977_site_3547%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22go2net%22%7D%5D%2C%22allimps%22%3A2%7D&am-uid=null&3rdEnabled=true&3rd=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
sync.html
s.adtelligent.com/ Frame 471D 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=707176
Requested by
Host: ads.go2net.com.ua
URL: https://ads.go2net.com.ua/dsp.aspx?sender=go2net&rct=4&v=2.0&rnd=9739587402311622&cpv=60ab3e5b-9323-226a-a8a1-1ab67bc92080&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%22fee6aa5b-5bc6-bdbd-c9f0-86d9442687ac%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fzdorovia.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22e9d502c8-f68d-aab6-899b-552d92ae2ddb%22%2C%22tagid%22%3A%22ed2476d6-dc6a-46b4-b1f9-1613392c7015%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_ed2476d6dc6a46b4b1f91613392c7015_zone_13171_sect_3977_site_3547%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22go2net%22%7D%2C%7B%22id%22%3A%22ebd37de1-87e4-c9fd-cd1b-ff422037c8d5%22%2C%22tagid%22%3A%22211243eb-11ba-464c-a0c6-ba847f55b0ad%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_211243eb11ba464ca0c6ba847f55b0ad_zone_13175_sect_3977_site_3547%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22go2net%22%7D%5D%2C%22allimps%22%3A2%7D&am-uid=null&3rdEnabled=true&3rd=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5139::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
b4e5d0bbbc53852c9fc90c30dff92386f756581d9b48dbbd11966098da6b63c6

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
http://zdorovia.com.ua
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
1265
Content-Type
text/html; charset=UTF-8
Date
Fri, 12 Aug 2022 04:43:59 GMT
Server
Adtelligent
X-Robots-Tag
noindex
1px-matching-go2net.gif
m.trafmag.com/images/ 		35 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.trafmag.com/images/1px-matching-go2net.gif?id=697b573e3a4444e5bed84c52be179dbd
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
adforce.team
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:43:59 GMT
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
P3P
CP="NON DSP COR CURa TIA"
sync.html
s.console.adtarget.com.tr/ 		63 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=517350
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5095:0:225:90ff:fefa:245d London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
b7c43fd75a6ed3a267427a714feebb9a1e4ba350dc540ffb2cddb472ac27bc25

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:43:59 GMT
Server
Adtelligent
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
http://zdorovia.com.ua
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
63
32f540592c6f5d89e450bc780e487e2a.gif
cs.mobfox.com/ 		42 B
510 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.mobfox.com/32f540592c6f5d89e450bc780e487e2a.gif?puid=697b573e3a4444e5bed84c52be179dbd&redir=[RED]
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.2.110.206 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 04:44:00 GMT
Server
nginx/1.20.1
Transfer-Encoding
chunked
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58613/occ
  • https://ups.analytics.yahoo.com/ups/58613/occ?verify=true
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=C08DEACC-8D75-434A-AEB2-F33238E285A8&id=y-cOskCipE2uFQ9Vw._Ge8qrNe5pY8YUoYOgegRvg-~A
43 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=C08DEACC-8D75-434A-AEB2-F33238E285A8&id=y-cOskCipE2uFQ9Vw._Ge8qrNe5pY8YUoYOgegRvg-~A
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:44:00 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

location
https://inv-nets.admixer.net/adxcm.aspx?ssp=C08DEACC-8D75-434A-AEB2-F33238E285A8&id=y-cOskCipE2uFQ9Vw._Ge8qrNe5pY8YUoYOgegRvg-~A
date
Fri, 12 Aug 2022 04:44:00 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
cm.aspx
inv-nets.admixer.net/bs/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=admixer&user_id=697b573e3a4444e5bed84c52be179dbd&gdpr=&gdpr_consent=&us_privacy=[usPrivacy]
  • https://x.bidswitch.net/ul_cb/sync?ssp=admixer&user_id=697b573e3a4444e5bed84c52be179dbd&gdpr=&gdpr_consent=&us_privacy=[usPrivacy]
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dadmixer%26expires%3D30%26us...
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dadmixer%26expires%3D30%26us...
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=2c22421b-987f-52e0-9bc8-746df93daefd&ssp=admixer&expires=30&user_group=1&gdpr=&gdpr_consent=
  • https://inv-nets.admixer.net/bs/cm.aspx?id=4e746a59-ecec-4d7d-8e77-93fe461a88b0&gdpr=&consent=&gdpr_pd=
43 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/bs/cm.aspx?id=4e746a59-ecec-4d7d-8e77-93fe461a88b0&gdpr=&consent=&gdpr_pd=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:44:00 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

Location
//inv-nets.admixer.net/bs/cm.aspx?id=4e746a59-ecec-4d7d-8e77-93fe461a88b0&gdpr=&consent=&gdpr_pd=
Date
Fri, 12 Aug 2022 04:44:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
pic.gif
pa.tns-ua.com/bug/
Redirect Chain
  • https://pa.tns-ua.com/bug/pic.gif?tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=697b573e3a4444e5bed84c52be179dbd
  • https://pa.tns-ua.com/bug/pic.gif?cookie_detect=Z7AECC9DE27F4B09B25CCA3E3826E864&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=697b573e3a4444e5bed84c52be179dbd
56 B
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pa.tns-ua.com/bug/pic.gif?cookie_detect=Z7AECC9DE27F4B09B25CCA3E3826E864&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=697b573e3a4444e5bed84c52be179dbd
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
194.247.175.19 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:00 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.13.0
content-type
image/gif
expires
-1

Redirect headers

location
https://pa.tns-ua.com/bug/pic.gif?cookie_detect=Z7AECC9DE27F4B09B25CCA3E3826E864&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=697b573e3a4444e5bed84c52be179dbd
date
Fri, 12 Aug 2022 04:44:00 GMT
cache-control
no-cache
server
nginx/1.13.0
content-length
0
expires
-1
mmr445.gif
us.ck-ie.com/ 		0
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us.ck-ie.com/mmr445.gif?gdpr=&gdpr_consent=[GDPRConsent]&us_privacy=[USPrivacy]&coppa=[COPPA]&puid=697b573e3a4444e5bed84c52be179dbd
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.108.194 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:44:00 GMT
Server
nginx
Connection
keep-alive
Content-Type
text/plain
admixer-sync
rtb.com.ru/ 		0
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.com.ru/admixer-sync?uid=697b573e3a4444e5bed84c52be179dbd
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
83.222.114.186 , Russian Federation, ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:44:00 GMT
Cache-Control
max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
Server
nginx/1.18.0
Connection
keep-alive
P3p
CP="rtb.com.ru does not have a P3P policy"
sync
t.adx.opera.com/ 		35 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.adx.opera.com/sync?vendor=60022&uid=697b573e3a4444e5bed84c52be179dbd
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS
n-sysadmin-jumpbox-03.feednews.opera.technology
Software
Tengine /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:00 GMT
server
Tengine
access-control-allow-methods
POST, GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://sync.lemmatechnologies.com/setuid?publisher=144&gdpr=&gdpr_consent=&redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D5EB91493-F210-4EA3-B3C6-1AE3BD948878%26id%3D697b573e3a44...
  • https://x.bidswitch.net/sync?ssp=lemma&user_id=623331ea-19f9-11ed-921f-801844df0ab8
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=lemma&bsw_custom_parameter=4e746a59-ecec-4d7d-8e77-93fe461a88b0
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=lemma&bsw_custom_parameter=4e746a59-ecec-4d7d-8e77-93fe461a88b0
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=ff401483-6f8c-4fd5-9988-fe2aa262eaa1&user_group=1&ssp=lemma&bsw_param=4e746a59-ecec-4d7d-8e77-93fe461a88b0
  • https://sync.lemmatechnologies.com/setuid?bidder=bidswitch&uid=4e746a59-ecec-4d7d-8e77-93fe461a88b0
  • https://x.bidswitch.net/sync?ssp=lemma&user_id=623331ea-19f9-11ed-921f-801844df0ab8
  • https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=lemma&bsw_custom_parameter=4e746a59-ecec-4d7d-8e77-93fe461a88b0
  • https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=lemma&expires=10&bsw_param=4e746a59-ecec-4d7d-8e77-93fe461a88b0
  • https://sync.lemmatechnologies.com/setuid?bidder=bidswitch&uid=4e746a59-ecec-4d7d-8e77-93fe461a88b0
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5EB91493-F210-4EA3-B3C6-1AE3BD948878&id=697b573e3a4444e5bed84c52be179dbd623331ea-19f9-11ed-921f-801844df0ab8
43 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=5EB91493-F210-4EA3-B3C6-1AE3BD948878&id=697b573e3a4444e5bed84c52be179dbd623331ea-19f9-11ed-921f-801844df0ab8
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:44:02 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:02 GMT
vary
Origin
content-type
text/html; charset=utf-8
location
https://inv-nets.admixer.net/adxcm.aspx?ssp=5EB91493-F210-4EA3-B3C6-1AE3BD948878&id=697b573e3a4444e5bed84c52be179dbd623331ea-19f9-11ed-921f-801844df0ab8
cache-control
no-cache, no-store, must-revalidate
content-length
179
expires
0
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D5BDCF84A-C9CB-4519-8A23-C01743D4AC38%26id%3D%7Buser_id%7D
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5BDCF84A-C9CB-4519-8A23-C01743D4AC38&id=5f9e8eb9-028a-4a7b-b2b7-6430ea96982b
43 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=5BDCF84A-C9CB-4519-8A23-C01743D4AC38&id=5f9e8eb9-028a-4a7b-b2b7-6430ea96982b
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:43:59 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

location
https://inv-nets.admixer.net/adxcm.aspx?ssp=5BDCF84A-C9CB-4519-8A23-C01743D4AC38&id=5f9e8eb9-028a-4a7b-b2b7-6430ea96982b
date
Fri, 12 Aug 2022 04:43:59 GMT
cache-control
no-store no-transform
server
nginx
content-length
190
content-type
text/html; charset=utf-8
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=197200&cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D&s=197200&C=1
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=FCC51D18-EB58-4B22-B884-02E238CDD6F2&id=YvXakKz3F3YJ2dwgSLqF7wAAFAUAAAIB
43 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=FCC51D18-EB58-4B22-B884-02E238CDD6F2&id=YvXakKz3F3YJ2dwgSLqF7wAAFAUAAAIB
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:44:00 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MnAcbH8e%2BfASHSsZ%2FftLdh92HA%2BiP1RKdetiowgKm8ymML2nVfs%2BHkrkkpD7gwtOdcnarkTnLrD3MAtiqgIrStGpPzT97jBoxOG%2FOftET9hJC98IJhU1jIaicQ6iuSqpDoIBBouffGZ2Pw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://inv-nets.admixer.net/adxcm.aspx?ssp=FCC51D18-EB58-4B22-B884-02E238CDD6F2&id=YvXakKz3F3YJ2dwgSLqF7wAAFAUAAAIB
cache-control
no-cache
cf-ray
73968da5fe9a72f7-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
1px-matching-admixer.gif
m.trafmag.com/images/ 		35 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.trafmag.com/images/1px-matching-admixer.gif?id=697b573e3a4444e5bed84c52be179dbd
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
adforce.team
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:44:00 GMT
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
P3P
CP="NON DSP COR CURa TIA"
ImgSync
image8.pubmatic.com/AdServer/ 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=160321&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D697b573e3a4444e5bed84c52be179dbd
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:43:58 GMT
content-length
0
pixel
ap.lijit.com/ 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?gdpr=&gdpr_consent=&redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DA0E94EB6-7943-457A-8B17-9C99C6ADCED2%26id%3D%24UID
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 12 Aug 2022 04:44:00 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
idsync
idsync.admixer.co.kr/ 		43 B
904 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.admixer.co.kr:4450/idsync?pid=103&uid=697b573e3a4444e5bed84c52be179dbd
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
183.110.238.136 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
/
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12-Aug-2022 13:44:01 +0900
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP LAW NID PSA ADM OUR IND NAV COM"
Cache-Control
private, max-age=0, no-cache, no-store
Connection
close
Content-Type
image/gif;
Content-Length
43
Expires
Mon, 01 Jan 2000 00:00:00 +0900
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}
  • https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}&crf=1
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=2c22421b-987f-52e0-9bc8-746df93daefd
43 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=2c22421b-987f-52e0-9bc8-746df93daefd
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:44:00 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

location
https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=2c22421b-987f-52e0-9bc8-746df93daefd
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
sfaf25.gif
us.ck-ie.com/ 		0
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us.ck-ie.com/sfaf25.gif?puid=697b573e3a4444e5bed84c52be179dbd
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.108.194 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:44:00 GMT
Server
nginx
Connection
keep-alive
Content-Type
text/plain
admixer
exchange.buzzoola.com/cookiesync/ssp/
Redirect Chain
  • https://exchange.buzzoola.com/cookiesync/ssp/admixer?uid=697b573e3a4444e5bed84c52be179dbd
  • https://exchange.buzzoola.com/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=697b573e3a4444e5bed84c52be179dbd
43 B
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.buzzoola.com/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=697b573e3a4444e5bed84c52be179dbd
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
144.76.119.17 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.17.119.76.144.clients.your-server.de
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:00 GMT
server
nginx
content-length
43
serverid
TODO
content-type
image/gif

Redirect headers

location
/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=697b573e3a4444e5bed84c52be179dbd
date
Fri, 12 Aug 2022 04:44:00 GMT
server
nginx
etag
W/"c1facdaf536c7f002694afa44ec3954a056895098ca2336a4dc04a696afe4ab1"
content-length
122
serverid
TODO
content-type
text/html; charset=utf-8
loader2.js
scripts.go2net.com.ua/scripts3/ Frame B452 		176 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.go2net.com.ua/scripts3/loader2.js
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
e4501d959d3638f5749d6687283f31f7fc48d9e37770520cd0f275b632eeb5b4

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc35
date
Fri, 12 Aug 2022 04:43:59 GMT
content-encoding
gzip
last-modified
Thu, 28 Jul 2022 13:08:58 GMT
server
nginx
etag
W/"62e28a6a-2c101"
x-cached-since
2022-08-09T21:44:48+00:00
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=600
cache
HIT
expires
Thu, 28 Jul 2022 21:30:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame B609 		168 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86d232af9d0d652f0b20b2ffdc7c9883350500b20300c05e2f6eaf3a5fcf85b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57269
x-xss-protection
0
server
cafe
etag
18048860150507911423
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 12 Aug 2022 04:44:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 772C 		168 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
56bc77edd072e72249cc648dae6511b6636c6b7051f0b59c05311c7c9e94a5ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57405
x-xss-protection
0
server
cafe
etag
2639255672399725074
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 12 Aug 2022 04:44:00 GMT
media
a4p.adpartner.pro/ Frame 2EAB
Redirect Chain
  • http://a4p.adpartner.pro/media?site_id=444&unit_id=7434
  • https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
e77074927673ee280742cc1fe5b0dcc1573c46a62cba02241540e3c9306ead1f

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:00 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
text/html; charset=utf-8

Redirect headers

Location
https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Date
Fri, 12 Aug 2022 04:44:00 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=20
Content-Length
162
Content-Type
text/html
ev_view.aspx
inv-nets.admixer.net/ 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/ev_view.aspx?cc=DE&am-uid=697b573e3a4444e5bed84c52be179dbd&cet=4&zone=93AE9D99-966B-415B-9964-9DC2489DA01F&rule=F3EF79B2-6D00-49A9-BD57-2DD742B532C5&requestId=d6f42bd5-30ae-423f-ac1a-baa4b66aac0a&hp=1048539382&page=zdorovia.com.ua%2F&pvid=31a257d0-c4e6-4847-be24-3bbd3ed38a67&inst=ADS-EU-7&ts=637958762393588034&sf=0
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:44:00 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
ev_view.aspx
inv-nets.admixer.net/ 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/ev_view.aspx?cc=DE&am-uid=697b573e3a4444e5bed84c52be179dbd&cet=4&zone=CDADFE55-BA49-47D5-9918-CC04AA357B98&rule=F7CAC5CE-3E5F-4671-95C3-F259A87AC033&requestId=1b01a591-719c-4246-928a-ebaf70c42b79&hp=1048539382&page=zdorovia.com.ua%2F&pvid=31a257d0-c4e6-4847-be24-3bbd3ed38a67&inst=ADS-EU-7&ts=637958762393588034&sf=0
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:44:00 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
ev_view.aspx
inv-nets.admixer.net/ 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/ev_view.aspx?cc=DE&am-uid=697b573e3a4444e5bed84c52be179dbd&cet=4&zone=2D179F8A-367F-49ED-9A1F-D77DEB57F009&rule=D1C84BF2-B360-43A6-B9BA-D08AD0CF3C93&requestId=e481fa83-2ba0-4a27-9987-c36a474cb059&hp=1048539382&page=zdorovia.com.ua%2F&pvid=31a257d0-c4e6-4847-be24-3bbd3ed38a67&inst=ADS-EU-7&ts=637958762393588034&sf=0
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:44:00 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
ev_view.aspx
ads.go2net.com.ua/ 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.go2net.com.ua/ev_view.aspx?cc=DE&am-uid=697b573e3a4444e5bed84c52be179dbd&cet=4&zone=ED2476D6-DC6A-46B4-B1F9-1613392C7015&rule=8CE3A43A-8167-46D4-BBE3-364D0CBC2653&requestId=b77d026e-a93f-4f5b-85e1-bdfb9b05f41b&hp=1048539382&page=zdorovia.com.ua%2F&pvid=c51d0703-a71a-41bb-b710-2a4b45a3202f&inst=ADS-EU-7&ts=637958762394447913&sf=0
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:44:00 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame 4CE7 		573 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yV/l/0,cross/SfNdS3jYA2M.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yV/l/0,cross/SfNdS3jYA2M.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:43:59 GMT
x-content-type-options
nosniff
content-md5
07aG/2AEtDHVAZ5LUajMDQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
573
x-fb-rlafr
0
x-fb-debug
xuFHQE9j8c8q8pcysQxIep1rGwy5hNR7EneI6l/nbzlIlxQSxjD6zFVIuMOOWZa3hBBGXF7KL8jFuDBKr60Pkw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Sun, 06 Aug 2023 20:19:15 GMT
9dn8UIjMf-X.js
static.xx.fbcdn.net/rsrc.php/v3/yZ/r/ Frame 4CE7 		153 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yZ/r/9dn8UIjMf-X.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ys/r/RI5Ki3mPi72.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
81683dd6e9edf61c6606f28fb7b7261b7b88ea30e286d0a132f63c5ff42a2678
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:43:59 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
iKIO3ujsN50udmYyvgqEUA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
46006
x-fb-rlafr
0
x-fb-debug
vt7Phhk62lSfjrP76E/LVWZf0569xZT7y6tj7UQHBO/hieTBRGEnLtjbU6X59toLOHDTHtRvgA1MW4Bp7KjBNQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 04 Aug 2023 19:34:23 GMT
analytics.js
www.google-analytics.com/ Frame A1EB 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/branding/ls?branding=1550&bannerNum=2200341753400048&apuid=8469963f-cec3-4347-b6b2-35f049718f6d&session_pageview=1&session_id=2bae461f-e33d-4c87-af26-e960099a20a7&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://a4p.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
6119
date
Fri, 12 Aug 2022 03:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 12 Aug 2022 05:02:00 GMT
branding
a4p.adpartner.pro/ Frame A1EB 		1 KB
877 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/branding?id=1550&session_id=2bae461f-e33d-4c87-af26-e960099a20a7&session_pageview=1&site_visited=1
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/branding/ls?branding=1550&bannerNum=2200341753400048&apuid=8469963f-cec3-4347-b6b2-35f049718f6d&session_pageview=1&session_id=2bae461f-e33d-4c87-af26-e960099a20a7&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
6fc96e97ed993346d7433d2f01911aa85c9fa541d5a5145d435208218103d207

Request headers

Referer
https://a4p.adpartner.pro/branding/ls?branding=1550&bannerNum=2200341753400048&apuid=8469963f-cec3-4347-b6b2-35f049718f6d&session_pageview=1&session_id=2bae461f-e33d-4c87-af26-e960099a20a7&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
text/plain

Response headers

date
Fri, 12 Aug 2022 04:43:59 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
text/html; charset=utf-8
c.html
cdn.admixer.net/scripts3/48427/ Frame 9691 		738 B
405 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/48427/c.html?b=48427
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache
HIT
cache-control
max-age=31622400
content-encoding
gzip
content-type
text/html
date
Fri, 12 Aug 2022 04:43:59 GMT
etag
W/"62e28a7b-2e2"
expires
Sat, 29 Jul 2023 13:10:16 GMT
last-modified
Thu, 28 Jul 2022 13:09:15 GMT
server
nginx
vary
Accept-Encoding
x-cached-since
2022-07-28T13:10:16+00:00
x-id
fr5-up-gc28
loader2.js
scripts.go2net.com.ua/scripts3/ 		176 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.go2net.com.ua/scripts3/loader2.js
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
1ea07232a647fbecd84a909c84a191bad02240c049f64109face6d822674fa75

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc35
date
Fri, 12 Aug 2022 04:43:59 GMT
content-encoding
gzip
last-modified
Thu, 28 Jul 2022 13:08:58 GMT
server
nginx
etag
W/"62e28a6a-2c101"
x-cached-since
2022-08-09T21:44:48+00:00
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=600
cache
HIT
expires
Thu, 28 Jul 2022 21:30:00 GMT
dsp.aspx
ads.go2net.com.ua/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.go2net.com.ua/dsp.aspx?sender=go2net&rct=4&v=2.0&rnd=3884733688768442.5&cpv=60ab3e5b-9323-226a-a8a1-1ab67bc92080&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%22c6f33ff9-3226-3596-e2bb-c02c9bfc5096%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fzdorovia.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2236f8549f-9f9e-4c65-a896-b80304bca067%22%2C%22tagid%22%3A%22ed2476d6-dc6a-46b4-b1f9-1613392c7015%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_async_793069447%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22sender%22%3A%22go2net%22%2C%22responseType%22%3Anull%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
96b1d4d66e314f4166ab9ce3ca43596a1e8231875a128c0959210b001b0637af
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:44:00 GMT
Content-Encoding
gzip
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Keep-Alive
timeout=25
Content-Length
2033
X-Xss-Protection
0
/
onetag-sys.com/usync/ Frame 43D0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
d
ic.tynt.com/r/ Frame 06AB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.31 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip31.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
date
Fri, 12 Aug 2022 04:44:00 GMT
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
server
nginx/1.16.1
csync
sync.adtelligent.com/ Frame B657
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D
  • https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=1434df1c-a4ef-46d8-bfd8-c394c675fbb7
0
404 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=1434df1c-a4ef-46d8-bfd8-c394c675fbb7
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
0
Date
Fri, 12 Aug 2022 04:44:00 GMT
Etag
f5510b651dfb71a4
Server
Adtelligent

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
73968da31c1872cc-LHR
content-length
0
date
Fri, 12 Aug 2022 04:43:59 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=1434df1c-a4ef-46d8-bfd8-c394c675fbb7
server
cloudflare
sync.html
s.adtelligent.com/ Frame 766F 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=651796
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5139::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2da35fbda1d1846dafe19cd1bc79afce518145cf24e6e7f318c5c4a18b811a0b

Request headers

Referer
https://s.adtelligent.com/sync.html?aid=707176
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://s.adtelligent.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
788
Content-Type
text/html; charset=UTF-8
Date
Fri, 12 Aug 2022 04:43:59 GMT
Server
Adtelligent
X-Robots-Tag
noindex
/
ads.us.e-planning.net/uspd/1/ Frame 6723
Redirect Chain
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
2 KB
957 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.246 Hilversum, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
fc57f8555b4c236f78e334bcacfd870469dca6ea51e9254638c4c38c9da424ed

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Fri, 12 Aug 2022 04:43:59 GMT
expires
Fri, 12 Aug 2022 04:43:59 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-602

Redirect headers

content-type
text/html; charset=iso-8859-1
date
Fri, 12 Aug 2022 04:43:59 GMT
location
/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-602
sync.html
s.console.adtarget.com.tr/ Frame F16D 		1 KB
1004 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=755289
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5095:0:225:90ff:fefa:245d London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
8a77716d191bdcbb71ccafbe17e67b9e6f45d58e3c7477e3c9b7d7b9321c6f5a

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://s.adtelligent.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
699
Content-Type
text/html; charset=UTF-8
Date
Fri, 12 Aug 2022 04:43:59 GMT
Server
Adtelligent
X-Robots-Tag
noindex
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 086E 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=96763
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Fri, 12 Aug 2022 04:44:00 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 13 Aug 2022 07:36:43 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
csync
sync.adtelligent.com/ Frame 471D
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=5293695457308570661
0
387 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=5293695457308570661
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:44:00 GMT
Server
Adtelligent
Etag
f5510b651dfb71a4
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 04:43:59 GMT
X-Proxy-Origin
82.199.130.41; 82.199.130.41; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
2eab0ca0-6c59-411f-973e-d50e01259e64
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=5293695457308570661
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 471D
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent&zcc=1&cb=1660279439897
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3863332768
70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3863332768
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:00 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:43:59 GMT
etag
RX77e37cea4dc14acea815bcc6f48c205c003
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3863332768
cache-control
no-store, no-cache, must-revalidate
content-type
text/html
expires
0
csync
sync.adtelligent.com/ Frame 471D
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D&ox_sc=1
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=88777dc4-d5ff-4dbb-8cc0-8c42d432606b
0
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=88777dc4-d5ff-4dbb-8cc0-8c42d432606b
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:44:00 GMT
Server
Adtelligent
Etag
f5510b651dfb71a4
Content-Length
0

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:43:59 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=88777dc4-d5ff-4dbb-8cc0-8c42d432606b
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
ge6ahgkpp8tp2qqhmq3n0046svsbilpb
sync
vid.vidoomy.com/ Frame 471D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid.vidoomy.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D556847%26extuid%3D%7B%7BVID%7D%7D
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
pixel
ap.lijit.com/ Frame 471D 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 12 Aug 2022 04:43:59 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
csync
sync.adtelligent.com/ Frame 471D
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=5f9e8eb9-028a-4a7b-b2b7-6430ea96982b
0
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=5f9e8eb9-028a-4a7b-b2b7-6430ea96982b
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:44:00 GMT
Server
Adtelligent
Etag
f5510b651dfb71a4
Content-Length
0

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=5f9e8eb9-028a-4a7b-b2b7-6430ea96982b
date
Fri, 12 Aug 2022 04:43:59 GMT
cache-control
no-store no-transform
server
nginx
content-length
166
content-type
text/html; charset=utf-8
csync
sync.adtelligent.com/ Frame 471D
Redirect Chain
  • https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D
  • https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=515fe546-fda1-4cda-b8f5-a653c7415c4c
0
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=515fe546-fda1-4cda-b8f5-a653c7415c4c
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:44:00 GMT
Server
Adtelligent
Etag
f5510b651dfb71a4
Content-Length
0

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=515fe546-fda1-4cda-b8f5-a653c7415c4c
date
Fri, 12 Aug 2022 04:44:00 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
csync
sync.adtelligent.com/ Frame 471D
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
  • https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=8060044100840261388
0
387 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=8060044100840261388
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:44:00 GMT
Server
Adtelligent
Etag
f5510b651dfb71a4
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 04:43:59 GMT
X-Proxy-Origin
82.199.130.41; 82.199.130.41; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
14306095-8d9d-4dad-9372-008d5bf5e297
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=8060044100840261388
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
csync
sync.adtelligent.com/ Frame 471D
Redirect Chain
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D537e6283-e085-4397-a301-d96a66c270aa%26redir%3D1
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=537e6283-e085-4397-a301-d96a66c270aa&redir=1
  • https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=697b573e3a4444e5bed84c52be179dbd
0
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=697b573e3a4444e5bed84c52be179dbd
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:44:00 GMT
Server
Adtelligent
Etag
f5510b651dfb71a4
Content-Length
0

Redirect headers

Date
Fri, 12 Aug 2022 04:44:00 GMT
Server
nginx
Access-Control-Allow-Origin
*
P3p
CP="NID DSP ALL COR"
Location
https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=697b573e3a4444e5bed84c52be179dbd
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
0
X-Xss-Protection
0
ptag
a.audrte.com/ Frame 4504 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.207.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-207-25.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
1c7ccd354d975ee1e5018cf91d57b416a928d1e9590cc2ee92cf312449145b1f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:44:00 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1681
um
u-ams02.e-planning.net/ Frame 4504
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D0d8eb1f604441514%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fu-ams02.e-planning.net%252Fum%253Fdc%253D8103fa85295fbe60%2526fi%253D0d8eb1f604441514%2526uid%253D%2524UID
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=0d8eb1f604441514&uid=7799509249833577706
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=0d8eb1f604441514&uid=7799509249833577706
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
46.249.52.249 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:00 GMT
server
openresty
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 04:43:59 GMT
X-Proxy-Origin
82.199.130.41; 82.199.130.41; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
86350319-fcd7-441e-95b5-826385633c14
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=0d8eb1f604441514&uid=7799509249833577706
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
um
u-ams02.e-planning.net/ Frame 4504
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D0d8eb1f604441514%26uid%3D%24UID&partner=eplanning
  • https://u-ams02.e-planning.net/um?dc=e64f73568d2b3c34&fi=0d8eb1f604441514&uid=ed27bfc3-410b-5185-50f1-7cf5c50d7e7b
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=e64f73568d2b3c34&fi=0d8eb1f604441514&uid=ed27bfc3-410b-5185-50f1-7cf5c50d7e7b
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
46.249.52.249 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:00 GMT
server
openresty
content-type
image/gif

Redirect headers

location
https://u-ams02.e-planning.net/um?dc=e64f73568d2b3c34&fi=0d8eb1f604441514&uid=ed27bfc3-410b-5185-50f1-7cf5c50d7e7b
pragma
no-cache
date
Fri, 12 Aug 2022 04:44:00 GMT
cache-control
no-store
content-length
0
vary
origin
expires
0
usync.html
eus.rubiconproject.com/ Frame 2D4C
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_eu&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
281 B
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 12 Aug 2022 04:44:00 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 12 Aug 2022 04:44:00 GMT
location
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
server
AkamaiGHost
usermatch
r.casalemedia.com/ Frame 67E7
Redirect Chain
  • https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0d8eb1f604441514%26uid%3D
  • https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0d8eb1f604441514%26uid%3D&s=190243&C=1
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0d8eb1f604441514%26uid%3D&s=190243&C=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c7f8d6b9dfbc90f92b5f2033728a5ffe2ad3c6a0ee42b7cd1af37de8f2f3c56

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
73968da54c017795-LHR
content-encoding
br
content-type
text/html
date
Fri, 12 Aug 2022 04:44:00 GMT
dropped-udsids
241|45|230|39|17|57|26|3
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yMwP%2FMru5EGw1S9YqM5FpZgOuIiHsBlJNrz9tKVHN%2B%2Bp5f%2FUJ%2BXqi1hbBakYYPgFeJFG2IMJgzWRJw45EGHRLhck9Ng6PQ%2FEJUoEpP%2BrtdwPiLgoPb3WlHL7zcn%2FRHYNbcIw"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
73968da41d4188af-LHR
content-type
text/html; charset=iso-8859-1
date
Fri, 12 Aug 2022 04:44:00 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
location
https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0d8eb1f604441514%26uid%3D&s=190243&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ALBI7m%2Bc1IoB%2FFsk%2BOf%2B%2BpBd8DzMmWxtJZWSnPrE3%2FEMJC1GDh9lBy%2ByHbDcBCbbV9BnFXYZdmrnMPNhc5K1QNz2Tk71r6j4b0kkgwmEA8M9zE5DQPWT6q%2FkbuXeeV%2BkqZBU5hU1"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame 31F6 		1 KB
1002 B 		Document
General
Check archive.org
Download Go to
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Middleburg, United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=157680000
cf4age
136949
cf4ttl
157680000.000
content-encoding
gzip
content-length
624
content-type
text/html
date
Fri, 12 Aug 2022 04:44:00 GMT
etag
W/"61ddbb71-5f5"
expires
Tue, 18 May 2027 11:39:16 GMT
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
server
CFS 0215
x-cf-reqid
05e295ca223947e7bb7354cb31dbe2be
x-cf-tsc
1653097306
x-cf1
29080:fB.cdg1:co:1585621119:cacheB.cdg1-01:H
x-cf2
H
x-cf3
H
x-cff
B
/
onetag-sys.com/usync/ Frame F34A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame 0265 		8 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5f8bba3cb4e310070a9519a6d5ee76d9b4845a17d7c82a87ee66fe1b5504816

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
cf-cache-status
DYNAMIC
cf-ray
73968da41c49750d-LHR
content-encoding
br
content-type
text/html
date
Fri, 12 Aug 2022 04:44:00 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Origin
via
1.1 google
c.html
cdn.admixer.net/scripts3/48427/ Frame FEBB 		738 B
405 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/48427/c.html?b=48427
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache
HIT
cache-control
max-age=31622400
content-encoding
gzip
content-type
text/html
date
Fri, 12 Aug 2022 04:43:59 GMT
etag
W/"62e28a7b-2e2"
expires
Sat, 29 Jul 2023 13:10:16 GMT
last-modified
Thu, 28 Jul 2022 13:09:15 GMT
server
nginx
vary
Accept-Encoding
x-cached-since
2022-07-28T13:10:16+00:00
x-id
fr5-up-gc28
/
www.facebook.com/platform/plugin/tab/renderer/ Frame 4CE7 		90 KB
21 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/platform/plugin/tab/renderer/?key=timeline&config_json=%7B%22app_id%22%3A%22348298842028226%22%2C%22href%22%3A%22https%3A%2F%2Fwww.facebook.com%2FZdoroviacomua%2F%22%2C%22width%22%3A300%2C%22height%22%3A600%2C%22has_cta%22%3Atrue%2C%22has_small_header%22%3Atrue%2C%22has_adapt_container_width%22%3Atrue%2C%22has_cover%22%3Afalse%2C%22has_posts%22%3Afalse%2C%22tabs%22%3A%22timeline%22%2C%22can_personalize%22%3Afalse%2C%22is_xfbml%22%3Afalse%2C%22referer_uri%22%3A%22http%3A%2F%2Fzdorovia.com.ua%2F%22%7D&fb_dtsg_ag&__user=0&__a=1&__dyn=7wKxa13wt8K2WmhwRwqo98nwgU6C7UW3q320-E7W0TUhwem0nCq1ewcG0KE33wooa81Vrzo5-0me0sy0SU2swdq0Ho2ewnE3fw6iw4vwbS1Lw&__csr=&__req=1&__hs=19216.BP%3Aplugin_default_pkg.2.0.0.0.0&dpr=1&__ccg=GOOD&__rev=1006011795&__s=%3A%3Aeoz19g&__hsi=7130845893430080774&__comet_req=0&__sp=1
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3i7244/yC/l/en_GB/rO5GFi_p774.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a87b440ba85911d7d2915e2aa93b00ecadfd8eef7d5494c6c83af7aedba48c05
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

X-FB-LSD
ggSe6oUGp8bD_pGuI0rcc2
Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FZdoroviacomua%2F&tabs=timeline&width=300&height=600&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=348298842028226
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
wxjFYW4Xf0q/M7PreoRTOJ1R+yP1F5MmDvUnCo1XPyXUDLbXZX7Uf6vvYTAWu5e47MAbg/0WYwjeG2XX9NNydA==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 12 Aug 2022 04:44:00 GMT
vary
Accept-Encoding
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
application/x-javascript; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate
priority
u=1
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/platform/plugin/page/logging/ Frame 4CE7 		975 B
596 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/platform/plugin/page/logging/
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3i7244/yC/l/en_GB/rO5GFi_p774.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6c99335c99f774015d0426f4be281b926ff44a9bc89560d4be5b5bc1e3888ce5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

X-FB-LSD
ggSe6oUGp8bD_pGuI0rcc2
Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FZdoroviacomua%2F&tabs=timeline&width=300&height=600&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=348298842028226
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
document-policy
force-load-at-top
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
luuGnd3COgwPHLadu7rrqDFCtqpVgqqC+FfnEaQCNOWvj9XzVc7WIhlkh+OnXmhl+buG4iRJN9269xE6yHaGqw==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 12 Aug 2022 04:43:59 GMT
vary
Origin, Accept-Encoding
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
priority
u=1
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
onetag-sys.com/usync/ Frame FF47 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=75a1922f904cc20
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E26B 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=96763
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Fri, 12 Aug 2022 04:44:00 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 13 Aug 2022 07:36:43 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame DB41
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184-d
  • https://eus.rubiconproject.com/usync.html?p=17184-d
281 B
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17184-d
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 12 Aug 2022 04:44:00 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 12 Aug 2022 04:44:00 GMT
location
https://eus.rubiconproject.com/usync.html?p=17184-d
server
AkamaiGHost
csync
sync.adtelligent.com/ Frame 766F 		43 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?redir=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:44:00 GMT
Server
Adtelligent
Etag
f5510b651dfb71a4
Content-Length
43
Content-Type
image/gif
xgVgalBG80z.png
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ Frame 4CE7 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/xgVgalBG80z.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yV/l/0,cross/SfNdS3jYA2M.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yV/l/0,cross/SfNdS3jYA2M.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:43:59 GMT
x-content-type-options
nosniff
content-md5
rB4cTW8WNZcBsFntToJGtA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1315
x-fb-rlafr
0
x-fb-debug
C9NGlfIK1VxwbPKe0Jo8Y2FPQ8UOBWh7Kp2LZskX3ZGaiusV76/nuJLROEIEKeqQoVk2qTppo2b1CmkyTON5dg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sun, 06 Aug 2023 02:00:54 GMT
ptag
a.audrte.com/ Frame 6723 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.207.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-207-25.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
1c7ccd354d975ee1e5018cf91d57b416a928d1e9590cc2ee92cf312449145b1f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:44:00 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1681
um
u-ams02.e-planning.net/ Frame 6723
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D0d8eb1f604441514%26uid%3D%24UID
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=0d8eb1f604441514&uid=8646964217463635939
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=0d8eb1f604441514&uid=8646964217463635939
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
46.249.52.249 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:00 GMT
server
openresty
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 04:43:59 GMT
X-Proxy-Origin
82.199.130.41; 82.199.130.41; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
66036bf0-25f8-4ceb-b141-e22bb0f2f2e1
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=0d8eb1f604441514&uid=8646964217463635939
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
um
u-ams02.e-planning.net/ Frame 6723
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D0d8eb1f604441514%26uid%3D%24UID&partner=eplanning
  • https://u-ams02.e-planning.net/um?dc=e64f73568d2b3c34&fi=0d8eb1f604441514&uid=8c1f3c42-96cb-2277-b418-ec7d8d78108f
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=e64f73568d2b3c34&fi=0d8eb1f604441514&uid=8c1f3c42-96cb-2277-b418-ec7d8d78108f
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
46.249.52.249 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:00 GMT
server
openresty
content-type
image/gif

Redirect headers

location
https://u-ams02.e-planning.net/um?dc=e64f73568d2b3c34&fi=0d8eb1f604441514&uid=8c1f3c42-96cb-2277-b418-ec7d8d78108f
pragma
no-cache
date
Fri, 12 Aug 2022 04:44:00 GMT
cache-control
no-store
content-length
0
vary
origin
expires
0
background_empty.jpg
file.adpartner.pro/2297/2297845/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://file.adpartner.pro/2297/2297845/background_empty.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.123.132.26 Kyiv, Ukraine, ASN35680 (VOLIA, UA),
Reverse DNS
26.132.123.77.colo.static.dcvolia.com
Software
nginx /
Resource Hash
86785aca6fc8dddf864d7181f70ccee6f8b23b862ac3f78df065ed909c5b746e

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:00 GMT
last-modified
Fri, 03 Dec 2021 11:35:48 GMT
server
nginx
etag
"61aa0114-3439"
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
no-store
accept-ranges
bytes
content-length
13369
usync.html
eus.rubiconproject.com/ Frame 464F
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_eu&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
281 B
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 12 Aug 2022 04:44:00 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 12 Aug 2022 04:44:00 GMT
location
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
server
AkamaiGHost
usermatch
r.casalemedia.com/ Frame 6C35
Redirect Chain
  • https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0d8eb1f604441514%26uid%3D
  • https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0d8eb1f604441514%26uid%3D&s=190243&C=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0d8eb1f604441514%26uid%3D&s=190243&C=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4cb0068e1737cf2dbd6ec5366d14b22eabd7c0e8a607681753b5aec7a1b46882

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
73968da54bfc7795-LHR
content-encoding
br
content-type
text/html
date
Fri, 12 Aug 2022 04:44:00 GMT
dropped-udsids
230|39|45|241|46|176|24|65
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FME24nnKb6WzqBrCs0cMEzp94logtl3d9nCbVZ14EKoGwxdU72K0cNCqvJTmqWFf3jcEA9rlXMWGHq44t6%2FEDctemBL%2BcSydg9zMo1u%2FHeDbjtT2u6oAWwWTutRsnSuJ1Qs2"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
73968da41d4388af-LHR
content-type
text/html; charset=iso-8859-1
date
Fri, 12 Aug 2022 04:44:00 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
location
https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0d8eb1f604441514%26uid%3D&s=190243&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R%2F8U21uTsH2UWxzAyYnUCkTVzWX9jdEJoj8trBCBgnDIt5BfX%2F7hgti0cjIzQjM3jEJTjpHuvDtrz050w2kfu5xPpjo40%2FiT%2BgF%2BkkNzv8GNJaWE5cuzJZwbrtUxpClWmxDMA3i1"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame F5A0 		1 KB
1002 B 		Document
General
Check archive.org
Download Go to
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Middleburg, United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=157680000
cf4age
136949
cf4ttl
157680000.000
content-encoding
gzip
content-length
624
content-type
text/html
date
Fri, 12 Aug 2022 04:44:00 GMT
etag
W/"61ddbb71-5f5"
expires
Tue, 18 May 2027 11:39:16 GMT
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
server
CFS 0215
x-cf-reqid
8479035fbc7d2534e73b0c00830eda13
x-cf-tsc
1653097306
x-cf1
29080:fB.cdg1:co:1585621119:cacheB.cdg1-01:H
x-cf2
H
x-cf3
H
x-cff
B
/
onetag-sys.com/usync/ Frame FE6B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame 1FC0 		8 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28796af60e3612ee1dc8f6f63d0f44693bffb6fd2c972016fba177ef3bea9c3f

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
cf-cache-status
DYNAMIC
cf-ray
73968da41c4a750d-LHR
content-encoding
br
content-type
text/html
date
Fri, 12 Aug 2022 04:44:00 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Origin
via
1.1 google
if
a4p.adpartner.pro/tracker/ Frame 2479 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%25225f9e8eb9-028a-4a7b-b2b7-6430ea96982b%2522%252C%2522event%2522%253A%2522visible_show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2297845%252C%2522rule_id%2522%253A209963%252C%2522show_id%2522%253A%25224ca1a630-85e7-46c6-b0e3-47b175c540f0%2522%257D%255D%252C%2522unit_id%2522%253A1550%252C%2522region_id%2522%253A86%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%25224ca1a630-85e7-46c6-b0e3-47b175c540f0%2522%252C%2522url%2522%253A%2522http%25253A%25252F%25252Fzdorovia.com.ua%25252F%2522%257D
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate no-store no-transform
content-length
0
content-type
image/gif
date
Fri, 12 Aug 2022 04:44:00 GMT
expires
0
pragma
no-cache
server
nginx
cdb
bidder.criteo.com/ 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=126&profileId=184&cb=20775792649
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
http://zdorovia.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 12 Aug 2022 04:43:59 GMT
server
Finatra
vary
Origin
access-control-allow-origin
http://zdorovia.com.ua
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
cdb
bidder.criteo.com/ 		0
216 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=126&profileId=184&cb=74592231792
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
http://zdorovia.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 12 Aug 2022 04:43:59 GMT
server
Finatra
vary
Origin
access-control-allow-origin
http://zdorovia.com.ua
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
cdb
bidder.criteo.com/ 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=126&profileId=184&cb=30903018278
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
http://zdorovia.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 12 Aug 2022 04:43:59 GMT
server
Finatra
vary
Origin
access-control-allow-origin
http://zdorovia.com.ua
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
cdb
bidder.criteo.com/ 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=126&profileId=184&cb=94373257654
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
http://zdorovia.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 12 Aug 2022 04:43:59 GMT
server
Finatra
vary
Origin
access-control-allow-origin
http://zdorovia.com.ua
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
OZcLupMIkEN.js
static.xx.fbcdn.net/rsrc.php/v3/ya/r/ Frame 4CE7 		279 B
243 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/OZcLupMIkEN.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ys/r/RI5Ki3mPi72.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
16089cad50034af52ebca1e2e7c310f76b4b6f625b89ad07d5b59ff377f332b0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:00 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
QusOzUJEj2HVYgmawONobw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
189
x-fb-rlafr
0
x-fb-debug
DzM4mhd2CnuZXRQs+GQQlmpdL69JtpqrESjlh/dN0i/GuU90C345aeWwFPNbeQ0XQMSkAX8n12IGtRiJ4mh6/w==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Sun, 06 Aug 2023 04:18:26 GMT
cookie
cm.adform.net/ Frame D69C 		43 B
106 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-length
43
content-type
image/gif
date
Fri, 12 Aug 2022 04:44:00 GMT
server
nginx
csync
sync.adtelligent.com/ Frame F16D
Redirect Chain
  • https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D
  • https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=9688f602e7544b82
0
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=9688f602e7544b82
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
HTTP/1.1
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.console.adtarget.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:44:00 GMT
Server
Adtelligent
Etag
f5510b651dfb71a4
Content-Length
0

Redirect headers

Location
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=9688f602e7544b82
Date
Fri, 12 Aug 2022 04:44:00 GMT
Server
Adtelligent
Etag
9688f602e7544b82
Content-Length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 086E 		0
39 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=2082801&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr={gdpr]&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:43:59 GMT
content-length
0
getuid
ib.adnxs.com/ Frame 0265 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=611fdb6b-a91a-48af-6502-9a54b9594514&reqId=46bcbb39-347e-450d-593d-646b82e33105&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame 0265 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=611fdb6b-a91a-48af-6502-9a54b9594514&reqId=46bcbb39-347e-450d-593d-646b82e33105&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 0265
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
  • https://mwzeom.zeotap.com/mw?cid=df84487a-2355-4213-b201-793328432e5b&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=611fdb6b-a91a-48af-6502-9a54b9594514&reqId=46bcbb39-347e-450d...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=df84487a-2355-4213-b201-793328432e5b&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=611fdb6b-a91a-48af-6502-9a54b9594514&reqId=46bcbb39-347e-450d-593d-646b82e33105&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:00 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
73968da6bed7750d-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=df84487a-2355-4213-b201-793328432e5b&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=611fdb6b-a91a-48af-6502-9a54b9594514&reqId=46bcbb39-347e-450d-593d-646b82e33105&zdid=1361
date
Fri, 12 Aug 2022 04:44:00 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
/
dmp.adform.net/serving/cookie/match/ Frame 0265 		0
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=611fdb6b-a91a-48af-6502-9a54b9594514&reqId=46bcbb39-347e-450d-593d-646b82e33105&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:00 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 0265 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D611fdb6b-a91a-48af-6502-9a54b9594514%26reqId%3D46bcbb39-347e-450d-593d-646b82e33105%26zdid%3D1361&gdpr=1&gdpr_consent=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:00 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
cm
trc.taboola.com/sg/zeotap/1/ Frame 0265 		0
161 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=611fdb6b-a91a-48af-6502-9a54b9594514&reqId=46bcbb39-347e-450d-593d-646b82e33105&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Fri, 12 Aug 2022 04:44:00 GMT
via
1.1 varnish
server
nginx
x-timer
S1660279440.256821,VS0,VE9
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-lhr7370-LHR
u
dmp.v.fwmrm.net/ad/ Frame 0265 		0
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:6593:f602:4d5e:ab92:54cb:6c57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 04:44:01 GMT
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Content-Type
text/html
Keep-Alive
timeout=300
Content-Length
0
Expires
0
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 0265 		0
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D611fdb6b-a91a-48af-6502-9a54b9594514%26reqId%3D46bcbb39-347e-450d-593d-646b82e33105%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:43:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
mw
mwzeom.zeotap.com/ Frame 0265
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=611fdb6b-a91a-48af-6502-9a54b9594514&reqId=46bcbb39-347e-450d-593d-646b82e33105&zdid=1361
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=611fdb6b-a91a-48af-6502-9a54b9594514&reqId=46bcbb39-347e-450d-593d-646b82e33105&zdid=136...
  • https://mwzeom.zeotap.com/mw?cid=60336be5-dff1-4d63-a34e-5713ee366bca&zpartnerid=317&gdpr=1&gdpr_consent=
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=60336be5-dff1-4d63-a34e-5713ee366bca&zpartnerid=317&gdpr=1&gdpr_consent=
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:00 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
73968da6bed6750d-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=60336be5-dff1-4d63-a34e-5713ee366bca&zpartnerid=317&gdpr=1&gdpr_consent=
pragma
no-cache
date
Fri, 12 Aug 2022 04:44:00 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
mw
mwzeom.zeotap.com/ Frame 0265
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=611fdb6b-a91a-48af-6502-9a54b9594514&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=611fdb6b-a91a-48af-6502-9a54b9594514&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=25590141703174413311879166072642084875&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=611fdb6b-a91a-48af-6502-9a54b9594514&reqId=46bcbb39-347e-...
95 B
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=25590141703174413311879166072642084875&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=611fdb6b-a91a-48af-6502-9a54b9594514&reqId=46bcbb39-347e-450d-593d-646b82e33105&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:00 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
73968da6aeca750d-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

DCS
dcs-prod-irl1-2-v038-04c8fac1a.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
KQ++e7E/QTQ=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://mwzeom.zeotap.com/mw?cid=25590141703174413311879166072642084875&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=611fdb6b-a91a-48af-6502-9a54b9594514&reqId=46bcbb39-347e-450d-593d-646b82e33105&zdid=1361
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
loadeu.exelator.com/load/ Frame 0265 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=611fdb6b-a91a-48af-6502-9a54b9594514&reqId=46bcbb39-347e-450d-593d-646b82e33105&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:00 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
mw
mwzeom.zeotap.com/ Frame 0265
Redirect Chain
  • https://bn01.er.bemail.it/zeotap.php?_bid=611fdb6b-a91a-48af-6502-9a54b9594514&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=611fdb6b-a91a-48af-6502-9a54b9594514&reqId=46bcbb39-...
  • https://mwzeom.zeotap.com/mw?cid=BE1-2022081212-53725-0.777046001660301856-cb62a5fd2ecdeffdc32b401e7a02818a&zdid=533&env=mWeb
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=BE1-2022081212-53725-0.777046001660301856-cb62a5fd2ecdeffdc32b401e7a02818a&zdid=533&env=mWeb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:00 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
73968da70f09750d-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=BE1-2022081212-53725-0.777046001660301856-cb62a5fd2ecdeffdc32b401e7a02818a&zdid=533&env=mWeb
Date
Fri, 12 Aug 2022 10:57:36 GMT
Server
nginx/1.10.2
Connection
keep-alive
X-Powered-By
PHP/5.4.16
Transfer-Encoding
chunked
Content-Type
text/html
mw
mwzeom.zeotap.com/ Frame 0265
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=7130845897030039694&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=611fdb6b-a91a-48af-6502-9a54b9594514&reqId=46bcbb39-347e-450d-593d-...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=7130845897030039694&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=611fdb6b-a91a-48af-6502-9a54b9594514&reqId=46bcbb39-347e-450d-593d-646b82e33105&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:00 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
73968da78f99750d-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=7130845897030039694&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=611fdb6b-a91a-48af-6502-9a54b9594514&reqId=46bcbb39-347e-450d-593d-646b82e33105&zdid=1361
Date
Fri, 12 Aug 2022 04:44:00 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
receive
pixel.tapad.com/idsync/ex/ Frame 0265 		95 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=611fdb6b-a91a-48af-6502-9a54b9594514
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:00 GMT
via
1.1 google
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
mw
mwzeom.zeotap.com/ Frame 0265
Redirect Chain
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=611fdb6b-a91a-48af-6502-9a54b9594514&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=611fdb6b-a91a-48af-6502-9a54b9594514&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://mwzeom.zeotap.com/mw?webouuid=oU.T46DVGHFMnJ9Hs3s3C.&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=611fdb6b-a91a-48af-6502-9a54b9594514&reqId=46bcbb39-347e-45...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?webouuid=oU.T46DVGHFMnJ9Hs3s3C.&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=611fdb6b-a91a-48af-6502-9a54b9594514&reqId=46bcbb39-347e-450d-593d-646b82e33105&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:00 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
73968da8a88a750d-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:00 GMT
via
1.1 google
last-modified
Fri, 12 Aug 2022 04:44:00 GMT
server
Weborama Collect Frontend
location
https://mwzeom.zeotap.com/mw?webouuid=oU.T46DVGHFMnJ9Hs3s3C.&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=611fdb6b-a91a-48af-6502-9a54b9594514&reqId=46bcbb39-347e-450d-593d-646b82e33105&zdid=1361
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
2.gif
dmp.theadex.com/d/949/i/ Frame 0265 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=611fdb6b-a91a-48af-6502-9a54b9594514&axd_pid=175
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.15.245.83 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:00 GMT
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame 0265
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=611fdb6b-a91a-48af-6502-9a54b9594514?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&gdpr=1&gdpr_consent=&env=mWeb&eventTyp...
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=611fdb6b-a91a-48af-6502-9a54b9594514?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&gdpr=1&gdpr_consent=&env=mWeb&eve...
  • https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=611fdb6b-a91a-48af-6502-9a54b9594514&reqId=46bcbb39-347e-450d-593...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=611fdb6b-a91a-48af-6502-9a54b9594514&reqId=46bcbb39-347e-450d-593d-646b82e33105&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:00 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
73968da83820750d-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:00 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=611fdb6b-a91a-48af-6502-9a54b9594514&reqId=46bcbb39-347e-450d-593d-646b82e33105&zdid=1361
expires
0
cache-control
no-cache
x-server
10.45.23.0
content-length
0
x-consent
absent
mw
mwzeom.zeotap.com/ Frame 0265
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://mwzeom.zeotap.com/mw?cid=y-4VHwiSNE2ooZVPoN5962TdfZFuTvd1qlRA--~A&zpartnerid=570&env=mWeb
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=y-4VHwiSNE2ooZVPoN5962TdfZFuTvd1qlRA--~A&zpartnerid=570&env=mWeb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:00 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
73968da85834750d-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

date
Fri, 12 Aug 2022 04:44:00 GMT
via
http/1.1 spdc0109.pbp.ir2.yahoo.com (ApacheTrafficServer)
server
ATS
age
0
strict-transport-security
max-age=31536000
content-type
text/html;charset=utf-8
location
https://mwzeom.zeotap.com/mw?cid=y-4VHwiSNE2ooZVPoN5962TdfZFuTvd1qlRA--~A&zpartnerid=570&env=mWeb
content-length
0
mw
mwzeom.zeotap.com/ Frame 0265
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=611fdb6b-a91a-48af-6502-9a54b9594514&reqId=46bcbb39-347e-450d-593d-646b82e33105&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=ZT%2FyN%2BHo8kRR7esHGDvBYwlrKETpHthx%2BS41iYitP1U%3D
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=ZT%2FyN%2BHo8kRR7esHGDvBYwlrKETpHthx%2BS41iYitP1U%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:00 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
73968da8986b750d-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:00 GMT
server
AAWebServer
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=ZT%2FyN%2BHo8kRR7esHGDvBYwlrKETpHthx%2BS41iYitP1U%3D
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires
0
usermatch.gif
beacon.krxd.net/ Frame 0265 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=611fdb6b-a91a-48af-6502-9a54b9594514&reqId=46bcbb39-347e-450d-593d-646b82e33105&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.199.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-199-249.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:00 GMT
cache-control
private, no-cache, no-store
x-request-time
D=35 t=1660279440
x-served-by
beacon-n020-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame 0265 		95 B
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=611fdb6b-a91a-48af-6502-9a54b9594514&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=611fdb6b-a91a-48af-6502-9a54b9594514&reqId=46bcbb39-347e-450d-593d-646b82e33105&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.119.79.223 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.223.79.119.168.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:00 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png
cQZGoH6Q
sync-tm.everesttech.net/ct/upi/pid/ Frame 0265
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...
85 B
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D611fdb6b-a91a-48af-6502-9a54b9594514%26reqId%3D46bcbb39-347e-450d-593d-646b82e33105%26zdid%3D1361&_test=YvXakAAFzlpxkABC
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:00 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
age
3137
x-served-by
cache-hhn4037-HHN
x-cache
HIT
content-type
image/png
cache-control
no-cache
accept-ranges
bytes
x-timer
S1660279441.804537,VS0,VE0
content-length
85
x-cache-hits
15931

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:00 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1660279441.653799,VS0,VE93
x-served-by
cache-hhn4037-HHN
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D611fdb6b-a91a-48af-6502-9a54b9594514%26reqId%3D46bcbb39-347e-450d-593d-646b82e33105%26zdid%3D1361&_test=YvXakAAFzlpxkABC
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-cache-hits
0
mw
mwzeom.zeotap.com/ Frame 0265
Redirect Chain
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://mwzeom.zeotap.com/mw?cid=bb4c62f5-da90-4f00-8962-29c84b965f7b&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=611fdb6b-a91a-48af-6502-9a54b9594514&reqId=46bcbb3...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=bb4c62f5-da90-4f00-8962-29c84b965f7b&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=611fdb6b-a91a-48af-6502-9a54b9594514&reqId=46bcbb39-347e-450d-593d-646b82e33105&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:01 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
73968dac9b8f750d-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

Date
Fri, 12 Aug 2022 04:44:01 GMT
Server
MT3 4475 c1dc35a master zrh-pixel-x11 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://mwzeom.zeotap.com/mw?cid=bb4c62f5-da90-4f00-8962-29c84b965f7b&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=611fdb6b-a91a-48af-6502-9a54b9594514&reqId=46bcbb39-347e-450d-593d-646b82e33105&zdid=1361
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
0
Expires
Fri, 12 Aug 2022 04:44:00 GMT
usermatch.gif
beacon.krxd.net/ Frame 0265
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=611fdb6b-a91a-48af-6502-9a54b9594514&reqId=46bcbb39-347e-450d-593d-646b82e33105&zdid=1361
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=611fdb6b-a91a-48af-6502-9a54b9594514&reqId=46bcbb39-347e-450d-593d-646b82e3...
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=611fdb6b-a91a-48af-6502-9a54b9594514&reqId=46bcbb39-347e-450d-593d-646b82e33105&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
34.252.199.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-199-249.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:00 GMT
cache-control
private, no-cache, no-store
x-request-time
D=28 t=1660279440
x-served-by
beacon-n018-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=611fdb6b-a91a-48af-6502-9a54b9594514&reqId=46bcbb39-347e-450d-593d-646b82e33105&zdid=1361
date
Fri, 12 Aug 2022 04:44:00 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a019-ash-prod.krxd.net
dcm
aax-eu.amazon-adsystem.com/s/ Frame 0265
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=611fdb6b-a91a-48af-6502-9a54b9594514&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=611fdb6b-a91a-48af-650...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=611fdb6b-a91a-48af-6502-9a54b9594514&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=611fdb6b-a91a-48af-650...
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=611fdb6b-a91a-48af-6502-9a54b9594514&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=611fdb6b-a91a-48af-6502-9a54b9594514&reqId=46bcbb39-347e-450d-593d-646b82e33105&zdid=1361&dcc=t
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
HTTP/1.1
Server
52.95.125.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 04:44:01 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
1JW211KW74ZXQB4HJ9ZS
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 04:44:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
QK023KHAA3K3Z8NMDBKD
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=611fdb6b-a91a-48af-6502-9a54b9594514&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=611fdb6b-a91a-48af-6502-9a54b9594514&reqId=46bcbb39-347e-450d-593d-646b82e33105&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
87734
tags.bluekai.com/site/ Frame 0265 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/87734?id=611fdb6b-a91a-48af-6502-9a54b9594514&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=611fdb6b-a91a-48af-6502-9a54b9594514&reqId=46bcbb39-347e-450d-593d-646b82e33105&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.7.201.234 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-7-201-234.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:01 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
mw
mwzeom.zeotap.com/ Frame 0265
Redirect Chain
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D611...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=611fdb6b-a91a-48af-6502-9a54b9594514&reqId=46bcbb39-347e-450d-593d-646b82e33105&zdid=1361
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=611fdb6b-a91a-48af-6502-9a54b9594514&reqId=46bcbb39-347e-450d-593d-646b82e33105&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:00 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
73968daa19a1750d-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=611fdb6b-a91a-48af-6502-9a54b9594514&reqId=46bcbb39-347e-450d-593d-646b82e33105&zdid=1361
date
Fri, 12 Aug 2022 04:44:00 GMT
cross-origin-resource-policy
cross-origin
content-length
0
cmp.min.js
spl.zeotap.com/ Frame 0265 		557 B
468 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=611fdb6b-a91a-48af-6502-9a54b9594514&reqId=46bcbb39-347e-450d-593d-646b82e33105&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5c29adabc941d932e1917fc17d44ce7dd3f125a68fcd194042f6478d73ebb04

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
73968da4cce9750d-LHR
date
Fri, 12 Aug 2022 04:44:00 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
content-encoding
br
access-control-allow-headers
*
getuid
ib.adnxs.com/ Frame 1FC0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=edca303e-4dde-4b05-527e-8debcc82f85f&reqId=b3f79964-3c7d-46c2-5d00-57b84929d822&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame 1FC0 		170 B
502 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=edca303e-4dde-4b05-527e-8debcc82f85f&reqId=b3f79964-3c7d-46c2-5d00-57b84929d822&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 1FC0
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
  • https://mwzeom.zeotap.com/mw?cid=df84487a-2355-4213-b201-793328432e5b&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=edca303e-4dde-4b05-527e-8debcc82f85f&reqId=b3f79964-3c7d-46c2...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=df84487a-2355-4213-b201-793328432e5b&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=edca303e-4dde-4b05-527e-8debcc82f85f&reqId=b3f79964-3c7d-46c2-5d00-57b84929d822&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:00 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
73968da6bed8750d-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=df84487a-2355-4213-b201-793328432e5b&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=edca303e-4dde-4b05-527e-8debcc82f85f&reqId=b3f79964-3c7d-46c2-5d00-57b84929d822&zdid=1361
date
Fri, 12 Aug 2022 04:44:00 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
/
dmp.adform.net/serving/cookie/match/ Frame 1FC0 		0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=edca303e-4dde-4b05-527e-8debcc82f85f&reqId=b3f79964-3c7d-46c2-5d00-57b84929d822&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:00 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 1FC0 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dedca303e-4dde-4b05-527e-8debcc82f85f%26reqId%3Db3f79964-3c7d-46c2-5d00-57b84929d822%26zdid%3D1361&gdpr=1&gdpr_consent=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:00 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
cm
trc.taboola.com/sg/zeotap/1/ Frame 1FC0 		0
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=edca303e-4dde-4b05-527e-8debcc82f85f&reqId=b3f79964-3c7d-46c2-5d00-57b84929d822&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms
10
date
Fri, 12 Aug 2022 04:44:00 GMT
via
1.1 varnish
server
nginx
x-timer
S1660279440.256808,VS0,VE10
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-lhr7370-LHR
u
dmp.v.fwmrm.net/ad/ Frame 1FC0 		0
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:6593:f602:4d5e:ab92:54cb:6c57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 04:44:01 GMT
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Content-Type
text/html
Keep-Alive
timeout=300
Content-Length
0
Expires
0
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 1FC0 		0
41 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dedca303e-4dde-4b05-527e-8debcc82f85f%26reqId%3Db3f79964-3c7d-46c2-5d00-57b84929d822%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:43:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
mw
mwzeom.zeotap.com/ Frame 1FC0
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=edca303e-4dde-4b05-527e-8debcc82f85f&reqId=b3f79964-3c7d-46c2-5d00-57b84929d822&zdid=1361
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=edca303e-4dde-4b05-527e-8debcc82f85f&reqId=b3f79964-3c7d-46c2-5d00-57b84929d822&zdid=136...
  • https://mwzeom.zeotap.com/mw?cid=60336be5-dff1-4d63-a34e-5713ee366bca&zpartnerid=317&gdpr=1&gdpr_consent=
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=60336be5-dff1-4d63-a34e-5713ee366bca&zpartnerid=317&gdpr=1&gdpr_consent=
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:00 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
73968da6bed4750d-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=60336be5-dff1-4d63-a34e-5713ee366bca&zpartnerid=317&gdpr=1&gdpr_consent=
pragma
no-cache
date
Fri, 12 Aug 2022 04:44:00 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
mw
mwzeom.zeotap.com/ Frame 1FC0
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=edca303e-4dde-4b05-527e-8debcc82f85f&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=edca303e-4dde-4b05-527e-8debcc82f85f&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=77178267387971667252146531016147296694&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=edca303e-4dde-4b05-527e-8debcc82f85f&reqId=b3f79964-3c7d-...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=77178267387971667252146531016147296694&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=edca303e-4dde-4b05-527e-8debcc82f85f&reqId=b3f79964-3c7d-46c2-5d00-57b84929d822&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:00 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
73968da6aec9750d-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

DCS
dcs-prod-irl1-2-v038-052908483.edge-irl1.demdex.com 7 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
7usMks6FS60=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://mwzeom.zeotap.com/mw?cid=77178267387971667252146531016147296694&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=edca303e-4dde-4b05-527e-8debcc82f85f&reqId=b3f79964-3c7d-46c2-5d00-57b84929d822&zdid=1361
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
loadeu.exelator.com/load/ Frame 1FC0 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=edca303e-4dde-4b05-527e-8debcc82f85f&reqId=b3f79964-3c7d-46c2-5d00-57b84929d822&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:00 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
mw
mwzeom.zeotap.com/ Frame 1FC0
Redirect Chain
  • https://bn01.er.bemail.it/zeotap.php?_bid=edca303e-4dde-4b05-527e-8debcc82f85f&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=edca303e-4dde-4b05-527e-8debcc82f85f&reqId=b3f79964-...
  • https://mwzeom.zeotap.com/mw?cid=BE1-2022081212-22660-0.781430001660301856-49118fad7af6abb8098dfd0a9d638013&zdid=533&env=mWeb
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=BE1-2022081212-22660-0.781430001660301856-49118fad7af6abb8098dfd0a9d638013&zdid=533&env=mWeb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:00 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
73968da71f0d750d-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=BE1-2022081212-22660-0.781430001660301856-49118fad7af6abb8098dfd0a9d638013&zdid=533&env=mWeb
Date
Fri, 12 Aug 2022 10:57:36 GMT
Server
nginx/1.10.2
Connection
keep-alive
X-Powered-By
PHP/5.4.16
Transfer-Encoding
chunked
Content-Type
text/html
mw
mwzeom.zeotap.com/ Frame 1FC0
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=7130845897029777548&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=edca303e-4dde-4b05-527e-8debcc82f85f&reqId=b3f79964-3c7d-46c2-5d00-...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=7130845897029777548&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=edca303e-4dde-4b05-527e-8debcc82f85f&reqId=b3f79964-3c7d-46c2-5d00-57b84929d822&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:00 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
73968da71f15750d-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=7130845897029777548&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=edca303e-4dde-4b05-527e-8debcc82f85f&reqId=b3f79964-3c7d-46c2-5d00-57b84929d822&zdid=1361
Date
Fri, 12 Aug 2022 04:44:00 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
receive
pixel.tapad.com/idsync/ex/ Frame 1FC0 		95 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=edca303e-4dde-4b05-527e-8debcc82f85f
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:00 GMT
via
1.1 google
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
mw
mwzeom.zeotap.com/ Frame 1FC0
Redirect Chain
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=edca303e-4dde-4b05-527e-8debcc82f85f&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=edca303e-4dde-4b05-527e-8debcc82f85f&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://mwzeom.zeotap.com/mw?webouuid=oU.T46DVGHFMnJ9Hs3s3C.&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=edca303e-4dde-4b05-527e-8debcc82f85f&reqId=b3f79964-3c7d-46...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?webouuid=oU.T46DVGHFMnJ9Hs3s3C.&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=edca303e-4dde-4b05-527e-8debcc82f85f&reqId=b3f79964-3c7d-46c2-5d00-57b84929d822&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:00 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
73968da8a886750d-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:00 GMT
via
1.1 google
last-modified
Fri, 12 Aug 2022 04:44:00 GMT
server
Weborama Collect Frontend
location
https://mwzeom.zeotap.com/mw?webouuid=oU.T46DVGHFMnJ9Hs3s3C.&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=edca303e-4dde-4b05-527e-8debcc82f85f&reqId=b3f79964-3c7d-46c2-5d00-57b84929d822&zdid=1361
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
2.gif
dmp.theadex.com/d/949/i/ Frame 1FC0 		0
85 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=edca303e-4dde-4b05-527e-8debcc82f85f&axd_pid=175
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.15.245.83 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:00 GMT
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame 1FC0
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=edca303e-4dde-4b05-527e-8debcc82f85f?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&gdpr=1&gdpr_consent=&env=mWeb&eventTyp...
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=edca303e-4dde-4b05-527e-8debcc82f85f?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&gdpr=1&gdpr_consent=&env=mWeb&eve...
  • https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=edca303e-4dde-4b05-527e-8debcc82f85f&reqId=b3f79964-3c7d-46c2-5d0...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=edca303e-4dde-4b05-527e-8debcc82f85f&reqId=b3f79964-3c7d-46c2-5d00-57b84929d822&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:00 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
73968da8381f750d-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:00 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=edca303e-4dde-4b05-527e-8debcc82f85f&reqId=b3f79964-3c7d-46c2-5d00-57b84929d822&zdid=1361
expires
0
cache-control
no-cache
x-server
10.45.19.165
content-length
0
x-consent
absent
mw
mwzeom.zeotap.com/ Frame 1FC0
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://mwzeom.zeotap.com/mw?cid=y-4VHwiSNE2ooZVPoN5962TdfZFuTvd1qlRA--~A&zpartnerid=570&env=mWeb
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=y-4VHwiSNE2ooZVPoN5962TdfZFuTvd1qlRA--~A&zpartnerid=570&env=mWeb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:00 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
73968da85835750d-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

date
Fri, 12 Aug 2022 04:44:00 GMT
via
http/1.1 spdc0109.pbp.ir2.yahoo.com (ApacheTrafficServer)
server
ATS
age
0
strict-transport-security
max-age=31536000
content-type
text/html;charset=utf-8
location
https://mwzeom.zeotap.com/mw?cid=y-4VHwiSNE2ooZVPoN5962TdfZFuTvd1qlRA--~A&zpartnerid=570&env=mWeb
content-length
0
mw
mwzeom.zeotap.com/ Frame 1FC0
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=edca303e-4dde-4b05-527e-8debcc82f85f&reqId=b3f79964-3c7d-46c2-5d00-57b84929d822&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=pp8lEGAxl3pR7esHGDvBY8Wg49Kfnd1v%2BS41iYitP1U%3D
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=pp8lEGAxl3pR7esHGDvBY8Wg49Kfnd1v%2BS41iYitP1U%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:00 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
73968da89869750d-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:00 GMT
server
AAWebServer
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=pp8lEGAxl3pR7esHGDvBY8Wg49Kfnd1v%2BS41iYitP1U%3D
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires
0
usermatch.gif
beacon.krxd.net/ Frame 1FC0 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=edca303e-4dde-4b05-527e-8debcc82f85f&reqId=b3f79964-3c7d-46c2-5d00-57b84929d822&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.199.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-199-249.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:00 GMT
cache-control
private, no-cache, no-store
x-request-time
D=38 t=1660279440
x-served-by
beacon-n003-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame 1FC0 		95 B
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=edca303e-4dde-4b05-527e-8debcc82f85f&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=edca303e-4dde-4b05-527e-8debcc82f85f&reqId=b3f79964-3c7d-46c2-5d00-57b84929d822&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.119.79.223 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.223.79.119.168.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:00 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png
mw
mwzeom.zeotap.com/ Frame 1FC0
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YvXakAAFzmZxkQBC&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=edca303e-4dde-4b05-527e-8debcc82f85f&reqId=b3f79964-3c7d-46c2-5d00-57b...
95 B
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YvXakAAFzmZxkQBC&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=edca303e-4dde-4b05-527e-8debcc82f85f&reqId=b3f79964-3c7d-46c2-5d00-57b84929d822&zdid=1361&_test=YvXakAAFzmZxkQBC
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:00 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
73968da97918750d-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:00 GMT
via
1.1 varnish
server
Varnish
x-timer
S1660279441.806241,VS0,VE0
x-served-by
cache-hhn4037-HHN
x-cache
HIT
location
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YvXakAAFzmZxkQBC&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=edca303e-4dde-4b05-527e-8debcc82f85f&reqId=b3f79964-3c7d-46c2-5d00-57b84929d822&zdid=1361&_test=YvXakAAFzmZxkQBC
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
mw
mwzeom.zeotap.com/ Frame 1FC0
Redirect Chain
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://mwzeom.zeotap.com/mw?cid=01f162f5-da90-4b00-bf77-b30c2d967a94&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=edca303e-4dde-4b05-527e-8debcc82f85f&reqId=b3f7996...
95 B
170 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=01f162f5-da90-4b00-bf77-b30c2d967a94&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=edca303e-4dde-4b05-527e-8debcc82f85f&reqId=b3f79964-3c7d-46c2-5d00-57b84929d822&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:01 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
73968dac9b8e750d-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

Date
Fri, 12 Aug 2022 04:44:01 GMT
Server
MT3 4475 c1dc35a master zrh-pixel-x12 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://mwzeom.zeotap.com/mw?cid=01f162f5-da90-4b00-bf77-b30c2d967a94&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=edca303e-4dde-4b05-527e-8debcc82f85f&reqId=b3f79964-3c7d-46c2-5d00-57b84929d822&zdid=1361
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
0
Expires
Fri, 12 Aug 2022 04:44:00 GMT
usermatch.gif
beacon.krxd.net/ Frame 1FC0
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=edca303e-4dde-4b05-527e-8debcc82f85f&reqId=b3f79964-3c7d-46c2-5d00-57b84929d822&zdid=1361
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=edca303e-4dde-4b05-527e-8debcc82f85f&reqId=b3f79964-3c7d-46c2-5d00-57b84929...
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=edca303e-4dde-4b05-527e-8debcc82f85f&reqId=b3f79964-3c7d-46c2-5d00-57b84929d822&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
34.252.199.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-199-249.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:00 GMT
cache-control
private, no-cache, no-store
x-request-time
D=33 t=1660279440
x-served-by
beacon-n011-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=edca303e-4dde-4b05-527e-8debcc82f85f&reqId=b3f79964-3c7d-46c2-5d00-57b84929d822&zdid=1361
date
Fri, 12 Aug 2022 04:44:00 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a020-ash-prod.krxd.net
dcm
aax-eu.amazon-adsystem.com/s/ Frame 1FC0
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=edca303e-4dde-4b05-527e-8debcc82f85f&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=edca303e-4dde-4b05-527...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=edca303e-4dde-4b05-527e-8debcc82f85f&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=edca303e-4dde-4b05-527...
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=edca303e-4dde-4b05-527e-8debcc82f85f&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=edca303e-4dde-4b05-527e-8debcc82f85f&reqId=b3f79964-3c7d-46c2-5d00-57b84929d822&zdid=1361&dcc=t
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Server
52.95.125.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 04:44:01 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
CKS1QDS5CTSZGRAVHHNQ
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 04:44:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
B3SH3BDS07WZ82Y52Z88
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=edca303e-4dde-4b05-527e-8debcc82f85f&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=edca303e-4dde-4b05-527e-8debcc82f85f&reqId=b3f79964-3c7d-46c2-5d00-57b84929d822&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
87734
tags.bluekai.com/site/ Frame 1FC0 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/87734?id=edca303e-4dde-4b05-527e-8debcc82f85f&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=edca303e-4dde-4b05-527e-8debcc82f85f&reqId=b3f79964-3c7d-46c2-5d00-57b84929d822&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.7.201.234 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-7-201-234.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:01 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
mw
mwzeom.zeotap.com/ Frame 1FC0
Redirect Chain
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dedc...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=edca303e-4dde-4b05-527e-8debcc82f85f&reqId=b3f79964-3c7d-46c2-5d00-57b84929d822&zdid=1361
95 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=edca303e-4dde-4b05-527e-8debcc82f85f&reqId=b3f79964-3c7d-46c2-5d00-57b84929d822&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:00 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
73968daa19a4750d-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=edca303e-4dde-4b05-527e-8debcc82f85f&reqId=b3f79964-3c7d-46c2-5d00-57b84929d822&zdid=1361
date
Fri, 12 Aug 2022 04:44:00 GMT
cross-origin-resource-policy
cross-origin
content-length
0
cmp.min.js
spl.zeotap.com/ Frame 1FC0 		557 B
414 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=edca303e-4dde-4b05-527e-8debcc82f85f&reqId=b3f79964-3c7d-46c2-5d00-57b84929d822&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5333fb18669e69b3056fe918ec182fe7e82faa128e104d2231f33cb64d37ab7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
73968da4ccec750d-LHR
date
Fri, 12 Aug 2022 04:44:00 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
content-encoding
br
access-control-allow-headers
*
/
www.facebook.com/login/ Frame 4CE7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FZdoroviacomua%252F%26tabs%3Dtimeline%26width%3D300%26height%3D600%26small_header%3Dtrue%26adapt_container_width%3Dtrue%26hide_cover%3Dtrue%26show_facepile%3Dtrue%26appId%3D348298842028226
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ys/r/RI5Ki3mPi72.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FZdoroviacomua%2F&tabs=timeline&width=300&height=600&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=348298842028226
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
date
Fri, 12 Aug 2022 04:44:00 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
priority
u=3,i
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
W1bolmfsjcQnkhBbkWxIBrgD7+MZDvdI3BcVQt1JiMX9CTNw3j2jE7nxtuMZ1lPNVmoiH6zwVa+0Ny6FP3hNQQ==
x-fb-rlafr
0
x-frame-options
DENY
x-xss-protection
0
cmp
spl.zeotap.com/ Frame 0265 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=611fdb6b-a91a-48af-6502-9a54b9594514&reqId=46bcbb39-347e-450d-593d-646b82e33105&zdid=1361&cmp=0
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=611fdb6b-a91a-48af-6502-9a54b9594514&reqId=46bcbb39-347e-450d-593d-646b82e33105&zdid=1361
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://spl.zeotap.com
cf-cache-status
DYNAMIC
cf-ray
73968da52d85750d-LHR
date
Fri, 12 Aug 2022 04:44:00 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Origin
via
1.1 google
cmp
spl.zeotap.com/ Frame 1FC0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=edca303e-4dde-4b05-527e-8debcc82f85f&reqId=b3f79964-3c7d-46c2-5d00-57b84929d822&zdid=1361&cmp=0
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=edca303e-4dde-4b05-527e-8debcc82f85f&reqId=b3f79964-3c7d-46c2-5d00-57b84929d822&zdid=1361
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://spl.zeotap.com
cf-cache-status
DYNAMIC
cf-ray
73968da52d86750d-LHR
date
Fri, 12 Aug 2022 04:44:00 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Origin
via
1.1 google
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 8FA9 		168 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3bfcb29e3cc59e038dca6e1a4a2bf37f5c24edf62be8ead0fd4b651955544d15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Fri, 12 Aug 2022 04:44:00 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
17942627054539079784
Vary
Accept-Encoding, Origin
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
57404
X-XSS-Protection
0
Expires
Fri, 12 Aug 2022 04:44:00 GMT
ev_view.aspx
ads.go2net.com.ua/ 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.go2net.com.ua/ev_view.aspx?cc=DE&am-uid=697b573e3a4444e5bed84c52be179dbd&cet=4&zone=211243EB-11BA-464C-A0C6-BA847F55B0AD&rule=8031EB30-F8BC-4C42-B0CE-47540A4C2D9E&requestId=a6d61ada-7278-4b2a-aedf-2b04b31d501c&hp=1048539382&page=zdorovia.com.ua%2F&pvid=c51d0703-a71a-41bb-b710-2a4b45a3202f&inst=ADS-EU-7&ts=637958762394447913&sf=0
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:44:00 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
NXlhMMSkI0K.css
static.xx.fbcdn.net/rsrc.php/v3/yf/l/0,cross/ Frame 4CE7 		0
0
truncated
/ Frame 4CE7 		2 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fb4a1ce6dfcba35211052403191f739a43aafef3ebab7af5e3866d02da0e60fe

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
text/css;charset=utf-8
rtsyxo94AM8.css
static.xx.fbcdn.net/rsrc.php/v3/yv/l/0,cross/ Frame 4CE7 		0
0
iQocXHWDn35.js
static.xx.fbcdn.net/rsrc.php/v3/y8/r/ Frame 4CE7 		0
0
dCGwBGltnR2.js
static.xx.fbcdn.net/rsrc.php/v3/yC/r/ Frame 4CE7 		0
0
VImYLfLzq21.js
static.xx.fbcdn.net/rsrc.php/v3/yY/r/ Frame 4CE7 		0
0
EghkBOpgO2g.js
static.xx.fbcdn.net/rsrc.php/v3/yr/r/ Frame 4CE7 		0
0
nK8la3HqiXy.js
static.xx.fbcdn.net/rsrc.php/v3ibcU4/yl/l/en_GB/ Frame 4CE7 		0
0
MDNj1eUK5bV.js
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ Frame 4CE7 		0
0
events
bidder.criteo.com/csm/ 		0
215 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
http://zdorovia.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 12 Aug 2022 04:43:59 GMT
server
Finatra
vary
Origin
access-control-allow-origin
http://zdorovia.com.ua
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
pixel.gif
static.criteo.net/images/ 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:00 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
strict-transport-security
max-age=31536000; preload;
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Mon, 07 Aug 2023 04:44:00 GMT
pixel.gif
static.criteo.net/images/ 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:00 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
strict-transport-security
max-age=31536000; preload;
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Mon, 07 Aug 2023 04:44:00 GMT
ev_prebid.aspx
ads.go2net.com.ua/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.go2net.com.ua/ev_prebid.aspx?cc=DE&am-uid=697b573e3a4444e5bed84c52be179dbd&zone=211243EB-11BA-464C-A0C6-BA847F55B0AD&device=28&rule=323CA158-54EA-47F4-83D3-BA5C22D4CCE1&requestId=a6d61ada-7278-4b2a-aedf-2b04b31d501c&hp=1048539382&page=zdorovia.com.ua%2F&segments=2%2C5%2C495&ts=637958762394447913&ap=MA%3D%3D&asign=1335402596&sync=57%2C80%2C3%2C98%2C88%2C96&bt=3&carr=Core-Backbone&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=E4391929-8523-47EC-9B3C-357AB8574452&inst=ADS-EU-7&pxl=0&pvid=c51d0703-a71a-41bb-b710-2a4b45a3202f&ip=82.199.130.41&item=B980198E-7D27-4345-9615-F31943C77F0C&crid=B980198E-7D27-4345-9615-F31943C77F0C&size=240x400&profile=346392F6-218B-4A4F-8151-E8B46F15EB2A&isopt=0&adv=Criteo+RU&dsp=Criteo+DE&dstUrl=http%3A%2F%2F&cet=18&sw=[e=screen.width]&sh=[e=screen.height]
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 12 Aug 2022 04:44:00 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
ev_prebid.aspx
ads.go2net.com.ua/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.go2net.com.ua/ev_prebid.aspx?cc=DE&am-uid=697b573e3a4444e5bed84c52be179dbd&zone=211243EB-11BA-464C-A0C6-BA847F55B0AD&device=28&rule=323CA158-54EA-47F4-83D3-BA5C22D4CCE1&requestId=a6d61ada-7278-4b2a-aedf-2b04b31d501c&hp=1048539382&page=zdorovia.com.ua%2F&segments=2%2C5%2C495&ts=637958762394447913&ap=MA%3D%3D&asign=1335402596&sync=57%2C80%2C3%2C98%2C88%2C96&bt=3&carr=Core-Backbone&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=E4391929-8523-47EC-9B3C-357AB8574452&inst=ADS-EU-7&pxl=0&pvid=c51d0703-a71a-41bb-b710-2a4b45a3202f&ip=82.199.130.41&item=B980198E-7D27-4345-9615-F31943C77F0C&crid=B980198E-7D27-4345-9615-F31943C77F0C&size=240x400&profile=346392F6-218B-4A4F-8151-E8B46F15EB2A&isopt=0&adv=Criteo+RU&dsp=Criteo+DE&dstUrl=http%3A%2F%2F&cet=17&sw=[e=screen.width]&sh=[e=screen.height]
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 12 Aug 2022 04:44:00 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
events
bidder.criteo.com/csm/ 		0
215 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
http://zdorovia.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 12 Aug 2022 04:44:00 GMT
server
Finatra
vary
Origin
access-control-allow-origin
http://zdorovia.com.ua
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
ev_prebid.aspx
ads.go2net.com.ua/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.go2net.com.ua/ev_prebid.aspx?cc=DE&am-uid=697b573e3a4444e5bed84c52be179dbd&zone=211243EB-11BA-464C-A0C6-BA847F55B0AD&device=28&rule=323CA158-54EA-47F4-83D3-BA5C22D4CCE1&requestId=a6d61ada-7278-4b2a-aedf-2b04b31d501c&hp=1048539382&page=zdorovia.com.ua%2F&segments=5%2C495%2C2&ts=637958762394447913&ap=MA%3D%3D&asign=1335402596&sync=57%2C80%2C3%2C98%2C88%2C96&bt=3&carr=Core-Backbone&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=E4391929-8523-47EC-9B3C-357AB8574452&inst=ADS-EU-7&pxl=0&pvid=c51d0703-a71a-41bb-b710-2a4b45a3202f&ip=82.199.130.41&item=2AC304DB-8C70-47D9-86D2-B88FCF329D87&crid=2AC304DB-8C70-47D9-86D2-B88FCF329D87&size=300x250&profile=31B0C9C2-24E5-4F12-A50D-F039082E0855&isopt=0&adv=Criteo+RU&dsp=Criteo+DE&dstUrl=http%3A%2F%2F&cet=18&sw=[e=screen.width]&sh=[e=screen.height]
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 12 Aug 2022 04:44:00 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
ev_prebid.aspx
ads.go2net.com.ua/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.go2net.com.ua/ev_prebid.aspx?cc=DE&am-uid=697b573e3a4444e5bed84c52be179dbd&zone=211243EB-11BA-464C-A0C6-BA847F55B0AD&device=28&rule=323CA158-54EA-47F4-83D3-BA5C22D4CCE1&requestId=a6d61ada-7278-4b2a-aedf-2b04b31d501c&hp=1048539382&page=zdorovia.com.ua%2F&segments=5%2C495%2C2&ts=637958762394447913&ap=MA%3D%3D&asign=1335402596&sync=57%2C80%2C3%2C98%2C88%2C96&bt=3&carr=Core-Backbone&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=E4391929-8523-47EC-9B3C-357AB8574452&inst=ADS-EU-7&pxl=0&pvid=c51d0703-a71a-41bb-b710-2a4b45a3202f&ip=82.199.130.41&item=2AC304DB-8C70-47D9-86D2-B88FCF329D87&crid=2AC304DB-8C70-47D9-86D2-B88FCF329D87&size=300x250&profile=31B0C9C2-24E5-4F12-A50D-F039082E0855&isopt=0&adv=Criteo+RU&dsp=Criteo+DE&dstUrl=http%3A%2F%2F&cet=17&sw=[e=screen.width]&sh=[e=screen.height]
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 12 Aug 2022 04:44:00 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
events
bidder.criteo.com/csm/ 		0
215 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
http://zdorovia.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 12 Aug 2022 04:43:59 GMT
server
Finatra
vary
Origin
access-control-allow-origin
http://zdorovia.com.ua
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
ev_prebid.aspx
ads.go2net.com.ua/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.go2net.com.ua/ev_prebid.aspx?cc=DE&am-uid=697b573e3a4444e5bed84c52be179dbd&zone=211243EB-11BA-464C-A0C6-BA847F55B0AD&device=28&rule=323CA158-54EA-47F4-83D3-BA5C22D4CCE1&requestId=a6d61ada-7278-4b2a-aedf-2b04b31d501c&hp=1048539382&page=zdorovia.com.ua%2F&segments=2%2C5%2C495&ts=637958762394447913&ap=MA%3D%3D&asign=1335402596&sync=57%2C80%2C3%2C98%2C88%2C96&bt=3&carr=Core-Backbone&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=E4391929-8523-47EC-9B3C-357AB8574452&inst=ADS-EU-7&pxl=0&pvid=c51d0703-a71a-41bb-b710-2a4b45a3202f&ip=82.199.130.41&item=4AFBC992-727F-4939-8CA8-A11954B7F1F7&crid=4AFBC992-727F-4939-8CA8-A11954B7F1F7&size=300x600&profile=94EE5311-0516-4D72-8091-7984FDECE4E0&isopt=0&adv=Criteo+RU&dsp=Criteo+DE&dstUrl=http%3A%2F%2F&cet=18&sw=[e=screen.width]&sh=[e=screen.height]
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 12 Aug 2022 04:44:00 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
ev_prebid.aspx
ads.go2net.com.ua/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.go2net.com.ua/ev_prebid.aspx?cc=DE&am-uid=697b573e3a4444e5bed84c52be179dbd&zone=211243EB-11BA-464C-A0C6-BA847F55B0AD&device=28&rule=323CA158-54EA-47F4-83D3-BA5C22D4CCE1&requestId=a6d61ada-7278-4b2a-aedf-2b04b31d501c&hp=1048539382&page=zdorovia.com.ua%2F&segments=2%2C5%2C495&ts=637958762394447913&ap=MA%3D%3D&asign=1335402596&sync=57%2C80%2C3%2C98%2C88%2C96&bt=3&carr=Core-Backbone&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=E4391929-8523-47EC-9B3C-357AB8574452&inst=ADS-EU-7&pxl=0&pvid=c51d0703-a71a-41bb-b710-2a4b45a3202f&ip=82.199.130.41&item=4AFBC992-727F-4939-8CA8-A11954B7F1F7&crid=4AFBC992-727F-4939-8CA8-A11954B7F1F7&size=300x600&profile=94EE5311-0516-4D72-8091-7984FDECE4E0&isopt=0&adv=Criteo+RU&dsp=Criteo+DE&dstUrl=http%3A%2F%2F&cet=17&sw=[e=screen.width]&sh=[e=screen.height]
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 12 Aug 2022 04:44:00 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
ev_prebid.aspx
ads.go2net.com.ua/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.go2net.com.ua/ev_prebid.aspx?cc=DE&am-uid=697b573e3a4444e5bed84c52be179dbd&zone=211243EB-11BA-464C-A0C6-BA847F55B0AD&device=28&rule=323CA158-54EA-47F4-83D3-BA5C22D4CCE1&requestId=a6d61ada-7278-4b2a-aedf-2b04b31d501c&hp=1048539382&page=zdorovia.com.ua%2F&segments=2%2C5%2C495&ts=637958762394447913&ap=MA%3D%3D&asign=1335402596&sync=57%2C80%2C3%2C98%2C88%2C96&bt=3&carr=Core-Backbone&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=E4391929-8523-47EC-9B3C-357AB8574452&inst=ADS-EU-7&pxl=0&pvid=c51d0703-a71a-41bb-b710-2a4b45a3202f&ip=82.199.130.41&item=F34E2A12-1873-45CF-A327-13F884B02F8C&crid=F34E2A12-1873-45CF-A327-13F884B02F8C&size=240x350&profile=4C02EB63-7790-4196-82B4-5362F7AB3A87&isopt=0&adv=N%2FA&dsp=Adform&dstUrl=http%3A%2F%2F&cet=17&sw=[e=screen.width]&sh=[e=screen.height]
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 12 Aug 2022 04:44:00 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
usync.js
eus.rubiconproject.com/ Frame 2D4C 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
547e0b6a33dd02dbdee7f98804ea3434b1714beab2b32fc6c08b021e3159de1d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:44:00 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Jul 2022 20:44:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=34806
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9454
Expires
Fri, 12 Aug 2022 14:24:06 GMT
usync.js
eus.rubiconproject.com/ Frame 464F 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
547e0b6a33dd02dbdee7f98804ea3434b1714beab2b32fc6c08b021e3159de1d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:44:00 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Jul 2022 20:44:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=34806
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9454
Expires
Fri, 12 Aug 2022 14:24:06 GMT
usync.js
eus.rubiconproject.com/ Frame DB41 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184-d
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
547e0b6a33dd02dbdee7f98804ea3434b1714beab2b32fc6c08b021e3159de1d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=17184-d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:44:00 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Jul 2022 20:44:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=34806
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9454
Expires
Fri, 12 Aug 2022 14:24:06 GMT
dcm
s.amazon-adsystem.com/ Frame 67E7
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YvXakJVS64o8VSWD8lgv6wAABI8AAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YvXakJVS64o8VSWD8lgv6wAABI8AAAAB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YvXakJVS64o8VSWD8lgv6wAABI8AAAAB&dcc=t
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0d8eb1f604441514%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 04:44:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
PH75W7CXS4DF40BH88HD
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 04:44:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
XKG4GGBZ3TTKJD4FA5S0
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YvXakJVS64o8VSWD8lgv6wAABI8AAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 67E7
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YvXakKiDGI75kSTold2WjQAA
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YvXakKiDGI75kSTold2WjQAA&google_tc=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJxuiRNho_GtfQoPfHXO-r8&google_cver=1&gdpr=1
43 B
909 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJxuiRNho_GtfQoPfHXO-r8&google_cver=1&gdpr=1
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0d8eb1f604441514%26uid%3D&s=190243&C=1
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
73968da92d728891-LHR
pragma
no-cache
date
Fri, 12 Aug 2022 04:44:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rTmxSmZ5NUO%2F7AcW3n058FuJsBWMt1EA37vqgRpbWSaPIdcppg8B%2F3OVHU6IHnGMwwjQdQkwWJQ51G%2FNAYndHxmNl1euIXlCOLKrKXzavjXlMd2zmplU56EcYi9RYPrXvuPORjEir3VKvA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJxuiRNho_GtfQoPfHXO-r8&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 67E7 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YvXakJVS64o8VSWD8lgv6wAABI8AAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0d8eb1f604441514%26uid%3D&s=190243&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 67E7 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0d8eb1f604441514%26uid%3D&s=190243&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:00 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 67E7
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=1&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
43 B
905 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0d8eb1f604441514%26uid%3D&s=190243&C=1
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
73968daa0ebf8891-LHR
pragma
no-cache
date
Fri, 12 Aug 2022 04:44:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8JSXrZtIiH4czkPNEXoGKXiqqXz2vY3Bj6khLBcAKz2RRCAiHRn1Xtm384OzYhcMoDlvn80n%2F3tMidDsf5MvmQiSTQvqjSOXHXN11iW2wegBNNF379gX5S5aUVxUf0oRapywONFajgOswg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
Pragma
no-cache
Date
Fri, 12 Aug 2022 04:44:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
106
Content-Type
text/html; charset=utf-8
crum
dsum-sec.casalemedia.com/ Frame 67E7
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5124322322778394884
43 B
909 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5124322322778394884
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0d8eb1f604441514%26uid%3D&s=190243&C=1
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
73968da98dfa8891-LHR
pragma
no-cache
date
Fri, 12 Aug 2022 04:44:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WyJwsv9MMUXhL9CsFdz2gFA3KQqYO1TdOWfepWxmsDJMIovkJLkuN5IlXuZBfLPyFIs3kvWjn11MDXZj7EuKn%2FGS5e1AdjuN7AuYNoRFQXEG%2FCwPGJl94di6QmmeHhVn%2BegGnIzDpotMxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5124322322778394884
Date
Fri, 12 Aug 2022 04:44:00 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
sync.taboola.com/sg/indexscod/1/cm/ Frame 67E7 		0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=1&gdpr_consent=&id=YvXakJVS64o8VSWD8lgv6wAA%261167
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0d8eb1f604441514%26uid%3D&s=190243&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:00 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
54127
crum
dsum-sec.casalemedia.com/ Frame 67E7
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=9fb262f5-da91-4200-97b9-c87005860231&gdpr=1&gdpr_consent=
43 B
908 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=9fb262f5-da91-4200-97b9-c87005860231&gdpr=1&gdpr_consent=
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0d8eb1f604441514%26uid%3D&s=190243&C=1
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
73968daf0e018891-LHR
pragma
no-cache
date
Fri, 12 Aug 2022 04:44:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i1658YWW3e6i8I3z25PBkqw%2F%2BPbB5R5cywSowyvQWYsV5D5OQLE2pGfwZMlEvVlWTefjh1cmnx%2B2UW7iG0KTdy7mzsQ8YJ620y5KeVPU4z2XRSCMUBJduYRCG5CSQ4bl3F4S92NX8vHXNg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Date
Fri, 12 Aug 2022 04:44:01 GMT
Server
MT3 4475 c1dc35a master hkg-pixel-x18 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=9fb262f5-da91-4200-97b9-c87005860231&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 12 Aug 2022 04:44:00 GMT
um
u-ams02.e-planning.net/ Frame 67E7 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=99e41df815fd80b4&fi=0d8eb1f604441514&uid=YvXakJVS64o8VSWD8lgv6wAA%261167
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0d8eb1f604441514%26uid%3D&s=190243&C=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.249 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:00 GMT
server
openresty
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 6C35 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YvXakKiDGI75kSTold2WjQAABHgAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0d8eb1f604441514%26uid%3D&s=190243&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 6C35 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0d8eb1f604441514%26uid%3D&s=190243&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:00 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 6C35
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YvXakKiDGI75kSTold2WjQAA
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YvXakKiDGI75kSTold2WjQAA&google_tc=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDPQnhd3Bj_-XAjGXSlhQoM&google_cver=1&gdpr=1
43 B
957 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDPQnhd3Bj_-XAjGXSlhQoM&google_cver=1&gdpr=1
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0d8eb1f604441514%26uid%3D&s=190243&C=1
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
73968da92d758891-LHR
pragma
no-cache
date
Fri, 12 Aug 2022 04:44:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gVYy%2BQJkpCoR%2B6wh0beRH07uW%2FKdk%2F%2Bd8ubA6nLS%2ByH%2FogZX2e3FiVKnyY3gk5RSl2wSqBEXLZtl0hk1%2FRurKWy2vcAwBF5F8ABOM2r3KT20olSjWS8vHd%2F%2F%2BBOLwSN4YQrswwdLK%2BIi3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDPQnhd3Bj_-XAjGXSlhQoM&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 6C35
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YvXakKiDGI75kSTold2WjQAABHgAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YvXakKiDGI75kSTold2WjQAABHgAAAIB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YvXakKiDGI75kSTold2WjQAABHgAAAIB&dcc=t
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0d8eb1f604441514%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 04:44:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
MBPZB9P56KP7VR7FNRVE
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 04:44:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
G3A3DHEPP7DR3AFF13WY
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YvXakKiDGI75kSTold2WjQAABHgAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
getuid
secure.adnxs.com/ Frame 6C35 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0d8eb1f604441514%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
113
match.deepintent.com/usersync/ Frame 6C35 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/113
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0d8eb1f604441514%26uid%3D&s=190243&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:43:59 GMT
content-length
0
server
a
rum
dsum-sec.casalemedia.com/ Frame 6C35
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=1&gdpr_consent=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=1434df1c-a4ef-46d8-bfd8-c394c675fbb7&us_privacy=null&gdpr_consent=null&gdpr=1
43 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=1434df1c-a4ef-46d8-bfd8-c394c675fbb7&us_privacy=null&gdpr_consent=null&gdpr=1
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0d8eb1f604441514%26uid%3D&s=190243&C=1
Protocol
H2
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N4VHo4yg1rCqbqFf1xSvfJAo4xc5lwsDDPK2iL8nhVS1Rm3CtaUlAyI4gQKrx0TRLLGjZRNePdmHOw30wD08YU58WjdLHAaCIH2iF142cEkVHK5NBxADqU69QcbrGfRKK1u4HTJBmEII4A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache
cf-ray
73968da6c9be888b-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Fri, 12 Aug 2022 04:44:00 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=1434df1c-a4ef-46d8-bfd8-c394c675fbb7&us_privacy=null&gdpr_consent=null&gdpr=1
cf-ray
73968da64c947738-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
rum
dsum.casalemedia.com/ Frame 6C35
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1660365840&gdpr=1
43 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1660365840&gdpr=1
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0d8eb1f604441514%26uid%3D&s=190243&C=1
Protocol
H2
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
73968da89e777413-LHR
pragma
no-cache
date
Fri, 12 Aug 2022 04:44:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FYOotVxV5wWs8v8AX%2FYg4a5TG2w%2FR3aiMw1clPGvcjI6i6xzI7A5puBfZnHobK7JbKBjnLMbe1a8murjctEZNpDPfHAeSzOEvopQzMuR6ZMqZzz3hdeb8HhbKdKbKAc67WFUC%2Bu8"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1660365840&gdpr=1
pragma
no-cache
date
Fri, 12 Aug 2022 04:44:00 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
um
u-ams02.e-planning.net/ Frame 6C35 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=99e41df815fd80b4&fi=0d8eb1f604441514&uid=YvXakKiDGI75kSTold2WjQAA%261144
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0d8eb1f604441514%26uid%3D&s=190243&C=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.249 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:00 GMT
server
openresty
content-type
image/gif
khaos.jpg
token.rubiconproject.com/ Frame 2D4C 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Content-Type
image/jpg
khaos.jpg
token.rubiconproject.com/ Frame 464F 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Content-Type
image/jpg
khaos.jpg
token.rubiconproject.com/ Frame DB41 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Content-Type
image/jpg
lotame20220804.html
s.e-planning.net/esb/4/0/1992d/823cbe91964ba8ec/ Frame A981 		627 B
544 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/823cbe91964ba8ec/lotame20220804.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.253 Hilversum, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
30fe2b4dd3ea9446d92fa0dad1ce04ad1fb0729696ca6e04d6bfaacfb5681ed6

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=157680000
content-encoding
gzip
content-type
text/html
date
Fri, 12 Aug 2022 04:44:00 GMT
etag
W/"62ec189b-273"
expires
Wed, 11 Aug 2027 04:44:00 GMT
last-modified
Thu, 04 Aug 2022 19:06:03 GMT
server
openresty
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame A94B 		636 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.253 Hilversum, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=157680000
content-encoding
gzip
content-type
text/html
date
Fri, 12 Aug 2022 04:44:00 GMT
etag
W/"601b131c-27c"
expires
Wed, 11 Aug 2027 04:44:00 GMT
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
server
openresty
sync
vid.vidoomy.com/ Frame D0B4 		49 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vid.vidoomy.com/sync?gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3ab023ac29ea5990%26fi%3D0d8eb1f604441514%26uid%3D%7B%7BVID%7D%7D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
acff2f7ced83945dfb1b2227c926ec6a29d4c9ef436b6cd78a0d0d7447286a09

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
br
content-type
text/html
date
Fri, 12 Aug 2022 04:44:00 GMT
etag
W/"61c991db-c5bc"
last-modified
Mon, 27 Dec 2021 10:13:47 GMT
server
CDN77-Turbo
x-77-cache
MISS
x-77-nzt
AcO1qhFti7eh
x-77-nzt-ray
m04+LroYmHA
x-77-pop
frankfurtDE
x-accel-expires
@1661316240
x-cache
MISS
adxcm.aspx
inv-nets.admixer.net/ Frame C6CA 		43 B
463 B 		Document
General
Check archive.org
Download Go to
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=D56DC09D-C39C-4BD6-BD73-03CAB4DA9C50&id=ADad1O%2frWZo0of0V
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 12 Aug 2022 04:44:00 GMT
Keep-Alive
timeout=25
P3p
CP="NID DSP ALL COR"
Server
nginx
X-Xss-Protection
0
events
bidder.criteo.com/csm/ 		0
215 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
http://zdorovia.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 12 Aug 2022 04:43:59 GMT
server
Finatra
vary
Origin
access-control-allow-origin
http://zdorovia.com.ua
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
ev_prebid.aspx
ads.go2net.com.ua/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.go2net.com.ua/ev_prebid.aspx?cc=DE&am-uid=697b573e3a4444e5bed84c52be179dbd&zone=211243EB-11BA-464C-A0C6-BA847F55B0AD&device=28&rule=323CA158-54EA-47F4-83D3-BA5C22D4CCE1&requestId=a6d61ada-7278-4b2a-aedf-2b04b31d501c&hp=1048539382&page=zdorovia.com.ua%2F&segments=495%2C2%2C5&ts=637958762394447913&ap=MA%3D%3D&asign=1335402596&sync=57%2C80%2C3%2C98%2C88%2C96&bt=3&carr=Core-Backbone&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=E4391929-8523-47EC-9B3C-357AB8574452&inst=ADS-EU-7&pxl=0&pvid=c51d0703-a71a-41bb-b710-2a4b45a3202f&ip=82.199.130.41&item=A0F0C54C-7ED4-485E-97FF-9946099AE54A&crid=A0F0C54C-7ED4-485E-97FF-9946099AE54A&size=240x350&profile=A08F3A11-214F-401E-9933-D17F544E4BE0&isopt=0&adv=Criteo+RU&dsp=Criteo+DE&dstUrl=http%3A%2F%2F&cet=18&sw=[e=screen.width]&sh=[e=screen.height]
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 12 Aug 2022 04:44:00 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
ev_prebid.aspx
ads.go2net.com.ua/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.go2net.com.ua/ev_prebid.aspx?cc=DE&am-uid=697b573e3a4444e5bed84c52be179dbd&zone=211243EB-11BA-464C-A0C6-BA847F55B0AD&device=28&rule=323CA158-54EA-47F4-83D3-BA5C22D4CCE1&requestId=a6d61ada-7278-4b2a-aedf-2b04b31d501c&hp=1048539382&page=zdorovia.com.ua%2F&segments=495%2C2%2C5&ts=637958762394447913&ap=MA%3D%3D&asign=1335402596&sync=57%2C80%2C3%2C98%2C88%2C96&bt=3&carr=Core-Backbone&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=E4391929-8523-47EC-9B3C-357AB8574452&inst=ADS-EU-7&pxl=0&pvid=c51d0703-a71a-41bb-b710-2a4b45a3202f&ip=82.199.130.41&item=A0F0C54C-7ED4-485E-97FF-9946099AE54A&crid=A0F0C54C-7ED4-485E-97FF-9946099AE54A&size=240x350&profile=A08F3A11-214F-401E-9933-D17F544E4BE0&isopt=0&adv=Criteo+RU&dsp=Criteo+DE&dstUrl=http%3A%2F%2F&cet=17&sw=[e=screen.width]&sh=[e=screen.height]
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 12 Aug 2022 04:44:00 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
lotame20220804.html
s.e-planning.net/esb/4/0/1992d/823cbe91964ba8ec/ Frame 68E5 		627 B
543 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/823cbe91964ba8ec/lotame20220804.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.253 Hilversum, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
30fe2b4dd3ea9446d92fa0dad1ce04ad1fb0729696ca6e04d6bfaacfb5681ed6

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=157680000
content-encoding
gzip
content-type
text/html
date
Fri, 12 Aug 2022 04:44:00 GMT
etag
W/"62ec189b-273"
expires
Wed, 11 Aug 2027 04:44:00 GMT
last-modified
Thu, 04 Aug 2022 19:06:03 GMT
server
openresty
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame AAD6 		636 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.253 Hilversum, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=157680000
content-encoding
gzip
content-type
text/html
date
Fri, 12 Aug 2022 04:44:00 GMT
etag
W/"601b131c-27c"
expires
Wed, 11 Aug 2027 04:44:00 GMT
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
server
openresty
sync
vid.vidoomy.com/ Frame 8658 		49 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vid.vidoomy.com/sync?gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3ab023ac29ea5990%26fi%3D0d8eb1f604441514%26uid%3D%7B%7BVID%7D%7D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
acff2f7ced83945dfb1b2227c926ec6a29d4c9ef436b6cd78a0d0d7447286a09

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
br
content-type
text/html
date
Fri, 12 Aug 2022 04:44:00 GMT
etag
W/"61c991db-c5bc"
last-modified
Mon, 27 Dec 2021 10:13:47 GMT
server
CDN77-Turbo
x-77-cache
MISS
x-77-nzt
AcO1qhFpZrXB
x-77-nzt-ray
02B4X7xDGGg
x-77-pop
frankfurtDE
x-accel-expires
@1661316240
x-cache
MISS
csync
sync.adtelligent.com/ Frame A136 		0
384 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=ADad1O%2frWZo0of0V
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
0
Date
Fri, 12 Aug 2022 04:44:00 GMT
Etag
f5510b651dfb71a4
Server
Adtelligent
logcz.aspx
ads.go2net.com.ua/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.go2net.com.ua/logcz.aspx?zone=211243eb-11ba-464c-a0c6-ba847f55b0ad
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 12 Aug 2022 04:44:00 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208080101/ Frame B609 		340 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58a00255468ee9be049e81e621215e29e50469887132b43830ca9b316e6f21b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122758
x-xss-protection
0
server
cafe
etag
327635492756433727
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 12 Aug 2022 04:44:00 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220809/r20190131/ Frame 2CEF 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220809/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
33731
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 11 Aug 2022 19:21:49 GMT
etag
8616628553774171045
expires
Thu, 25 Aug 2022 19:21:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
media.min.js
a4p.adpartner.pro/apstc/ Frame 2EAB 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/apstc/media.min.js?v=1.1.423
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
71849c671a5e607e906ff0d436236bdf6b14950397ad37e5daf0540eb9c84f58

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:00 GMT
cache-control
no-store no-transform
last-modified
Tue, 15 Mar 2022 16:47:24 GMT
server
nginx
content-encoding
br
etag
W/"6230c31c-3ac0"
content-type
application/javascript
tt
a4p.adpartner.pro/ Frame 87BB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=2&session_id=2bae461f-e33d-4c87-af26-e960099a20a7&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F&referer=http%3A%2F%2Fzdorovia.com.ua%2F
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store no-transform
date
Fri, 12 Aug 2022 04:44:01 GMT
server
nginx
ls
a4p.adpartner.pro/media/ Frame C88B 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/media/ls?mediaunit=7434&apuid=5f9e8eb9-028a-4a7b-b2b7-6430ea96982b&session_pageview=2&session_id=2bae461f-e33d-4c87-af26-e960099a20a7&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
71a0a0422eb36f7ca59227ed65f322ee44aa471e60aab81b354e92d1ea13c4ee

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store no-transform
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 12 Aug 2022 04:44:00 GMT
server
nginx
logcz.aspx
inv-nets.admixer.net/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/logcz.aspx?zone=93ae9d99-966b-415b-9964-9dc2489da01f
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 12 Aug 2022 04:44:00 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
lt.min.js
tags.crwdcntrl.net/lt/c/15238/ Frame A981 		49 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/823cbe91964ba8ec/lotame20220804.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-47.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9466e9e7baf16cf5f9f787bec7685504c8c228cab66a7d871983d223c67a1ade

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Thu, 11 Aug 2022 06:00:01 GMT
content-encoding
gzip
last-modified
Wed, 03 Aug 2022 18:30:08 GMT
server
AmazonS3
age
81840
etag
W/"fdcd13007d5be3c218bd461a6aad998b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
VLfTmz81X2SEWwSs_uRZoH01XG3fqSfu_X6ylDAl3rDjJP_QoPaWSw==
GS.d
js.cookieless-data.com/ Frame A94B 		0
535 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1660279440620
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.158.28.82 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
51-158-28-82.rev.poneytelecom.eu
Software
nginx/1.20.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 04:44:00 GMT
Server
nginx/1.20.2
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
P3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-Xss-Protection
0
Expires
Tue, 01 Jan 2000 00:00:00 GMT
lt.min.js
tags.crwdcntrl.net/lt/c/15238/ Frame 68E5 		49 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/823cbe91964ba8ec/lotame20220804.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-47.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9466e9e7baf16cf5f9f787bec7685504c8c228cab66a7d871983d223c67a1ade

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Thu, 11 Aug 2022 06:00:01 GMT
content-encoding
gzip
last-modified
Wed, 03 Aug 2022 18:30:08 GMT
server
AmazonS3
age
81840
etag
W/"fdcd13007d5be3c218bd461a6aad998b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
Poni0oAGK83x3kChJYsg95O9a5OrxWeaKOlbWejMPCYOfoEptbPEfw==
GS.d
js.cookieless-data.com/ Frame AAD6 		0
535 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1660279440621
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.158.28.82 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
51-158-28-82.rev.poneytelecom.eu
Software
nginx/1.20.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 04:44:00 GMT
Server
nginx/1.20.2
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
P3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-Xss-Protection
0
Expires
Tue, 01 Jan 2000 00:00:00 GMT
logcz.aspx
inv-nets.admixer.net/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/logcz.aspx?zone=cdadfe55-ba49-47d5-9918-cc04aa357b98
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 12 Aug 2022 04:44:00 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
logcz.aspx
inv-nets.admixer.net/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/logcz.aspx?zone=2d179f8a-367f-49ed-9a1f-d77deb57f009
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 12 Aug 2022 04:44:00 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
logcz.aspx
ads.go2net.com.ua/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.go2net.com.ua/logcz.aspx?zone=ed2476d6-dc6a-46b4-b1f9-1613392c7015
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 12 Aug 2022 04:44:00 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/ Frame 772C 		340 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua&bust=31068864
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9037591d13ec1cfbdb0a462d3ee4f91ddd3d99668d4cbb430355910457a6cf1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122758
x-xss-protection
0
server
cafe
etag
13110850527611886463
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 12 Aug 2022 04:44:00 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 464F 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=eplanning_eu
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Content-Type
image/gif
sync.php
pixel.rubiconproject.com/exchange/ Frame DB41 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=17184-d
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184-d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Content-Type
image/gif
ev_view.aspx
inv-nets.admixer.net/ 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/ev_view.aspx?cc=DE&am-uid=697b573e3a4444e5bed84c52be179dbd&cet=9&zone=CDADFE55-BA49-47D5-9918-CC04AA357B98&rule=F7CAC5CE-3E5F-4671-95C3-F259A87AC033&requestId=1b01a591-719c-4246-928a-ebaf70c42b79&hp=1048539382&page=zdorovia.com.ua%2F&pvid=31a257d0-c4e6-4847-be24-3bbd3ed38a67&inst=ADS-EU-7&ts=637958762393588034&sf=0
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:44:00 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
ev_view.aspx
inv-nets.admixer.net/ 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/ev_view.aspx?cc=DE&am-uid=697b573e3a4444e5bed84c52be179dbd&cet=9&zone=2D179F8A-367F-49ED-9A1F-D77DEB57F009&rule=D1C84BF2-B360-43A6-B9BA-D08AD0CF3C93&requestId=e481fa83-2ba0-4a27-9987-c36a474cb059&hp=1048539382&page=zdorovia.com.ua%2F&pvid=31a257d0-c4e6-4847-be24-3bbd3ed38a67&inst=ADS-EU-7&ts=637958762393588034&sf=0
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:44:00 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
media
a4p.adpartner.pro/ Frame E858
Redirect Chain
  • http://a4p.adpartner.pro/media?site_id=444&unit_id=7434
  • https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
e77074927673ee280742cc1fe5b0dcc1573c46a62cba02241540e3c9306ead1f

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:00 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
text/html; charset=utf-8

Redirect headers

Location
https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Date
Fri, 12 Aug 2022 04:44:00 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=20
Content-Length
162
Content-Type
text/html
32f540592c6f5d89e450bc780e487e2a.gif
cs.mobfox.com/ 		42 B
510 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.mobfox.com/32f540592c6f5d89e450bc780e487e2a.gif?puid=697b573e3a4444e5bed84c52be179dbd&redir=[RED]
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.2.110.206 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 04:44:00 GMT
Server
nginx/1.20.1
Transfer-Encoding
chunked
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
setuid
ib.adnxs.com/ 		43 B
1021 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=533&code=697b573e3a4444e5bed84c52be179dbd
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 04:44:00 GMT
X-Proxy-Origin
82.199.130.41; 82.199.130.41; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
cabe7f16-a16c-483b-8e65-1592d054affa
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pic.gif
pa.tns-ua.com/bug/ 		56 B
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pa.tns-ua.com/bug/pic.gif?tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=697b573e3a4444e5bed84c52be179dbd
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.247.175.19 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:00 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.13.0
content-type
image/gif
expires
-1
cm-notify
creativecdn.com/ 		42 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creativecdn.com/cm-notify?pi=admixer
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:00 GMT, Fri, 12 Aug 2022 04:44:00 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-type
image/gif
content-length
42
expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
t.adx.opera.com/ 		35 B
375 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.adx.opera.com/sync?vendor=60022&uid=697b573e3a4444e5bed84c52be179dbd
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS
n-sysadmin-jumpbox-03.feednews.opera.technology
Software
Tengine /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:00 GMT
server
Tengine
access-control-allow-methods
POST, GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
sync.html
s.adtelligent.com/ Frame 2EC2 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=707176
Requested by
Host: ads.go2net.com.ua
URL: https://ads.go2net.com.ua/dsp.aspx?sender=go2net&rct=4&v=2.0&rnd=3884733688768442.5&cpv=60ab3e5b-9323-226a-a8a1-1ab67bc92080&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%22c6f33ff9-3226-3596-e2bb-c02c9bfc5096%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fzdorovia.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2236f8549f-9f9e-4c65-a896-b80304bca067%22%2C%22tagid%22%3A%22ed2476d6-dc6a-46b4-b1f9-1613392c7015%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_async_793069447%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22sender%22%3A%22go2net%22%2C%22responseType%22%3Anull%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5139::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
9658c8334f9fb0a11a098d0cf8e8f1d2a324a5dbe950cdd6eb5f5b267cea8905

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
http://zdorovia.com.ua
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
1272
Content-Type
text/html; charset=UTF-8
Date
Fri, 12 Aug 2022 04:44:00 GMT
Server
Adtelligent
X-Robots-Tag
noindex
55453de97a118ce9
ads.us.e-planning.net/uspd/1/ Frame B00D 		1 KB
951 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Requested by
Host: ads.go2net.com.ua
URL: https://ads.go2net.com.ua/dsp.aspx?sender=go2net&rct=4&v=2.0&rnd=3884733688768442.5&cpv=60ab3e5b-9323-226a-a8a1-1ab67bc92080&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%22c6f33ff9-3226-3596-e2bb-c02c9bfc5096%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fzdorovia.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2236f8549f-9f9e-4c65-a896-b80304bca067%22%2C%22tagid%22%3A%22ed2476d6-dc6a-46b4-b1f9-1613392c7015%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_async_793069447%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22sender%22%3A%22go2net%22%2C%22responseType%22%3Anull%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.246 Hilversum, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
b0f716b982e5c0b37fd0cb042794a1c1d52330df7e4c7c7f8ff3eaef71b9ae4d

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Fri, 12 Aug 2022 04:44:00 GMT
expires
Fri, 12 Aug 2022 04:44:00 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-602
/
onetag-sys.com/usync/ Frame 3B98 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=59d216e971852f2
Requested by
Host: ads.go2net.com.ua
URL: https://ads.go2net.com.ua/dsp.aspx?sender=go2net&rct=4&v=2.0&rnd=3884733688768442.5&cpv=60ab3e5b-9323-226a-a8a1-1ab67bc92080&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%22c6f33ff9-3226-3596-e2bb-c02c9bfc5096%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fzdorovia.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2236f8549f-9f9e-4c65-a896-b80304bca067%22%2C%22tagid%22%3A%22ed2476d6-dc6a-46b4-b1f9-1613392c7015%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_async_793069447%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22sender%22%3A%22go2net%22%2C%22responseType%22%3Anull%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
ev_view.aspx
ads.go2net.com.ua/ 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.go2net.com.ua/ev_view.aspx?cc=DE&am-uid=697b573e3a4444e5bed84c52be179dbd&cet=4&zone=ED2476D6-DC6A-46B4-B1F9-1613392C7015&rule=8CE3A43A-8167-46D4-BBE3-364D0CBC2653&requestId=3aa754c0-7b84-441a-aa59-fa8e7f347f8a&hp=1048539382&page=zdorovia.com.ua%2F&pvid=c51d0703-a71a-41bb-b710-2a4b45a3202f&inst=ADS-EU-7&ts=637958762406170269&sf=0
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:44:00 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
ImgSync
image8.pubmatic.com/AdServer/ 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=160846&gdpr={gdpr}&gdpr_consent={consent}&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D160846%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Finv-nets.admixer.net%252Fadxcm.aspx%253Fssp%253D8B7CB874-411E-4307-9BD3-661F1CB0A0E6%2526id%253D%2523PMUID
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:00 GMT
content-length
0
pixel
ap.lijit.com/ 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?gdpr=&gdpr_consent=&redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DA0E94EB6-7943-457A-8B17-9C99C6ADCED2%26id%3D%24UID
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 12 Aug 2022 04:44:00 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
adspend-sync
adx.com.ru/
Redirect Chain
  • https://rtb.com.ru/admixer-sync?uid=697b573e3a4444e5bed84c52be179dbd
  • https://rtb.com.ru/sync?noRedirect=&sspKey=36&sspUserID=697b573e3a4444e5bed84c52be179dbd
  • https://cm.g.doubleclick.net/pixel?google_nid=adspend&google_cm&google_hm=62f5da90c52f155dcba8ff6e&r=https%3A%2F%2Fprodmp.ru%2Frefocus.gif%3Fdsp_provider_id%3D2%26uid%3D62f5da90c52f155dcba8ff6e%26d...
  • https://rtb.com.ru/adx-sync?r=https%3A%2F%2Fprodmp.ru%2Frefocus.gif%3Fdsp_provider_id%3D2%26uid%3D62f5da90c52f155dcba8ff6e%26duid%3D%26r%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253D64...
  • https://prodmp.ru/refocus.gif?dsp_provider_id=2&uid=62f5da90c52f155dcba8ff6e&duid=&r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D6472613%26id%3D62f5da90c52f155dcba8ff6e%26dest%3Dhttps%253A%252F%252...
  • https://counter.yadro.ru/id127/refocusdmp-id.gif?uid=62f5da90c52f155dcba8ff6e&r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D6472613%26id%3D62f5da90c52f155dcba8ff6e%26dest%3Dhttps%253A%252F%252Fdmg....
  • https://prodmp.ru/li?guid=1D6CE891C37C3FB485FC&uid=62f5da90c52f155dcba8ff6e&r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D6472613%26id%3D62f5da90c52f155dcba8ff6e%26dest%3Dhttps%253A%252F%252Fdmg.di...
  • https://an.yandex.ru/mapuid/dmpmediadesk/62f5da90c52f155dcba8ff6e?sign=d2aa0353&location=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D6472613%26id%3D62f5da90c52f155dcba8ff6e%26dest%3Dhttps%253A%252F...
  • https://an.yandex.ru/mapuid/dmpmediadesk/62f5da90c52f155dcba8ff6e?redir-setuniq=1&sign=d2aa0353&location=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D6472613%26id%3D62f5da90c52f155dcba8ff6e%26dest%3...
  • https://x01.aidata.io/0.gif?pid=6472613&id=62f5da90c52f155dcba8ff6e&dest=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F224%2Fi%2Fi%3Fa%3D224%26e%3D62f5da90c52f155dcba8ff6e%26i%3D1216805155920772796%26r%...
  • https://x01.aidata.io/0.gif?pid=6472613&id=62f5da90c52f155dcba8ff6e&dest=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F224%2Fi%2Fi%3Fa%3D224%26e%3D62f5da90c52f155dcba8ff6e%26i%3D1216805155920772796%26r%...
  • https://dmg.digitaltarget.ru/1/224/i/i?a=224&e=62f5da90c52f155dcba8ff6e&i=1216805155920772796&r=https%3A%2F%2Fsync.1dmp.io%2Fpixel.gif%3Fcid%3Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%26pid%3Dw%26uid%3...
  • https://dmg.digitaltarget.ru/awg/custom/224/i/i?call_source=awg&a=224&e=62f5da90c52f155dcba8ff6e&i=1216805155920772796&r=https%3A%2F%2Fsync.1dmp.io%2Fpixel.gif%3Fcid%3Dfe2375b0-c617-4a6d-ab2d-f9f45...
  • https://cm.g.doubleclick.net/pixel?google_nid=crossmedia_ddp&google_cm=&code=224&ts=mrb0YyOPR77TjO67ADfp&redirect=https%3A%2F%2Fsync.1dmp.io%2Fpixel.gif%3Fcid%3Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100...
  • https://dmg.digitaltarget.ru/awg/7162?a=155&e=CAESEHzwQjO1kvXvi6uqta2fK8o&ver=1&google_error=&code=224&ts=mrb0YyOPR77TjO67ADfp&redirect=https%3A%2F%2Fsync.1dmp.io%2Fpixel.gif%3Fcid%3Dfe2375b0-c617-...
  • https://sync.1dmp.io/pixel.gif?cid=fe2375b0-c617-4a6d-ab2d-f9f457ba8100&pid=w&uid=62f5da90c52f155dcba8ff6e&ru=https%3A%2F%2Fcm.p.altergeo.ru%2Fspnd%3Faid%3D62f5da90c52f155dcba8ff6e%26nc%3D298893929...
  • https://sync.1dmp.io/pixel.gif?cid=fe2375b0-c617-4a6d-ab2d-f9f457ba8100&pid=w&uid=62f5da90c52f155dcba8ff6e&ru=https%3A%2F%2Fcm.p.altergeo.ru%2Fspnd%3Faid%3D62f5da90c52f155dcba8ff6e%26nc%3D298893929...
  • https://cm.p.altergeo.ru/spnd?aid=62f5da90c52f155dcba8ff6e&nc=2988939296500360700&url=https%3A%2F%2Fadx.com.ru%2Fadspend-sync%3Fuid%3D62f5da90c52f155dcba8ff6e%26r%3Dhttps%253A%252F%252Fan.yandex.ru...
  • https://cm.p.altergeo.ru/spnd?aid=62f5da90c52f155dcba8ff6e&nc=2988939296500360700&url=https%3A%2F%2Fadx.com.ru%2Fadspend-sync%3Fuid%3D62f5da90c52f155dcba8ff6e%26r%3Dhttps%253A%252F%252Fan.yandex.ru...
  • https://adx.com.ru/adspend-sync?uid=62f5da90c52f155dcba8ff6e&r=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fadspend%2F8Qvfzrid7dtdBwbnPWMAiS%3Fsign%3D3082097917%26location%3Dhttps%253A%252F%252Ftop-fwz1.ma...
0
0
ImgSync
image8.pubmatic.com/AdServer/ 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=160321&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D697b573e3a4444e5bed84c52be179dbd
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:43:59 GMT
content-length
0
sfaf25.gif
us.ck-ie.com/ 		0
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us.ck-ie.com/sfaf25.gif?puid=697b573e3a4444e5bed84c52be179dbd
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.108.194 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:44:00 GMT
Server
nginx
Connection
keep-alive
Content-Type
text/plain
mmr445.gif
us.ck-ie.com/ 		0
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us.ck-ie.com/mmr445.gif?gdpr=&gdpr_consent=[GDPRConsent]&us_privacy=[USPrivacy]&coppa=[COPPA]&puid=697b573e3a4444e5bed84c52be179dbd
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.108.194 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:44:00 GMT
Server
nginx
Connection
keep-alive
Content-Type
text/plain
sync.html
s.console.adtarget.com.tr/ 		63 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=517350
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5095:0:225:90ff:fefa:245d London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
b7c43fd75a6ed3a267427a714feebb9a1e4ba350dc540ffb2cddb472ac27bc25

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:44:00 GMT
Server
Adtelligent
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
http://zdorovia.com.ua
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
63
media
a4p.adpartner.pro/ Frame C88B 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/media?id=7434&session_id=2bae461f-e33d-4c87-af26-e960099a20a7&session_pageview=2&site_visited=1
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/media/ls?mediaunit=7434&apuid=5f9e8eb9-028a-4a7b-b2b7-6430ea96982b&session_pageview=2&session_id=2bae461f-e33d-4c87-af26-e960099a20a7&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
7a84ab5cedca390158f4c968bb39557fbf2341a9376970d754f101b59ca117dd

Request headers

Referer
https://a4p.adpartner.pro/media/ls?mediaunit=7434&apuid=5f9e8eb9-028a-4a7b-b2b7-6430ea96982b&session_pageview=2&session_id=2bae461f-e33d-4c87-af26-e960099a20a7&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
text/plain

Response headers

date
Fri, 12 Aug 2022 04:44:00 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
text/html; charset=utf-8
ptag
a.audrte.com/ Frame B00D 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.207.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-207-25.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
1c7ccd354d975ee1e5018cf91d57b416a928d1e9590cc2ee92cf312449145b1f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:44:00 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1681
um
u-ams02.e-planning.net/ Frame B00D
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D43a10520d0702469%26uid%3D%24UID&partner=eplanning
  • https://u-ams02.e-planning.net/um?dc=e64f73568d2b3c34&fi=43a10520d0702469&uid=8c1f3c42-96cb-2277-b418-ec7d8d78108f
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=e64f73568d2b3c34&fi=43a10520d0702469&uid=8c1f3c42-96cb-2277-b418-ec7d8d78108f
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
46.249.52.249 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:00 GMT
server
openresty
content-type
image/gif

Redirect headers

location
https://u-ams02.e-planning.net/um?dc=e64f73568d2b3c34&fi=43a10520d0702469&uid=8c1f3c42-96cb-2277-b418-ec7d8d78108f
pragma
no-cache
date
Fri, 12 Aug 2022 04:44:00 GMT
cache-control
no-store
content-length
0
vary
origin
expires
0
d
ic.tynt.com/r/ Frame 757B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.31 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip31.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
date
Fri, 12 Aug 2022 04:44:00 GMT
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
server
nginx/1.16.1
/
onetag-sys.com/usync/ Frame 5605 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
csync
sync.adtelligent.com/ Frame 2EC2
Redirect Chain
  • https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D
  • https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=515fe546-fda1-4cda-b8f5-a653c7415c4c
0
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=515fe546-fda1-4cda-b8f5-a653c7415c4c
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:44:00 GMT
Server
Adtelligent
Etag
f5510b651dfb71a4
Content-Length
0

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=515fe546-fda1-4cda-b8f5-a653c7415c4c
date
Fri, 12 Aug 2022 04:44:00 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
csync
sync.adtelligent.com/ Frame 2EC2
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=5f9e8eb9-028a-4a7b-b2b7-6430ea96982b
0
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=5f9e8eb9-028a-4a7b-b2b7-6430ea96982b
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:44:01 GMT
Server
Adtelligent
Etag
f5510b651dfb71a4
Content-Length
0

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=5f9e8eb9-028a-4a7b-b2b7-6430ea96982b
date
Fri, 12 Aug 2022 04:44:00 GMT
cache-control
no-store no-transform
server
nginx
content-length
166
content-type
text/html; charset=utf-8
generic
match.adsrvr.org/track/cmf/ Frame 2EC2
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2480457412
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2480457412
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:00 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:00 GMT
etag
RX77e37cea4dc14acea815bcc6f48c205c003
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2480457412
cache-control
no-store, no-cache, must-revalidate
content-type
text/html
expires
0
csync
sync.adtelligent.com/ Frame 2EC2
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=88777dc4-d5ff-4dbb-8cc0-8c42d432606b
0
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=88777dc4-d5ff-4dbb-8cc0-8c42d432606b
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:44:01 GMT
Server
Adtelligent
Etag
f5510b651dfb71a4
Content-Length
0

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:43:59 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=88777dc4-d5ff-4dbb-8cc0-8c42d432606b
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
mj7mf8ufbgpg2g97ddda4m17b50anbgo
csync
sync.adtelligent.com/ Frame 2EC2
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=7799509249833577706
0
387 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=7799509249833577706
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:44:00 GMT
Server
Adtelligent
Etag
f5510b651dfb71a4
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 04:44:00 GMT
X-Proxy-Origin
82.199.130.41; 82.199.130.41; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
9881b4aa-bdbf-4ee8-bfcf-b5852c4b5b9d
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=7799509249833577706
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync.html
s.console.adtarget.com.tr/ Frame 2F52 		1 KB
1004 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=755289
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5095:0:225:90ff:fefa:245d London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
8a77716d191bdcbb71ccafbe17e67b9e6f45d58e3c7477e3c9b7d7b9321c6f5a

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://s.adtelligent.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
699
Content-Type
text/html; charset=UTF-8
Date
Fri, 12 Aug 2022 04:44:00 GMT
Server
Adtelligent
X-Robots-Tag
noindex
csync
sync.adtelligent.com/ Frame 6622
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D
  • https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=1434df1c-a4ef-46d8-bfd8-c394c675fbb7
0
404 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=1434df1c-a4ef-46d8-bfd8-c394c675fbb7
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
0
Date
Fri, 12 Aug 2022 04:44:00 GMT
Etag
f5510b651dfb71a4
Server
Adtelligent

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
73968da9084a7738-LHR
content-length
0
date
Fri, 12 Aug 2022 04:44:00 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=1434df1c-a4ef-46d8-bfd8-c394c675fbb7
server
cloudflare
/
ads.us.e-planning.net/uspd/1/ Frame 8D4D 		1 KB
925 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.246 Hilversum, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
44211de63994498280bd3dbbe05c6ee308ccf1463f0ead91201f84d03bd1cf66

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Fri, 12 Aug 2022 04:44:00 GMT
expires
Fri, 12 Aug 2022 04:44:00 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-602
sync.html
s.adtelligent.com/ Frame 5FAC 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=651796
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5139::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
a3d9317a1b8c2aa2fb35ecb3abb1915d33bb75665a78cc9b9d04f41064600d93

Request headers

Referer
https://s.adtelligent.com/sync.html?aid=707176
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://s.adtelligent.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
781
Content-Type
text/html; charset=UTF-8
Date
Fri, 12 Aug 2022 04:44:00 GMT
Server
Adtelligent
X-Robots-Tag
noindex
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0F27 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=96763
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Fri, 12 Aug 2022 04:44:00 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 13 Aug 2022 07:36:43 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
csync
sync.adtelligent.com/ Frame 2EC2
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
  • https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=7799509249833577706
0
387 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=7799509249833577706
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:44:00 GMT
Server
Adtelligent
Etag
f5510b651dfb71a4
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 04:44:00 GMT
X-Proxy-Origin
82.199.130.41; 82.199.130.41; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
1e186066-953b-450d-bf0f-c3a0f90b7baf
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=7799509249833577706
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
csync
sync.adtelligent.com/ Frame 2EC2
Redirect Chain
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D537e6283-e085-4397-a301-d96a66c270aa%26redir%3D1
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=537e6283-e085-4397-a301-d96a66c270aa&redir=1
  • https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=697b573e3a4444e5bed84c52be179dbd
0
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=697b573e3a4444e5bed84c52be179dbd
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:44:01 GMT
Server
Adtelligent
Etag
f5510b651dfb71a4
Content-Length
0

Redirect headers

Date
Fri, 12 Aug 2022 04:44:00 GMT
Server
nginx
Access-Control-Allow-Origin
*
P3p
CP="NID DSP ALL COR"
Location
https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=697b573e3a4444e5bed84c52be179dbd
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
0
X-Xss-Protection
0
pixel
ap.lijit.com/ Frame 2EC2 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 12 Aug 2022 04:44:00 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
sync
vid.vidoomy.com/ Frame 2EC2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid.vidoomy.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D556847%26extuid%3D%7B%7BVID%7D%7D
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
usync.html
eus.rubiconproject.com/ Frame 4F2B
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_eu&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
281 B
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 12 Aug 2022 04:44:00 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 12 Aug 2022 04:44:00 GMT
location
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
server
AkamaiGHost
usermatch
ssum.casalemedia.com/ Frame 7809 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D43a10520d0702469%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9abeb4ba8370abad2b98735433d8e4dee9e197d65efe69524d9c86189e3d1c88

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
73968da96a837320-LHR
content-encoding
br
content-type
text/html
date
Fri, 12 Aug 2022 04:44:00 GMT
dropped-udsids
73|4|130|3|196|46|64|51
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=irv9Mc5HIl56dAnksiPy6jT9OgSD6RHWL5kWJ9QhWxtXS6DZ41lCesClu4QRq7PUj2ZURAKj43mo9XwmLmoy36BIfjA8kaEIOW0fuldJw4drPkrp7x2h4rEc9BXDYKMfDDibYHdj"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame 75DF 		1 KB
1001 B 		Document
General
Check archive.org
Download Go to
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Middleburg, United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=157680000
cf4age
136949
cf4ttl
157680000.000
content-encoding
gzip
content-length
624
content-type
text/html
date
Fri, 12 Aug 2022 04:44:00 GMT
etag
W/"61ddbb71-5f5"
expires
Tue, 18 May 2027 11:39:16 GMT
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
server
CFS 0215
x-cf-reqid
5a2903a9c9cbde56074b6e322a709222
x-cf-tsc
1653097306
x-cf1
29080:fB.cdg1:co:1585621119:cacheB.cdg1-01:H
x-cf2
H
x-cf3
H
x-cff
B
/
onetag-sys.com/usync/ Frame 8AA7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame 8E2E 		530 B
759 B 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1601f711c49f3e600c1c5d1d6789971a7b97d1f669184ae297f752fb328fdd9b

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
cf-cache-status
DYNAMIC
cf-ray
73968da918d3750d-LHR
content-encoding
br
content-type
text/html
date
Fri, 12 Aug 2022 04:44:00 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Origin
via
1.1 google
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/ Frame 8FA9 		340 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua&bust=31068911
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8f1cfed0d002b508c4a0471500123548969186e776400b4a83ee905e6dda1005
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122752
x-xss-protection
0
server
cafe
etag
14323374237951416949
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 12 Aug 2022 04:44:00 GMT
csync
sync.console.adtarget.com.tr/ Frame 1E00
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=2507871231717652556
0
403 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=2507871231717652556
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
0
Date
Fri, 12 Aug 2022 04:44:01 GMT
Etag
9688f602e7544b82
Server
Adtelligent

Redirect headers

content-length
0
content-type
text/plain
date
Fri, 12 Aug 2022 04:44:00 GMT
location
https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=2507871231717652556
server
nginx
csync
sync.adtelligent.com/ Frame 2F52
Redirect Chain
  • https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D
  • https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=9688f602e7544b82
0
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=9688f602e7544b82
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
HTTP/1.1
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.console.adtarget.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:44:00 GMT
Server
Adtelligent
Etag
f5510b651dfb71a4
Content-Length
0

Redirect headers

Location
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=9688f602e7544b82
Date
Fri, 12 Aug 2022 04:44:00 GMT
Server
Adtelligent
Etag
9688f602e7544b82
Content-Length
0
ptag
a.audrte.com/ Frame 8D4D 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.207.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-207-25.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
1c7ccd354d975ee1e5018cf91d57b416a928d1e9590cc2ee92cf312449145b1f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:44:00 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1681
um
u-ams02.e-planning.net/ Frame 8D4D
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D43a10520d0702469%26uid%3D%24UID&partner=eplanning
  • https://u-ams02.e-planning.net/um?dc=e64f73568d2b3c34&fi=43a10520d0702469&uid=8c1f3c42-96cb-2277-b418-ec7d8d78108f
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=e64f73568d2b3c34&fi=43a10520d0702469&uid=8c1f3c42-96cb-2277-b418-ec7d8d78108f
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
46.249.52.249 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:01 GMT
server
openresty
content-type
image/gif

Redirect headers

location
https://u-ams02.e-planning.net/um?dc=e64f73568d2b3c34&fi=43a10520d0702469&uid=8c1f3c42-96cb-2277-b418-ec7d8d78108f
pragma
no-cache
date
Fri, 12 Aug 2022 04:44:00 GMT
cache-control
no-store
content-length
0
vary
origin
expires
0
mw
mwzeom.zeotap.com/ Frame 8E2E
Redirect Chain
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dedc...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=edca303e-4dde-4b05-527e-8debcc82f85f&reqId=40f71907-69b8-4414-6a69-be59bbd138e2&zdid=1361
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=edca303e-4dde-4b05-527e-8debcc82f85f&reqId=40f71907-69b8-4414-6a69-be59bbd138e2&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:00 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
73968daa19a6750d-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=edca303e-4dde-4b05-527e-8debcc82f85f&reqId=40f71907-69b8-4414-6a69-be59bbd138e2&zdid=1361
date
Fri, 12 Aug 2022 04:44:00 GMT
cross-origin-resource-policy
cross-origin
content-length
0
cmp.min.js
spl.zeotap.com/ Frame 8E2E 		557 B
415 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=edca303e-4dde-4b05-527e-8debcc82f85f&reqId=40f71907-69b8-4414-6a69-be59bbd138e2&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
058182777a17818af3eeebc80eba780debf5e420d619b66adbbd2e84cd760f95

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
73968da9b943750d-LHR
date
Fri, 12 Aug 2022 04:44:00 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
content-encoding
br
access-control-allow-headers
*
usync.html
eus.rubiconproject.com/ Frame AA5D
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184-d
  • https://eus.rubiconproject.com/usync.html?p=17184-d
281 B
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17184-d
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 12 Aug 2022 04:44:00 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 12 Aug 2022 04:44:00 GMT
location
https://eus.rubiconproject.com/usync.html?p=17184-d
server
AkamaiGHost
/
onetag-sys.com/usync/ Frame 4095 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=75a1922f904cc20
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C47A 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=96763
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Fri, 12 Aug 2022 04:44:00 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 13 Aug 2022 07:36:43 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
csync
sync.adtelligent.com/ Frame 5FAC 		43 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?redir=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:44:00 GMT
Server
Adtelligent
Etag
f5510b651dfb71a4
Content-Length
43
Content-Type
image/gif
optimus_rules.json
tags.crwdcntrl.net/lt/c/15238/ Frame A981 		155 B
642 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-47.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff

Request headers

Referer
https://s.e-planning.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 11 Aug 2022 17:15:55 GMT
via
1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront)
age
41287
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
155
last-modified
Wed, 03 Aug 2022 18:30:08 GMT
server
AmazonS3
etag
"1a1722e9cedbdc8af0dcd3345e46c73a"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age: 86400
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
O9rPGJBwtQEHiGcjWPH6xdpL8ER0c-BhSbtVVqu4QXQz57bz1Igmvw==
optimus_rules.json
tags.crwdcntrl.net/lt/c/15238/ Frame 68E5 		155 B
640 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-47.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff

Request headers

Referer
https://s.e-planning.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 11 Aug 2022 17:15:55 GMT
via
1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront)
age
41287
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
155
last-modified
Wed, 03 Aug 2022 18:30:08 GMT
server
AmazonS3
etag
"1a1722e9cedbdc8af0dcd3345e46c73a"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age: 86400
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
Htrsui_QHe_VYuiGc8X34yMmce-TjIhiR7ckkPhd9p7TJ6pDFt6-9Q==
usync.html
eus.rubiconproject.com/ Frame 79E5
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_eu&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
281 B
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 12 Aug 2022 04:44:00 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 12 Aug 2022 04:44:00 GMT
location
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
server
AkamaiGHost
usermatch
ssum.casalemedia.com/ Frame C707 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D43a10520d0702469%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2da6dd1089512f5aa80c47d1d6dec46acf619fffac740bc706e6871221869419

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
73968da9cad77320-LHR
content-encoding
br
content-type
text/html
date
Fri, 12 Aug 2022 04:44:00 GMT
dropped-udsids
206|88|81|90|11|196|130|188
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e30B6%2BjDWX4vDdwzk%2FNt1%2BAukhATFap4jYAqmOF%2BumK7Y%2FNdV0htvnPEQDXT%2FjH%2BIUDHgv0VGjdOx0le62%2FM2gGNQeLGw%2BJ5YT3KWXfwrU1Lii11mJyvM83%2FawFgKGhNqHMh5uw%2F"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame DDD5 		1 KB
1001 B 		Document
General
Check archive.org
Download Go to
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Middleburg, United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=157680000
cf4age
136949
cf4ttl
157680000.000
content-encoding
gzip
content-length
624
content-type
text/html
date
Fri, 12 Aug 2022 04:44:00 GMT
etag
W/"61ddbb71-5f5"
expires
Tue, 18 May 2027 11:39:16 GMT
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
server
CFS 0215
x-cf-reqid
0caf2c8ac6e822f89025bf3a490a4e0e
x-cf-tsc
1653097306
x-cf1
29080:fB.cdg1:co:1585621119:cacheB.cdg1-01:H
x-cf2
H
x-cf3
H
x-cff
B
/
onetag-sys.com/usync/ Frame 5B61 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame DFDB 		530 B
927 B 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66e8dffe59e66c25e3d1f2df4b151b835f821e6b35fe0dd567d788f2db4fd84d

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
cf-cache-status
DYNAMIC
cf-ray
73968da9c958750d-LHR
content-encoding
br
content-type
text/html
date
Fri, 12 Aug 2022 04:44:00 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Origin
via
1.1 google
usync.js
eus.rubiconproject.com/ Frame 4F2B 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
547e0b6a33dd02dbdee7f98804ea3434b1714beab2b32fc6c08b021e3159de1d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:44:00 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Jul 2022 20:44:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=34806
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9454
Expires
Fri, 12 Aug 2022 14:24:06 GMT
zdorovia.com.ua_160x600_br1.html
file.adpartner.pro/2297/2297845/ Frame D1D7 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://file.adpartner.pro/2297/2297845/zdorovia.com.ua_160x600_br1.html?content_width=980px&background_size=1710.5454545454545&top_padding=0&side_width=310&bg_url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fbackground_empty.jpg&unit_num=1550_2200341753400048&url=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F1550%2F2297845%2F4ca1a630-85e7-46c6-b0e3-47b175c540f0%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjYwMjc5NDM5LCJzaG93X2lkIjoiNGNhMWE2MzAtODVlNy00NmM2LWIwZTMtNDdiMTc1YzU0MGYwIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiNWY5ZThlYjktMDI4YS00YTdiLWIyYjctNjQzMGVhOTY5ODJiIiwicmVnaW9uX2lkIjo4Niwic3ViX3JlZ2lvbl9pZCI6MCwiY2l0eV9pZCI6MCwiaXNfcmVmcmVzaCI6ZmFsc2V9%26hash%3Dc611b8bc13cbc64a8fc5dbf77c5a900e
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/apstc/branding.min.js?v=1.1.423
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.123.132.26 Kyiv, Ukraine, ASN35680 (VOLIA, UA),
Reverse DNS
26.132.123.77.colo.static.dcvolia.com
Software
nginx /
Resource Hash
8f4b262ea13458af3f7508f3c93ac3589bbc01793104d9bfc041de85fcef79f2

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-store
content-encoding
gzip
content-type
text/html
date
Fri, 12 Aug 2022 04:44:00 GMT
etag
W/"62947f06-cf9"
last-modified
Mon, 30 May 2022 08:23:34 GMT
server
nginx
lotame20220804.html
s.e-planning.net/esb/4/0/1992d/823cbe91964ba8ec/ Frame 9D06 		627 B
543 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/823cbe91964ba8ec/lotame20220804.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.253 Hilversum, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
30fe2b4dd3ea9446d92fa0dad1ce04ad1fb0729696ca6e04d6bfaacfb5681ed6

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=157680000
content-encoding
gzip
content-type
text/html
date
Fri, 12 Aug 2022 04:44:00 GMT
etag
W/"62ec189b-273"
expires
Wed, 11 Aug 2027 04:44:00 GMT
last-modified
Thu, 04 Aug 2022 19:06:03 GMT
server
openresty
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame EE0C 		636 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.253 Hilversum, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=157680000
content-encoding
gzip
content-type
text/html
date
Fri, 12 Aug 2022 04:44:00 GMT
etag
W/"601b131c-27c"
expires
Wed, 11 Aug 2027 04:44:00 GMT
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
server
openresty
sync
vid.vidoomy.com/ Frame 5213 		49 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vid.vidoomy.com/sync?gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3ab023ac29ea5990%26fi%3D43a10520d0702469%26uid%3D%7B%7BVID%7D%7D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
acff2f7ced83945dfb1b2227c926ec6a29d4c9ef436b6cd78a0d0d7447286a09

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
br
content-type
text/html
date
Fri, 12 Aug 2022 04:44:01 GMT
etag
W/"61c991db-c5bc"
last-modified
Mon, 27 Dec 2021 10:13:47 GMT
server
CDN77-Turbo
x-77-cache
MISS
x-77-nzt
AcO1qhFogdOh
x-77-nzt-ray
WVHdLMY6/+s
x-77-pop
frankfurtDE
x-accel-expires
@1661316241
x-cache
MISS
adxcm.aspx
inv-nets.admixer.net/ Frame 7308 		43 B
463 B 		Document
General
Check archive.org
Download Go to
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=D56DC09D-C39C-4BD6-BD73-03CAB4DA9C50&id=ADad1O%2frWZo0of0V
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 12 Aug 2022 04:44:00 GMT
Keep-Alive
timeout=25
P3p
CP="NID DSP ALL COR"
Server
nginx
X-Xss-Protection
0
if
a4p.adpartner.pro/tracker/ Frame 0DBE 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%25225f9e8eb9-028a-4a7b-b2b7-6430ea96982b%2522%252C%2522event%2522%253A%2522load%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2297845%252C%2522rule_id%2522%253A209963%252C%2522show_id%2522%253A%25224ca1a630-85e7-46c6-b0e3-47b175c540f0%2522%257D%255D%252C%2522unit_id%2522%253A1550%252C%2522region_id%2522%253A86%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%25224ca1a630-85e7-46c6-b0e3-47b175c540f0%2522%252C%2522url%2522%253A%2522http%25253A%25252F%25252Fzdorovia.com.ua%25252F%2522%257D
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate no-store no-transform
content-length
0
content-type
image/gif
date
Fri, 12 Aug 2022 04:44:00 GMT
expires
0
pragma
no-cache
server
nginx
if
a4p.adpartner.pro/tracker/ Frame 0A66 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%25225f9e8eb9-028a-4a7b-b2b7-6430ea96982b%2522%252C%2522event%2522%253A%2522show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2297845%252C%2522rule_id%2522%253A209963%252C%2522show_id%2522%253A%25224ca1a630-85e7-46c6-b0e3-47b175c540f0%2522%257D%255D%252C%2522unit_id%2522%253A1550%252C%2522region_id%2522%253A86%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%25224ca1a630-85e7-46c6-b0e3-47b175c540f0%2522%252C%2522url%2522%253A%2522http%25253A%25252F%25252Fzdorovia.com.ua%25252F%2522%257D
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate no-store no-transform
content-length
0
content-type
image/gif
date
Fri, 12 Aug 2022 04:44:00 GMT
expires
0
pragma
no-cache
server
nginx
YvXakKiDGI75kSTold2WjQAABHgAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 7809 		43 B
988 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YvXakKiDGI75kSTold2WjQAABHgAAAIB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D43a10520d0702469%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:7c9:2a47:8cb6:50cb Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:01 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
rum
dsum-sec.casalemedia.com/ Frame 7809
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4014191389595819986
43 B
908 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4014191389595819986
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D43a10520d0702469%26uid%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
73968dac29ed8891-LHR
pragma
no-cache
date
Fri, 12 Aug 2022 04:44:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=roUmNzsflGEaS9xXomwmpJXHG5lo%2FgEyPklI37D1i8vJIEl%2FsMGx1Ts3ca59G9x1SQycK1Ei2bTv7nTgjqkoLAqAleny4omk6JzX0ozyXuFjVSajpoz%2FWiyZe5yzJCPjg7%2BX9LbBKzf4mA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4014191389595819986
pragma
no-cache
date
Fri, 12 Aug 2022 04:44:00 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
ie
match.prod.bidr.io/cookie-sync/ Frame 7809 		43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D43a10520d0702469%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.232.242 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-232-242.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
Date
Fri, 12 Aug 2022 04:44:01 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 7809
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=7f2862f5-da91-4100-85d5-55d68aef2b2f&gdpr=1&gdpr_consent=
43 B
914 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=7f2862f5-da91-4100-85d5-55d68aef2b2f&gdpr=1&gdpr_consent=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D43a10520d0702469%26uid%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
73968daf8e758891-LHR
pragma
no-cache
date
Fri, 12 Aug 2022 04:44:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yj9WtFS64EMH0n6cowpcURlcT7DOQZRzu%2BLz99dtJvjA0M6sWK%2FRLOiy6txpoVCnGPBLRUnY%2FOOBL1Oo7eovuq8Evkk%2F5Alpq%2Fxb%2B865bmSjYp%2BWBOjl2jBoJcpBGRrrXbwUAh2JvXO0Hw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Date
Fri, 12 Aug 2022 04:44:01 GMT
Server
MT3 4475 c1dc35a master hkg-pixel-x17 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=7f2862f5-da91-4100-85d5-55d68aef2b2f&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 12 Aug 2022 04:44:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 7809
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
43 B
908 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D43a10520d0702469%26uid%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
73968dad2b568891-LHR
pragma
no-cache
date
Fri, 12 Aug 2022 04:44:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tMX7VORxqHHLUr52v4CAxld1fOzHqyVrjUJur0BBKveTs7HGbRdEZr%2B4axBNtJcFOXrWaFNtozu5NPyUpxWGl2PTJINys2jiA938%2FSlptHt2BanYBVkBDK6rorp2ja8JXd%2B2KKg5FqQ6HA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Fri, 12 Aug 2022 04:44:01 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
getuid
secure.adnxs.com/ Frame 7809 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D43a10520d0702469%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 7809 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D43a10520d0702469%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:00 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
sync
x.bidswitch.net/ Frame 7809 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=index&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D43a10520d0702469%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.145.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-145-56.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:44:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
um
u-ams02.e-planning.net/ Frame 7809 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=99e41df815fd80b4&fi=43a10520d0702469&uid=YvXakKiDGI75kSTold2WjQAA%261144
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D43a10520d0702469%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.249 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:00 GMT
server
openresty
content-type
image/gif
cmp
spl.zeotap.com/ Frame 8E2E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=edca303e-4dde-4b05-527e-8debcc82f85f&reqId=40f71907-69b8-4414-6a69-be59bbd138e2&zdid=1361&cmp=0
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=edca303e-4dde-4b05-527e-8debcc82f85f&reqId=40f71907-69b8-4414-6a69-be59bbd138e2&zdid=1361
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://spl.zeotap.com
cf-cache-status
DYNAMIC
cf-ray
73968daa29be750d-LHR
date
Fri, 12 Aug 2022 04:44:01 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Origin
via
1.1 google
zdorovia.com.ua_970x250_ruslan1.html
file.adpartner.pro/2085/2085828/ Frame 9639 		668 B
585 B 		Document
General
Check archive.org
Download Go to
Full URL
https://file.adpartner.pro/2085/2085828/zdorovia.com.ua_970x250_ruslan1.html?adId=2085828&unitId=7434&link=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F7434%2F2085828%2F8006a2b9-932c-46a2-9df1-855ae58ed7eb%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjYwMjc5NDQwLCJzaG93X2lkIjoiODAwNmEyYjktOTMyYy00NmEyLTlkZjEtODU1YWU1OGVkN2ViIiwiYWRfdW5pdF9pZCI6NzQzNCwicnVsZV9pZCI6MTg0MzIzLCJhZF9pZCI6MjA4NTgyOCwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiNWY5ZThlYjktMDI4YS00YTdiLWIyYjctNjQzMGVhOTY5ODJiIiwicmVnaW9uX2lkIjo4Niwic3ViX3JlZ2lvbl9pZCI6MCwiY2l0eV9pZCI6MCwiaXNfcmVmcmVzaCI6ZmFsc2V9%26hash%3D249d0031e7a8c18be575fb13dc935642&showId=8006a2b9-932c-46a2-9df1-855ae58ed7eb&apuid=5f9e8eb9-028a-4a7b-b2b7-6430ea96982b
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/apstc/media.min.js?v=1.1.423
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.123.132.26 Kyiv, Ukraine, ASN35680 (VOLIA, UA),
Reverse DNS
26.132.123.77.colo.static.dcvolia.com
Software
nginx /
Resource Hash
4803ca05bf5d01dbd812e758881dc7cae6344da06c0fd9d19d42a341409a61e6

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-store
content-encoding
gzip
content-type
text/html
date
Fri, 12 Aug 2022 04:44:01 GMT
etag
W/"62947e8b-29c"
last-modified
Mon, 30 May 2022 08:21:31 GMT
server
nginx
if
a4p.adpartner.pro/tracker/ Frame 5750 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%25225f9e8eb9-028a-4a7b-b2b7-6430ea96982b%2522%252C%2522event%2522%253A%2522load%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2085828%252C%2522rule_id%2522%253A184323%252C%2522show_id%2522%253A%25228006a2b9-932c-46a2-9df1-855ae58ed7eb%2522%257D%255D%252C%2522unit_id%2522%253A7434%252C%2522region_id%2522%253A86%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%25228006a2b9-932c-46a2-9df1-855ae58ed7eb%2522%252C%2522url%2522%253A%2522http%253A%252F%252Fzdorovia.com.ua%252F%2522%257D
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate no-store no-transform
content-length
0
content-type
image/gif
date
Fri, 12 Aug 2022 04:44:01 GMT
expires
0
pragma
no-cache
server
nginx
if
a4p.adpartner.pro/tracker/ Frame 11BD 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%25225f9e8eb9-028a-4a7b-b2b7-6430ea96982b%2522%252C%2522event%2522%253A%2522show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2085828%252C%2522rule_id%2522%253A184323%252C%2522show_id%2522%253A%25228006a2b9-932c-46a2-9df1-855ae58ed7eb%2522%257D%255D%252C%2522unit_id%2522%253A7434%252C%2522region_id%2522%253A86%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%25228006a2b9-932c-46a2-9df1-855ae58ed7eb%2522%252C%2522url%2522%253A%2522http%253A%252F%252Fzdorovia.com.ua%252F%2522%257D
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate no-store no-transform
content-length
0
content-type
image/gif
date
Fri, 12 Aug 2022 04:44:01 GMT
expires
0
pragma
no-cache
server
nginx
cookie.js
partner.googleadservices.com/gampad/ Frame 772C 		219 B
650 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=zdorovia.com.ua&callback=_gfp_s_&client=ca-pub-4577254435597104
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua&bust=31068864
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
4864ee97c73bb521d2bb90c04e3c8319be47f1ee64fa2a0aa0f4c08799b785cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
206
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 772C 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=zdorovia.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua&bust=31068864
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 12 Aug 2022 04:44:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 772C 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=zdorovia.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua&bust=31068864
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 12 Aug 2022 04:44:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 2E3F 		20 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417943&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1660279441&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1660279440660&bpp=3&bdt=1067&idt=336&shv=r20220809&mjsv=m202208090101&ptt=9&saldr=aa&correlator=7089674479857&frm=23&ife=5&pv=2&ga_vid=2117477704.1660279439&ga_sid=1660279439&ga_hid=1414994226&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763827%2C31068864%2C44766069%2C31062931&oid=2&pvsid=718410753625640&tmod=1497680027&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.kortct4z2o7u&fsb=1&dtd=348
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua&bust=31068864
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fbcd31b37edb768ea8b1b6123cc714827d1e26f731e5796f0058689323ed861e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
9986
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Aug 2022 04:44:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 772C 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220809&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua&bust=31068864
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3a340bead37e56428d5f67ca4b0f16982fb7cf4849c67698815ddcf7bc1211af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 12 Aug 2022 04:44:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11112
x-xss-protection
0
mw
mwzeom.zeotap.com/ Frame DFDB
Redirect Chain
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dedc...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=edca303e-4dde-4b05-527e-8debcc82f85f&reqId=c675a461-1777-404b-4e6d-c365ec37f086&zdid=1361
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=edca303e-4dde-4b05-527e-8debcc82f85f&reqId=c675a461-1777-404b-4e6d-c365ec37f086&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:01 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
73968dab4a7f750d-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=edca303e-4dde-4b05-527e-8debcc82f85f&reqId=c675a461-1777-404b-4e6d-c365ec37f086&zdid=1361
date
Fri, 12 Aug 2022 04:44:01 GMT
cross-origin-resource-policy
cross-origin
content-length
0
cmp.min.js
spl.zeotap.com/ Frame DFDB 		557 B
413 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=edca303e-4dde-4b05-527e-8debcc82f85f&reqId=c675a461-1777-404b-4e6d-c365ec37f086&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d425663640d76f95c1ac14032c5aeaa49f1fafed8fd9fce3b81fc65b10f8ce1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
73968daa89f8750d-LHR
date
Fri, 12 Aug 2022 04:44:01 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
content-encoding
br
access-control-allow-headers
*
cookie.js
partner.googleadservices.com/gampad/ Frame B609 		219 B
271 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=zdorovia.com.ua&callback=_gfp_s_&client=ca-pub-4577254435597104
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
be7355eb9a5bec9879df598300abcf220ac951bfd5a62f26c7f3c5ee849887fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
203
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame B609 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=zdorovia.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 12 Aug 2022 04:44:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame B609 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=zdorovia.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 12 Aug 2022 04:44:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 7500 		18 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417942&pi=t.ma~as.7553037928&w=728&lmt=1660279441&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1660279440592&bpp=4&bdt=1010&idt=435&shv=r20220809&mjsv=m202208080101&ptt=9&saldr=aa&correlator=7089674479857&frm=23&ife=5&pv=1&ga_vid=2117477704.1660279439&ga_sid=1660279439&ga_hid=377329752&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531514&oid=2&pvsid=2828283966670232&tmod=1092595463&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.tx2bxs9y3cti&fsb=1&dtd=451
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
891a49223ff61fd79b6ba9fecaaa47aee1010a2f6641f852809ecf1396c4f3b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
10112
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Aug 2022 04:44:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame B609 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220809&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d664f280bef7dac567cc31841c4d3f9e9642fe6b0cd3e65f2fe08760532acee1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 12 Aug 2022 04:44:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11116
x-xss-protection
0
khaos.jpg
token.rubiconproject.com/ Frame 4F2B 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Content-Type
image/jpg
cookie.js
partner.googleadservices.com/gampad/ Frame 8FA9 		219 B
270 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=zdorovia.com.ua&callback=_gfp_s_&client=ca-pub-4577254435597104
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua&bust=31068911
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
c3318255a3de92e1749d9e294768216423bd13efe6ace877f90482a1cd7c137f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
202
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 8FA9 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=zdorovia.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua&bust=31068911
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 12 Aug 2022 04:44:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 8FA9 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=zdorovia.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua&bust=31068911
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 12 Aug 2022 04:44:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 98AD 		18 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417948&pi=t.ma~as.6208660382&w=300&lmt=1660279441&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1660279440821&bpp=3&bdt=626&idt=287&shv=r20220809&mjsv=m202208090101&ptt=9&saldr=aa&correlator=7089674479857&frm=23&ife=5&pv=1&ga_vid=2117477704.1660279439&ga_sid=1660279439&ga_hid=1055133219&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=914&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068911%2C31062930&oid=2&pvsid=1068919097747722&tmod=471124192&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.nfvot6esipdg&fsb=1&dtd=298
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua&bust=31068911
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f1cdf23027365c31ff2f5614d1945c50c04434dd7e05f8bcbe8c25a5eebd06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
10015
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Aug 2022 04:44:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 8FA9 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220809&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua&bust=31068911
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
87ea26ae2a0ed0569fe5fdddcf5d5e051eda8d66761f58d8356acd885c93732c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 12 Aug 2022 04:44:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10997
x-xss-protection
0
sync
ups.analytics.yahoo.com/ups/55940/ Frame C707 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YvXakKiDGI75kSTold2WjQAABHgAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D43a10520d0702469%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:01 GMT
server
ATS/9.1.0.46
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
ZMAwryCI
sync-tm.everesttech.net/upi/pid/ Frame C707 		85 B
252 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D43a10520d0702469%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:01 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1660279441.158398,VS0,VE88
x-served-by
cache-hhn4037-HHN
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-type
image/png
content-length
85
x-cache-hits
0
rum
dsum-sec.casalemedia.com/ Frame C707
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=eX0GRisuWUJieVQRK3xNQCp_AUVifVZLLn0ILlFZ
43 B
914 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=eX0GRisuWUJieVQRK3xNQCp_AUVifVZLLn0ILlFZ
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D43a10520d0702469%26uid%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
73968dad3b6c8891-LHR
pragma
no-cache
date
Fri, 12 Aug 2022 04:44:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wgwssnWvvI2RwwpgfgtcXVMCMRzVSHPFtv25SYtkM9NxXsrRmbeo%2BgvDfhSqbaaukk03Q5zrK%2FRuTNd7sRgPC%2FZhnxE2dWdhCapk4Zg%2BnBiRvklWd%2Bz41BzKS7%2F9meV3%2B9WjWNXGt6HdDw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:01 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=eX0GRisuWUJieVQRK3xNQCp_AUVifVZLLn0ILlFZ
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
no_match_opted_out
um.simpli.fi/ Frame C707
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
  • https://um.simpli.fi/no_match_opted_out
0
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/no_match_opted_out
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D43a10520d0702469%26uid%3D
Protocol
H2
Server
169.50.137.184 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b8.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 12 Aug 2022 04:44:01 GMT
x-content-type-options
nosniff
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS

Redirect headers

date
Fri, 12 Aug 2022 04:44:01 GMT
x-content-type-options
nosniff
server
nginx
location
/no_match_opted_out
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Thu, 11 Aug 2022 04:44:01 GMT
index.gif
euexchangesync.digitaleast.mobi/usersync/ Frame C707 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=1&gdpr_consent=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D43a10520d0702469%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.81.168 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
168.81.95.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
crum
dsum-sec.casalemedia.com/ Frame C707
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
43 B
907 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D43a10520d0702469%26uid%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
73968dad3b5f8891-LHR
pragma
no-cache
date
Fri, 12 Aug 2022 04:44:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R5mIwqeLpQEg7edCWpOL5X9Y8k2v6KBOlqj6PrBy472WK8ngJFJaTkWWkydrkl6zUVjmOgTL2xeEOFNA9FO7292SSjyRo%2Ftktio1uAaD3Gx%2FbAqOaAxH0qjcZjjq2xVsTV7KMFn2ch34xQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Fri, 12 Aug 2022 04:44:01 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
ie
match.prod.bidr.io/cookie-sync/ Frame C707 		43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D43a10520d0702469%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.232.242 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-232-242.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
Date
Fri, 12 Aug 2022 04:44:01 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
CookieIndex
rtb.adentifi.com/ Frame C707 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D43a10520d0702469%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.196.141.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-196-141-245.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:01 GMT
um
u-ams02.e-planning.net/ Frame C707 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=99e41df815fd80b4&fi=43a10520d0702469&uid=YvXakKiDGI75kSTold2WjQAA%261144
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D43a10520d0702469%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.249 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:01 GMT
server
openresty
content-type
image/gif
usync.js
eus.rubiconproject.com/ Frame AA5D 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184-d
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
547e0b6a33dd02dbdee7f98804ea3434b1714beab2b32fc6c08b021e3159de1d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=17184-d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:44:01 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Jul 2022 20:44:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=34805
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9454
Expires
Fri, 12 Aug 2022 14:24:06 GMT
data
bcp.crwdcntrl.net/6/ Frame A981 		20 B
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.103.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-103-128.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
ab612e26357285522cbacea29b729bfdff3b7342c75ee9438ab83a27ce4b297e

Request headers

Referer
https://s.e-planning.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:01 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://s.e-planning.net
expires
0
cache-control
no-cache
x-server
10.45.5.243
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
20
x-consent
absent
data
bcp.crwdcntrl.net/6/ Frame 68E5 		20 B
308 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.103.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-103-128.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
ab612e26357285522cbacea29b729bfdff3b7342c75ee9438ab83a27ce4b297e

Request headers

Referer
https://s.e-planning.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:01 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://s.e-planning.net
expires
0
cache-control
no-cache
x-server
10.45.19.165
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
20
x-consent
absent
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame D1D7 		121 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: file.adpartner.pro
URL: https://file.adpartner.pro/2297/2297845/zdorovia.com.ua_160x600_br1.html?content_width=980px&background_size=1710.5454545454545&top_padding=0&side_width=310&bg_url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fbackground_empty.jpg&unit_num=1550_2200341753400048&url=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F1550%2F2297845%2F4ca1a630-85e7-46c6-b0e3-47b175c540f0%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjYwMjc5NDM5LCJzaG93X2lkIjoiNGNhMWE2MzAtODVlNy00NmM2LWIwZTMtNDdiMTc1YzU0MGYwIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiNWY5ZThlYjktMDI4YS00YTdiLWIyYjctNjQzMGVhOTY5ODJiIiwicmVnaW9uX2lkIjo4Niwic3ViX3JlZ2lvbl9pZCI6MCwiY2l0eV9pZCI6MCwiaXNfcmVmcmVzaCI6ZmFsc2V9%26hash%3Dc611b8bc13cbc64a8fc5dbf77c5a900e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
03c7a73eb49d20a873dd15cf622bcc9ccab0355cd68dbde468734a89b1852f54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40674
x-xss-protection
0
server
cafe
etag
8732470635962894960
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 12 Aug 2022 04:44:01 GMT
media.min.js
a4p.adpartner.pro/apstc/ Frame E858 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/apstc/media.min.js?v=1.1.423
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
71849c671a5e607e906ff0d436236bdf6b14950397ad37e5daf0540eb9c84f58

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:01 GMT
cache-control
no-store no-transform
last-modified
Tue, 15 Mar 2022 16:47:24 GMT
server
nginx
content-encoding
br
etag
W/"6230c31c-3ac0"
content-type
application/javascript
tt
a4p.adpartner.pro/ Frame 2885 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=3&session_id=2bae461f-e33d-4c87-af26-e960099a20a7&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F&referer=http%3A%2F%2Fzdorovia.com.ua%2F
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store no-transform
date
Fri, 12 Aug 2022 04:44:01 GMT
server
nginx
ls
a4p.adpartner.pro/media/ Frame B262 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/media/ls?mediaunit=7434&apuid=5f9e8eb9-028a-4a7b-b2b7-6430ea96982b&session_pageview=3&session_id=2bae461f-e33d-4c87-af26-e960099a20a7&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
a05f9c7b921d383e70f376162c6c89244d750c871eb042acf694c177ed1c666b

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store no-transform
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 12 Aug 2022 04:44:01 GMT
server
nginx
usync.js
eus.rubiconproject.com/ Frame 79E5 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
547e0b6a33dd02dbdee7f98804ea3434b1714beab2b32fc6c08b021e3159de1d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:44:01 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Jul 2022 20:44:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=34805
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9454
Expires
Fri, 12 Aug 2022 14:24:06 GMT
ev_view.aspx
ads.go2net.com.ua/ 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.go2net.com.ua/ev_view.aspx?cc=DE&am-uid=697b573e3a4444e5bed84c52be179dbd&cet=9&zone=211243EB-11BA-464C-A0C6-BA847F55B0AD&rule=8031EB30-F8BC-4C42-B0CE-47540A4C2D9E&requestId=a6d61ada-7278-4b2a-aedf-2b04b31d501c&hp=1048539382&page=zdorovia.com.ua%2F&pvid=c51d0703-a71a-41bb-b710-2a4b45a3202f&inst=ADS-EU-7&ts=637958762394447913&sf=0
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:44:01 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
lt.min.js
tags.crwdcntrl.net/lt/c/15238/ Frame 9D06 		49 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/823cbe91964ba8ec/lotame20220804.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-47.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9466e9e7baf16cf5f9f787bec7685504c8c228cab66a7d871983d223c67a1ade

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Thu, 11 Aug 2022 06:00:01 GMT
content-encoding
gzip
last-modified
Wed, 03 Aug 2022 18:30:08 GMT
server
AmazonS3
age
81841
etag
W/"fdcd13007d5be3c218bd461a6aad998b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
ScGcubWPc74a4iAQq7ET5wkvQA1Wa_XPEfZtOETiIoEhjP9OjvPvPA==
GS.d
js.cookieless-data.com/ Frame EE0C 		0
535 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1660279441240
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.158.28.82 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
51-158-28-82.rev.poneytelecom.eu
Software
nginx/1.20.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 04:44:01 GMT
Server
nginx/1.20.2
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
P3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-Xss-Protection
0
Expires
Tue, 01 Jan 2000 00:00:00 GMT
cmp
spl.zeotap.com/ Frame DFDB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=edca303e-4dde-4b05-527e-8debcc82f85f&reqId=c675a461-1777-404b-4e6d-c365ec37f086&zdid=1361&cmp=0
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=edca303e-4dde-4b05-527e-8debcc82f85f&reqId=c675a461-1777-404b-4e6d-c365ec37f086&zdid=1361
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://spl.zeotap.com
cf-cache-status
DYNAMIC
cf-ray
73968dabeb05750d-LHR
date
Fri, 12 Aug 2022 04:44:01 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Origin
via
1.1 google
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 772C 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua&bust=31068864
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 12 Aug 2022 04:44:01 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame B609 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 12 Aug 2022 04:44:01 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 9639 		121 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: file.adpartner.pro
URL: https://file.adpartner.pro/2085/2085828/zdorovia.com.ua_970x250_ruslan1.html?adId=2085828&unitId=7434&link=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F7434%2F2085828%2F8006a2b9-932c-46a2-9df1-855ae58ed7eb%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjYwMjc5NDQwLCJzaG93X2lkIjoiODAwNmEyYjktOTMyYy00NmEyLTlkZjEtODU1YWU1OGVkN2ViIiwiYWRfdW5pdF9pZCI6NzQzNCwicnVsZV9pZCI6MTg0MzIzLCJhZF9pZCI6MjA4NTgyOCwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiNWY5ZThlYjktMDI4YS00YTdiLWIyYjctNjQzMGVhOTY5ODJiIiwicmVnaW9uX2lkIjo4Niwic3ViX3JlZ2lvbl9pZCI6MCwiY2l0eV9pZCI6MCwiaXNfcmVmcmVzaCI6ZmFsc2V9%26hash%3D249d0031e7a8c18be575fb13dc935642&showId=8006a2b9-932c-46a2-9df1-855ae58ed7eb&apuid=5f9e8eb9-028a-4a7b-b2b7-6430ea96982b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9aca92d7fb026f85e32cb617ec9e27d4fe695b2faf61f7f35232f849bbe6bc80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40611
x-xss-protection
0
server
cafe
etag
78069939461521544
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 12 Aug 2022 04:44:01 GMT
lotame20220804.html
s.e-planning.net/esb/4/0/1992d/823cbe91964ba8ec/ Frame 749F 		627 B
543 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/823cbe91964ba8ec/lotame20220804.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.253 Hilversum, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
30fe2b4dd3ea9446d92fa0dad1ce04ad1fb0729696ca6e04d6bfaacfb5681ed6

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=157680000
content-encoding
gzip
content-type
text/html
date
Fri, 12 Aug 2022 04:44:01 GMT
etag
W/"62ec189b-273"
expires
Wed, 11 Aug 2027 04:44:01 GMT
last-modified
Thu, 04 Aug 2022 19:06:03 GMT
server
openresty
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame 9727 		636 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.253 Hilversum, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=157680000
content-encoding
gzip
content-type
text/html
date
Fri, 12 Aug 2022 04:44:01 GMT
etag
W/"601b131c-27c"
expires
Wed, 11 Aug 2027 04:44:01 GMT
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
server
openresty
sync
vid.vidoomy.com/ Frame DB9D 		49 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vid.vidoomy.com/sync?gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3ab023ac29ea5990%26fi%3D43a10520d0702469%26uid%3D%7B%7BVID%7D%7D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
acff2f7ced83945dfb1b2227c926ec6a29d4c9ef436b6cd78a0d0d7447286a09

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
br
content-type
text/html
date
Fri, 12 Aug 2022 04:44:01 GMT
etag
W/"61c991db-c5bc"
last-modified
Mon, 27 Dec 2021 10:13:47 GMT
server
CDN77-Turbo
x-77-cache
MISS
x-77-nzt
AcO1qhGLK0XB
x-77-nzt-ray
nwX1j3gRTug
x-77-pop
frankfurtDE
x-accel-expires
@1661316241
x-cache
MISS
csync
sync.adtelligent.com/ Frame 4DAD 		0
384 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=ADad1O%2frWZo0of0V
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
0
Date
Fri, 12 Aug 2022 04:44:01 GMT
Etag
f5510b651dfb71a4
Server
Adtelligent
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/ Frame D1D7 		340 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro&bust=31068911
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2bae72bcba59479508acbda8ac1ad7e4b7271d6df493240eeafeb409ec6d1ad7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122751
x-xss-protection
0
server
cafe
etag
426658552975929599
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 12 Aug 2022 04:44:01 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 8FA9 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua&bust=31068911
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 12 Aug 2022 04:44:01 GMT
khaos.jpg
token.rubiconproject.com/ Frame AA5D 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Content-Type
image/jpg
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame D1D7 		121 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: file.adpartner.pro
URL: https://file.adpartner.pro/2297/2297845/zdorovia.com.ua_160x600_br1.html?content_width=980px&background_size=1710.5454545454545&top_padding=0&side_width=310&bg_url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fbackground_empty.jpg&unit_num=1550_2200341753400048&url=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F1550%2F2297845%2F4ca1a630-85e7-46c6-b0e3-47b175c540f0%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjYwMjc5NDM5LCJzaG93X2lkIjoiNGNhMWE2MzAtODVlNy00NmM2LWIwZTMtNDdiMTc1YzU0MGYwIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiNWY5ZThlYjktMDI4YS00YTdiLWIyYjctNjQzMGVhOTY5ODJiIiwicmVnaW9uX2lkIjo4Niwic3ViX3JlZ2lvbl9pZCI6MCwiY2l0eV9pZCI6MCwiaXNfcmVmcmVzaCI6ZmFsc2V9%26hash%3Dc611b8bc13cbc64a8fc5dbf77c5a900e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
03c7a73eb49d20a873dd15cf622bcc9ccab0355cd68dbde468734a89b1852f54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40674
x-xss-protection
0
server
cafe
etag
8732470635962894960
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 12 Aug 2022 04:44:01 GMT
khaos.jpg
token.rubiconproject.com/ Frame 79E5 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Content-Type
image/jpg
lt.min.js
tags.crwdcntrl.net/lt/c/15238/ Frame 749F 		49 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/823cbe91964ba8ec/lotame20220804.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-47.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9466e9e7baf16cf5f9f787bec7685504c8c228cab66a7d871983d223c67a1ade

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Thu, 11 Aug 2022 06:00:01 GMT
content-encoding
gzip
last-modified
Wed, 03 Aug 2022 18:30:08 GMT
server
AmazonS3
age
81841
etag
W/"fdcd13007d5be3c218bd461a6aad998b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
VZAYG0aKBZE-YD4_kAJAG1ICVkndyMlXxTgvSI_9dmWDcwIpXwv5Fw==
GS.d
js.cookieless-data.com/ Frame 9727 		0
535 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1660279441369
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.158.28.82 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
51-158-28-82.rev.poneytelecom.eu
Software
nginx/1.20.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 04:44:01 GMT
Server
nginx/1.20.2
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
P3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-Xss-Protection
0
Expires
Tue, 01 Jan 2000 00:00:00 GMT
media
a4p.adpartner.pro/ Frame B262 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/media?id=7434&session_id=2bae461f-e33d-4c87-af26-e960099a20a7&session_pageview=3&site_visited=1
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/media/ls?mediaunit=7434&apuid=5f9e8eb9-028a-4a7b-b2b7-6430ea96982b&session_pageview=3&session_id=2bae461f-e33d-4c87-af26-e960099a20a7&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
16a6759adcd6e69cfcc15f23b440bb6e058b234a123a890c951aede390b5577e

Request headers

Referer
https://a4p.adpartner.pro/media/ls?mediaunit=7434&apuid=5f9e8eb9-028a-4a7b-b2b7-6430ea96982b&session_pageview=3&session_id=2bae461f-e33d-4c87-af26-e960099a20a7&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
text/plain

Response headers

date
Fri, 12 Aug 2022 04:44:01 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
text/html; charset=utf-8
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208080101/ Frame 9639 		340 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
16c86ea6fb040faa1f7f98ac001f5efdd4407cc8568f8b4fc6ed88dbadb8a54a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122758
x-xss-protection
0
server
cafe
etag
17520119932421472050
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 12 Aug 2022 04:44:01 GMT
optimus_rules.json
tags.crwdcntrl.net/lt/c/15238/ Frame 9D06 		155 B
642 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-47.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff

Request headers

Referer
https://s.e-planning.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 11 Aug 2022 17:15:55 GMT
via
1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront)
age
41287
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
155
last-modified
Wed, 03 Aug 2022 18:30:08 GMT
server
AmazonS3
etag
"1a1722e9cedbdc8af0dcd3345e46c73a"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age: 86400
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
lOmgdPQfQ6F2Kgm8F8VMztUJ3qcORLHDWYQhsVfRG6l7_x4RLGd_KQ==
integrator.js
adservice.google.de/adsid/ Frame D1D7 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=file.adpartner.pro
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro&bust=31068911
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 12 Aug 2022 04:44:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame D1D7 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=file.adpartner.pro
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro&bust=31068911
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 12 Aug 2022 04:44:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 9C11 		603 B
65 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_1&adk=1620915178&adf=2429112188&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_2200341753400048%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F4ca1a630-85e7-46c6-b0e3-47b175c540f0%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjYwMjc5NDM5LCJzaG93X2lkIjoiNGNhMWE2MzAtODVlNy00NmM2LWIwZTMtNDdiMTc1YzU0MGYwIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiNWY5ZThlYjktMDI4YS00YTdiLWIyYjctNjQzMGVhOTY5ODJiIiwicmVnaW9uX2lkIjo4Niwic3ViX3JlZ2lvbl9pZCI6MCwiY2l0eV9pZCI6MCwiaXNfcmVmcmVzaCI6ZmFsc2V9%2526hash%253Dc611b8bc13cbc64a8fc5dbf77c5a900e&wgl=1&dt=1660279441267&bpp=9&bdt=189&idt=146&shv=r20220809&mjsv=m202208090101&ptt=5&saldr=sa&correlator=1223185058361&frm=22&ife=1&pv=2&ga_vid=473660744.1660279441&ga_sid=1660279441&ga_hid=197342225&ga_fc=0&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2299206776&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31068911&oid=2&pvsid=2581001340955888&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.hmreuie6nnsa&fsb=1&xpc=tjEdRDL2xw&p=https%3A//file.adpartner.pro&dtd=169
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro&bust=31068911
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Aug 2022 04:44:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 0AF7 		603 B
65 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_2&adk=1974494150&adf=1045959009&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_2200341753400048%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F4ca1a630-85e7-46c6-b0e3-47b175c540f0%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjYwMjc5NDM5LCJzaG93X2lkIjoiNGNhMWE2MzAtODVlNy00NmM2LWIwZTMtNDdiMTc1YzU0MGYwIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiNWY5ZThlYjktMDI4YS00YTdiLWIyYjctNjQzMGVhOTY5ODJiIiwicmVnaW9uX2lkIjo4Niwic3ViX3JlZ2lvbl9pZCI6MCwiY2l0eV9pZCI6MCwiaXNfcmVmcmVzaCI6ZmFsc2V9%2526hash%253Dc611b8bc13cbc64a8fc5dbf77c5a900e&wgl=1&dt=1660279441398&bpp=3&bdt=320&idt=46&shv=r20220809&mjsv=m202208090101&ptt=5&saldr=sa&prev_slotnames=zdorovia.com.ua_160x600_br_1&correlator=1223185058361&frm=22&ife=1&pv=1&ga_vid=473660744.1660279441&ga_sid=1660279441&ga_hid=197342225&ga_fc=0&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2299206776&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31068911&oid=2&pvsid=2581001340955888&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.wpzwf3me484m&fsb=1&xpc=xkHm3l1nPu&p=https%3A//file.adpartner.pro&dtd=50
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro&bust=31068911
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Aug 2022 04:44:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ptrack
a.audrte.com/ Frame 6723 		368 B
880 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptrack?arlocation=82.199.130.41&p=M1353665098&artime=2022-08-12T04:44:01.453Z&arlocation=YWRzLnVzLmUtcGxhbm5pbmcubmV0L3VzcGQvMT9jdD0xJmR1PWh0dHBzJTNBJTJGJTJGc3luYy5hZHRlbGxpZ2VudC5jb20lMkZjc3luYyUzRnQlM0RhJTI2ZXAlM0QzMDc5NzElMjZleHR1aWQlM0QlMjRVSUQ=&gdpr=0&gdpr_consent=null&gdpr_version=1&arreferer=cy5hZHRlbGxpZ2VudC5jb20v
Requested by
Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.207.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-207-25.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
78cf3d28b5bc71f6bd5fd0bb5f918665edbabec61f11bbe46c64b47ffadb56b8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:44:01 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
https://ads.us.e-planning.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
263
data
bcp.crwdcntrl.net/6/ Frame 9D06 		20 B
308 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.103.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-103-128.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
ab612e26357285522cbacea29b729bfdff3b7342c75ee9438ab83a27ce4b297e

Request headers

Referer
https://s.e-planning.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:01 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://s.e-planning.net
expires
0
cache-control
no-cache
x-server
10.45.19.165
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
20
x-consent
absent
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F52B 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
39011
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 11 Aug 2022 17:53:50 GMT
expires
Fri, 11 Aug 2023 17:53:50 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 7A14 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
62e471195c960098b118dcec1b56e57c3fff8e2a3941eb53d1bcb206992daf87
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-3Fap4WbAlzxgsFleUFiKIw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-3Fap4WbAlzxgsFleUFiKIw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 12 Aug 2022 04:44:01 GMT
expires
Fri, 12 Aug 2022 04:44:01 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
optimus_rules.json
tags.crwdcntrl.net/lt/c/15238/ Frame 749F 		155 B
642 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-47.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff

Request headers

Referer
https://s.e-planning.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 11 Aug 2022 17:15:55 GMT
via
1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront)
age
41287
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
155
last-modified
Wed, 03 Aug 2022 18:30:08 GMT
server
AmazonS3
etag
"1a1722e9cedbdc8af0dcd3345e46c73a"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age: 86400
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
k91LJl137UWXK9HHKNjhlJZij0BGkzsD4oB4-8Kz8WO5gThVwy_n0Q==
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B162 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
39011
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 11 Aug 2022 17:53:50 GMT
expires
Fri, 11 Aug 2023 17:53:50 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 3C73 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
dac08bda89a9c0dba0b73a6e0dd4868de08600c8956f2e89beaa51fe8045aef8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-5vBjOAgLzuBkPptm5J7N4A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-5vBjOAgLzuBkPptm5J7N4A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 12 Aug 2022 04:44:01 GMT
expires
Fri, 12 Aug 2022 04:44:01 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 288A 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
39011
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 11 Aug 2022 17:53:50 GMT
expires
Fri, 11 Aug 2023 17:53:50 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 75F9 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
365e3d40b517a90f8fef5831636b636d94407dd42d3c51a2fe64cf41973e03f4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-3Ji1AaTlab3_jWq6xfqf7Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-3Ji1AaTlab3_jWq6xfqf7Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 12 Aug 2022 04:44:01 GMT
expires
Fri, 12 Aug 2022 04:44:01 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7500 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BewJGHCRXY_rnZ9LNnaGfatTfgryQ9h7UN4PCIRPcevKx_zvEPcRExmXkbMLeCAtY234CMxIJhe6zv4lVmtJu3Mzvsxrj2boC8VBOQfSyOBetgWzw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417942&pi=t.ma~as.7553037928&w=728&lmt=1660279441&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1660279440592&bpp=4&bdt=1010&idt=435&shv=r20220809&mjsv=m202208080101&ptt=9&saldr=aa&correlator=7089674479857&frm=23&ife=5&pv=1&ga_vid=2117477704.1660279439&ga_sid=1660279439&ga_hid=377329752&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531514&oid=2&pvsid=2828283966670232&tmod=1092595463&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.tx2bxs9y3cti&fsb=1&dtd=451
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame 7500 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417942&pi=t.ma~as.7553037928&w=728&lmt=1660279441&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1660279440592&bpp=4&bdt=1010&idt=435&shv=r20220809&mjsv=m202208080101&ptt=9&saldr=aa&correlator=7089674479857&frm=23&ife=5&pv=1&ga_vid=2117477704.1660279439&ga_sid=1660279439&ga_hid=377329752&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531514&oid=2&pvsid=2828283966670232&tmod=1092595463&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.tx2bxs9y3cti&fsb=1&dtd=451
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:34:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
564
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Aug 2022 04:34:37 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7500 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417942&pi=t.ma~as.7553037928&w=728&lmt=1660279441&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1660279440592&bpp=4&bdt=1010&idt=435&shv=r20220809&mjsv=m202208080101&ptt=9&saldr=aa&correlator=7089674479857&frm=23&ife=5&pv=1&ga_vid=2117477704.1660279439&ga_sid=1660279439&ga_hid=377329752&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531514&oid=2&pvsid=2828283966670232&tmod=1092595463&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.tx2bxs9y3cti&fsb=1&dtd=451
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44015
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1660137096112928"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 12 Aug 2022 04:44:01 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame 7500 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417942&pi=t.ma~as.7553037928&w=728&lmt=1660279441&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1660279440592&bpp=4&bdt=1010&idt=435&shv=r20220809&mjsv=m202208080101&ptt=9&saldr=aa&correlator=7089674479857&frm=23&ife=5&pv=1&ga_vid=2117477704.1660279439&ga_sid=1660279439&ga_hid=377329752&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531514&oid=2&pvsid=2828283966670232&tmod=1092595463&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.tx2bxs9y3cti&fsb=1&dtd=451
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:25:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1122
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Aug 2022 04:25:19 GMT
l
www.google.com/ads/measurement/ Frame 7500 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTYRIO1zG1gv5qE2mwK1rPPolvqUmFsfBZDxFsa-NhyV2XpLMGCt4KJYJcgbGl1f4WSOTXB4h8SN3PjAhMasxTvJ4jZlg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417942&pi=t.ma~as.7553037928&w=728&lmt=1660279441&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1660279440592&bpp=4&bdt=1010&idt=435&shv=r20220809&mjsv=m202208080101&ptt=9&saldr=aa&correlator=7089674479857&frm=23&ife=5&pv=1&ga_vid=2117477704.1660279439&ga_sid=1660279439&ga_hid=377329752&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531514&oid=2&pvsid=2828283966670232&tmod=1092595463&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.tx2bxs9y3cti&fsb=1&dtd=451
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame 291F 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEY2ajFwwEwAQ&v=APEucNXgYWvXakJVftMJp3kGb-HLrIN2g_DI7is1FwPvaJJV3mVabTpHZRWDnor0pAGC8r91lAskxE4BTysUu-QNBnf6zPhXLzJl0Of9l42U3GkYoW3clhFHeKAfmc7F4KkkMK169SIzJwaa_AcUd9ZyVCSqR4Do1IKnaX6XdUuL1ZGSK4l5u4o
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417942&pi=t.ma~as.7553037928&w=728&lmt=1660279441&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1660279440592&bpp=4&bdt=1010&idt=435&shv=r20220809&mjsv=m202208080101&ptt=9&saldr=aa&correlator=7089674479857&frm=23&ife=5&pv=1&ga_vid=2117477704.1660279439&ga_sid=1660279439&ga_hid=377329752&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531514&oid=2&pvsid=2828283966670232&tmod=1092595463&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.tx2bxs9y3cti&fsb=1&dtd=451
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417942&pi=t.ma~as.7553037928&w=728&lmt=1660279441&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1660279440592&bpp=4&bdt=1010&idt=435&shv=r20220809&mjsv=m202208080101&ptt=9&saldr=aa&correlator=7089674479857&frm=23&ife=5&pv=1&ga_vid=2117477704.1660279439&ga_sid=1660279439&ga_hid=377329752&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531514&oid=2&pvsid=2828283966670232&tmod=1092595463&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.tx2bxs9y3cti&fsb=1&dtd=451
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Aug 2022 04:44:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 7500 		80 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A_qiuvRQRfJ8D-S6w85y-SN3f9QIB0o_zTItqozUInrdig0HmJUvRwI5nHUEbAcJ95mfoA5Fkg9roYLEtFFEd43wEQe8ILhHMDu3OpEeehXaAP6H4_BNN-aDPf5wNDc-nibSeD9d74NPMwcsoyEIKhKUOa6A&dbm_d=AKAmf-CFBf1SQGFaYijQfq8wAbSeDjz1b-udqZU3O_U28jqXWLkVlwvnTmL6du_o-gYqoQZqKVTkvFKxmd63nokIlDEOEg8Ip6yhpq_0vB28gr8O0a-4S9FSBY32LFpN1wmQG0mx-cJOvK8wpubIbn9cDAi-GBLRbowcslndixBkKRa0JNgVyyo5NXumusSJ12NQ1B0sSqhvaLuO7LvP65r_Vb3LZewHFUsjWpXiCWiISUiy0igtk8FKO2_to8CUj0TRcLRq_WG1AJ0I0gNsHue5BU4qiyptTQbqrHaWzf-CP353lVlPw3Ol5VwVm0atnKhhj1vaotaDIiKoAkVKxB_G4QdmxYSak7zixwv_5UaQ7iHil-U07OmwGsjm6XK7bUzKCTgIdeRQn8WWPXe2tRP5XZGPvCaPQ20ARCTW56geU5kYRxFwDJDk6yEM0Zb55NGCMxH-su76trTQuLhfNs5XzJEh-BfTAdfpfpX_WpUP0T0UVaPEc0TlO-W1vfjllrBw6E_Nrxe5TKzc9uaMkr8ckbzsgpvAnH0vyFrBrLeSmBOfyL-GPmCthQwPYi19qDnz1CXSLfv1RG--QtC5jzTly5JlApKOwOBORv193yvf7rfXAxihZ5RiNgEnnpguuDY47gAdN7y12fN4FTnXq-HTrkttsE6xZ5I6g9vFk-glNgykQ1KefpWQmNI4i8HhZOnTnuHMwXMcr-B3V62PzqXZOfmS6jJ0GTuVPolg3SKqgtZFSlwVEFbfan1R8iACM7iDF3btT9I892GpWDsrXnQsmRf2BQASyibcsX6KDQxozEfzRK-WFKgMu159W_9sm4GPEQTszE_8kpCVVL-n7wtcuFmqL0saTx7QK_7yIxqFU2X-6iUnTuhlYxss1VORQlhnSN0jJ1B3tfRN4Ntv6YN43iuxFE08-dfO9DBZyT4JJcHfmsCmvbJtZsdxzVgJk8CbMff0qP8sQ8Mjy2eqhFy16c3Qx6IDZBMhb0N8OX_-Y0a7bsT9Ojrdz1eMnVp8quSQ4O33JKuZz4AnYTNop6HJCLlJqKirArx7Dbx9WeployxvVyG_2NxjkafddkmmOwhZdSGUq59nStou_ZVfAzamjWyzyfS2Ndot-w4j5sC9wR7FHIinFzf9yAqH927jrb8mJsFEaV3AuiFUl6CZ2JY-Didi4MvJoAjVtcME9yItTE7pOvKsXmFge6chalqoznFUu8ejO_RLjj6fDYskbYcJPIzfH8Ik6briaiQP2qEda_hraFWDlaENjsMncI5Wwomy4k_Lv9VlvR_RiJH46FxnSYYlWoiomiLOuJ6kq8Xm7_ySSMQ-jHIxFUPXN5xJ4O-sAJOFDb6lVh8BrD9jBqZ7aV5WfLk0NerlzqsHtXlHVAjpiUiSp0VSAPZXQxpJ5mt8De-VA_EV19nmpCSqKiHYM481e0X8UdI7jCFb6x3-LaaQTioocKH1jJeirK3J6obr_eE7f2BsSUhJJ_XmAtr17JrNWWlgde_Ke2OHaJO7OO61Zwzvb8tWZcev9m8I4bMXJkZp0rdgF7q6qAULw9Q1pZLMkj_vAiXJS1XERIA-8MBP1NcqwWwIhphbGl3QaLG_ThH4di50oKrF_16mRjMYuysP4S4tAXk1c8x_p_fezA_cgUsQNcH2oIiS7xb3BmSzV5QM-GmBBgzSXgdvaSQeFCNbydp9q2TDplqPJSf7XtRU-s7JTa6OEBe4pJ-s3zbfVy6HAxjBy_cvcVF1R-VOV1QgDblic-CMaj0wDsTPi_bSQgMmp5BAzswnypuwBYDqCmPUB0XOGebJuYhs4MavHYnmlm-L_J8hypv7gF-rGvqeK8TRSwEBhq-oO9VhqnxviqBGP3Mq-dGNQDD9h_LKngnkjgqISJ7RzRiHj4umvDQKdq2YYeQkUVm9AwqE6aFZHQRrO6-HsKZ-xpus-ffNLB4-EWYaY5exzBEPokt_aUU5rjHAhCD3yrRZ3bMnUfRmIC_CkCByu5jedf60D47dRuLxANM2fu9OHDg35P3TnMLr5536SpRq4ForVcwQEz5lbFVGl-ZRNy9X2BlFt_gh8OBPeRXK00boy6ySkPMEC149nQmBJytDkeJeV506fJkEpH7ueW_IOAO5Xnxstdm-1uXuiNloF8G1y-Z1mlMko0k_am1I8fzQIZ_k9frG1wFUTOipyLacfqCrGP7Xbyy198DlLMaPHP6kOiLs6bHNHHxf_10SiQQLYJpr-IR16e72aBLYCVESESBS1wbSk7Grq7Obmc_X4CNL2ZiRa_RhEAj2wYVT4BLTAxnT3EcNdSIimlwwG66xnkIU26YWa3QDZVZrUezm3lgcRB72OItrwAh0MRaA1RXyTT5fw7RkmF5TLZwdYjSoqWmO4UnXeHr-c4pI4x6vL_CnxxkwTWWfpoog3_PJ7WzrNaDG6bJvIi7CceftVF4Vki87e5jM7gG28whT5AWDjzGpb6QFjpFhx37dewLyyGV7bRR2HxTGx2q2MC_sIPPq0GER5CLIBBTknv_7Y-hH3gUK8ryHni1jfNnjrokol5hGVfS0FGF8A7d_AgxclED0g1h5a8OmoR7N9B-N58aFLv6cOuokFExjAOCKUwGFX_lI4IlydQ8rHjA73Pg359QTWAoSuKTZNkfdjo55ox9_ByMTjaizgj9aOq_zOBHWw1Xt7Nt3s1vmPwIW6xk605Ejrr8va63tzk6M4mW8X276LxwYuQwD_aBo-nYmDrcuSrDm20im42CmrVH-4_e-xSjJII28LNsj5xrE2ePStJOqplGHfT9ShHhgRC650U-OR67qQYEh73GtuRoqwwhrNs_ymctELXVfRIFX51U2o4XKQynnjk7DWseSaGcyl3r4_utsa6sgbbc96UiOJnzYehmpQdPPBtyTDGicFz5ILzdOPWFFcmDdu-U0sb3gWI2JCExxNVYLsRAE_xCagi_qKkhz4H7zi_W0XXWlnE6BlW5Ohq2J4_Z8Zr4X3tBXsTFBWzdkf0oyhVpDXSM7RK_b8jEAeGt41aRzQgD9PzOkvva6PeWw77TobYFt1fJPSaMxtgb1VBF6K_m_1QLPKGO_0fqh9xRsBMsHQgrhGx4tM0b2tkgHoWbrVQrTMf2owXrrpFO3Gk3aU6LaxoK4PJVod1-ADi5xsgLfyCgXX8U7c8hT_6NkqnvjNswd_l6JjAFFoXo3PQmsAO1YnMWn6VirOvfuL3zNchK8Z-2osUvfw2_wvmQFrlsKFoQOFYQNY9H52AGnX7OMzedB3nuW6Humj2XBXy7G8p1IA5APu8C8GHAANxQgKKtbEV1kGFICsGt87GdkSInvcqoEZ9IRawakEcQ39gZJFjIqJCF638tJlnr1KRHagwjysZYpTsFJGp3UVsh15FCFtHLcOJlrRZRgz1hSIMWWcEKJ8oGhI0B0Vh4hefe0v9W3li2obU1RTsbzvwRLdMYPspAwIbSooEN_hGEPc0uCI2sd_HG1GehU0hTEmjVbTfCq7D0l08FXMst5uDi-V7axCTLdpUB6GoviZh77xqiJgrLFFaWXj3i3uxNjBLbndCIXWpQVDqyxyX8486EgcqEWF4Mg1egesqynhxmR&cid=CAASEuRoBZ5XTc4hrxTHZryz2UFiwg&rfl=2%2Chttp%253A%252F%252Fzdorovia.com.ua%242%2Chttp%253A%252F%252Fzdorovia.com.ua%252F%240
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417942&pi=t.ma~as.7553037928&w=728&lmt=1660279441&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1660279440592&bpp=4&bdt=1010&idt=435&shv=r20220809&mjsv=m202208080101&ptt=9&saldr=aa&correlator=7089674479857&frm=23&ife=5&pv=1&ga_vid=2117477704.1660279439&ga_sid=1660279439&ga_hid=377329752&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531514&oid=2&pvsid=2828283966670232&tmod=1092595463&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.tx2bxs9y3cti&fsb=1&dtd=451
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
af01712aa7ba5b2cad5c3adadba195f4a575d042673f73636e3dc8ee3798c858
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417942&pi=t.ma~as.7553037928&w=728&lmt=1660279441&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1660279440592&bpp=4&bdt=1010&idt=435&shv=r20220809&mjsv=m202208080101&ptt=9&saldr=aa&correlator=7089674479857&frm=23&ife=5&pv=1&ga_vid=2117477704.1660279439&ga_sid=1660279439&ga_hid=377329752&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531514&oid=2&pvsid=2828283966670232&tmod=1092595463&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.tx2bxs9y3cti&fsb=1&dtd=451
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:01 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34259
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 5DE6 		640 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY95z5xgEwAQ&v=APEucNXfPG63RH8pj8R-KlBqZWvI59w2QCerCJTL1y7wANCEZlu-6PoSomwl79UVwU9GEqDqwkZToDDdkqi4fx3PrCxrUHN61wgR_0dDP2jddtq797KY_xIJTappt2gZf1JegTZwzPt9X_Gi3tRri9gcmtl-OSejQNgD-cDkyc4mD1AwDoyPPYw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417943&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1660279441&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1660279440660&bpp=3&bdt=1067&idt=336&shv=r20220809&mjsv=m202208090101&ptt=9&saldr=aa&correlator=7089674479857&frm=23&ife=5&pv=2&ga_vid=2117477704.1660279439&ga_sid=1660279439&ga_hid=1414994226&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763827%2C31068864%2C44766069%2C31062931&oid=2&pvsid=718410753625640&tmod=1497680027&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.kortct4z2o7u&fsb=1&dtd=348
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417943&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1660279441&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1660279440660&bpp=3&bdt=1067&idt=336&shv=r20220809&mjsv=m202208090101&ptt=9&saldr=aa&correlator=7089674479857&frm=23&ife=5&pv=2&ga_vid=2117477704.1660279439&ga_sid=1660279439&ga_hid=1414994226&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763827%2C31068864%2C44766069%2C31062931&oid=2&pvsid=718410753625640&tmod=1497680027&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.kortct4z2o7u&fsb=1&dtd=348
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
295
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Aug 2022 04:44:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 3AC6 		84 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DhMS01b7E_WIWt3uyryJNstL4vq8lZ4xhdPeBX1fEAzIp-RScNA6_rJylzjyLJcdQlPAGXEOv4C5uN5iHfbQyWZpRMfqM5HAOicIYVZEiIl6FIQsnnP63NpwpQcWp6zkBiOd17yJj8gc1goQ5-d6SHrrwIVw&dbm_d=AKAmf-AMPPcNlUxjX16ugZszu-CL_7bzQ4YEmSl2ZI3sXMVKBJPthsm_z7Y0a7JUCKoy9Qs-RzxKP3j-LrYq5W00Fnfs1F-fHS5C_AadP3z32cTrwj31Ts4AXyarlfwRaZ9FCaNCyo8lW7-GC8i3d7qB2xssWsYIRlP8rGBuwy8r0F7fYOrDtyfog0Y5xySTawvi2DwR-KSNvqLULkxZmPiEDmj0b6bSBjsyee7IqzHpUBDt5CTiyremgqIpv3uB7V5ZMl4B4y0FN9Fgw6ZgtUaUgXnluqxfz_gy_x4WhGUCcE9ip0rxCSeA5pubYtFxE9aJQ1LrNl45sInuz3R9DSkIM_ZloReO-VZVKW-A0niJJ4z0SPO547gok302YRSLdiYKOx6d4SM38fguDUdWxmKQegkcW_UyoJLLkdIfojlIK13pCysEMnHY96BSzjhS5aPHEj90-VE3YHGB5P69YRnldBv6QSt8cTQgMPSsSoLrEqE0wDPYHjaArzvjMeCkj4WQxyf2L9txd4BT3l7vgro9PzUODSZzR_HvHvP9kNFf7Cn4TGUNaDQabfy8gft95GR3cBnSzplpjqNvY0VgpNYkXZQUjjNXa_jfgMLS4zR-wkXiMY6NJ8sZkc24STuhyxD_3fCVaCIxYy4ldkdD5RZoOOdlGHy3WsvwwqvQqmdWJbwYQZKhkeh3cUgy1Oir-_bnpG1AKNc_jI7MkkNZeSdsAhe9vtmJ6Gap_eQXvGmI8CMDV7OJXj6FSWCGZn-rajOJye-HYG1aKJi5KSUxWxIukU3hoMTySbOvmD4Vg_-PHwGvBIMgWzbHB9vXaZ97Y-DSa3uKVnJLIyCf4aVqruFmig6SPhTdMc4ubeFLlyfgJzHyTOUdN7IgxV5tPbyBqRptpcSITWUhfwkVGmPK_nBmyn9r46EdNxscmZ29UXQ8-og0Zlq9b4aMh8NOo5PyNI-RDqq5qW7fcD5X3ncUl5Vw0DISJKmFlX7IQAu-Jl8N65V8cXwGMnHcyBRqqRrmmTUsCywbVO6Zy4roZE-ppMVDK6wkARmr6hqpsS0r8qtr4MLeQb-9ec1LKeXIuQKDQTu_NO_F-6k2PpuacrojsZoL2Zu4Jf8pQHoReOU2WISQEgb-y76Guq6-i297NermuY_IQyA9tjJUTUlCNmz63bDz31Nislh3P1b72ZbY_1JqaUv0KR7Ydr3GBxsK1kJrj4XilJ1P7gVhoINJwIJvW6db2qaMjeoWXD3h8WbjnUyDtEo_9exWt9bLsZPj7NdVgiJPKF_jUBuYMqgkcYR9xMRAbX3QCVwdbuQEpXncJu0rKJ7y2BXo_ADtlhPbopMzoFdBXEA7MDZC5Us7F8RENUfavCHXffCQt96_LjyaNKiEzx37szWM8y4FBPo-6HbOK2DkIrJJT2A0fQQQ-8omqtqnT3oZrxokee60_QnD_BwbZzjm-Cv_4qv_vT-8sgfdXxCIRKJmEwj8Ta2T-B-_eJtZ3i3lqshR2yxRE8YKe2Jki9rpZ6Ev-M2ijBhATBqb-SaSvhZmMPFKi3tsyaw3yIbxUgCu-6IGGGxLkIc5K6gMTQ3Ox-qgmTnAnBanUP_BrTh401JPPnLUE_yvm2zSCbqEcez-FsCfEVFWIP3a8vHuKSJNZnjSkWovMsDIeUzQnrcdV8zM4m7CYJ80miZmwbBK7q5EfBKOaduOsSO62W7_fv1bkRvx-N8RvOdqvQjRZVXUrUk3RBfA5SdUyPHh7EkdYj4LF2EYyEtE-PvujRPlj4_HlHTklF0fgAyncA4V3hYpb_LnO3QJSiwRcLUL5ZrRKWK9jusC4mudsC9XZTdnaMKSmADeRNiFuU3eZAp-d9lt44GVktBItiwVuCQkbtVpOSesRMt2BBaxRrc8XYsw3yxrJjEl_eYgQz0BptZtUbqnSyrY_rl3lXJq26TWwF-VR5tVQ2KhjX8UVZJ_SXaupaat7t3oO8BJd2Ra5CU0jIjAjlc5UthErEKarRonuzOCurhBttfqnPXaFrVqWeyU2Xe-srhhkY0N6A_YPVomtvrLnR_nfLOv7y9CCfuVC2sSVJNj5Hpu5yEqHyk4PWfUSe4PXFXOq3weAvTz1-e1qGXLzVZj1uAuQuCfPuUHDR9-zurXavNQ1S7rRCXiy1s_5U85MSDwM35CbZdmA8OjtxeZKJhqSgJsbfF_NtzElfWrlp3PSI_EZ_EYrj0rNmb9oSppSVseIS5x7gyVJuwGkjgRJ8ZFTVdTyZMSZFWlpHp6yqBuH9AEu-aJD6oQmXu8UXwm-1nGIzbnANlIpte6-Q78CxLflyif7g6E2KNml3u6OBP9MZcrZJv5_4VNavo1TzDmMa3k5sBn_rC2hO9Y-UU4xC1GlSZtDPTZ5vWkk4BfiCitPc4PzcdqjQLD4u07k-XXOE9MqX21iLKaGXOfMI_fjNmaaT8jg2PP0alfbLAmLoLCQaGVCZieNbLu67uqSznPaJcvxpB_Ls0jRYaYCvOahkmZP3kpK23D6qGAoh_Ljjaql-wnD3aSrmqo_WIrEuVwnMd_Mv30V6A01lpwyAXDZqULnXdGShuT0IonC2UpIh5n26R5hCdylxgq36cdP3DBxy8y9fY9jWPQAgEEEQvhk4yYhqb90Y3UMVsGhioGFP6CjS8mCSIhvpFI8HS7CmMnkZh1scQjGhNp3lyIEbvfH8TOgKi3IwsW80CF5kgli8wVVAUiJpfgS1CVkT2hM17AE6OA_otpSkgnU3s28pK1MN20RzoEoDnmC9pAbce57Kh0e_VrAFT6wIyqr3PJBUVod_7SVp4eQ2sFYq4XAKinebtKytivGx1nk454AEXxQfuNjH-B46goZgythaPrIGVUdKog17m3RKQzq-C29ELG310itIQqsfVb-hQA-eY8MpL-8f3zg8mkMENoNOMI3VL_-0QhK839imydyvr-kO7_FGePTrcq9JX8yljkHh1pUPWSudvBJP7az2_6CsOgAbdFbpfs0ypvQu0z2J_kyVR2ujduWSVhXivb3chBOML39JHArMuWlWZGgWQ72A0rHkidDSh8tdNxU4E8n2Hzf4K6BToDH1TsVbyzAcOp2bYE8bFTEUb8Qwc2baHWuNEoVWsa61oR6l6PjxKepH88IwYdXKVttgBmOIuibDEuG3A9s_rGdbLi9YjBOe7KY2JHX3un2_U8LdzBLD4jdTorMiGElKq0SqcS5SzNIl6MHQgAUn73iAnn_MyNRwoUorGwvyTzLRiOkdjG2Yb6uNZc5Lk0qxn0aDrRdtZpEBUHQWps0HttemLeHYX1aiXJdo9Jgcw2sk4U0V9C-xLQw4b0-uaxkvjwMxdthoGs_ptLfniB98mnQl7mvw&cid=CAASEuRoCanhGbYWkuvlOR3cS7g3Tg&rfl=3%2Chttp%253A%252F%252Fzdorovia.com.ua%242%2Chttp%253A%252F%252Fzdorovia.com.ua%252F%240
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
acf93cbb8374d6da6f1638ddcaaeb935d9195bad22b232c54b468eb81d40a9b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417943&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1660279441&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1660279440660&bpp=3&bdt=1067&idt=336&shv=r20220809&mjsv=m202208090101&ptt=9&saldr=aa&correlator=7089674479857&frm=23&ife=5&pv=2&ga_vid=2117477704.1660279439&ga_sid=1660279439&ga_hid=1414994226&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763827%2C31068864%2C44766069%2C31062931&oid=2&pvsid=718410753625640&tmod=1497680027&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.kortct4z2o7u&fsb=1&dtd=348
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:01 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34853
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame 3AC6 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417943&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1660279441&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1660279440660&bpp=3&bdt=1067&idt=336&shv=r20220809&mjsv=m202208090101&ptt=9&saldr=aa&correlator=7089674479857&frm=23&ife=5&pv=2&ga_vid=2117477704.1660279439&ga_sid=1660279439&ga_hid=1414994226&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763827%2C31068864%2C44766069%2C31062931&oid=2&pvsid=718410753625640&tmod=1497680027&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.kortct4z2o7u&fsb=1&dtd=348
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:34:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
564
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Aug 2022 04:34:37 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3AC6 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417943&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1660279441&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1660279440660&bpp=3&bdt=1067&idt=336&shv=r20220809&mjsv=m202208090101&ptt=9&saldr=aa&correlator=7089674479857&frm=23&ife=5&pv=2&ga_vid=2117477704.1660279439&ga_sid=1660279439&ga_hid=1414994226&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763827%2C31068864%2C44766069%2C31062931&oid=2&pvsid=718410753625640&tmod=1497680027&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.kortct4z2o7u&fsb=1&dtd=348
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44015
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1660137096112928"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 12 Aug 2022 04:44:01 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame 3AC6 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417943&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1660279441&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1660279440660&bpp=3&bdt=1067&idt=336&shv=r20220809&mjsv=m202208090101&ptt=9&saldr=aa&correlator=7089674479857&frm=23&ife=5&pv=2&ga_vid=2117477704.1660279439&ga_sid=1660279439&ga_hid=1414994226&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763827%2C31068864%2C44766069%2C31062931&oid=2&pvsid=718410753625640&tmod=1497680027&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.kortct4z2o7u&fsb=1&dtd=348
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:25:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1122
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Aug 2022 04:25:19 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3AC6 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BY9aXaIfxrtll65KuZNwATbvlbR4UPtWcrI6Hri8ZduiaZSj4w2BesdIzH62yv5IVl4CYDVsx2uq6Bf9hF1rYsjSxcF07TKENIDiucAB3fhV0SlWk
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417943&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1660279441&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1660279440660&bpp=3&bdt=1067&idt=336&shv=r20220809&mjsv=m202208090101&ptt=9&saldr=aa&correlator=7089674479857&frm=23&ife=5&pv=2&ga_vid=2117477704.1660279439&ga_sid=1660279439&ga_hid=1414994226&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763827%2C31068864%2C44766069%2C31062931&oid=2&pvsid=718410753625640&tmod=1497680027&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.kortct4z2o7u&fsb=1&dtd=348
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ Frame 9639 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=file.adpartner.pro
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 12 Aug 2022 04:44:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 9639 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=file.adpartner.pro
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 12 Aug 2022 04:44:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame F01F 		603 B
65 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155820319&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1660279441379&bpp=11&bdt=255&idt=159&shv=r20220809&mjsv=m202208080101&ptt=5&saldr=sa&correlator=6603141891572&frm=8&ife=1&pv=2&ga_vid=1281288135.1660279442&ga_sid=1660279442&ga_hid=296753254&ga_fc=0&nhd=2&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2716994411&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=1938943004259031&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.iia5htpsy5v0&fsb=1&dtd=170
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Aug 2022 04:44:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
data
bcp.crwdcntrl.net/6/ Frame 749F 		20 B
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.103.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-103-128.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
ab612e26357285522cbacea29b729bfdff3b7342c75ee9438ab83a27ce4b297e

Request headers

Referer
https://s.e-planning.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:01 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://s.e-planning.net
expires
0
cache-control
no-cache
x-server
10.45.5.155
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
20
x-consent
absent
zdorovia.com.ua_970x250_ruslan1.html
file.adpartner.pro/2085/2085828/ Frame 369C 		668 B
585 B 		Document
General
Check archive.org
Download Go to
Full URL
https://file.adpartner.pro/2085/2085828/zdorovia.com.ua_970x250_ruslan1.html?adId=2085828&unitId=7434&link=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F7434%2F2085828%2F04706a63-c19d-4030-a2be-7cdb146ad00d%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjYwMjc5NDQxLCJzaG93X2lkIjoiMDQ3MDZhNjMtYzE5ZC00MDMwLWEyYmUtN2NkYjE0NmFkMDBkIiwiYWRfdW5pdF9pZCI6NzQzNCwicnVsZV9pZCI6MTg0MzIzLCJhZF9pZCI6MjA4NTgyOCwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiNWY5ZThlYjktMDI4YS00YTdiLWIyYjctNjQzMGVhOTY5ODJiIiwicmVnaW9uX2lkIjo4Niwic3ViX3JlZ2lvbl9pZCI6MCwiY2l0eV9pZCI6MCwiaXNfcmVmcmVzaCI6ZmFsc2V9%26hash%3Db3cfc477defebddaa0f5c79963500259&showId=04706a63-c19d-4030-a2be-7cdb146ad00d&apuid=5f9e8eb9-028a-4a7b-b2b7-6430ea96982b
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/apstc/media.min.js?v=1.1.423
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.123.132.26 Kyiv, Ukraine, ASN35680 (VOLIA, UA),
Reverse DNS
26.132.123.77.colo.static.dcvolia.com
Software
nginx /
Resource Hash
4803ca05bf5d01dbd812e758881dc7cae6344da06c0fd9d19d42a341409a61e6

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-store
content-encoding
gzip
content-type
text/html
date
Fri, 12 Aug 2022 04:44:01 GMT
etag
W/"62947e8b-29c"
last-modified
Mon, 30 May 2022 08:21:31 GMT
server
nginx
if
a4p.adpartner.pro/tracker/ Frame DB92 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%25225f9e8eb9-028a-4a7b-b2b7-6430ea96982b%2522%252C%2522event%2522%253A%2522load%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2085828%252C%2522rule_id%2522%253A184323%252C%2522show_id%2522%253A%252204706a63-c19d-4030-a2be-7cdb146ad00d%2522%257D%255D%252C%2522unit_id%2522%253A7434%252C%2522region_id%2522%253A86%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%252204706a63-c19d-4030-a2be-7cdb146ad00d%2522%252C%2522url%2522%253A%2522http%253A%252F%252Fzdorovia.com.ua%252F%2522%257D
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate no-store no-transform
content-length
0
content-type
image/gif
date
Fri, 12 Aug 2022 04:44:01 GMT
expires
0
pragma
no-cache
server
nginx
if
a4p.adpartner.pro/tracker/ Frame E87F 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%25225f9e8eb9-028a-4a7b-b2b7-6430ea96982b%2522%252C%2522event%2522%253A%2522show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2085828%252C%2522rule_id%2522%253A184323%252C%2522show_id%2522%253A%252204706a63-c19d-4030-a2be-7cdb146ad00d%2522%257D%255D%252C%2522unit_id%2522%253A7434%252C%2522region_id%2522%253A86%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%252204706a63-c19d-4030-a2be-7cdb146ad00d%2522%252C%2522url%2522%253A%2522http%253A%252F%252Fzdorovia.com.ua%252F%2522%257D
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate no-store no-transform
content-length
0
content-type
image/gif
date
Fri, 12 Aug 2022 04:44:01 GMT
expires
0
pragma
no-cache
server
nginx
rum
dsum-sec.casalemedia.com/ Frame 291F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJxuiRNho_GtfQoPfHXO-r8&google_cver=1
43 B
909 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJxuiRNho_GtfQoPfHXO-r8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEY2ajFwwEwAQ&v=APEucNXgYWvXakJVftMJp3kGb-HLrIN2g_DI7is1FwPvaJJV3mVabTpHZRWDnor0pAGC8r91lAskxE4BTysUu-QNBnf6zPhXLzJl0Of9l42U3GkYoW3clhFHeKAfmc7F4KkkMK169SIzJwaa_AcUd9ZyVCSqR4Do1IKnaX6XdUuL1ZGSK4l5u4o
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
73968dae8d6a8891-LHR
pragma
no-cache
date
Fri, 12 Aug 2022 04:44:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oXeeXyCdzKMgFMW21VC%2Ffxm6SLTyV9kEtZYceHQAO9nEmTR0KOl1S8w8FvCX8a9unf5%2BHxiF2HGhu81CWu3ajDfWAFoMTZTpR3GPtrSRVAt4TFqCEj6fJyzKu0FWPUlSA83ZbMkHkRut%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:01 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJxuiRNho_GtfQoPfHXO-r8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 291F
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YvXakKiDGI75kSTold2WjQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJxuiRNho_GtfQoPfHXO-r8&google_cver=1
43 B
907 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJxuiRNho_GtfQoPfHXO-r8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEY2ajFwwEwAQ&v=APEucNXgYWvXakJVftMJp3kGb-HLrIN2g_DI7is1FwPvaJJV3mVabTpHZRWDnor0pAGC8r91lAskxE4BTysUu-QNBnf6zPhXLzJl0Of9l42U3GkYoW3clhFHeKAfmc7F4KkkMK169SIzJwaa_AcUd9ZyVCSqR4Do1IKnaX6XdUuL1ZGSK4l5u4o
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
73968daf0df28891-LHR
pragma
no-cache
date
Fri, 12 Aug 2022 04:44:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r2xQgaWlWVMQXDuQgLgnaOxcU2UHvDEiJtDaG1ybtDffADM5ldyPCAQzkYfc%2FhTCiK%2BSGnhPvVkoaDWKoWSCp026zjoJHVEE6PJnYYQY34mQPSZMmdXCIXmCdhFbvDsmG0ViUgH9zj8dkA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:01 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJxuiRNho_GtfQoPfHXO-r8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 291F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELjpikXBpHFHNi7rIyt3EPc&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESELjpikXBpHFHNi7rIyt3EPc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEY2ajFwwEwAQ&v=APEucNXgYWvXakJVftMJp3kGb-HLrIN2g_DI7is1FwPvaJJV3mVabTpHZRWDnor0pAGC8r91lAskxE4BTysUu-QNBnf6zPhXLzJl0Of9l42U3GkYoW3clhFHeKAfmc7F4KkkMK169SIzJwaa_AcUd9ZyVCSqR4Do1IKnaX6XdUuL1ZGSK4l5u4o
Protocol
HTTP/1.1
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 04:44:01 GMT
X-Proxy-Origin
82.199.130.41; 82.199.130.41; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
9bdd3872-ffdb-42f6-9479-288bd0ea4718
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:01 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESELjpikXBpHFHNi7rIyt3EPc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 291F
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzc5OTUwOTI0OTgzMzU3NzcwNg%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzc5OTUwOTI0OTgzMzU3NzcwNg%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEY2ajFwwEwAQ&v=APEucNXgYWvXakJVftMJp3kGb-HLrIN2g_DI7is1FwPvaJJV3mVabTpHZRWDnor0pAGC8r91lAskxE4BTysUu-QNBnf6zPhXLzJl0Of9l42U3GkYoW3clhFHeKAfmc7F4KkkMK169SIzJwaa_AcUd9ZyVCSqR4Do1IKnaX6XdUuL1ZGSK4l5u4o
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 04:44:01 GMT
X-Proxy-Origin
82.199.130.41; 82.199.130.41; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
14a7453f-56ea-4e76-9cdf-baa26909db72
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzc5OTUwOTI0OTgzMzU3NzcwNg%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 5DE6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKmt6XLQ1lCWmaTVNQJyBVY&google_cver=1
43 B
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKmt6XLQ1lCWmaTVNQJyBVY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY95z5xgEwAQ&v=APEucNXfPG63RH8pj8R-KlBqZWvI59w2QCerCJTL1y7wANCEZlu-6PoSomwl79UVwU9GEqDqwkZToDDdkqi4fx3PrCxrUHN61wgR_0dDP2jddtq797KY_xIJTappt2gZf1JegTZwzPt9X_Gi3tRri9gcmtl-OSejQNgD-cDkyc4mD1AwDoyPPYw
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:01 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:01 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKmt6XLQ1lCWmaTVNQJyBVY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 5DE6 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY95z5xgEwAQ&v=APEucNXfPG63RH8pj8R-KlBqZWvI59w2QCerCJTL1y7wANCEZlu-6PoSomwl79UVwU9GEqDqwkZToDDdkqi4fx3PrCxrUHN61wgR_0dDP2jddtq797KY_xIJTappt2gZf1JegTZwzPt9X_Gi3tRri9gcmtl-OSejQNgD-cDkyc4mD1AwDoyPPYw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:01 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame 5DE6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEDJVjqjs_urMDMa6h24-YX4&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEDJVjqjs_urMDMa6h24-YX4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY95z5xgEwAQ&v=APEucNXfPG63RH8pj8R-KlBqZWvI59w2QCerCJTL1y7wANCEZlu-6PoSomwl79UVwU9GEqDqwkZToDDdkqi4fx3PrCxrUHN61wgR_0dDP2jddtq797KY_xIJTappt2gZf1JegTZwzPt9X_Gi3tRri9gcmtl-OSejQNgD-cDkyc4mD1AwDoyPPYw
Protocol
H2
Server
23.47.209.72 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-209-72.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.8 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:01 GMT
cache-control
max-age=0, no-cache, no-store
expires
Fri, 12 Aug 2022 04:44:01 GMT
server
akka-http/10.2.8
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:01 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEDJVjqjs_urMDMa6h24-YX4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 5DE6 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY95z5xgEwAQ&v=APEucNXfPG63RH8pj8R-KlBqZWvI59w2QCerCJTL1y7wANCEZlu-6PoSomwl79UVwU9GEqDqwkZToDDdkqi4fx3PrCxrUHN61wgR_0dDP2jddtq797KY_xIJTappt2gZf1JegTZwzPt9X_Gi3tRri9gcmtl-OSejQNgD-cDkyc4mD1AwDoyPPYw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.209.72 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-209-72.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.8 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:01 GMT
cache-control
max-age=0, no-cache, no-store
expires
Fri, 12 Aug 2022 04:44:01 GMT
server
akka-http/10.2.8
content-length
23
content-type
image/gif
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 369C 		121 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: file.adpartner.pro
URL: https://file.adpartner.pro/2085/2085828/zdorovia.com.ua_970x250_ruslan1.html?adId=2085828&unitId=7434&link=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F7434%2F2085828%2F04706a63-c19d-4030-a2be-7cdb146ad00d%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjYwMjc5NDQxLCJzaG93X2lkIjoiMDQ3MDZhNjMtYzE5ZC00MDMwLWEyYmUtN2NkYjE0NmFkMDBkIiwiYWRfdW5pdF9pZCI6NzQzNCwicnVsZV9pZCI6MTg0MzIzLCJhZF9pZCI6MjA4NTgyOCwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiNWY5ZThlYjktMDI4YS00YTdiLWIyYjctNjQzMGVhOTY5ODJiIiwicmVnaW9uX2lkIjo4Niwic3ViX3JlZ2lvbl9pZCI6MCwiY2l0eV9pZCI6MCwiaXNfcmVmcmVzaCI6ZmFsc2V9%26hash%3Db3cfc477defebddaa0f5c79963500259&showId=04706a63-c19d-4030-a2be-7cdb146ad00d&apuid=5f9e8eb9-028a-4a7b-b2b7-6430ea96982b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9aca92d7fb026f85e32cb617ec9e27d4fe695b2faf61f7f35232f849bbe6bc80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40611
x-xss-protection
0
server
cafe
etag
78069939461521544
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 12 Aug 2022 04:44:01 GMT
ptrack
a.audrte.com/ Frame 8D4D 		368 B
879 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptrack?arlocation=82.199.130.41&p=M1353665098&artime=2022-08-12T04:44:01.682Z&arlocation=YWRzLnVzLmUtcGxhbm5pbmcubmV0L3VzcGQvMT9kdT1odHRwcyUzQSUyRiUyRnN5bmMuYWR0ZWxsaWdlbnQuY29tJTJGY3N5bmMlM0Z0JTNEYSUyNmVwJTNEMzA3OTcxJTI2ZXh0dWlkJTNEJTI0VUlE&gdpr=0&gdpr_consent=null&gdpr_version=1&arreferer=cy5hZHRlbGxpZ2VudC5jb20v
Requested by
Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.207.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-207-25.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
c64b45ae7318ceff7f8b2612651fbc1ad772a33baf4a83a1ab14eb704d50a58c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:44:01 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
https://ads.us.e-planning.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
262
sodar
pagead2.googlesyndication.com/pagead/ Frame 3C73 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220809&jk=2828283966670232&rc=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js
pagead2.googlesyndication.com/bg/ Frame 288A 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c5c65b03ca907b7c00d725a83a860c1e4be9d1b970c43b99d025036dc34e81c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 07:40:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
248599
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14139
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 09 Aug 2023 07:40:42 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 7A14 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220809&jk=718410753625640&rc=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 7500 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 09:05:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
70714
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 Aug 2022 09:05:27 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/elements/html/ Frame 7500 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A_qiuvRQRfJ8D-S6w85y-SN3f9QIB0o_zTItqozUInrdig0HmJUvRwI5nHUEbAcJ95mfoA5Fkg9roYLEtFFEd43wEQe8ILhHMDu3OpEeehXaAP6H4_BNN-aDPf5wNDc-nibSeD9d74NPMwcsoyEIKhKUOa6A&dbm_d=AKAmf-CFBf1SQGFaYijQfq8wAbSeDjz1b-udqZU3O_U28jqXWLkVlwvnTmL6du_o-gYqoQZqKVTkvFKxmd63nokIlDEOEg8Ip6yhpq_0vB28gr8O0a-4S9FSBY32LFpN1wmQG0mx-cJOvK8wpubIbn9cDAi-GBLRbowcslndixBkKRa0JNgVyyo5NXumusSJ12NQ1B0sSqhvaLuO7LvP65r_Vb3LZewHFUsjWpXiCWiISUiy0igtk8FKO2_to8CUj0TRcLRq_WG1AJ0I0gNsHue5BU4qiyptTQbqrHaWzf-CP353lVlPw3Ol5VwVm0atnKhhj1vaotaDIiKoAkVKxB_G4QdmxYSak7zixwv_5UaQ7iHil-U07OmwGsjm6XK7bUzKCTgIdeRQn8WWPXe2tRP5XZGPvCaPQ20ARCTW56geU5kYRxFwDJDk6yEM0Zb55NGCMxH-su76trTQuLhfNs5XzJEh-BfTAdfpfpX_WpUP0T0UVaPEc0TlO-W1vfjllrBw6E_Nrxe5TKzc9uaMkr8ckbzsgpvAnH0vyFrBrLeSmBOfyL-GPmCthQwPYi19qDnz1CXSLfv1RG--QtC5jzTly5JlApKOwOBORv193yvf7rfXAxihZ5RiNgEnnpguuDY47gAdN7y12fN4FTnXq-HTrkttsE6xZ5I6g9vFk-glNgykQ1KefpWQmNI4i8HhZOnTnuHMwXMcr-B3V62PzqXZOfmS6jJ0GTuVPolg3SKqgtZFSlwVEFbfan1R8iACM7iDF3btT9I892GpWDsrXnQsmRf2BQASyibcsX6KDQxozEfzRK-WFKgMu159W_9sm4GPEQTszE_8kpCVVL-n7wtcuFmqL0saTx7QK_7yIxqFU2X-6iUnTuhlYxss1VORQlhnSN0jJ1B3tfRN4Ntv6YN43iuxFE08-dfO9DBZyT4JJcHfmsCmvbJtZsdxzVgJk8CbMff0qP8sQ8Mjy2eqhFy16c3Qx6IDZBMhb0N8OX_-Y0a7bsT9Ojrdz1eMnVp8quSQ4O33JKuZz4AnYTNop6HJCLlJqKirArx7Dbx9WeployxvVyG_2NxjkafddkmmOwhZdSGUq59nStou_ZVfAzamjWyzyfS2Ndot-w4j5sC9wR7FHIinFzf9yAqH927jrb8mJsFEaV3AuiFUl6CZ2JY-Didi4MvJoAjVtcME9yItTE7pOvKsXmFge6chalqoznFUu8ejO_RLjj6fDYskbYcJPIzfH8Ik6briaiQP2qEda_hraFWDlaENjsMncI5Wwomy4k_Lv9VlvR_RiJH46FxnSYYlWoiomiLOuJ6kq8Xm7_ySSMQ-jHIxFUPXN5xJ4O-sAJOFDb6lVh8BrD9jBqZ7aV5WfLk0NerlzqsHtXlHVAjpiUiSp0VSAPZXQxpJ5mt8De-VA_EV19nmpCSqKiHYM481e0X8UdI7jCFb6x3-LaaQTioocKH1jJeirK3J6obr_eE7f2BsSUhJJ_XmAtr17JrNWWlgde_Ke2OHaJO7OO61Zwzvb8tWZcev9m8I4bMXJkZp0rdgF7q6qAULw9Q1pZLMkj_vAiXJS1XERIA-8MBP1NcqwWwIhphbGl3QaLG_ThH4di50oKrF_16mRjMYuysP4S4tAXk1c8x_p_fezA_cgUsQNcH2oIiS7xb3BmSzV5QM-GmBBgzSXgdvaSQeFCNbydp9q2TDplqPJSf7XtRU-s7JTa6OEBe4pJ-s3zbfVy6HAxjBy_cvcVF1R-VOV1QgDblic-CMaj0wDsTPi_bSQgMmp5BAzswnypuwBYDqCmPUB0XOGebJuYhs4MavHYnmlm-L_J8hypv7gF-rGvqeK8TRSwEBhq-oO9VhqnxviqBGP3Mq-dGNQDD9h_LKngnkjgqISJ7RzRiHj4umvDQKdq2YYeQkUVm9AwqE6aFZHQRrO6-HsKZ-xpus-ffNLB4-EWYaY5exzBEPokt_aUU5rjHAhCD3yrRZ3bMnUfRmIC_CkCByu5jedf60D47dRuLxANM2fu9OHDg35P3TnMLr5536SpRq4ForVcwQEz5lbFVGl-ZRNy9X2BlFt_gh8OBPeRXK00boy6ySkPMEC149nQmBJytDkeJeV506fJkEpH7ueW_IOAO5Xnxstdm-1uXuiNloF8G1y-Z1mlMko0k_am1I8fzQIZ_k9frG1wFUTOipyLacfqCrGP7Xbyy198DlLMaPHP6kOiLs6bHNHHxf_10SiQQLYJpr-IR16e72aBLYCVESESBS1wbSk7Grq7Obmc_X4CNL2ZiRa_RhEAj2wYVT4BLTAxnT3EcNdSIimlwwG66xnkIU26YWa3QDZVZrUezm3lgcRB72OItrwAh0MRaA1RXyTT5fw7RkmF5TLZwdYjSoqWmO4UnXeHr-c4pI4x6vL_CnxxkwTWWfpoog3_PJ7WzrNaDG6bJvIi7CceftVF4Vki87e5jM7gG28whT5AWDjzGpb6QFjpFhx37dewLyyGV7bRR2HxTGx2q2MC_sIPPq0GER5CLIBBTknv_7Y-hH3gUK8ryHni1jfNnjrokol5hGVfS0FGF8A7d_AgxclED0g1h5a8OmoR7N9B-N58aFLv6cOuokFExjAOCKUwGFX_lI4IlydQ8rHjA73Pg359QTWAoSuKTZNkfdjo55ox9_ByMTjaizgj9aOq_zOBHWw1Xt7Nt3s1vmPwIW6xk605Ejrr8va63tzk6M4mW8X276LxwYuQwD_aBo-nYmDrcuSrDm20im42CmrVH-4_e-xSjJII28LNsj5xrE2ePStJOqplGHfT9ShHhgRC650U-OR67qQYEh73GtuRoqwwhrNs_ymctELXVfRIFX51U2o4XKQynnjk7DWseSaGcyl3r4_utsa6sgbbc96UiOJnzYehmpQdPPBtyTDGicFz5ILzdOPWFFcmDdu-U0sb3gWI2JCExxNVYLsRAE_xCagi_qKkhz4H7zi_W0XXWlnE6BlW5Ohq2J4_Z8Zr4X3tBXsTFBWzdkf0oyhVpDXSM7RK_b8jEAeGt41aRzQgD9PzOkvva6PeWw77TobYFt1fJPSaMxtgb1VBF6K_m_1QLPKGO_0fqh9xRsBMsHQgrhGx4tM0b2tkgHoWbrVQrTMf2owXrrpFO3Gk3aU6LaxoK4PJVod1-ADi5xsgLfyCgXX8U7c8hT_6NkqnvjNswd_l6JjAFFoXo3PQmsAO1YnMWn6VirOvfuL3zNchK8Z-2osUvfw2_wvmQFrlsKFoQOFYQNY9H52AGnX7OMzedB3nuW6Humj2XBXy7G8p1IA5APu8C8GHAANxQgKKtbEV1kGFICsGt87GdkSInvcqoEZ9IRawakEcQ39gZJFjIqJCF638tJlnr1KRHagwjysZYpTsFJGp3UVsh15FCFtHLcOJlrRZRgz1hSIMWWcEKJ8oGhI0B0Vh4hefe0v9W3li2obU1RTsbzvwRLdMYPspAwIbSooEN_hGEPc0uCI2sd_HG1GehU0hTEmjVbTfCq7D0l08FXMst5uDi-V7axCTLdpUB6GoviZh77xqiJgrLFFaWXj3i3uxNjBLbndCIXWpQVDqyxyX8486EgcqEWF4Mg1egesqynhxmR&cid=CAASEuRoBZ5XTc4hrxTHZryz2UFiwg&rfl=2%2Chttp%253A%252F%252Fzdorovia.com.ua%242%2Chttp%253A%252F%252Fzdorovia.com.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:03:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2422
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
18418590997839133011
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Aug 2022 04:03:39 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/ Frame 7500 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A_qiuvRQRfJ8D-S6w85y-SN3f9QIB0o_zTItqozUInrdig0HmJUvRwI5nHUEbAcJ95mfoA5Fkg9roYLEtFFEd43wEQe8ILhHMDu3OpEeehXaAP6H4_BNN-aDPf5wNDc-nibSeD9d74NPMwcsoyEIKhKUOa6A&dbm_d=AKAmf-CFBf1SQGFaYijQfq8wAbSeDjz1b-udqZU3O_U28jqXWLkVlwvnTmL6du_o-gYqoQZqKVTkvFKxmd63nokIlDEOEg8Ip6yhpq_0vB28gr8O0a-4S9FSBY32LFpN1wmQG0mx-cJOvK8wpubIbn9cDAi-GBLRbowcslndixBkKRa0JNgVyyo5NXumusSJ12NQ1B0sSqhvaLuO7LvP65r_Vb3LZewHFUsjWpXiCWiISUiy0igtk8FKO2_to8CUj0TRcLRq_WG1AJ0I0gNsHue5BU4qiyptTQbqrHaWzf-CP353lVlPw3Ol5VwVm0atnKhhj1vaotaDIiKoAkVKxB_G4QdmxYSak7zixwv_5UaQ7iHil-U07OmwGsjm6XK7bUzKCTgIdeRQn8WWPXe2tRP5XZGPvCaPQ20ARCTW56geU5kYRxFwDJDk6yEM0Zb55NGCMxH-su76trTQuLhfNs5XzJEh-BfTAdfpfpX_WpUP0T0UVaPEc0TlO-W1vfjllrBw6E_Nrxe5TKzc9uaMkr8ckbzsgpvAnH0vyFrBrLeSmBOfyL-GPmCthQwPYi19qDnz1CXSLfv1RG--QtC5jzTly5JlApKOwOBORv193yvf7rfXAxihZ5RiNgEnnpguuDY47gAdN7y12fN4FTnXq-HTrkttsE6xZ5I6g9vFk-glNgykQ1KefpWQmNI4i8HhZOnTnuHMwXMcr-B3V62PzqXZOfmS6jJ0GTuVPolg3SKqgtZFSlwVEFbfan1R8iACM7iDF3btT9I892GpWDsrXnQsmRf2BQASyibcsX6KDQxozEfzRK-WFKgMu159W_9sm4GPEQTszE_8kpCVVL-n7wtcuFmqL0saTx7QK_7yIxqFU2X-6iUnTuhlYxss1VORQlhnSN0jJ1B3tfRN4Ntv6YN43iuxFE08-dfO9DBZyT4JJcHfmsCmvbJtZsdxzVgJk8CbMff0qP8sQ8Mjy2eqhFy16c3Qx6IDZBMhb0N8OX_-Y0a7bsT9Ojrdz1eMnVp8quSQ4O33JKuZz4AnYTNop6HJCLlJqKirArx7Dbx9WeployxvVyG_2NxjkafddkmmOwhZdSGUq59nStou_ZVfAzamjWyzyfS2Ndot-w4j5sC9wR7FHIinFzf9yAqH927jrb8mJsFEaV3AuiFUl6CZ2JY-Didi4MvJoAjVtcME9yItTE7pOvKsXmFge6chalqoznFUu8ejO_RLjj6fDYskbYcJPIzfH8Ik6briaiQP2qEda_hraFWDlaENjsMncI5Wwomy4k_Lv9VlvR_RiJH46FxnSYYlWoiomiLOuJ6kq8Xm7_ySSMQ-jHIxFUPXN5xJ4O-sAJOFDb6lVh8BrD9jBqZ7aV5WfLk0NerlzqsHtXlHVAjpiUiSp0VSAPZXQxpJ5mt8De-VA_EV19nmpCSqKiHYM481e0X8UdI7jCFb6x3-LaaQTioocKH1jJeirK3J6obr_eE7f2BsSUhJJ_XmAtr17JrNWWlgde_Ke2OHaJO7OO61Zwzvb8tWZcev9m8I4bMXJkZp0rdgF7q6qAULw9Q1pZLMkj_vAiXJS1XERIA-8MBP1NcqwWwIhphbGl3QaLG_ThH4di50oKrF_16mRjMYuysP4S4tAXk1c8x_p_fezA_cgUsQNcH2oIiS7xb3BmSzV5QM-GmBBgzSXgdvaSQeFCNbydp9q2TDplqPJSf7XtRU-s7JTa6OEBe4pJ-s3zbfVy6HAxjBy_cvcVF1R-VOV1QgDblic-CMaj0wDsTPi_bSQgMmp5BAzswnypuwBYDqCmPUB0XOGebJuYhs4MavHYnmlm-L_J8hypv7gF-rGvqeK8TRSwEBhq-oO9VhqnxviqBGP3Mq-dGNQDD9h_LKngnkjgqISJ7RzRiHj4umvDQKdq2YYeQkUVm9AwqE6aFZHQRrO6-HsKZ-xpus-ffNLB4-EWYaY5exzBEPokt_aUU5rjHAhCD3yrRZ3bMnUfRmIC_CkCByu5jedf60D47dRuLxANM2fu9OHDg35P3TnMLr5536SpRq4ForVcwQEz5lbFVGl-ZRNy9X2BlFt_gh8OBPeRXK00boy6ySkPMEC149nQmBJytDkeJeV506fJkEpH7ueW_IOAO5Xnxstdm-1uXuiNloF8G1y-Z1mlMko0k_am1I8fzQIZ_k9frG1wFUTOipyLacfqCrGP7Xbyy198DlLMaPHP6kOiLs6bHNHHxf_10SiQQLYJpr-IR16e72aBLYCVESESBS1wbSk7Grq7Obmc_X4CNL2ZiRa_RhEAj2wYVT4BLTAxnT3EcNdSIimlwwG66xnkIU26YWa3QDZVZrUezm3lgcRB72OItrwAh0MRaA1RXyTT5fw7RkmF5TLZwdYjSoqWmO4UnXeHr-c4pI4x6vL_CnxxkwTWWfpoog3_PJ7WzrNaDG6bJvIi7CceftVF4Vki87e5jM7gG28whT5AWDjzGpb6QFjpFhx37dewLyyGV7bRR2HxTGx2q2MC_sIPPq0GER5CLIBBTknv_7Y-hH3gUK8ryHni1jfNnjrokol5hGVfS0FGF8A7d_AgxclED0g1h5a8OmoR7N9B-N58aFLv6cOuokFExjAOCKUwGFX_lI4IlydQ8rHjA73Pg359QTWAoSuKTZNkfdjo55ox9_ByMTjaizgj9aOq_zOBHWw1Xt7Nt3s1vmPwIW6xk605Ejrr8va63tzk6M4mW8X276LxwYuQwD_aBo-nYmDrcuSrDm20im42CmrVH-4_e-xSjJII28LNsj5xrE2ePStJOqplGHfT9ShHhgRC650U-OR67qQYEh73GtuRoqwwhrNs_ymctELXVfRIFX51U2o4XKQynnjk7DWseSaGcyl3r4_utsa6sgbbc96UiOJnzYehmpQdPPBtyTDGicFz5ILzdOPWFFcmDdu-U0sb3gWI2JCExxNVYLsRAE_xCagi_qKkhz4H7zi_W0XXWlnE6BlW5Ohq2J4_Z8Zr4X3tBXsTFBWzdkf0oyhVpDXSM7RK_b8jEAeGt41aRzQgD9PzOkvva6PeWw77TobYFt1fJPSaMxtgb1VBF6K_m_1QLPKGO_0fqh9xRsBMsHQgrhGx4tM0b2tkgHoWbrVQrTMf2owXrrpFO3Gk3aU6LaxoK4PJVod1-ADi5xsgLfyCgXX8U7c8hT_6NkqnvjNswd_l6JjAFFoXo3PQmsAO1YnMWn6VirOvfuL3zNchK8Z-2osUvfw2_wvmQFrlsKFoQOFYQNY9H52AGnX7OMzedB3nuW6Humj2XBXy7G8p1IA5APu8C8GHAANxQgKKtbEV1kGFICsGt87GdkSInvcqoEZ9IRawakEcQ39gZJFjIqJCF638tJlnr1KRHagwjysZYpTsFJGp3UVsh15FCFtHLcOJlrRZRgz1hSIMWWcEKJ8oGhI0B0Vh4hefe0v9W3li2obU1RTsbzvwRLdMYPspAwIbSooEN_hGEPc0uCI2sd_HG1GehU0hTEmjVbTfCq7D0l08FXMst5uDi-V7axCTLdpUB6GoviZh77xqiJgrLFFaWXj3i3uxNjBLbndCIXWpQVDqyxyX8486EgcqEWF4Mg1egesqynhxmR&cid=CAASEuRoBZ5XTc4hrxTHZryz2UFiwg&rfl=2%2Chttp%253A%252F%252Fzdorovia.com.ua%242%2Chttp%253A%252F%252Fzdorovia.com.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:25:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1115
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11819
x-xss-protection
0
server
cafe
etag
10563440404697844360
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Aug 2022 04:25:26 GMT
nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js
pagead2.googlesyndication.com/bg/ Frame B162 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c5c65b03ca907b7c00d725a83a860c1e4be9d1b970c43b99d025036dc34e81c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 07:40:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
248599
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14139
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 09 Aug 2023 07:40:42 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 75F9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220809&jk=1068919097747722&rc=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
logcz.aspx
ads.go2net.com.ua/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.go2net.com.ua/logcz.aspx?zone=ed2476d6-dc6a-46b4-b1f9-1613392c7015
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 12 Aug 2022 04:44:01 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 3AC6 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 17:52:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39086
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 Aug 2022 17:52:35 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/elements/html/ Frame 3AC6 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DhMS01b7E_WIWt3uyryJNstL4vq8lZ4xhdPeBX1fEAzIp-RScNA6_rJylzjyLJcdQlPAGXEOv4C5uN5iHfbQyWZpRMfqM5HAOicIYVZEiIl6FIQsnnP63NpwpQcWp6zkBiOd17yJj8gc1goQ5-d6SHrrwIVw&dbm_d=AKAmf-AMPPcNlUxjX16ugZszu-CL_7bzQ4YEmSl2ZI3sXMVKBJPthsm_z7Y0a7JUCKoy9Qs-RzxKP3j-LrYq5W00Fnfs1F-fHS5C_AadP3z32cTrwj31Ts4AXyarlfwRaZ9FCaNCyo8lW7-GC8i3d7qB2xssWsYIRlP8rGBuwy8r0F7fYOrDtyfog0Y5xySTawvi2DwR-KSNvqLULkxZmPiEDmj0b6bSBjsyee7IqzHpUBDt5CTiyremgqIpv3uB7V5ZMl4B4y0FN9Fgw6ZgtUaUgXnluqxfz_gy_x4WhGUCcE9ip0rxCSeA5pubYtFxE9aJQ1LrNl45sInuz3R9DSkIM_ZloReO-VZVKW-A0niJJ4z0SPO547gok302YRSLdiYKOx6d4SM38fguDUdWxmKQegkcW_UyoJLLkdIfojlIK13pCysEMnHY96BSzjhS5aPHEj90-VE3YHGB5P69YRnldBv6QSt8cTQgMPSsSoLrEqE0wDPYHjaArzvjMeCkj4WQxyf2L9txd4BT3l7vgro9PzUODSZzR_HvHvP9kNFf7Cn4TGUNaDQabfy8gft95GR3cBnSzplpjqNvY0VgpNYkXZQUjjNXa_jfgMLS4zR-wkXiMY6NJ8sZkc24STuhyxD_3fCVaCIxYy4ldkdD5RZoOOdlGHy3WsvwwqvQqmdWJbwYQZKhkeh3cUgy1Oir-_bnpG1AKNc_jI7MkkNZeSdsAhe9vtmJ6Gap_eQXvGmI8CMDV7OJXj6FSWCGZn-rajOJye-HYG1aKJi5KSUxWxIukU3hoMTySbOvmD4Vg_-PHwGvBIMgWzbHB9vXaZ97Y-DSa3uKVnJLIyCf4aVqruFmig6SPhTdMc4ubeFLlyfgJzHyTOUdN7IgxV5tPbyBqRptpcSITWUhfwkVGmPK_nBmyn9r46EdNxscmZ29UXQ8-og0Zlq9b4aMh8NOo5PyNI-RDqq5qW7fcD5X3ncUl5Vw0DISJKmFlX7IQAu-Jl8N65V8cXwGMnHcyBRqqRrmmTUsCywbVO6Zy4roZE-ppMVDK6wkARmr6hqpsS0r8qtr4MLeQb-9ec1LKeXIuQKDQTu_NO_F-6k2PpuacrojsZoL2Zu4Jf8pQHoReOU2WISQEgb-y76Guq6-i297NermuY_IQyA9tjJUTUlCNmz63bDz31Nislh3P1b72ZbY_1JqaUv0KR7Ydr3GBxsK1kJrj4XilJ1P7gVhoINJwIJvW6db2qaMjeoWXD3h8WbjnUyDtEo_9exWt9bLsZPj7NdVgiJPKF_jUBuYMqgkcYR9xMRAbX3QCVwdbuQEpXncJu0rKJ7y2BXo_ADtlhPbopMzoFdBXEA7MDZC5Us7F8RENUfavCHXffCQt96_LjyaNKiEzx37szWM8y4FBPo-6HbOK2DkIrJJT2A0fQQQ-8omqtqnT3oZrxokee60_QnD_BwbZzjm-Cv_4qv_vT-8sgfdXxCIRKJmEwj8Ta2T-B-_eJtZ3i3lqshR2yxRE8YKe2Jki9rpZ6Ev-M2ijBhATBqb-SaSvhZmMPFKi3tsyaw3yIbxUgCu-6IGGGxLkIc5K6gMTQ3Ox-qgmTnAnBanUP_BrTh401JPPnLUE_yvm2zSCbqEcez-FsCfEVFWIP3a8vHuKSJNZnjSkWovMsDIeUzQnrcdV8zM4m7CYJ80miZmwbBK7q5EfBKOaduOsSO62W7_fv1bkRvx-N8RvOdqvQjRZVXUrUk3RBfA5SdUyPHh7EkdYj4LF2EYyEtE-PvujRPlj4_HlHTklF0fgAyncA4V3hYpb_LnO3QJSiwRcLUL5ZrRKWK9jusC4mudsC9XZTdnaMKSmADeRNiFuU3eZAp-d9lt44GVktBItiwVuCQkbtVpOSesRMt2BBaxRrc8XYsw3yxrJjEl_eYgQz0BptZtUbqnSyrY_rl3lXJq26TWwF-VR5tVQ2KhjX8UVZJ_SXaupaat7t3oO8BJd2Ra5CU0jIjAjlc5UthErEKarRonuzOCurhBttfqnPXaFrVqWeyU2Xe-srhhkY0N6A_YPVomtvrLnR_nfLOv7y9CCfuVC2sSVJNj5Hpu5yEqHyk4PWfUSe4PXFXOq3weAvTz1-e1qGXLzVZj1uAuQuCfPuUHDR9-zurXavNQ1S7rRCXiy1s_5U85MSDwM35CbZdmA8OjtxeZKJhqSgJsbfF_NtzElfWrlp3PSI_EZ_EYrj0rNmb9oSppSVseIS5x7gyVJuwGkjgRJ8ZFTVdTyZMSZFWlpHp6yqBuH9AEu-aJD6oQmXu8UXwm-1nGIzbnANlIpte6-Q78CxLflyif7g6E2KNml3u6OBP9MZcrZJv5_4VNavo1TzDmMa3k5sBn_rC2hO9Y-UU4xC1GlSZtDPTZ5vWkk4BfiCitPc4PzcdqjQLD4u07k-XXOE9MqX21iLKaGXOfMI_fjNmaaT8jg2PP0alfbLAmLoLCQaGVCZieNbLu67uqSznPaJcvxpB_Ls0jRYaYCvOahkmZP3kpK23D6qGAoh_Ljjaql-wnD3aSrmqo_WIrEuVwnMd_Mv30V6A01lpwyAXDZqULnXdGShuT0IonC2UpIh5n26R5hCdylxgq36cdP3DBxy8y9fY9jWPQAgEEEQvhk4yYhqb90Y3UMVsGhioGFP6CjS8mCSIhvpFI8HS7CmMnkZh1scQjGhNp3lyIEbvfH8TOgKi3IwsW80CF5kgli8wVVAUiJpfgS1CVkT2hM17AE6OA_otpSkgnU3s28pK1MN20RzoEoDnmC9pAbce57Kh0e_VrAFT6wIyqr3PJBUVod_7SVp4eQ2sFYq4XAKinebtKytivGx1nk454AEXxQfuNjH-B46goZgythaPrIGVUdKog17m3RKQzq-C29ELG310itIQqsfVb-hQA-eY8MpL-8f3zg8mkMENoNOMI3VL_-0QhK839imydyvr-kO7_FGePTrcq9JX8yljkHh1pUPWSudvBJP7az2_6CsOgAbdFbpfs0ypvQu0z2J_kyVR2ujduWSVhXivb3chBOML39JHArMuWlWZGgWQ72A0rHkidDSh8tdNxU4E8n2Hzf4K6BToDH1TsVbyzAcOp2bYE8bFTEUb8Qwc2baHWuNEoVWsa61oR6l6PjxKepH88IwYdXKVttgBmOIuibDEuG3A9s_rGdbLi9YjBOe7KY2JHX3un2_U8LdzBLD4jdTorMiGElKq0SqcS5SzNIl6MHQgAUn73iAnn_MyNRwoUorGwvyTzLRiOkdjG2Yb6uNZc5Lk0qxn0aDrRdtZpEBUHQWps0HttemLeHYX1aiXJdo9Jgcw2sk4U0V9C-xLQw4b0-uaxkvjwMxdthoGs_ptLfniB98mnQl7mvw&cid=CAASEuRoCanhGbYWkuvlOR3cS7g3Tg&rfl=3%2Chttp%253A%252F%252Fzdorovia.com.ua%242%2Chttp%253A%252F%252Fzdorovia.com.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:03:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2422
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
18418590997839133011
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Aug 2022 04:03:39 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/ Frame 3AC6 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DhMS01b7E_WIWt3uyryJNstL4vq8lZ4xhdPeBX1fEAzIp-RScNA6_rJylzjyLJcdQlPAGXEOv4C5uN5iHfbQyWZpRMfqM5HAOicIYVZEiIl6FIQsnnP63NpwpQcWp6zkBiOd17yJj8gc1goQ5-d6SHrrwIVw&dbm_d=AKAmf-AMPPcNlUxjX16ugZszu-CL_7bzQ4YEmSl2ZI3sXMVKBJPthsm_z7Y0a7JUCKoy9Qs-RzxKP3j-LrYq5W00Fnfs1F-fHS5C_AadP3z32cTrwj31Ts4AXyarlfwRaZ9FCaNCyo8lW7-GC8i3d7qB2xssWsYIRlP8rGBuwy8r0F7fYOrDtyfog0Y5xySTawvi2DwR-KSNvqLULkxZmPiEDmj0b6bSBjsyee7IqzHpUBDt5CTiyremgqIpv3uB7V5ZMl4B4y0FN9Fgw6ZgtUaUgXnluqxfz_gy_x4WhGUCcE9ip0rxCSeA5pubYtFxE9aJQ1LrNl45sInuz3R9DSkIM_ZloReO-VZVKW-A0niJJ4z0SPO547gok302YRSLdiYKOx6d4SM38fguDUdWxmKQegkcW_UyoJLLkdIfojlIK13pCysEMnHY96BSzjhS5aPHEj90-VE3YHGB5P69YRnldBv6QSt8cTQgMPSsSoLrEqE0wDPYHjaArzvjMeCkj4WQxyf2L9txd4BT3l7vgro9PzUODSZzR_HvHvP9kNFf7Cn4TGUNaDQabfy8gft95GR3cBnSzplpjqNvY0VgpNYkXZQUjjNXa_jfgMLS4zR-wkXiMY6NJ8sZkc24STuhyxD_3fCVaCIxYy4ldkdD5RZoOOdlGHy3WsvwwqvQqmdWJbwYQZKhkeh3cUgy1Oir-_bnpG1AKNc_jI7MkkNZeSdsAhe9vtmJ6Gap_eQXvGmI8CMDV7OJXj6FSWCGZn-rajOJye-HYG1aKJi5KSUxWxIukU3hoMTySbOvmD4Vg_-PHwGvBIMgWzbHB9vXaZ97Y-DSa3uKVnJLIyCf4aVqruFmig6SPhTdMc4ubeFLlyfgJzHyTOUdN7IgxV5tPbyBqRptpcSITWUhfwkVGmPK_nBmyn9r46EdNxscmZ29UXQ8-og0Zlq9b4aMh8NOo5PyNI-RDqq5qW7fcD5X3ncUl5Vw0DISJKmFlX7IQAu-Jl8N65V8cXwGMnHcyBRqqRrmmTUsCywbVO6Zy4roZE-ppMVDK6wkARmr6hqpsS0r8qtr4MLeQb-9ec1LKeXIuQKDQTu_NO_F-6k2PpuacrojsZoL2Zu4Jf8pQHoReOU2WISQEgb-y76Guq6-i297NermuY_IQyA9tjJUTUlCNmz63bDz31Nislh3P1b72ZbY_1JqaUv0KR7Ydr3GBxsK1kJrj4XilJ1P7gVhoINJwIJvW6db2qaMjeoWXD3h8WbjnUyDtEo_9exWt9bLsZPj7NdVgiJPKF_jUBuYMqgkcYR9xMRAbX3QCVwdbuQEpXncJu0rKJ7y2BXo_ADtlhPbopMzoFdBXEA7MDZC5Us7F8RENUfavCHXffCQt96_LjyaNKiEzx37szWM8y4FBPo-6HbOK2DkIrJJT2A0fQQQ-8omqtqnT3oZrxokee60_QnD_BwbZzjm-Cv_4qv_vT-8sgfdXxCIRKJmEwj8Ta2T-B-_eJtZ3i3lqshR2yxRE8YKe2Jki9rpZ6Ev-M2ijBhATBqb-SaSvhZmMPFKi3tsyaw3yIbxUgCu-6IGGGxLkIc5K6gMTQ3Ox-qgmTnAnBanUP_BrTh401JPPnLUE_yvm2zSCbqEcez-FsCfEVFWIP3a8vHuKSJNZnjSkWovMsDIeUzQnrcdV8zM4m7CYJ80miZmwbBK7q5EfBKOaduOsSO62W7_fv1bkRvx-N8RvOdqvQjRZVXUrUk3RBfA5SdUyPHh7EkdYj4LF2EYyEtE-PvujRPlj4_HlHTklF0fgAyncA4V3hYpb_LnO3QJSiwRcLUL5ZrRKWK9jusC4mudsC9XZTdnaMKSmADeRNiFuU3eZAp-d9lt44GVktBItiwVuCQkbtVpOSesRMt2BBaxRrc8XYsw3yxrJjEl_eYgQz0BptZtUbqnSyrY_rl3lXJq26TWwF-VR5tVQ2KhjX8UVZJ_SXaupaat7t3oO8BJd2Ra5CU0jIjAjlc5UthErEKarRonuzOCurhBttfqnPXaFrVqWeyU2Xe-srhhkY0N6A_YPVomtvrLnR_nfLOv7y9CCfuVC2sSVJNj5Hpu5yEqHyk4PWfUSe4PXFXOq3weAvTz1-e1qGXLzVZj1uAuQuCfPuUHDR9-zurXavNQ1S7rRCXiy1s_5U85MSDwM35CbZdmA8OjtxeZKJhqSgJsbfF_NtzElfWrlp3PSI_EZ_EYrj0rNmb9oSppSVseIS5x7gyVJuwGkjgRJ8ZFTVdTyZMSZFWlpHp6yqBuH9AEu-aJD6oQmXu8UXwm-1nGIzbnANlIpte6-Q78CxLflyif7g6E2KNml3u6OBP9MZcrZJv5_4VNavo1TzDmMa3k5sBn_rC2hO9Y-UU4xC1GlSZtDPTZ5vWkk4BfiCitPc4PzcdqjQLD4u07k-XXOE9MqX21iLKaGXOfMI_fjNmaaT8jg2PP0alfbLAmLoLCQaGVCZieNbLu67uqSznPaJcvxpB_Ls0jRYaYCvOahkmZP3kpK23D6qGAoh_Ljjaql-wnD3aSrmqo_WIrEuVwnMd_Mv30V6A01lpwyAXDZqULnXdGShuT0IonC2UpIh5n26R5hCdylxgq36cdP3DBxy8y9fY9jWPQAgEEEQvhk4yYhqb90Y3UMVsGhioGFP6CjS8mCSIhvpFI8HS7CmMnkZh1scQjGhNp3lyIEbvfH8TOgKi3IwsW80CF5kgli8wVVAUiJpfgS1CVkT2hM17AE6OA_otpSkgnU3s28pK1MN20RzoEoDnmC9pAbce57Kh0e_VrAFT6wIyqr3PJBUVod_7SVp4eQ2sFYq4XAKinebtKytivGx1nk454AEXxQfuNjH-B46goZgythaPrIGVUdKog17m3RKQzq-C29ELG310itIQqsfVb-hQA-eY8MpL-8f3zg8mkMENoNOMI3VL_-0QhK839imydyvr-kO7_FGePTrcq9JX8yljkHh1pUPWSudvBJP7az2_6CsOgAbdFbpfs0ypvQu0z2J_kyVR2ujduWSVhXivb3chBOML39JHArMuWlWZGgWQ72A0rHkidDSh8tdNxU4E8n2Hzf4K6BToDH1TsVbyzAcOp2bYE8bFTEUb8Qwc2baHWuNEoVWsa61oR6l6PjxKepH88IwYdXKVttgBmOIuibDEuG3A9s_rGdbLi9YjBOe7KY2JHX3un2_U8LdzBLD4jdTorMiGElKq0SqcS5SzNIl6MHQgAUn73iAnn_MyNRwoUorGwvyTzLRiOkdjG2Yb6uNZc5Lk0qxn0aDrRdtZpEBUHQWps0HttemLeHYX1aiXJdo9Jgcw2sk4U0V9C-xLQw4b0-uaxkvjwMxdthoGs_ptLfniB98mnQl7mvw&cid=CAASEuRoCanhGbYWkuvlOR3cS7g3Tg&rfl=3%2Chttp%253A%252F%252Fzdorovia.com.ua%242%2Chttp%253A%252F%252Fzdorovia.com.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:25:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1115
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11819
x-xss-protection
0
server
cafe
etag
10563440404697844360
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Aug 2022 04:25:26 GMT
nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js
pagead2.googlesyndication.com/bg/ Frame F52B 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c5c65b03ca907b7c00d725a83a860c1e4be9d1b970c43b99d025036dc34e81c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 07:40:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
248599
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14139
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 09 Aug 2023 07:40:42 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 98AD 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CxqqGwm6RsISAw6fGLVHX1BvTeoJlsWns5NEDDQtxhLNafHX88vrZUh5b_4FAXt6Lz4ri5PB6jH1SokQW8c6Uju7MFN3-ECfJ45GcYM-f-y5-21Hc
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417948&pi=t.ma~as.6208660382&w=300&lmt=1660279441&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1660279440821&bpp=3&bdt=626&idt=287&shv=r20220809&mjsv=m202208090101&ptt=9&saldr=aa&correlator=7089674479857&frm=23&ife=5&pv=1&ga_vid=2117477704.1660279439&ga_sid=1660279439&ga_hid=1055133219&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=914&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068911%2C31062930&oid=2&pvsid=1068919097747722&tmod=471124192&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.nfvot6esipdg&fsb=1&dtd=298
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame 98AD 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417948&pi=t.ma~as.6208660382&w=300&lmt=1660279441&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1660279440821&bpp=3&bdt=626&idt=287&shv=r20220809&mjsv=m202208090101&ptt=9&saldr=aa&correlator=7089674479857&frm=23&ife=5&pv=1&ga_vid=2117477704.1660279439&ga_sid=1660279439&ga_hid=1055133219&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=914&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068911%2C31062930&oid=2&pvsid=1068919097747722&tmod=471124192&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.nfvot6esipdg&fsb=1&dtd=298
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:34:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
564
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Aug 2022 04:34:37 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 98AD 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417948&pi=t.ma~as.6208660382&w=300&lmt=1660279441&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1660279440821&bpp=3&bdt=626&idt=287&shv=r20220809&mjsv=m202208090101&ptt=9&saldr=aa&correlator=7089674479857&frm=23&ife=5&pv=1&ga_vid=2117477704.1660279439&ga_sid=1660279439&ga_hid=1055133219&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=914&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068911%2C31062930&oid=2&pvsid=1068919097747722&tmod=471124192&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.nfvot6esipdg&fsb=1&dtd=298
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44015
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1660137096112928"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 12 Aug 2022 04:44:01 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame 98AD 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417948&pi=t.ma~as.6208660382&w=300&lmt=1660279441&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1660279440821&bpp=3&bdt=626&idt=287&shv=r20220809&mjsv=m202208090101&ptt=9&saldr=aa&correlator=7089674479857&frm=23&ife=5&pv=1&ga_vid=2117477704.1660279439&ga_sid=1660279439&ga_hid=1055133219&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=914&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068911%2C31062930&oid=2&pvsid=1068919097747722&tmod=471124192&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.nfvot6esipdg&fsb=1&dtd=298
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:25:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1122
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Aug 2022 04:25:19 GMT
l
www.google.com/ads/measurement/ Frame 98AD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTgrA09HWyvES7NskoKp8f7iiOUoJ4sEpfLEc8Nj3i_1Gu7DWT-cjWcDAdEa8wT9lGXeOWYNv83LIhvZDdhmcRmkLi29w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417948&pi=t.ma~as.6208660382&w=300&lmt=1660279441&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1660279440821&bpp=3&bdt=626&idt=287&shv=r20220809&mjsv=m202208090101&ptt=9&saldr=aa&correlator=7089674479857&frm=23&ife=5&pv=1&ga_vid=2117477704.1660279439&ga_sid=1660279439&ga_hid=1055133219&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=914&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068911%2C31062930&oid=2&pvsid=1068919097747722&tmod=471124192&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.nfvot6esipdg&fsb=1&dtd=298
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame C9FA 		466 B
301 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYjYjFwwEwAQ&v=APEucNVx3qEq-XZJFrdq4AzZ2PO5hfymXFTa8xSqxqXZoc8mYM3t4dqdwqIvH-gvIN__ZhDbWMHeFz7LZoDwvoGBPIf78oBLr_6e6D8hrbIDSaLn46l6SRY9woUh-VWsPtJn3hLZr5vRXDU1OpfH37Nvy7jcuVPNsPZk1QIXDycIwm_7ziAMhAk
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417948&pi=t.ma~as.6208660382&w=300&lmt=1660279441&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1660279440821&bpp=3&bdt=626&idt=287&shv=r20220809&mjsv=m202208090101&ptt=9&saldr=aa&correlator=7089674479857&frm=23&ife=5&pv=1&ga_vid=2117477704.1660279439&ga_sid=1660279439&ga_hid=1055133219&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=914&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068911%2C31062930&oid=2&pvsid=1068919097747722&tmod=471124192&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.nfvot6esipdg&fsb=1&dtd=298
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417948&pi=t.ma~as.6208660382&w=300&lmt=1660279441&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1660279440821&bpp=3&bdt=626&idt=287&shv=r20220809&mjsv=m202208090101&ptt=9&saldr=aa&correlator=7089674479857&frm=23&ife=5&pv=1&ga_vid=2117477704.1660279439&ga_sid=1660279439&ga_hid=1055133219&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=914&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068911%2C31062930&oid=2&pvsid=1068919097747722&tmod=471124192&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.nfvot6esipdg&fsb=1&dtd=298
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
280
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Aug 2022 04:44:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 98AD 		80 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dp5k9vOvmhy6F7Cdi0mkvlBN912tzEaLpIma-kPGXDuG_kEgp9K6Pvma24nzZRWCwun9PSB_pRcGR15BSYX5ybyXm2cm6qw6sDwQ4z2T6o7SF22N7RUz59-xivk0YPw3pTrhqAu3BCwg8OuwM1i9DKZePSjw&dbm_d=AKAmf-DH-tgf49nii6ELay0ab-bNjB8MOUf0jMbGj7n82LBslHsqdl2jUPpAaVoaSBfViTdZcatzZ3lS7XQuaeVoX0T6LUhNUV8gE7gE1k_n4B8uXS7qXjSnn6p5ydeCsotcv73XRoTj1xW7-LUzDXNCp5urDZ2EiA1J9Pkzirts3tQRPB4YLFPLzJaKSrhzh58Wd7_oZcjlIK4eKcHjmhN7MJT3HEBHeZSj7bjXGzu5bQOt_eF6c3ET6cLsi18u7Hyta9ownBPtY_pQcD4yw6k_5IZSoP2EHrdimgWghEbqFE5OElxcHCnwaSMBfxizMiA8wghXpnIYhhwPICiqE8buPde1Dud6Sg4XuregGPUo32-svmsY2Gob9B3MW7excjWmwm8iFR8HDRc8bIzDTJ0tpY1YsdTzxqA1a7qhKUonIeV3rGpPxdTk3mAT3Q_lp6Z2bbk6A4ajMC9KuE2HHy3IL4BBslTo-1s3zZgqexpsOaB8WGibxPEKlLWKHVbAkfqgKm4iw6mHbHdCTMgRmNhwIpV68_pmnsO0Hl5btm1c48gs3oWSDIl6zGg9uSZOHFW11L_a9qmuNMggEtV6dnAWPlwU8xdvhwSBTdLQ7x12Nc2ZOSPURh6kOMmbtNiMiX2AgqEbKqzk5laM15o_Ppcgnufl_cnynxZAtrpvVEpKLn8EXO08siDYv8T3YorFmjw7vVgsnvyCGtMBF_QTE8wgOIdSmKWiDuUdaf4et8jEYUBtwhrfMkUjJ37h2P5aXpJWpfeDlRhKJtwbhbzuIYfEbF0rnFmVsbpt1A-Uz5x_TobBgR8SOPZmf-AcIRFGbdsOd75rUydL5tAi-fhfd9xrswXXxx6UmPKAwLSDMxVkYj6LB_OHauWn8iCysEVW2uU0Lqcpa8lwmRf-BW4bdg249nYv9pp8HG7RWyPMUb1VvWWtwz6vOdhW_-sQC937thr-frMUg2N4l_3zpAxWjg6lwYua2RWr8VI2HEtf05jioJq70nltodlH4ZkcT4wdV_AFQDD-dtAn6qlKbA4EMOnKqlfujZtkTuhvQp_Eo2yveH1kYaQq2TTcUu6W5yHBVfjtYQWYJwbtS25DAqx3X4HyFPDqfy0yk82_8lrIdIxc1WpJ0rio3VUBQYVpsHc3tP_M-76Fui7909J6uou6VF7lp8sKAKJJvzmaSnBIdqJpFRga0YN5dljzR4WpbSw5tLTXnrHaAyc5uZIhZCk3LGhgXvtzdNr4ZtQwS-UKFZAdWV9W4ZZEeQWcHf9oQ788jGJ_f_puuyPw2Psi50FYB2MAlVSMztMjKjWx8XYryvor_uTWCjFos1yIn79YALq_4KVyd7Z2yD0e8iJmiCfYFad0UIWtxBW3RNZhtpih2u3sEMRWB4pbOg-7IJRpSItVF27E7b6fldVr-tFDp2YOBqe4xaNf3X_k8F2ojPMA__URG_DeRcBvWgyiZZ9KPxrK1RiHv5xWEpBuzNZNqOTw69QvwZEbkNcTsilgOtGUMTlg_Qb4LqbnJwgW4NB9qGkoHIzDMFTggXX4x0aKhQQjd6CeoJCGPIVGscWQVlyIHblJHtLcYgCs47IfsMwepFSduuBELgj4cTU_oNPUBxOn920X2a3SNHzBq2n2a_UiSkRX5PXMxPi-Gjg81JFS9s2wsuCss-ZRIuLN0fw3RvushQK2n-ukg_C8YGcizLBPW1acHw5mdlwx0ntfkA5cvEeMR6ZOgqOM4HM_6rNZB77Bxh2y_IGUI0kGXONZy5e65upmKOD-b-xW29Egj_tE5TziV8daH1whpQDgr1FBZ5dVZD1OD4O2R7u92m91tY7T8TABt2B_L7nMp-AH9dYgkEWUmMwDgDhRsV8HTkmAOInTB4_74AZ1tets-ip5HbgnhYCIFTXxNI5v9UzdZ4vt9zMobMZ7t1YNi9c2L8RfBqWfE8DcI4sqA0dhIyHZ3qd7bNzNvEJpY09btM44Z2DjfvWx_2LN2l-5G60NaJS6jynM3APO2PFqyz3His9J0LV-SlZaYaIqHj-dXC0WoJYJMGj63j5_Iva_aBjUYuqMqfPvVlcOEwn8Mz6v5WdIMYpzOttVKMiKkmxoDK_yN_gpFeq0DmQWLPHJ3kUNpRy6N2mO6NmJ_ScdOOTDgbmayWGsAOlO3B97vxlFtKb21hhERXbzBzrcrfQZr9jw21Q2uweffCKWYGNnbs7CFnxGksekkpqJ_SGYNAh0fiqGSo69QO4d-B2Na5TCCqDHeU_Zvm21EL5CduHIGDSONmtvMyYQJHKzvMq-IXoPw9cgL9qJC0gFYQ1cGlgtxcQsqdFkPMzPwXWWMrYxw8wxStzDoi07jjfZlpd9V0FjNi_80dPaIcsSjM0_L-JHdX0YiEWjNJ7skwmcZ8itkl9t9f8acCtE9st7YoUm47q2e7JVMfXIbsYpCvsdQwfLAALArFLr5TSZZUmQmSWhpB6FFaC_0DoOBpDVabnWDCYlndJ3YcHLkLUDABXmoG0HfImpvzfZYNePjQiRpgOlMAKGWhFYxFV8SA4R-Ei5dFOqVfYRuy08lM8AsWtAqI20JaDUIRY8OBQQU5FAOWmFvBW6hr67f07ctna76D0KIRMM9u2dy2odrcmRpT5UZ7uSALaZBAUGkHqAoYXVeSmeADctSZtWCx7Ix1yGCAxipE35b1UNBsDQHadZ6dPcUTWj3yyKFXmQGp597WS5tFNV_l2g3eeT-SfcaoBaJshQdm3HgvhLqwOYdOT4Uf47aMHLshVIu3vFcPtKeTKYVAWFwVa1OJE8QH-znYrCQH040XqUbAKbBphqweBqP0BHDaEck7kUJq-SyUdb9AaE3339uOBdsqgkZnHIKdsytGZSUdvEuNOX3EJUfPgw3f8VR-o8qM4SRTn7kOBilHE8DjdIyiXgq5qGrvtdFR3ErMI15NfM2alcrbnVaOGzDXlwpX2CCy4x_bKLHq2IKqO4OpIH7H0AqofkFKUOhPBe8ER3lG5hskfTo3vUNVPRMuZmMDTBcp4TkWQCBhWgCzo0CArK_JUl1Wg7AMxWyTTf5azjJSYOS9AVjit_eT0TwXgyqWezmy_BXmrZ0_fXPD9IyHEkEfjJTvT3CYNMplbMFsJI_OHNb0f6PH7BsstDGf5zYw7OH_e5m2LU-MANK7jIYvc5UjXA7zsvsHxSwxBwj8zuFBhYPLdsyCgxaaRIPkB0RrXrq8pBj3ga1JQXeYfRMOcFfueFO7VeAJiCJQBnGHTAqPTlqD_uFwNtmrLbt2PbDbVJOKx6rNhZyjPtdb0i-VCUxYU2aTsh1DciN13eAhOOfg6ZJZ7tsZFN4Yg9pAGUw7D6pVoe6ZHuyXDSoI8n2L9OF9R90goYNohntooj_T2m0G6CBUJGHE8zII1qo4OYabzShHqG0yBmicMIfiu_hSiWfIKfpk4O0rxiXPY56jH_owyAmlUvwlH9yoe01QPtRV4s_YgXKyvry-ubAZjZj4rrUI3Py1piz09hc08_TJtLDOhPq7QuKhFD1zu_PjzSfwdrlf1tliptB4dRqYa4bEOOeK5LBarKb6_NpudVEjRL7eCDD_AckJOP60WciAXQMoDeaPbqG0BXIGlc9zOftl7CG_bSeg&cid=CAASEuRorZCX8T_c1SruUtDM2-LKqQ&rfl=2%2Chttp%253A%252F%252Fzdorovia.com.ua%242%2Chttp%253A%252F%252Fzdorovia.com.ua%252F%240
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417948&pi=t.ma~as.6208660382&w=300&lmt=1660279441&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1660279440821&bpp=3&bdt=626&idt=287&shv=r20220809&mjsv=m202208090101&ptt=9&saldr=aa&correlator=7089674479857&frm=23&ife=5&pv=1&ga_vid=2117477704.1660279439&ga_sid=1660279439&ga_hid=1055133219&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=914&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068911%2C31062930&oid=2&pvsid=1068919097747722&tmod=471124192&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.nfvot6esipdg&fsb=1&dtd=298
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
946b9cc8ac7550a7ffe8d1e7b55ac8a8781f8f27e90236927ecc4de6fc668748
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417948&pi=t.ma~as.6208660382&w=300&lmt=1660279441&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1660279440821&bpp=3&bdt=626&idt=287&shv=r20220809&mjsv=m202208090101&ptt=9&saldr=aa&correlator=7089674479857&frm=23&ife=5&pv=1&ga_vid=2117477704.1660279439&ga_sid=1660279439&ga_hid=1055133219&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=914&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068911%2C31062930&oid=2&pvsid=1068919097747722&tmod=471124192&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.nfvot6esipdg&fsb=1&dtd=298
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:01 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34196
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208080101/ Frame 369C 		340 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e9215499e277596ed1b47a2a25a63eaf612691ae1879b7d4dee8dabcda88a697
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122751
x-xss-protection
0
server
cafe
etag
9430087952724018177
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 12 Aug 2022 04:44:01 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 7500 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417942&pi=t.ma~as.7553037928&w=728&lmt=1660279441&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1660279440592&bpp=4&bdt=1010&idt=435&shv=r20220809&mjsv=m202208080101&ptt=9&saldr=aa&correlator=7089674479857&frm=23&ife=5&pv=1&ga_vid=2117477704.1660279439&ga_sid=1660279439&ga_hid=377329752&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531514&oid=2&pvsid=2828283966670232&tmod=1092595463&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.tx2bxs9y3cti&fsb=1&dtd=451
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 16:26:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
44276
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Aug 2023 16:26:05 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 39C2 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417942&pi=t.ma~as.7553037928&w=728&lmt=1660279441&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1660279440592&bpp=4&bdt=1010&idt=435&shv=r20220809&mjsv=m202208080101&ptt=9&saldr=aa&correlator=7089674479857&frm=23&ife=5&pv=1&ga_vid=2117477704.1660279439&ga_sid=1660279439&ga_hid=377329752&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531514&oid=2&pvsid=2828283966670232&tmod=1092595463&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.tx2bxs9y3cti&fsb=1&dtd=451
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
44204
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 11 Aug 2022 16:27:17 GMT
etag
48472445140208031
expires
Fri, 12 Aug 2022 16:27:17 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 3AC6 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417943&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1660279441&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1660279440660&bpp=3&bdt=1067&idt=336&shv=r20220809&mjsv=m202208090101&ptt=9&saldr=aa&correlator=7089674479857&frm=23&ife=5&pv=2&ga_vid=2117477704.1660279439&ga_sid=1660279439&ga_hid=1414994226&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763827%2C31068864%2C44766069%2C31062931&oid=2&pvsid=718410753625640&tmod=1497680027&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.kortct4z2o7u&fsb=1&dtd=348
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 16:26:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
44276
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Aug 2023 16:26:05 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 43B4 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417943&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1660279441&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1660279440660&bpp=3&bdt=1067&idt=336&shv=r20220809&mjsv=m202208090101&ptt=9&saldr=aa&correlator=7089674479857&frm=23&ife=5&pv=2&ga_vid=2117477704.1660279439&ga_sid=1660279439&ga_hid=1414994226&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763827%2C31068864%2C44766069%2C31062931&oid=2&pvsid=718410753625640&tmod=1497680027&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.kortct4z2o7u&fsb=1&dtd=348
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
44204
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 11 Aug 2022 16:27:17 GMT
etag
48472445140208031
expires
Fri, 12 Aug 2022 16:27:17 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
partner
sync.search.spotxchange.com/ Frame C9FA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEDmav9T-r49XS59or3ioT7w&google_cver=1
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEDmav9T-r49XS59or3ioT7w&google_cver=1&__user_check__=1&sync_id=63a7dcb9-19f9-11ed-929e-1a7cb9e30206
43 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEDmav9T-r49XS59or3ioT7w&google_cver=1&__user_check__=1&sync_id=63a7dcb9-19f9-11ed-929e-1a7cb9e30206
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYjYjFwwEwAQ&v=APEucNVx3qEq-XZJFrdq4AzZ2PO5hfymXFTa8xSqxqXZoc8mYM3t4dqdwqIvH-gvIN__ZhDbWMHeFz7LZoDwvoGBPIf78oBLr_6e6D8hrbIDSaLn46l6SRY9woUh-VWsPtJn3hLZr5vRXDU1OpfH37Nvy7jcuVPNsPZk1QIXDycIwm_7ziAMhAk
Protocol
HTTP/1.1
Server
185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:44:02 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
118
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Fri, 12 Aug 2022 04:44:02 GMT
Server
nginx
Location
/partner?adv_id=7025&uid=CAESEDmav9T-r49XS59or3ioT7w&google_cver=1&__user_check__=1&sync_id=63a7dcb9-19f9-11ed-929e-1a7cb9e30206
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
22
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame C9FA
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NjNhN2RjODItMTlmOS0xMWVkLTkyOWUtMWE3Y2I5ZTMwMjA2
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NjNhN2RjODItMTlmOS0xMWVkLTkyOWUtMWE3Y2I5ZTMwMjA2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYjYjFwwEwAQ&v=APEucNVx3qEq-XZJFrdq4AzZ2PO5hfymXFTa8xSqxqXZoc8mYM3t4dqdwqIvH-gvIN__ZhDbWMHeFz7LZoDwvoGBPIf78oBLr_6e6D8hrbIDSaLn46l6SRY9woUh-VWsPtJn3hLZr5vRXDU1OpfH37Nvy7jcuVPNsPZk1QIXDycIwm_7ziAMhAk
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 12 Aug 2022 04:44:02 GMT
Server
nginx
Location
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NjNhN2RjODItMTlmOS0xMWVkLTkyOWUtMWE3Y2I5ZTMwMjA2
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
114
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame C9FA
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1lRUpmR2x0RTJ1RXZhN3kzTm1WNThQT0U0X1REZmVHbH5B
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1lRUpmR2x0RTJ1RXZhN3kzTm1WNThQT0U0X1REZmVHbH5B
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYjYjFwwEwAQ&v=APEucNVx3qEq-XZJFrdq4AzZ2PO5hfymXFTa8xSqxqXZoc8mYM3t4dqdwqIvH-gvIN__ZhDbWMHeFz7LZoDwvoGBPIf78oBLr_6e6D8hrbIDSaLn46l6SRY9woUh-VWsPtJn3hLZr5vRXDU1OpfH37Nvy7jcuVPNsPZk1QIXDycIwm_7ziAMhAk
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1lRUpmR2x0RTJ1RXZhN3kzTm1WNThQT0U0X1REZmVHbH5B
date
Fri, 12 Aug 2022 04:44:01 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
truncated
/ Frame 3AC6 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
394d5d616b042d29e9a9f5b1bc9ef746b0d60cda23c7267dee55bf72fc46035b

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
p
a.audrte.com/ Frame 8D4D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=3i36soJlC-gQ-qk8155oIRZQg&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=3i36soJlC-gQ-qk8155oIRZQg&gdpr=0&gdpr_consent=&google_gid=CAESEI-6XlN7DtuiMh33d456ojE&google_cver=1
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
34.200.207.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-207-25.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:44:02 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Fri, 12 Aug 2022 04:44:02 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
/
ps.eyeota.net/pixel/bounce/ Frame 8D4D
Redirect Chain
  • https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=3i36soJlC-gQ-qk8155oIRZQg&gdpr=0&gdpr_consent=
  • https://ps.eyeota.net/pixel/bounce/?pid=kh51m51&t=ajs&uid=3i36soJlC-gQ-qk8155oIRZQg&gdpr=0&gdpr_consent=
1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/pixel/bounce/?pid=kh51m51&t=ajs&uid=3i36soJlC-gQ-qk8155oIRZQg&gdpr=0&gdpr_consent=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
3.125.70.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-70-222.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:44:02 GMT
Content-Type
application/javascript
Content-Length
1239
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location
/pixel/bounce/?pid=kh51m51&t=ajs&uid=3i36soJlC-gQ-qk8155oIRZQg&gdpr=0&gdpr_consent=
Date
Fri, 12 Aug 2022 04:44:02 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
p
a.audrte.com/ Frame 8D4D
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=2507871231717652556
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=&google_gid=CAESEI-6XlN7DtuiMh33d456ojE&google_cver=1
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
34.200.207.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-207-25.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:44:02 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Fri, 12 Aug 2022 04:44:02 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
ptrack
a.audrte.com/ Frame 4504 		368 B
880 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptrack?arlocation=82.199.130.41&p=M1353665098&artime=2022-08-12T04:44:01.940Z&arlocation=YWRzLnVzLmUtcGxhbm5pbmcubmV0L3VzcGQvMS81NTQ1M2RlOTdhMTE4Y2U5P2N0PTEmcnVpbWQ9MSZkdT1odHRwcyUzQSUyRiUyRmludi1uZXRzLmFkbWl4ZXIubmV0JTJGYWR4Y20uYXNweCUzRnNzcCUzREQ1NkRDMDlELUMzOUMtNEJENi1CRDczLTAzQ0FCNERBOUM1MCUyNmlkJTNEJTI0VUlE&gdpr=0&gdpr_consent=null&gdpr_version=1&arreferer=emRvcm92aWEuY29tLnVhLw==
Requested by
Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.207.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-207-25.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
f2317be12e42eadd16e06351f8ee84c25a82c8b1811df6159fd499d8133ef81a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:44:02 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
https://ads.us.e-planning.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
263
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 98AD 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 09:05:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
70715
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 Aug 2022 09:05:27 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/elements/html/ Frame 98AD 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dp5k9vOvmhy6F7Cdi0mkvlBN912tzEaLpIma-kPGXDuG_kEgp9K6Pvma24nzZRWCwun9PSB_pRcGR15BSYX5ybyXm2cm6qw6sDwQ4z2T6o7SF22N7RUz59-xivk0YPw3pTrhqAu3BCwg8OuwM1i9DKZePSjw&dbm_d=AKAmf-DH-tgf49nii6ELay0ab-bNjB8MOUf0jMbGj7n82LBslHsqdl2jUPpAaVoaSBfViTdZcatzZ3lS7XQuaeVoX0T6LUhNUV8gE7gE1k_n4B8uXS7qXjSnn6p5ydeCsotcv73XRoTj1xW7-LUzDXNCp5urDZ2EiA1J9Pkzirts3tQRPB4YLFPLzJaKSrhzh58Wd7_oZcjlIK4eKcHjmhN7MJT3HEBHeZSj7bjXGzu5bQOt_eF6c3ET6cLsi18u7Hyta9ownBPtY_pQcD4yw6k_5IZSoP2EHrdimgWghEbqFE5OElxcHCnwaSMBfxizMiA8wghXpnIYhhwPICiqE8buPde1Dud6Sg4XuregGPUo32-svmsY2Gob9B3MW7excjWmwm8iFR8HDRc8bIzDTJ0tpY1YsdTzxqA1a7qhKUonIeV3rGpPxdTk3mAT3Q_lp6Z2bbk6A4ajMC9KuE2HHy3IL4BBslTo-1s3zZgqexpsOaB8WGibxPEKlLWKHVbAkfqgKm4iw6mHbHdCTMgRmNhwIpV68_pmnsO0Hl5btm1c48gs3oWSDIl6zGg9uSZOHFW11L_a9qmuNMggEtV6dnAWPlwU8xdvhwSBTdLQ7x12Nc2ZOSPURh6kOMmbtNiMiX2AgqEbKqzk5laM15o_Ppcgnufl_cnynxZAtrpvVEpKLn8EXO08siDYv8T3YorFmjw7vVgsnvyCGtMBF_QTE8wgOIdSmKWiDuUdaf4et8jEYUBtwhrfMkUjJ37h2P5aXpJWpfeDlRhKJtwbhbzuIYfEbF0rnFmVsbpt1A-Uz5x_TobBgR8SOPZmf-AcIRFGbdsOd75rUydL5tAi-fhfd9xrswXXxx6UmPKAwLSDMxVkYj6LB_OHauWn8iCysEVW2uU0Lqcpa8lwmRf-BW4bdg249nYv9pp8HG7RWyPMUb1VvWWtwz6vOdhW_-sQC937thr-frMUg2N4l_3zpAxWjg6lwYua2RWr8VI2HEtf05jioJq70nltodlH4ZkcT4wdV_AFQDD-dtAn6qlKbA4EMOnKqlfujZtkTuhvQp_Eo2yveH1kYaQq2TTcUu6W5yHBVfjtYQWYJwbtS25DAqx3X4HyFPDqfy0yk82_8lrIdIxc1WpJ0rio3VUBQYVpsHc3tP_M-76Fui7909J6uou6VF7lp8sKAKJJvzmaSnBIdqJpFRga0YN5dljzR4WpbSw5tLTXnrHaAyc5uZIhZCk3LGhgXvtzdNr4ZtQwS-UKFZAdWV9W4ZZEeQWcHf9oQ788jGJ_f_puuyPw2Psi50FYB2MAlVSMztMjKjWx8XYryvor_uTWCjFos1yIn79YALq_4KVyd7Z2yD0e8iJmiCfYFad0UIWtxBW3RNZhtpih2u3sEMRWB4pbOg-7IJRpSItVF27E7b6fldVr-tFDp2YOBqe4xaNf3X_k8F2ojPMA__URG_DeRcBvWgyiZZ9KPxrK1RiHv5xWEpBuzNZNqOTw69QvwZEbkNcTsilgOtGUMTlg_Qb4LqbnJwgW4NB9qGkoHIzDMFTggXX4x0aKhQQjd6CeoJCGPIVGscWQVlyIHblJHtLcYgCs47IfsMwepFSduuBELgj4cTU_oNPUBxOn920X2a3SNHzBq2n2a_UiSkRX5PXMxPi-Gjg81JFS9s2wsuCss-ZRIuLN0fw3RvushQK2n-ukg_C8YGcizLBPW1acHw5mdlwx0ntfkA5cvEeMR6ZOgqOM4HM_6rNZB77Bxh2y_IGUI0kGXONZy5e65upmKOD-b-xW29Egj_tE5TziV8daH1whpQDgr1FBZ5dVZD1OD4O2R7u92m91tY7T8TABt2B_L7nMp-AH9dYgkEWUmMwDgDhRsV8HTkmAOInTB4_74AZ1tets-ip5HbgnhYCIFTXxNI5v9UzdZ4vt9zMobMZ7t1YNi9c2L8RfBqWfE8DcI4sqA0dhIyHZ3qd7bNzNvEJpY09btM44Z2DjfvWx_2LN2l-5G60NaJS6jynM3APO2PFqyz3His9J0LV-SlZaYaIqHj-dXC0WoJYJMGj63j5_Iva_aBjUYuqMqfPvVlcOEwn8Mz6v5WdIMYpzOttVKMiKkmxoDK_yN_gpFeq0DmQWLPHJ3kUNpRy6N2mO6NmJ_ScdOOTDgbmayWGsAOlO3B97vxlFtKb21hhERXbzBzrcrfQZr9jw21Q2uweffCKWYGNnbs7CFnxGksekkpqJ_SGYNAh0fiqGSo69QO4d-B2Na5TCCqDHeU_Zvm21EL5CduHIGDSONmtvMyYQJHKzvMq-IXoPw9cgL9qJC0gFYQ1cGlgtxcQsqdFkPMzPwXWWMrYxw8wxStzDoi07jjfZlpd9V0FjNi_80dPaIcsSjM0_L-JHdX0YiEWjNJ7skwmcZ8itkl9t9f8acCtE9st7YoUm47q2e7JVMfXIbsYpCvsdQwfLAALArFLr5TSZZUmQmSWhpB6FFaC_0DoOBpDVabnWDCYlndJ3YcHLkLUDABXmoG0HfImpvzfZYNePjQiRpgOlMAKGWhFYxFV8SA4R-Ei5dFOqVfYRuy08lM8AsWtAqI20JaDUIRY8OBQQU5FAOWmFvBW6hr67f07ctna76D0KIRMM9u2dy2odrcmRpT5UZ7uSALaZBAUGkHqAoYXVeSmeADctSZtWCx7Ix1yGCAxipE35b1UNBsDQHadZ6dPcUTWj3yyKFXmQGp597WS5tFNV_l2g3eeT-SfcaoBaJshQdm3HgvhLqwOYdOT4Uf47aMHLshVIu3vFcPtKeTKYVAWFwVa1OJE8QH-znYrCQH040XqUbAKbBphqweBqP0BHDaEck7kUJq-SyUdb9AaE3339uOBdsqgkZnHIKdsytGZSUdvEuNOX3EJUfPgw3f8VR-o8qM4SRTn7kOBilHE8DjdIyiXgq5qGrvtdFR3ErMI15NfM2alcrbnVaOGzDXlwpX2CCy4x_bKLHq2IKqO4OpIH7H0AqofkFKUOhPBe8ER3lG5hskfTo3vUNVPRMuZmMDTBcp4TkWQCBhWgCzo0CArK_JUl1Wg7AMxWyTTf5azjJSYOS9AVjit_eT0TwXgyqWezmy_BXmrZ0_fXPD9IyHEkEfjJTvT3CYNMplbMFsJI_OHNb0f6PH7BsstDGf5zYw7OH_e5m2LU-MANK7jIYvc5UjXA7zsvsHxSwxBwj8zuFBhYPLdsyCgxaaRIPkB0RrXrq8pBj3ga1JQXeYfRMOcFfueFO7VeAJiCJQBnGHTAqPTlqD_uFwNtmrLbt2PbDbVJOKx6rNhZyjPtdb0i-VCUxYU2aTsh1DciN13eAhOOfg6ZJZ7tsZFN4Yg9pAGUw7D6pVoe6ZHuyXDSoI8n2L9OF9R90goYNohntooj_T2m0G6CBUJGHE8zII1qo4OYabzShHqG0yBmicMIfiu_hSiWfIKfpk4O0rxiXPY56jH_owyAmlUvwlH9yoe01QPtRV4s_YgXKyvry-ubAZjZj4rrUI3Py1piz09hc08_TJtLDOhPq7QuKhFD1zu_PjzSfwdrlf1tliptB4dRqYa4bEOOeK5LBarKb6_NpudVEjRL7eCDD_AckJOP60WciAXQMoDeaPbqG0BXIGlc9zOftl7CG_bSeg&cid=CAASEuRorZCX8T_c1SruUtDM2-LKqQ&rfl=2%2Chttp%253A%252F%252Fzdorovia.com.ua%242%2Chttp%253A%252F%252Fzdorovia.com.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:03:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2422
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
18418590997839133011
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Aug 2022 04:03:39 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/ Frame 98AD 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dp5k9vOvmhy6F7Cdi0mkvlBN912tzEaLpIma-kPGXDuG_kEgp9K6Pvma24nzZRWCwun9PSB_pRcGR15BSYX5ybyXm2cm6qw6sDwQ4z2T6o7SF22N7RUz59-xivk0YPw3pTrhqAu3BCwg8OuwM1i9DKZePSjw&dbm_d=AKAmf-DH-tgf49nii6ELay0ab-bNjB8MOUf0jMbGj7n82LBslHsqdl2jUPpAaVoaSBfViTdZcatzZ3lS7XQuaeVoX0T6LUhNUV8gE7gE1k_n4B8uXS7qXjSnn6p5ydeCsotcv73XRoTj1xW7-LUzDXNCp5urDZ2EiA1J9Pkzirts3tQRPB4YLFPLzJaKSrhzh58Wd7_oZcjlIK4eKcHjmhN7MJT3HEBHeZSj7bjXGzu5bQOt_eF6c3ET6cLsi18u7Hyta9ownBPtY_pQcD4yw6k_5IZSoP2EHrdimgWghEbqFE5OElxcHCnwaSMBfxizMiA8wghXpnIYhhwPICiqE8buPde1Dud6Sg4XuregGPUo32-svmsY2Gob9B3MW7excjWmwm8iFR8HDRc8bIzDTJ0tpY1YsdTzxqA1a7qhKUonIeV3rGpPxdTk3mAT3Q_lp6Z2bbk6A4ajMC9KuE2HHy3IL4BBslTo-1s3zZgqexpsOaB8WGibxPEKlLWKHVbAkfqgKm4iw6mHbHdCTMgRmNhwIpV68_pmnsO0Hl5btm1c48gs3oWSDIl6zGg9uSZOHFW11L_a9qmuNMggEtV6dnAWPlwU8xdvhwSBTdLQ7x12Nc2ZOSPURh6kOMmbtNiMiX2AgqEbKqzk5laM15o_Ppcgnufl_cnynxZAtrpvVEpKLn8EXO08siDYv8T3YorFmjw7vVgsnvyCGtMBF_QTE8wgOIdSmKWiDuUdaf4et8jEYUBtwhrfMkUjJ37h2P5aXpJWpfeDlRhKJtwbhbzuIYfEbF0rnFmVsbpt1A-Uz5x_TobBgR8SOPZmf-AcIRFGbdsOd75rUydL5tAi-fhfd9xrswXXxx6UmPKAwLSDMxVkYj6LB_OHauWn8iCysEVW2uU0Lqcpa8lwmRf-BW4bdg249nYv9pp8HG7RWyPMUb1VvWWtwz6vOdhW_-sQC937thr-frMUg2N4l_3zpAxWjg6lwYua2RWr8VI2HEtf05jioJq70nltodlH4ZkcT4wdV_AFQDD-dtAn6qlKbA4EMOnKqlfujZtkTuhvQp_Eo2yveH1kYaQq2TTcUu6W5yHBVfjtYQWYJwbtS25DAqx3X4HyFPDqfy0yk82_8lrIdIxc1WpJ0rio3VUBQYVpsHc3tP_M-76Fui7909J6uou6VF7lp8sKAKJJvzmaSnBIdqJpFRga0YN5dljzR4WpbSw5tLTXnrHaAyc5uZIhZCk3LGhgXvtzdNr4ZtQwS-UKFZAdWV9W4ZZEeQWcHf9oQ788jGJ_f_puuyPw2Psi50FYB2MAlVSMztMjKjWx8XYryvor_uTWCjFos1yIn79YALq_4KVyd7Z2yD0e8iJmiCfYFad0UIWtxBW3RNZhtpih2u3sEMRWB4pbOg-7IJRpSItVF27E7b6fldVr-tFDp2YOBqe4xaNf3X_k8F2ojPMA__URG_DeRcBvWgyiZZ9KPxrK1RiHv5xWEpBuzNZNqOTw69QvwZEbkNcTsilgOtGUMTlg_Qb4LqbnJwgW4NB9qGkoHIzDMFTggXX4x0aKhQQjd6CeoJCGPIVGscWQVlyIHblJHtLcYgCs47IfsMwepFSduuBELgj4cTU_oNPUBxOn920X2a3SNHzBq2n2a_UiSkRX5PXMxPi-Gjg81JFS9s2wsuCss-ZRIuLN0fw3RvushQK2n-ukg_C8YGcizLBPW1acHw5mdlwx0ntfkA5cvEeMR6ZOgqOM4HM_6rNZB77Bxh2y_IGUI0kGXONZy5e65upmKOD-b-xW29Egj_tE5TziV8daH1whpQDgr1FBZ5dVZD1OD4O2R7u92m91tY7T8TABt2B_L7nMp-AH9dYgkEWUmMwDgDhRsV8HTkmAOInTB4_74AZ1tets-ip5HbgnhYCIFTXxNI5v9UzdZ4vt9zMobMZ7t1YNi9c2L8RfBqWfE8DcI4sqA0dhIyHZ3qd7bNzNvEJpY09btM44Z2DjfvWx_2LN2l-5G60NaJS6jynM3APO2PFqyz3His9J0LV-SlZaYaIqHj-dXC0WoJYJMGj63j5_Iva_aBjUYuqMqfPvVlcOEwn8Mz6v5WdIMYpzOttVKMiKkmxoDK_yN_gpFeq0DmQWLPHJ3kUNpRy6N2mO6NmJ_ScdOOTDgbmayWGsAOlO3B97vxlFtKb21hhERXbzBzrcrfQZr9jw21Q2uweffCKWYGNnbs7CFnxGksekkpqJ_SGYNAh0fiqGSo69QO4d-B2Na5TCCqDHeU_Zvm21EL5CduHIGDSONmtvMyYQJHKzvMq-IXoPw9cgL9qJC0gFYQ1cGlgtxcQsqdFkPMzPwXWWMrYxw8wxStzDoi07jjfZlpd9V0FjNi_80dPaIcsSjM0_L-JHdX0YiEWjNJ7skwmcZ8itkl9t9f8acCtE9st7YoUm47q2e7JVMfXIbsYpCvsdQwfLAALArFLr5TSZZUmQmSWhpB6FFaC_0DoOBpDVabnWDCYlndJ3YcHLkLUDABXmoG0HfImpvzfZYNePjQiRpgOlMAKGWhFYxFV8SA4R-Ei5dFOqVfYRuy08lM8AsWtAqI20JaDUIRY8OBQQU5FAOWmFvBW6hr67f07ctna76D0KIRMM9u2dy2odrcmRpT5UZ7uSALaZBAUGkHqAoYXVeSmeADctSZtWCx7Ix1yGCAxipE35b1UNBsDQHadZ6dPcUTWj3yyKFXmQGp597WS5tFNV_l2g3eeT-SfcaoBaJshQdm3HgvhLqwOYdOT4Uf47aMHLshVIu3vFcPtKeTKYVAWFwVa1OJE8QH-znYrCQH040XqUbAKbBphqweBqP0BHDaEck7kUJq-SyUdb9AaE3339uOBdsqgkZnHIKdsytGZSUdvEuNOX3EJUfPgw3f8VR-o8qM4SRTn7kOBilHE8DjdIyiXgq5qGrvtdFR3ErMI15NfM2alcrbnVaOGzDXlwpX2CCy4x_bKLHq2IKqO4OpIH7H0AqofkFKUOhPBe8ER3lG5hskfTo3vUNVPRMuZmMDTBcp4TkWQCBhWgCzo0CArK_JUl1Wg7AMxWyTTf5azjJSYOS9AVjit_eT0TwXgyqWezmy_BXmrZ0_fXPD9IyHEkEfjJTvT3CYNMplbMFsJI_OHNb0f6PH7BsstDGf5zYw7OH_e5m2LU-MANK7jIYvc5UjXA7zsvsHxSwxBwj8zuFBhYPLdsyCgxaaRIPkB0RrXrq8pBj3ga1JQXeYfRMOcFfueFO7VeAJiCJQBnGHTAqPTlqD_uFwNtmrLbt2PbDbVJOKx6rNhZyjPtdb0i-VCUxYU2aTsh1DciN13eAhOOfg6ZJZ7tsZFN4Yg9pAGUw7D6pVoe6ZHuyXDSoI8n2L9OF9R90goYNohntooj_T2m0G6CBUJGHE8zII1qo4OYabzShHqG0yBmicMIfiu_hSiWfIKfpk4O0rxiXPY56jH_owyAmlUvwlH9yoe01QPtRV4s_YgXKyvry-ubAZjZj4rrUI3Py1piz09hc08_TJtLDOhPq7QuKhFD1zu_PjzSfwdrlf1tliptB4dRqYa4bEOOeK5LBarKb6_NpudVEjRL7eCDD_AckJOP60WciAXQMoDeaPbqG0BXIGlc9zOftl7CG_bSeg&cid=CAASEuRorZCX8T_c1SruUtDM2-LKqQ&rfl=2%2Chttp%253A%252F%252Fzdorovia.com.ua%242%2Chttp%253A%252F%252Fzdorovia.com.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:25:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1115
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11819
x-xss-protection
0
server
cafe
etag
10563440404697844360
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Aug 2022 04:25:26 GMT
truncated
/ Frame 7500 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bea4f71fbc2f72a8d092478d4b70c54348f5259c71b409ed23edb0bf4ffd1462

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
ptrack
a.audrte.com/ Frame B00D 		368 B
880 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptrack?arlocation=82.199.130.41&p=M1353665098&artime=2022-08-12T04:44:01.969Z&arlocation=YWRzLnVzLmUtcGxhbm5pbmcubmV0L3VzcGQvMS81NTQ1M2RlOTdhMTE4Y2U5P3J1aW1kPTEmZHU9aHR0cHMlM0ElMkYlMkZpbnYtbmV0cy5hZG1peGVyLm5ldCUyRmFkeGNtLmFzcHglM0Zzc3AlM0RENTZEQzA5RC1DMzlDLTRCRDYtQkQ3My0wM0NBQjREQTlDNTAlMjZpZCUzRCUyNFVJRA==&gdpr=0&gdpr_consent=null&gdpr_version=1&arreferer=emRvcm92aWEuY29tLnVhLw==
Requested by
Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.207.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-207-25.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
f2317be12e42eadd16e06351f8ee84c25a82c8b1811df6159fd499d8133ef81a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:44:02 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
https://ads.us.e-planning.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
263
generate_204
tpc.googlesyndication.com/ Frame 288A 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?k0OipA
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
integrator.js
adservice.google.de/adsid/ Frame 369C 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=file.adpartner.pro
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 12 Aug 2022 04:44:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 369C 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=file.adpartner.pro
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 12 Aug 2022 04:44:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 4C54 		17 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155820292&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1660279441768&bpp=5&bdt=108&idt=211&shv=r20220809&mjsv=m202208080101&ptt=5&saldr=sa&correlator=7012374508926&frm=8&ife=1&pv=2&ga_vid=512157470.1660279442&ga_sid=1660279442&ga_hid=1939227915&ga_fc=0&nhd=2&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=450867083&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31064018&oid=2&pvsid=1101300467501551&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.xk6nio62alsx&fsb=1&dtd=221
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
951ddd5d4b2422cbf8e42b83aaf29de8dffef686ad363dcf81d582e3fcba6e80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
8423
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Aug 2022 04:44:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame E8FB 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
44277
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 11 Aug 2022 16:26:05 GMT
expires
Fri, 11 Aug 2023 16:26:05 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 51E5 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
44277
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 11 Aug 2022 16:26:05 GMT
expires
Fri, 11 Aug 2023 16:26:05 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame D1D7 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220809&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro&bust=31068911
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
87379e9e46b3175db0905c6d5ffa9e5d705f48a3c1081605a267f709570578f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 12 Aug 2022 04:44:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10948
x-xss-protection
0
background_empty.jpg
file.adpartner.pro/2297/2297845/ Frame D1D7 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://file.adpartner.pro/2297/2297845/background_empty.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.123.132.26 Kyiv, Ukraine, ASN35680 (VOLIA, UA),
Reverse DNS
26.132.123.77.colo.static.dcvolia.com
Software
nginx /
Resource Hash
86785aca6fc8dddf864d7181f70ccee6f8b23b862ac3f78df065ed909c5b746e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/2297/2297845/zdorovia.com.ua_160x600_br1.html?content_width=980px&background_size=1710.5454545454545&top_padding=0&side_width=310&bg_url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fbackground_empty.jpg&unit_num=1550_2200341753400048&url=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F1550%2F2297845%2F4ca1a630-85e7-46c6-b0e3-47b175c540f0%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjYwMjc5NDM5LCJzaG93X2lkIjoiNGNhMWE2MzAtODVlNy00NmM2LWIwZTMtNDdiMTc1YzU0MGYwIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiNWY5ZThlYjktMDI4YS00YTdiLWIyYjctNjQzMGVhOTY5ODJiIiwicmVnaW9uX2lkIjo4Niwic3ViX3JlZ2lvbl9pZCI6MCwiY2l0eV9pZCI6MCwiaXNfcmVmcmVzaCI6ZmFsc2V9%26hash%3Dc611b8bc13cbc64a8fc5dbf77c5a900e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:02 GMT
last-modified
Fri, 03 Dec 2021 11:35:48 GMT
server
nginx
etag
"61aa0114-3439"
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
no-store
accept-ranges
bytes
content-length
13369
index.html
s0.2mdn.net/sadbundle/17540355389342664024/ Frame 7F0B 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17540355389342664024/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
081bea1f69d4c8d86fa4f6fd61ea4348249bc79e2b967399b96e72016e3676b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
229625
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1567
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 09 Aug 2022 12:56:57 GMT
expires
Wed, 09 Aug 2023 12:56:57 GMT
last-modified
Tue, 09 Aug 2022 12:44:01 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 7500 		0
64 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssJrpr-cmliQ5qZWt5Vz0B1ij5ojyH0gO5J9XsqSvGq4DuobdNv88AxeMQpjpmHVoN8Myg1kyXJpneibWQQrP1hc6dw597v1E08CRMi7IGUMU1ZedkKO-aTnFX7PcDxE4fVg2r0b4CLUp3xZCW44MXOh1IJvaLO9f8ErJaEGsX-tExwLEYifXWjlWtjiZdl7ZFnselR4CRH3xpg-S3AuztarpLyzGLKwVk_JswRN7yMeEPSwCMOsxBFjqynhWNh2LBSVyo6btC5BMGR6DvWab8Ha5og6CIrO_kSRf9BOc8r-9_R_3tMVR-xi8QHPoc20gAmm58LLLVVhT4ooqVPlV7i21wd53kT8qYzm6zN436FbeWLOJV5d2DVtwXnupBAKDxewpxD1uxfdrFWV8K9uNWAWP1cbORoayKNr79jfP9lSy77I4VvT43zK3oEgDMgKCL08x_VUQS03o4FtOedORapjuTFJlAtU2qIabClic-VDs0XapA4NhyNnfZ30VTdKfoUWJmIgilqMyWJbQekve1hUZtBOPcfeeR8dM6VxgPIk5zLCl_Bn53c2Wz6bDwquS_VxM2korkSyYlzRtwg2a4ua8f-IAy2k-EZopsi-NYxseXQdsNC8UcIwfdIfno_B_1MD9v20SWTaw4-NjIvpXTKLWFa106kRPWeZ3L8L5Plyv2VrM1KZbSCmgdsRqUY2M1FT_GQk2cg73NdZJlpi1tKEMlZHOkJOu1k-VtUzYR87vy-QhDwuIqTwSafe8l_V_-WmsQhf0XsmlAkBw_jxFXN07VDu974Grp1ZKZ4imWEeb-z0PqLzvgHzdGJ9vUu1gDRDMt4OtVZMaZPgSSPfPIQ08IHv9LLfHrLiAUAfk-60J1eMxHtfCojrJX2E-SML8J0FGG4rienno8lBB7FM3WPsxOloXXVIA4GiAiOC1tive-3Pxa8AqdVia7cxkUxPjOgthswiVDXIi03_AatNjXQJjjkcy6PdtTQNllxhDk_ge169B6Bzu2mR3wbJKzyH5xvQjHmv0NAz7kBPf8Pary4CK3sUv_Ox2IDvMfxAoEHoAmWJZxM0IFy8NAP1DTxBOtzmlaPr8hJmrQbNFpRzWKtYoA6d_93tj5k_e4rHiUOSdwWUGUPr2jWe5BoTig05eqnptZTQxvl5d4ovE20tYuss1voyQHGPvDDxjyWIPOsmZYHFHAf7tXHfX2SeI1976oE2dT3yGcO109O&sai=AMfl-YRhYCAeuisEWKjynUC7k55mcsxUK74WLyvku3Dl2gkm5LivOqP9UtNqlJRYk2gue_lp3DZAy14iiG9-kYV2E1JyI5hZX6G8wz0KPVIATLrF5gpu595-5Aiw5OXiE0ScUaVTgCd3XS4WpVlJXR8FbPGxg5XYzQ&sig=Cg0ArKJSzIU6PLVWgTSpEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=343&cbvp=1&cstd=341&cisv=r20220810.33726&adurl=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Fri, 12 Aug 2022 04:44:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
px.gif
d.adtriba.com/ Frame 7500
Redirect Chain
  • https://d.adtriba.com/collect?atb_ptid=f65079e0&atb_dcaid=202202_es_ukraine_dv_pros_330033531&atb_dpuid=di_dv&gdpr=&gdpr_consent=
  • https://d.adtriba.com/px.gif
42 B
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adtriba.com/px.gif
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417942&pi=t.ma~as.7553037928&w=728&lmt=1660279441&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1660279440592&bpp=4&bdt=1010&idt=435&shv=r20220809&mjsv=m202208080101&ptt=9&saldr=aa&correlator=7089674479857&frm=23&ife=5&pv=1&ga_vid=2117477704.1660279439&ga_sid=1660279439&ga_hid=377329752&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531514&oid=2&pvsid=2828283966670232&tmod=1092595463&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.tx2bxs9y3cti&fsb=1&dtd=451
Protocol
HTTP/1.1
Server
3.65.159.25 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-159-25.eu-central-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:44:02 GMT
Cache-Control
public, max-age=86400
Server
nginx/1.16.1
Connection
keep-alive
Content-Length
42
Content-Type
image/gif

Redirect headers

Date
Fri, 12 Aug 2022 04:44:02 GMT
Last-Modified
Fri, 12 Aug 2022 04:44:02 GMT
Server
nginx/1.16.1
P3P
CP="This is not a P3P policy! See https://www.adtriba.com/privacy-policy.html for more info."
Location
/px.gif
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 01:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 39C2
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEJUmIRGewR8GkQ1HootNU2Q&google_cver=1&google_push=AehlK4Dv9p2y9auvYcLqTOEZ7gc5k6lYEfMm3MEBpTOlSc0Cpg66tC6KZH...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AehlK4Dv9p2y9auvYcLqTOEZ7gc5k6lYEfMm3MEBpTOlSc0Cpg66tC6KZHROaAaA88YMQBjmW5KH2mseOGYWaPyzNFtCxc3fafyp&google_hm=-2HsBqsFYpG3...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AehlK4Dv9p2y9auvYcLqTOEZ7gc5k6lYEfMm3MEBpTOlSc0Cpg66tC6KZHROaAaA88YMQBjmW5KH2mseOGYWaPyzNFtCxc3fafyp&google_hm=-2HsBqsFYpG3LNkN0TiArw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417942&pi=t.ma~as.7553037928&w=728&lmt=1660279441&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1660279440592&bpp=4&bdt=1010&idt=435&shv=r20220809&mjsv=m202208080101&ptt=9&saldr=aa&correlator=7089674479857&frm=23&ife=5&pv=1&ga_vid=2117477704.1660279439&ga_sid=1660279439&ga_hid=377329752&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531514&oid=2&pvsid=2828283966670232&tmod=1092595463&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.tx2bxs9y3cti&fsb=1&dtd=451
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:02 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AehlK4Dv9p2y9auvYcLqTOEZ7gc5k6lYEfMm3MEBpTOlSc0Cpg66tC6KZHROaAaA88YMQBjmW5KH2mseOGYWaPyzNFtCxc3fafyp&google_hm=-2HsBqsFYpG3LNkN0TiArw
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 39C2
Redirect Chain
  • https://d.agkn.com/pixel/2175/?google_gid=CAESENBSQd3UWm0ulR9b0IwHL7k&google_cver=1&google_push=AehlK4A9byakA5svxBfhVa8KC9kIZvIRXU9skiRUCRoMDM0JezPNfT1fpe-WaOqD58CqxlZQKE7p1rs-6PcT5cASzJdww9CHGGRk
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4A9byakA5svxBfhVa8KC9kIZvIRXU9skiRUCRoMDM0JezPNfT1fpe-WaOqD58CqxlZQKE7p1rs-6PcT5cASzJdww9CHGGRk&google_hm=Q0FFU0VOQlNRZDNVV20wd...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4A9byakA5svxBfhVa8KC9kIZvIRXU9skiRUCRoMDM0JezPNfT1fpe-WaOqD58CqxlZQKE7p1rs-6PcT5cASzJdww9CHGGRk&google_hm=Q0FFU0VOQlNRZDNVV20wdWxSOWIwSXdITDdr
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417942&pi=t.ma~as.7553037928&w=728&lmt=1660279441&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1660279440592&bpp=4&bdt=1010&idt=435&shv=r20220809&mjsv=m202208080101&ptt=9&saldr=aa&correlator=7089674479857&frm=23&ife=5&pv=1&ga_vid=2117477704.1660279439&ga_sid=1660279439&ga_hid=377329752&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531514&oid=2&pvsid=2828283966670232&tmod=1092595463&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.tx2bxs9y3cti&fsb=1&dtd=451
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 04:44:01 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4A9byakA5svxBfhVa8KC9kIZvIRXU9skiRUCRoMDM0JezPNfT1fpe-WaOqD58CqxlZQKE7p1rs-6PcT5cASzJdww9CHGGRk&google_hm=Q0FFU0VOQlNRZDNVV20wdWxSOWIwSXdITDdr
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 39C2
Redirect Chain
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4DV02QV...
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4DV02QV...
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA4MTIwNDQ0MDIwMDAxNTcxNTU4NTI0NQ%3D%3D&google_push=AehlK4DV02QV5ltNw1CKcv6Lx3tbAboDvJzguneSB2sxtOwawzLcUZmOgxdU67pYSv5C9w...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA4MTIwNDQ0MDIwMDAxNTcxNTU4NTI0NQ%3D%3D&google_push=AehlK4DV02QV5ltNw1CKcv6Lx3tbAboDvJzguneSB2sxtOwawzLcUZmOgxdU67pYSv5C9wNrxckPfZlPteMssEw2cnuTnzhCE77y
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417942&pi=t.ma~as.7553037928&w=728&lmt=1660279441&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1660279440592&bpp=4&bdt=1010&idt=435&shv=r20220809&mjsv=m202208080101&ptt=9&saldr=aa&correlator=7089674479857&frm=23&ife=5&pv=1&ga_vid=2117477704.1660279439&ga_sid=1660279439&ga_hid=377329752&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531514&oid=2&pvsid=2828283966670232&tmod=1092595463&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.tx2bxs9y3cti&fsb=1&dtd=451
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA4MTIwNDQ0MDIwMDAxNTcxNTU4NTI0NQ%3D%3D&google_push=AehlK4DV02QV5ltNw1CKcv6Lx3tbAboDvJzguneSB2sxtOwawzLcUZmOgxdU67pYSv5C9wNrxckPfZlPteMssEw2cnuTnzhCE77y
pragma
no-cache
date
Fri, 12 Aug 2022 04:44:02 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
strict-transport-security
max-age=2628000
expires
Fri, 12 Aug 2022 04:44:02 GMT
dds
rtb.openx.net/sync/ Frame 39C2 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEH42-S2n4-4jqYzc6RvW9S4&google_cver=1&google_push=AehlK4C7Trd3xzAS6GWDLsmrsJsxapbAHFk_3XTHzx8OVdI9Xy1YaqJoPT5_JdibGOROPLcDIFQRqeEb60x4uOrJSRoXzN7pBMo
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417942&pi=t.ma~as.7553037928&w=728&lmt=1660279441&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1660279440592&bpp=4&bdt=1010&idt=435&shv=r20220809&mjsv=m202208080101&ptt=9&saldr=aa&correlator=7089674479857&frm=23&ife=5&pv=1&ga_vid=2117477704.1660279439&ga_sid=1660279439&ga_hid=377329752&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531514&oid=2&pvsid=2828283966670232&tmod=1092595463&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.tx2bxs9y3cti&fsb=1&dtd=451
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:01 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
t01m6snbb4rhukr5qfg6b86ee39p4hq3
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 39C2 		0
41 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEHj81avaMCn5IZ2OCgGOfDI&google_cver=1&google_push=AehlK4B-V2AV-xgq0cR6-HmI1TA9RN31PMLWm2IEwvNoVVAuRQml1pV8kwajTe5lcxfEUPBiRlDaMeus8lQBbJ861eQOM3RdqYpw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417942&pi=t.ma~as.7553037928&w=728&lmt=1660279441&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1660279440592&bpp=4&bdt=1010&idt=435&shv=r20220809&mjsv=m202208080101&ptt=9&saldr=aa&correlator=7089674479857&frm=23&ife=5&pv=1&ga_vid=2117477704.1660279439&ga_sid=1660279439&ga_hid=377329752&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531514&oid=2&pvsid=2828283966670232&tmod=1092595463&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.tx2bxs9y3cti&fsb=1&dtd=451
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 39C2
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEH9w_mGwe5QdVYu5Sw87G0I&google_cver=1&google_push=AehlK4DK-ya5mF2qcZQ2xWNugdKJxUDNDVaxyb1leggZGXKgcQT6M9l93kpiNHHEXNFqcNYQEeN...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZQWklHRVctQS1EWVE4&google_push=AehlK4DK-ya5mF2qcZQ2xWNugdKJxUDNDVaxyb1leggZGXKgcQT6M9l93kpiNHHEXNFqcNYQEeN7sTeqA1jmH3Rs-6fBzPUOyEzl
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZQWklHRVctQS1EWVE4&google_push=AehlK4DK-ya5mF2qcZQ2xWNugdKJxUDNDVaxyb1leggZGXKgcQT6M9l93kpiNHHEXNFqcNYQEeN7sTeqA1jmH3Rs-6fBzPUOyEzl
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417942&pi=t.ma~as.7553037928&w=728&lmt=1660279441&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1660279440592&bpp=4&bdt=1010&idt=435&shv=r20220809&mjsv=m202208080101&ptt=9&saldr=aa&correlator=7089674479857&frm=23&ife=5&pv=1&ga_vid=2117477704.1660279439&ga_sid=1660279439&ga_hid=377329752&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531514&oid=2&pvsid=2828283966670232&tmod=1092595463&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.tx2bxs9y3cti&fsb=1&dtd=451
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZQWklHRVctQS1EWVE4&google_push=AehlK4DK-ya5mF2qcZQ2xWNugdKJxUDNDVaxyb1leggZGXKgcQT6M9l93kpiNHHEXNFqcNYQEeN7sTeqA1jmH3Rs-6fBzPUOyEzl
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Expires
0
pixel
cm.g.doubleclick.net/ Frame 39C2
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELf1ITfet1dn7EA3YNlnV2I&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELf1ITfet1dn7EA3YNlnV2I&google_hm=YvXakKiDGI75kSTold2WjQAABHgAAAIB&google_nid=index&google_push=AehlK4COx9h8EYPEdM_EAAeNJ86c3EihtC2T9...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELf1ITfet1dn7EA3YNlnV2I&google_hm=YvXakKiDGI75kSTold2WjQAABHgAAAIB&google_nid=index&google_push=AehlK4COx9h8EYPEdM_EAAeNJ86c3EihtC2T9UotMCfN9LnR6yLb_bwp-oYwkpZKiikuJe-3BXlz027-cH5uaKEWUMVm9CEKkPAM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417942&pi=t.ma~as.7553037928&w=728&lmt=1660279441&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1660279440592&bpp=4&bdt=1010&idt=435&shv=r20220809&mjsv=m202208080101&ptt=9&saldr=aa&correlator=7089674479857&frm=23&ife=5&pv=1&ga_vid=2117477704.1660279439&ga_sid=1660279439&ga_hid=377329752&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531514&oid=2&pvsid=2828283966670232&tmod=1092595463&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.tx2bxs9y3cti&fsb=1&dtd=451
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4G2oOUE2vmXN5MzhQAP1yAPrRPZLBJSt3Djlv9jUdgPubGzmgoVl%2FEf5q7sJ3u8mULkuwG2SYZSP9%2F3xxeLSD%2BqEmiGCDIZ4HhV9WFQ6mCtmaDKtJhROg0yflVS5317lmnHeclGJIPNXcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELf1ITfet1dn7EA3YNlnV2I&google_hm=YvXakKiDGI75kSTold2WjQAABHgAAAIB&google_nid=index&google_push=AehlK4COx9h8EYPEdM_EAAeNJ86c3EihtC2T9UotMCfN9LnR6yLb_bwp-oYwkpZKiikuJe-3BXlz027-cH5uaKEWUMVm9CEKkPAM
cache-control
no-cache
cf-ray
73968db0efd972f7-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
attr
cm.g.doubleclick.net/pixel/ Frame 39C2 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LRIjqmcqbqoCddAAFT9d-9PGiGvDLcuXo1BkscR4kl5xvCZlBLZWuR2bo08Hx0uhpPsTb9
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417942&pi=t.ma~as.7553037928&w=728&lmt=1660279441&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1660279440592&bpp=4&bdt=1010&idt=435&shv=r20220809&mjsv=m202208080101&ptt=9&saldr=aa&correlator=7089674479857&frm=23&ife=5&pv=1&ga_vid=2117477704.1660279439&ga_sid=1660279439&ga_hid=377329752&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531514&oid=2&pvsid=2828283966670232&tmod=1092595463&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.tx2bxs9y3cti&fsb=1&dtd=451
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:02 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 43B4
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEJUmIRGewR8GkQ1HootNU2Q&google_cver=1&google_push=AehlK4DeCUeUytkRYBozSM3M0bqoZSpDkAIF023lDmFSczuL4CwHSdCt5q...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AehlK4DeCUeUytkRYBozSM3M0bqoZSpDkAIF023lDmFSczuL4CwHSdCt5qPnT5fNntU2q9873lyLvIUK1qYjoRgJgbhJxuG_wmaCEQ&google_hm=-2HsBqsFYp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AehlK4DeCUeUytkRYBozSM3M0bqoZSpDkAIF023lDmFSczuL4CwHSdCt5qPnT5fNntU2q9873lyLvIUK1qYjoRgJgbhJxuG_wmaCEQ&google_hm=-2HsBqsFYpG3LNkN0TiArw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417943&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1660279441&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1660279440660&bpp=3&bdt=1067&idt=336&shv=r20220809&mjsv=m202208090101&ptt=9&saldr=aa&correlator=7089674479857&frm=23&ife=5&pv=2&ga_vid=2117477704.1660279439&ga_sid=1660279439&ga_hid=1414994226&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763827%2C31068864%2C44766069%2C31062931&oid=2&pvsid=718410753625640&tmod=1497680027&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.kortct4z2o7u&fsb=1&dtd=348
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:02 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AehlK4DeCUeUytkRYBozSM3M0bqoZSpDkAIF023lDmFSczuL4CwHSdCt5qPnT5fNntU2q9873lyLvIUK1qYjoRgJgbhJxuG_wmaCEQ&google_hm=-2HsBqsFYpG3LNkN0TiArw
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 43B4
Redirect Chain
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAehlK4DMCAen067fnb-upMj_d6-kiJ5rEEfgYRvjPTr...
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXZYYWtBQUZ6bVp4a1FCQw&google_push=AehlK4DMCAen067fnb-upMj_d6-kiJ5rEEfgYRvjPTrpJqv4Wwkilhzb4x6nl7flO7mnc9TF6Z-F8i2graWy_PkYmFgChpwEiQ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXZYYWtBQUZ6bVp4a1FCQw&google_push=AehlK4DMCAen067fnb-upMj_d6-kiJ5rEEfgYRvjPTrpJqv4Wwkilhzb4x6nl7flO7mnc9TF6Z-F8i2graWy_PkYmFgChpwEiQ9uJw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417943&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1660279441&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1660279440660&bpp=3&bdt=1067&idt=336&shv=r20220809&mjsv=m202208090101&ptt=9&saldr=aa&correlator=7089674479857&frm=23&ife=5&pv=2&ga_vid=2117477704.1660279439&ga_sid=1660279439&ga_hid=1414994226&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763827%2C31068864%2C44766069%2C31062931&oid=2&pvsid=718410753625640&tmod=1497680027&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.kortct4z2o7u&fsb=1&dtd=348
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXZYYWtBQUZ6bVp4a1FCQw&google_push=AehlK4DMCAen067fnb-upMj_d6-kiJ5rEEfgYRvjPTrpJqv4Wwkilhzb4x6nl7flO7mnc9TF6Z-F8i2graWy_PkYmFgChpwEiQ9uJw
Date
Fri, 12 Aug 2022 04:44:02 GMT
Server
Apache
Connection
keep-alive
Content-Length
393
Content-Type
text/html; charset=iso-8859-1
pixel
cm.g.doubleclick.net/ Frame 43B4
Redirect Chain
  • https://d.agkn.com/pixel/2175/?google_gid=CAESENBSQd3UWm0ulR9b0IwHL7k&google_cver=1&google_push=AehlK4B4rnq3PUq-k5EjH07_4WXJ9uJcqYA46XSZbRzGpknoURCPK0Mzikka4jigaZLe74nCXN38a8rkijQalWW4uGIN4qWhwa8J
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4B4rnq3PUq-k5EjH07_4WXJ9uJcqYA46XSZbRzGpknoURCPK0Mzikka4jigaZLe74nCXN38a8rkijQalWW4uGIN4qWhwa8J&google_hm=Q0FFU0VOQlNRZDNVV20wd...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4B4rnq3PUq-k5EjH07_4WXJ9uJcqYA46XSZbRzGpknoURCPK0Mzikka4jigaZLe74nCXN38a8rkijQalWW4uGIN4qWhwa8J&google_hm=Q0FFU0VOQlNRZDNVV20wdWxSOWIwSXdITDdr
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417943&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1660279441&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1660279440660&bpp=3&bdt=1067&idt=336&shv=r20220809&mjsv=m202208090101&ptt=9&saldr=aa&correlator=7089674479857&frm=23&ife=5&pv=2&ga_vid=2117477704.1660279439&ga_sid=1660279439&ga_hid=1414994226&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763827%2C31068864%2C44766069%2C31062931&oid=2&pvsid=718410753625640&tmod=1497680027&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.kortct4z2o7u&fsb=1&dtd=348
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 04:44:02 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4B4rnq3PUq-k5EjH07_4WXJ9uJcqYA46XSZbRzGpknoURCPK0Mzikka4jigaZLe74nCXN38a8rkijQalWW4uGIN4qWhwa8J&google_hm=Q0FFU0VOQlNRZDNVV20wdWxSOWIwSXdITDdr
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
466606.gif
id.rlcdn.com/ Frame 43B4 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/466606.gif?cparams=google_push%3DAehlK4A90FnsA1lBiYmOqsf1TJmlw-T4A-vJhsGEgCZPpShV3IZCC6Qxmw_oL28mt4hsH6FbSQDNPQjtUohxsjgk6rWOyhCP7VkF-Q&google_gid=CAESECZewzW-kdFjHmkGejJqJvc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417943&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1660279441&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1660279440660&bpp=3&bdt=1067&idt=336&shv=r20220809&mjsv=m202208090101&ptt=9&saldr=aa&correlator=7089674479857&frm=23&ife=5&pv=2&ga_vid=2117477704.1660279439&ga_sid=1660279439&ga_hid=1414994226&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763827%2C31068864%2C44766069%2C31062931&oid=2&pvsid=718410753625640&tmod=1497680027&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.kortct4z2o7u&fsb=1&dtd=348
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:02 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
dds
rtb.openx.net/sync/ Frame 43B4 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEH42-S2n4-4jqYzc6RvW9S4&google_cver=1&google_push=AehlK4DR0PBZz7icX1Pm4JZybGZ-WAc8qLHzsh_izn98CXgwWyOhhAqq_fBUR9x6klkTz7dnC62VmgI-deEoiRWLAaCRxXZx7kXsFg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417943&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1660279441&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1660279440660&bpp=3&bdt=1067&idt=336&shv=r20220809&mjsv=m202208090101&ptt=9&saldr=aa&correlator=7089674479857&frm=23&ife=5&pv=2&ga_vid=2117477704.1660279439&ga_sid=1660279439&ga_hid=1414994226&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763827%2C31068864%2C44766069%2C31062931&oid=2&pvsid=718410753625640&tmod=1497680027&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.kortct4z2o7u&fsb=1&dtd=348
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:01 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
l1er2pda91esno2ofcfknfqoc3k4cc34
pixel
cm.g.doubleclick.net/ Frame 43B4
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEH9w_mGwe5QdVYu5Sw87G0I&google_cver=1&google_push=AehlK4DOK5d0jCGDl3ihOeEHNcxOv_SqZ2fhGzzEvRQiIJR79jZDUQBJNmtttR0-6k-VTHE6WHE...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZQWklHSFQtMTQtQlA4VQ==&google_push=AehlK4DOK5d0jCGDl3ihOeEHNcxOv_SqZ2fhGzzEvRQiIJR79jZDUQBJNmtttR0-6k-VTHE6WHE9vsyAAmbbGMq54pUu0k2G1siM_A
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZQWklHSFQtMTQtQlA4VQ==&google_push=AehlK4DOK5d0jCGDl3ihOeEHNcxOv_SqZ2fhGzzEvRQiIJR79jZDUQBJNmtttR0-6k-VTHE6WHE9vsyAAmbbGMq54pUu0k2G1siM_A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417943&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1660279441&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1660279440660&bpp=3&bdt=1067&idt=336&shv=r20220809&mjsv=m202208090101&ptt=9&saldr=aa&correlator=7089674479857&frm=23&ife=5&pv=2&ga_vid=2117477704.1660279439&ga_sid=1660279439&ga_hid=1414994226&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763827%2C31068864%2C44766069%2C31062931&oid=2&pvsid=718410753625640&tmod=1497680027&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.kortct4z2o7u&fsb=1&dtd=348
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZQWklHSFQtMTQtQlA4VQ==&google_push=AehlK4DOK5d0jCGDl3ihOeEHNcxOv_SqZ2fhGzzEvRQiIJR79jZDUQBJNmtttR0-6k-VTHE6WHE9vsyAAmbbGMq54pUu0k2G1siM_A
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Expires
0
trk
ag.innovid.com/ Frame 43B4 		43 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ag.innovid.com/trk?tid=11711&google_gid=CAESEDTn3M2_hxS3E3PVK04r81Y&google_cver=1&google_push=AehlK4C3mt6sutOzNFWxNLbv3ypNjvih_ew8l2skO8T76Kq4wQ3-KUD_k1fCScwCxeTramVb6pTTdpPiL1W7ePpVSrkUF3nCO0OoDg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417943&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1660279441&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1660279440660&bpp=3&bdt=1067&idt=336&shv=r20220809&mjsv=m202208090101&ptt=9&saldr=aa&correlator=7089674479857&frm=23&ife=5&pv=2&ga_vid=2117477704.1660279439&ga_sid=1660279439&ga_hid=1414994226&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763827%2C31068864%2C44766069%2C31062931&oid=2&pvsid=718410753625640&tmod=1497680027&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.kortct4z2o7u&fsb=1&dtd=348
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d01c:1d8:8100:ef96:9ea8:1cfe:fd9 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:02 GMT
cache-control
no-cache
content-type
image/gif
content-length
43
request-time
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame 43B4 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KwiH2SbHQd1S3cQNuf_LxSrSs-bFGZ50Y80M37lQEvrJ4OCIKoKA5cAFNwtmwwCXm7dUOZ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417943&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1660279441&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1660279440660&bpp=3&bdt=1067&idt=336&shv=r20220809&mjsv=m202208090101&ptt=9&saldr=aa&correlator=7089674479857&frm=23&ife=5&pv=2&ga_vid=2117477704.1660279439&ga_sid=1660279439&ga_hid=1414994226&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763827%2C31068864%2C44766069%2C31062931&oid=2&pvsid=718410753625640&tmod=1497680027&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.kortct4z2o7u&fsb=1&dtd=348
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:02 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
sodar
pagead2.googlesyndication.com/getconfig/ Frame 9639 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220809&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
50960b805a43cf5d098994ee13cdfdcddb3631a55175201006488e780636de5c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 12 Aug 2022 04:44:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11196
x-xss-protection
0
p
a.audrte.com/ Frame 6723
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=2507871231717652556
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
34.200.207.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-207-25.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:44:02 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Fri, 12 Aug 2022 04:44:02 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
p
a.audrte.com/ Frame 6723
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=3i3FnTdTx5aSWKdcGOBmmkjnQ&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=3i3FnTdTx5aSWKdcGOBmmkjnQ&gdpr=0&gdpr_consent=&google_gid=CAESEI-6XlN7DtuiMh33d456ojE&google_cver=1
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
34.200.207.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-207-25.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:44:02 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Fri, 12 Aug 2022 04:44:02 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
/
ps.eyeota.net/pixel/bounce/ Frame 6723
Redirect Chain
  • https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=3i3FnTdTx5aSWKdcGOBmmkjnQ&gdpr=0&gdpr_consent=
  • https://ps.eyeota.net/pixel/bounce/?pid=kh51m51&t=ajs&uid=3i3FnTdTx5aSWKdcGOBmmkjnQ&gdpr=0&gdpr_consent=
1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/pixel/bounce/?pid=kh51m51&t=ajs&uid=3i3FnTdTx5aSWKdcGOBmmkjnQ&gdpr=0&gdpr_consent=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
3.125.70.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-70-222.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:44:02 GMT
Content-Type
application/javascript
Content-Length
1239
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location
/pixel/bounce/?pid=kh51m51&t=ajs&uid=3i3FnTdTx5aSWKdcGOBmmkjnQ&gdpr=0&gdpr_consent=
Date
Fri, 12 Aug 2022 04:44:02 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
generate_204
tpc.googlesyndication.com/ Frame B162 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?acPFIA
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:02 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
index.html
s0.2mdn.net/sadbundle/10562741012611280829/ Frame DD8C 		15 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/10562741012611280829/index.html?e=69&leftOffset=0&topOffset=0&c=3AyXPlNykl&t=1&renderingType=2&ev=01_247
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dd9cba424ea1205b288794c3c02af5acf41f97daaf3171bd653401bbcedbc07f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2283
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 12 Aug 2022 04:44:02 GMT
expires
Sat, 12 Aug 2023 04:44:02 GMT
last-modified
Thu, 21 Jul 2022 07:05:26 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 3AC6 		0
622 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu1JQLvMHJGsxG9LGA8javN4pXZ4RYhSNHT2vUS_S_Am7Q5c-hrgQ-ffWaHkj4Cm4t3ibK9GIo_p3vGb5sCaRD6aSmVx2CAIEFfhFtUAtORYxBvVisu9zmdCI8BbUZ3JiH1aFILojrrsuoMoABUCZAoNt2lQnm6C9jiuBrPdVdr0VWhjyUJLjnTHZR12Hxa4LC91VQKZq3VHJOkxsbcs1YaeEBv57EwJKNGrNsYVlwce2-VhJjsi_E3Jkb9QDWBMDuG3_FdVH91aVCuMFc4ELXBT1QIfNSHmO2gAAIn648zgpuuE8jXblqpwxqxmOk7o8AvNmZRSfA2IciryVdnsQJG4Elp3xwW0GOnGPtfZ-20Z82lo5yojsASksUiEYfBSXRx8NzCzTSYnVrU8gXD3BC056H8tW-GSi9mPgM2j-fv34gBcMnSrIA_i5Tg4_MBNUHCPw1VBuwVNYJ2wiXq92viRyJyMZJ8EfOK2menUp5MRzxi_Lyqb4az2uZl4V4ZvoyW8s0QxoxSh87wtE4jCjgr0qYs7CAQJSyNGYE0aIMiED0rEemumsZ7LWocBLA2XXBQergxBVDlmNKel7K-4-oc5K22_zV7iAjBNcP-H6pMS5NHgWJlwM5tEyTxLe6jV4cS5feJ4DGt2l0n002jt9b3FqJRidhgSANysWN6zGS_aN3geT9WA_ctukFI95DFW0g8Yz2kHcAwZIIbLGcbUChP7Y99r_9rC5Pgjq888gMmf172QX5x5Xh-tvDBi76oF3c6UdWQHyaUsZXZmrIxyjEhUGsQNQcbZgj_CGyc7_84fPvsxQe-hy3CslhE_adZYfee-H3gxSPqvdjy5njn10TwqHHOT6q3kpi5iLyP5pBeJkECAjt4FtJRU8imW8tHAN_fEBwUoEeWjwJJoczBC80P_kBaLylQGgeYQfCUlLYue_mR0SkAls2fLPtgHUS2vg-HS9NROic8CICq3GusH8jgvN8Z7KqD7pudlrChcWA9QPuplVQJ_JX3_XMpLnOIIAT9oE3VO7sCM7VYlcLLwYYTzKMYS_IzGUu56LqV-zv3ha7Bqf12-46cyjIe5SEn5On1NmFvldLtb9FzeD9vnLJ0M5J10bOyohzl9Xs218N2CAjk5tsWqXFz1cPItgvp9SYNmhshuBXbOpzCuVux0nOiEPeXT9vmxEXTC88hWiWzWR0nrBtQLlOiP62jWV9sZ6kGvXS8FPo&sai=AMfl-YRp80SuRn9g9ylXscFdOYVaZL73re3mlAOk77dOFWGzLceDT2O4P0loeeCGq20pjJiXzBxvS15IfefYxnXshJGzp5lyExqNRqrbOd3tvqJGGAUs7r9HnNMCRBigafs0-viWHJttKvgux-MgrrtuBYMMB1Tf6g&sig=Cg0ArKJSzKn_CXROJ9mAEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=372&cbvp=1&cstd=368&cisv=r20220810.88626&adurl=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Fri, 12 Aug 2022 04:44:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 98AD 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417948&pi=t.ma~as.6208660382&w=300&lmt=1660279441&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1660279440821&bpp=3&bdt=626&idt=287&shv=r20220809&mjsv=m202208090101&ptt=9&saldr=aa&correlator=7089674479857&frm=23&ife=5&pv=1&ga_vid=2117477704.1660279439&ga_sid=1660279439&ga_hid=1055133219&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=914&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068911%2C31062930&oid=2&pvsid=1068919097747722&tmod=471124192&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.nfvot6esipdg&fsb=1&dtd=298
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 16:26:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
44277
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Aug 2023 16:26:05 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame D779 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417948&pi=t.ma~as.6208660382&w=300&lmt=1660279441&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1660279440821&bpp=3&bdt=626&idt=287&shv=r20220809&mjsv=m202208090101&ptt=9&saldr=aa&correlator=7089674479857&frm=23&ife=5&pv=1&ga_vid=2117477704.1660279439&ga_sid=1660279439&ga_hid=1055133219&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=914&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068911%2C31062930&oid=2&pvsid=1068919097747722&tmod=471124192&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.nfvot6esipdg&fsb=1&dtd=298
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
44205
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 11 Aug 2022 16:27:17 GMT
etag
48472445140208031
expires
Fri, 12 Aug 2022 16:27:17 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 98AD 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ffbaf894ea765be1b967e83fcf8669ade7f4f8282185562276aa7902379e7e99

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
/
ps.eyeota.net/pixel/bounce/ Frame 4504
Redirect Chain
  • https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=3i36soJlC-gQ-qk8155oIRZQg&gdpr=0&gdpr_consent=
  • https://ps.eyeota.net/pixel/bounce/?pid=kh51m51&t=ajs&uid=3i36soJlC-gQ-qk8155oIRZQg&gdpr=0&gdpr_consent=
1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/pixel/bounce/?pid=kh51m51&t=ajs&uid=3i36soJlC-gQ-qk8155oIRZQg&gdpr=0&gdpr_consent=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
3.125.70.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-70-222.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:44:02 GMT
Content-Type
application/javascript
Content-Length
1239
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location
/pixel/bounce/?pid=kh51m51&t=ajs&uid=3i36soJlC-gQ-qk8155oIRZQg&gdpr=0&gdpr_consent=
Date
Fri, 12 Aug 2022 04:44:02 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
p
a.audrte.com/ Frame 4504
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=2507871231717652556
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
34.200.207.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-207-25.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:44:02 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Fri, 12 Aug 2022 04:44:02 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
p
a.audrte.com/ Frame 4504
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=3i36soJlC-gQ-qk8155oIRZQg&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=3i36soJlC-gQ-qk8155oIRZQg&gdpr=0&gdpr_consent=&google_gid=CAESEI-6XlN7DtuiMh33d456ojE&google_cver=1
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
34.200.207.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-207-25.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:44:02 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Fri, 12 Aug 2022 04:44:02 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
generate_204
tpc.googlesyndication.com/ Frame F52B 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?bJM6CA
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:02 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
/
ps.eyeota.net/pixel/bounce/ Frame B00D
Redirect Chain
  • https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=3i36soJlC-gQ-qk8155oIRZQg&gdpr=0&gdpr_consent=
  • https://ps.eyeota.net/pixel/bounce/?pid=kh51m51&t=ajs&uid=3i36soJlC-gQ-qk8155oIRZQg&gdpr=0&gdpr_consent=
1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/pixel/bounce/?pid=kh51m51&t=ajs&uid=3i36soJlC-gQ-qk8155oIRZQg&gdpr=0&gdpr_consent=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
3.125.70.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-70-222.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:44:02 GMT
Content-Type
application/javascript
Content-Length
1239
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location
/pixel/bounce/?pid=kh51m51&t=ajs&uid=3i36soJlC-gQ-qk8155oIRZQg&gdpr=0&gdpr_consent=
Date
Fri, 12 Aug 2022 04:44:02 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
p
a.audrte.com/ Frame B00D
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=2507871231717652556
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
34.200.207.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-207-25.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:44:02 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Fri, 12 Aug 2022 04:44:02 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
p
a.audrte.com/ Frame B00D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=3i36soJlC-gQ-qk8155oIRZQg&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=3i36soJlC-gQ-qk8155oIRZQg&gdpr=0&gdpr_consent=&google_gid=CAESEI-6XlN7DtuiMh33d456ojE&google_cver=1
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
34.200.207.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-207-25.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:44:02 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Fri, 12 Aug 2022 04:44:02 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
index.html
s0.2mdn.net/sadbundle/1959314168492866429/ Frame B546 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/1959314168492866429/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c7e7c9a58c561d93f29fab3943724cefdd1bb12a6183e2b449a56236f8cc783b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
229694
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1568
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 09 Aug 2022 12:55:48 GMT
expires
Wed, 09 Aug 2023 12:55:48 GMT
last-modified
Tue, 09 Aug 2022 12:43:28 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 98AD 		0
64 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv_ft-Vtw244JJKmG6Z2xAHF4ay1cwJLOqXK7qC3FKb2rG5SqAxhOQtYl_p13-5XUhTLBV1sqF-n9IWM9HQCnYocsXVouZuqbRZ9Y4bUbb69lOgC79jkgIgkkpFCvhL1QLZin70esw9drbOczuM-EFh3p-TxYnwPSv_yPI1_03J6qTf1GLAGcPYbXisoRWc0XnCmaqM8rDeVzf1JKjJGzbI6vw4XlkdYcD11PsnG380ca1OfN0EJqLcYmmbwM2TkYTTIOH8nJwSR4JMlfScmB4W6kVSHBcghthKNS-Kd8zVbqBFPxL1rDyh4KfVMjUlG-T53XVnRYTog4M9AZJT2qapOap9PSo5opXFZif43tMKh4Rf3sa9CGpoECQ91EJrBRJlXyvEAH4CunA_dDGBI8PRABGg5hN2m3XUN6h5-TiXdCHsHpG1n0ttBO8gcXsHsiQZQ4B88RXUYWAOhXGr_YXlLlh0HxwW5tDclUIhPcGJX8j3YSayJ_sgI6mNFvubhOVWTX0P4M__0cjbbC61vqGtplKZK9deOSG_zLkEsOFMKjq-jgUIIQddZrMc8i0DQehCSSEasNAtcHDbGxh20Zn9iPV_AFPREghUijczYUyxLxK3cb0ho5QyrEnkXPCU9iDGgXm7HPshEXB5hLEWuUtT95Mnjch-V-UFm0cimjl6gtRpthfCl3dKZPyLdovTXhRKiQG0O8gaCKIrBgsmRUKhzEZvvXvB6stCQ4TMozHOsbG8IBgJcUXLsUrGJQO7gmKDvuVXh3s-ecmE3vosnenFSDVaFgUWg3PCWaL5gan73WQCog37K70sqctUkzWWUQbf0mx6R3I_h1_-TzMO6lynxNsmjJoAMi1aeEwlK2WaNtC2gE0jMJAUbcA-2jKDm9VBoZU-stERse-aF0Y0iUaR5kfIS2gu7NgULe2_o4_aspJ49T_ly0u6_sGz_ArNQU-5K-tKDhKIJg4zrk6whlzsNYCmh7jEjKp6mo7NKfQXrO2HBbJXHJL4XUuFZb9al5VVNbsBo5K67NGNj8I_9aE3buBy5y6jyCmZ3xs-bOUXdVDFSxHhaxT_hfZKUzq0A-Z1k4o6lc3zBaezXFXcluiGGCz6iTMaTVAmhOnHVhBtxwB-L_65VElUOjFW-t06-XNK5earDLIYJcZwQvHOt0ZsBOSdaXYQUT7rMqnQb8625NzyHWVQUSiEOe-CQ68AQKVsujBCBQxkaNxj&sai=AMfl-YSvOjdP1Knlz2rqivZ15AOKFM5PVT9dhrlivNIkqjqAgvodN2oFvm9fjjKCsUYwPJd36wPRQqEq0tHlgEC2kycG18j7uhV76uy5UsGlocft4JeseJkRTI7sjNw5vN2Kc0ZLDH1Axx3nAHGe4ruRCWhasYIy7w&sig=Cg0ArKJSzMRPK-u2pwtsEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=239&cbvp=1&cstd=237&cisv=r20220810.53194&adurl=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Fri, 12 Aug 2022 04:44:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
px.gif
d.adtriba.com/ Frame 98AD
Redirect Chain
  • https://d.adtriba.com/collect?atb_ptid=f65079e0&atb_dcaid=202202_es_ukraine_dv_pros_330033534&atb_dpuid=di_dv&gdpr=&gdpr_consent=
  • https://d.adtriba.com/px.gif
42 B
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adtriba.com/px.gif
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417948&pi=t.ma~as.6208660382&w=300&lmt=1660279441&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1660279440821&bpp=3&bdt=626&idt=287&shv=r20220809&mjsv=m202208090101&ptt=9&saldr=aa&correlator=7089674479857&frm=23&ife=5&pv=1&ga_vid=2117477704.1660279439&ga_sid=1660279439&ga_hid=1055133219&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=914&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068911%2C31062930&oid=2&pvsid=1068919097747722&tmod=471124192&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.nfvot6esipdg&fsb=1&dtd=298
Protocol
HTTP/1.1
Server
3.65.159.25 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-159-25.eu-central-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 04:44:02 GMT
Cache-Control
public, max-age=86400
Server
nginx/1.16.1
Connection
keep-alive
Content-Length
42
Content-Type
image/gif

Redirect headers

Date
Fri, 12 Aug 2022 04:44:02 GMT
Last-Modified
Fri, 12 Aug 2022 04:44:02 GMT
Server
nginx/1.16.1
P3P
CP="This is not a P3P policy! See https://www.adtriba.com/privacy-policy.html for more info."
Location
/px.gif
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 01:00:00 GMT
um
u-ams02.e-planning.net/ Frame D0B4 		42 B
103 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u-ams02.e-planning.net/um?dc=3ab023ac29ea5990&fi=0d8eb1f604441514&uid=f480e52263601e65ea80c40c597af449
Requested by
Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3ab023ac29ea5990%26fi%3D0d8eb1f604441514%26uid%3D%7B%7BVID%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.249 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://vid.vidoomy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-type
image/gif
date
Fri, 12 Aug 2022 04:44:02 GMT
server
openresty
um
u-ams02.e-planning.net/ Frame 8658 		42 B
103 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u-ams02.e-planning.net/um?dc=3ab023ac29ea5990&fi=0d8eb1f604441514&uid=f66c2b0869940a26a878505394b8e720
Requested by
Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3ab023ac29ea5990%26fi%3D0d8eb1f604441514%26uid%3D%7B%7BVID%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.249 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://vid.vidoomy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-type
image/gif
date
Fri, 12 Aug 2022 04:44:02 GMT
server
openresty
sodar
pagead2.googlesyndication.com/pagead/ Frame 8FA9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220809&jk=1068919097747722&bg=!ZmWlZSHNAAa4hXTbmIU7ACkAdvg8WpAQcPtdB7BZsYC60Gd14TVd_r5IfDvny50bbafvMiH_acaKMgIAAAE2UgAAAARoAQcKALM4t2P2sGGvJJbA1b-aaN5emZcUmMvbpKOnH1k1v1aWV0LOzTCgIlZFeDLUd55rDE655ANiqBhj0isUyWqMFR6VVqJuY7pDWbOFdeCmnFztrvient5ae6w41dA3pAFTFMgQNe0xP-iguQrBNM2ANgDSmsKysZ4Z6o0AAN-qRo_zbaA7yxSi5mSFJeRNeUwMx4UV35Hh-Hm7cifaSN7OWxAIeNOcf7bE60MjsppLxeGs6ueDB5kCtnbEQ7QFqZt4JZvx1dKJdRWVo4nIep105lJQFp9zuR4q7I7apzyQ7sUcb9C8YebiWboevpGRF3Ys9J_NLg3D_HGhzvRxDo-yRHq9j3finDRzpmih1zb5RXS_ouhmh_NU4vHUIQ8JLCfU3NMDTO5D3krl2BKhhLt00Ht3xNBZsdEC0Fsgv0R2wLMvq01gfyyJJ7pOwWcakJsMxbu5bv4idnZUfoy2dqFrrb12mP6RScwFuGp0tYneQAgS7GkY9A3I-DpcwoQ19VTsFFOUIPzWy8nFCm8U45tAMCUt9xPPpScpbfBrAbl1zsrQWR_bBcsUtst9tkoa4-v9-J_PakSy2moMPjqlYVgLUOX0qaHwPvLohf-9qCQ50NI-aMuNQUhzUGL5mD7UufwgwTYxwxEa5Ul7Fcr5nhBjuooqJuQBBSTF1Y13ztgs1mU6LcDCDgyh9Uwa3B5bequR59tI1YQWOE8yCBgS8gVoIipY7zJ1LvpfZ6FFLpWUNHOJLP4X9l8jrv_rKhsBwGJgda9dPU62xr0S9cokbH1hF_V5Fz6teTlCEFKixXiUL7HFs-fvN1qJmGQSHrdALWpRIsCosYBxkzA2XM7tymbSkDVClIzq5yAN_SjAqXjC4ttuZ30159sy40BXnnroZ_xeMbWAXq2B2KTJfxD07_kbW7cbh4yiKrNf5zzT1vNRJ_pk8MuWf4Yhe1qCaIOI-qPFQhyKNkUn9lV5CQy49KxBLUd-P78FQ8R63v6RO2WQMebBfh7tsdxP0YOLDwhmRP09VbW1ywg-cylWO6uagmcE4q4N6O6ZsEmkdVQak-Jn7SRC7AavBmG0u7MBDocxkzHZKHNMefHVn2UHuoWEYuc3z8dgfqbhyVpxVRe67y9knN4nNnjdtHiboEiggILp6SEckegGL4B2JAUGdt2bsmc
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame B609 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220809&jk=2828283966670232&bg=!lJell9PNAAa4hXTbmIU7ACkAdvg8WoDL-GaxEnDxTmAD9_1jqXQ7gL0eJ08BBKCgECcsoNl52TO58wIAAAFyUgAAAANoAQcKAFzxe1XfuKbX1LsA9PN_vFPjQ-duvBodcsgWMQpEmIapEuxRHmac04bzlKVFfL8ppfkd1fQY7iF6SDhgLgLcDD2tbnc3dp-F8Yy-NJm6Wg_k6FGbn6jaxnR0EPLxTJkCrL5SD9rriorqL1jHghNsFGQeK8BqHg_oX6n9nD7Z9rlOrIZWBAOI_VvkLfEcIf-KjtZ_QnRy56GIngw7rfdBcYeP6ui9pgWGfUDXsXGVVbhr5B9dCD_yDi3NqY_toURO9iZzD_MZbU-wbKnz8hKg3NZ3m9IEKfs2lZy_RsZT0jEl3YiGUk8ghzqgugh2TLwlXCkv6_y5O93chByGFcqZ1XgOpgCqQgoJVW6wpZDffEiFc4JWRWdoPySZd1x9drMqtFtDCAZiugYojWC00e5pJ7Y0nEEKMCf22m5vNNcimHf6ioTyrsOGHqcFKrn3RC74isR19Ebb7Ba5YHFoj4tJZsC13SRFOn2QMYLk6aLugEzJXsa1PSv8RZaEKETgyTvGk6DDBheo1Y24sc5R7771y2FVZRTXjsHMQuEv2kjPl1tge9ypk5ZjWT1XRLciw5Tt7gzEtCsscQOKUZ377tWl6vVuLfmAuk1SendM3FazAhTzKK-uq3rHPnDwFc9bdcehHwg9GjJe_U8IX0ChOO3D8BatVkzkevg6PEaN3OZQ8Hff_wCQTnneDLhenmdv7hs3_j7rmWG4T4pLnz2UQcdPQDwliHGeFEy-WpnWVxt1XxVvFTQsWqMAU0dYcaJjljqF3TK4uqqzaTyxa1vZ4eky8S54G9ONP1pePtyiYZetNNxR-Rtj7v8xn0tgA0Up8OIwA6Fj1bAumvvR4FkG1rQ2Lyk4JzfflypHXgYSkHG_wcR5IPU5PQXuIdLWeOoCR-b928qYqVwtCJx3L6onLhDK3nwOqvO1b74OxGmHfBWBDlFL3vPFKmtTM1nCu823Ee0mgYiNTT0zDcloXRdUgVHsuUlf9LFG_GN9tzHYPO57uYsC1DxTvr_lshHEpfwO3UBvol-LzcGCZ3M142P9Jw
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
sodar2.js
tpc.googlesyndication.com/sodar/ Frame D1D7 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro&bust=31068911
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 12 Aug 2022 04:44:02 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 9639 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 12 Aug 2022 04:44:02 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 772C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220809&jk=718410753625640&bg=!xcalxoLNAAa4hXTbmIU7ACkAdvg8WhfqxCZaJ2zTphLy1dHxqbVpRWjNblW_n5x0iWYqzZZG_Pu8YwIAAAFUUgAAAAVoAQcKAAKJNpkCuZcbaC-Ex17oxQn5Al5_Wkh5MxqW-PsZZatsPhq_RvuAetpCmdneYzvw5o0rxzwz6tXESn16C9vYKl5sySF_RhtPttpQ5zD8T5-k37wZqyuOUNp0NNrxWfXq6JvAiHiiyol0BPTznK9ZNGf-vbMjk72af0VewQ0KAHaiuqOVmkX4qu3Woeg9sHk3_KRxw5EQudF-Y0SkXOy8vKG2QFHxhpCxBVaU_hyNfrVcae9Dw8F1ZMxOlfLtS0zLco2oZdm7VpP6HLoss6GVwi02wKTmhAk3Vlw9gdhcHmuC3U7ArIIK50JYeBIV8OZRZ_SSq9--d-Ll87sLJ2cr0w4K6GrD9ytU5_nPtnjczb5jbjSSgZ4poelqlV9fIMUgcrsbgK_zr8CE-gudGVsp-D-bSS2ZW4ztz_nQZQgOwsmWKdlzwOg8APoCwiBtTpVVCjBbSExLkOFXew1H0GoBuT2kZ4fPW3mBrZVIfEevTuqA2Ubs1WHI-bH3P3ZCQZ3-Dma7fItuvyi5OXdSsoWc9F3p7IbsNVfl4GA_v4vHsIUOdHgheAOjAjfxHP1lSXogJ3MIjpg74Q_NL8IK8dJ4tchhtp7UTOLUjeoXJkMVRkaqZAZybRCReMbyy2ziU6WbW4Rn6WVL4316EtVQAMH0B6ThJ25p9y7CyA6z8YJQL2MjGydG-w9lKMV5HUhA9Dw0utpQ5Pruyn2O-aRjaW-BDEP1pW5TgJxWoOm5_iWFImor_SYiWa3smvZQ9gorGPO5nvc8SvJ9F2soOe97NOdfnBXQyIYVTZqHXFlKtVDBmd4I7LjWTmCzdfwmDcuJgqHLdgb2CujTBwiZodXU_1wWkZzGqPM-wdHX2kwy-TVpE7VfMMTUFuyH3Q7qnn_cP0lmDheHaozTBJhJ6g8yioq9jyAhGBnjQuZ_KPcpkcSnokc
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 68A2 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
44277
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 11 Aug 2022 16:26:05 GMT
expires
Fri, 11 Aug 2023 16:26:05 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js
pagead2.googlesyndication.com/bg/ Frame E8FB 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c5c65b03ca907b7c00d725a83a860c1e4be9d1b970c43b99d025036dc34e81c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 07:40:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
248600
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14139
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 09 Aug 2023 07:40:42 GMT
pixel
cm.g.doubleclick.net/ Frame D779
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEJUmIRGewR8GkQ1HootNU2Q&google_cver=1&google_push=AehlK4Bnqa9CLycvZsdhg7qpf4hv6TS6dotRjIpx74_hOF_Rs-uuX9nZB4...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AehlK4Bnqa9CLycvZsdhg7qpf4hv6TS6dotRjIpx74_hOF_Rs-uuX9nZB4YN_EYMuBJVrFCyLXvaxU-FY55jXPikYonuQirx9iXr&google_hm=-2HsBqsFYpG3...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AehlK4Bnqa9CLycvZsdhg7qpf4hv6TS6dotRjIpx74_hOF_Rs-uuX9nZB4YN_EYMuBJVrFCyLXvaxU-FY55jXPikYonuQirx9iXr&google_hm=-2HsBqsFYpG3LNkN0TiArw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417948&pi=t.ma~as.6208660382&w=300&lmt=1660279441&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1660279440821&bpp=3&bdt=626&idt=287&shv=r20220809&mjsv=m202208090101&ptt=9&saldr=aa&correlator=7089674479857&frm=23&ife=5&pv=1&ga_vid=2117477704.1660279439&ga_sid=1660279439&ga_hid=1055133219&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=914&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068911%2C31062930&oid=2&pvsid=1068919097747722&tmod=471124192&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.nfvot6esipdg&fsb=1&dtd=298
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AehlK4Bnqa9CLycvZsdhg7qpf4hv6TS6dotRjIpx74_hOF_Rs-uuX9nZB4YN_EYMuBJVrFCyLXvaxU-FY55jXPikYonuQirx9iXr&google_hm=-2HsBqsFYpG3LNkN0TiArw
pragma
no-cache
date
Fri, 12 Aug 2022 04:44:02 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
466606.gif
id.rlcdn.com/ Frame D779 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/466606.gif?cparams=google_push%3DAehlK4AdI8pxsfMoru93tDVmr5LSFSM0IkHWh1CXaPBFv_YodOTjSv3_J9X8p8YpCNQ7Nfmp7A6B6hw8fykJTU8zJBw-XvsMK3w&google_gid=CAESECZewzW-kdFjHmkGejJqJvc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417948&pi=t.ma~as.6208660382&w=300&lmt=1660279441&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1660279440821&bpp=3&bdt=626&idt=287&shv=r20220809&mjsv=m202208090101&ptt=9&saldr=aa&correlator=7089674479857&frm=23&ife=5&pv=1&ga_vid=2117477704.1660279439&ga_sid=1660279439&ga_hid=1055133219&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=914&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068911%2C31062930&oid=2&pvsid=1068919097747722&tmod=471124192&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.nfvot6esipdg&fsb=1&dtd=298
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:02 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
dds
rtb.openx.net/sync/ Frame D779 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEH42-S2n4-4jqYzc6RvW9S4&google_cver=1&google_push=AehlK4DTHe9e4uEEw1SM7RC3FnrzOTgRqFFjE2v-1K_OKnFyJn0-HZXoGkXPx70Vx_9INtmqJgzvSpdRwpN9T3Nw3Bu_OnO9rbc
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417948&pi=t.ma~as.6208660382&w=300&lmt=1660279441&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1660279440821&bpp=3&bdt=626&idt=287&shv=r20220809&mjsv=m202208090101&ptt=9&saldr=aa&correlator=7089674479857&frm=23&ife=5&pv=1&ga_vid=2117477704.1660279439&ga_sid=1660279439&ga_hid=1055133219&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=914&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068911%2C31062930&oid=2&pvsid=1068919097747722&tmod=471124192&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.nfvot6esipdg&fsb=1&dtd=298
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:01 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
u8t0daohdt627j2mgbl1m6j412oaa1ai
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame D779 		0
41 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEHj81avaMCn5IZ2OCgGOfDI&google_cver=1&google_push=AehlK4AT07eKJ4peGXD7jMKThdT2i2Pz2xu3rqb74Ejar9kPWhN_zD5F1DS-kbjTMzycmF5AFZa_8jXl1AInoEdK2LJwc93TJDeX
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417948&pi=t.ma~as.6208660382&w=300&lmt=1660279441&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1660279440821&bpp=3&bdt=626&idt=287&shv=r20220809&mjsv=m202208090101&ptt=9&saldr=aa&correlator=7089674479857&frm=23&ife=5&pv=1&ga_vid=2117477704.1660279439&ga_sid=1660279439&ga_hid=1055133219&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=914&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068911%2C31062930&oid=2&pvsid=1068919097747722&tmod=471124192&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.nfvot6esipdg&fsb=1&dtd=298
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame D779
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEH9w_mGwe5QdVYu5Sw87G0I&google_cver=1&google_push=AehlK4D03ODvaOybsjBj9OrEg5S3WwYHDU_bnb_FQeFmhqIelQvArkVuDtiFtV4JUYpH57m6b6a...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZQWklIMDktSi00S1dG&google_push=AehlK4D03ODvaOybsjBj9OrEg5S3WwYHDU_bnb_FQeFmhqIelQvArkVuDtiFtV4JUYpH57m6b6aP8JMy4A_tvpQDC9XkJC11k5UH
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZQWklIMDktSi00S1dG&google_push=AehlK4D03ODvaOybsjBj9OrEg5S3WwYHDU_bnb_FQeFmhqIelQvArkVuDtiFtV4JUYpH57m6b6aP8JMy4A_tvpQDC9XkJC11k5UH
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417948&pi=t.ma~as.6208660382&w=300&lmt=1660279441&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1660279440821&bpp=3&bdt=626&idt=287&shv=r20220809&mjsv=m202208090101&ptt=9&saldr=aa&correlator=7089674479857&frm=23&ife=5&pv=1&ga_vid=2117477704.1660279439&ga_sid=1660279439&ga_hid=1055133219&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=914&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068911%2C31062930&oid=2&pvsid=1068919097747722&tmod=471124192&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.nfvot6esipdg&fsb=1&dtd=298
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZQWklIMDktSi00S1dG&google_push=AehlK4D03ODvaOybsjBj9OrEg5S3WwYHDU_bnb_FQeFmhqIelQvArkVuDtiFtV4JUYpH57m6b6aP8JMy4A_tvpQDC9XkJC11k5UH
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Expires
0
pixel
cm.g.doubleclick.net/ Frame D779
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELf1ITfet1dn7EA3YNlnV2I&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELf1ITfet1dn7EA3YNlnV2I&google_hm=YvXakKiDGI75kSTold2WjQAABHgAAAIB&google_nid=index&google_push=AehlK4AqufdTMyM48Im1sVAgCumqOkxDZsxFT...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELf1ITfet1dn7EA3YNlnV2I&google_hm=YvXakKiDGI75kSTold2WjQAABHgAAAIB&google_nid=index&google_push=AehlK4AqufdTMyM48Im1sVAgCumqOkxDZsxFTmvO18M1mKzo7O9ixxkDfXSghDSy7bAznIM-5u4JhgtEqz8zFvM9lAkB1D2Ei7k
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417948&pi=t.ma~as.6208660382&w=300&lmt=1660279441&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1660279440821&bpp=3&bdt=626&idt=287&shv=r20220809&mjsv=m202208090101&ptt=9&saldr=aa&correlator=7089674479857&frm=23&ife=5&pv=1&ga_vid=2117477704.1660279439&ga_sid=1660279439&ga_hid=1055133219&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=914&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068911%2C31062930&oid=2&pvsid=1068919097747722&tmod=471124192&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.nfvot6esipdg&fsb=1&dtd=298
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fOCBFZBjmOfCmv9et4rIhNF17TkoL%2Bja2pUSxsPTcvQ7essa%2B8wDTkwOMP3Tl9YbGOCz19GKFX1Iu%2FVeg9N3z%2FcanszQKThhc1%2BDxq6sn4QqnXyykkZT%2BQRKZmadfraNTzl5H6J59xFHYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELf1ITfet1dn7EA3YNlnV2I&google_hm=YvXakKiDGI75kSTold2WjQAABHgAAAIB&google_nid=index&google_push=AehlK4AqufdTMyM48Im1sVAgCumqOkxDZsxFTmvO18M1mKzo7O9ixxkDfXSghDSy7bAznIM-5u4JhgtEqz8zFvM9lAkB1D2Ei7k
cache-control
no-cache
cf-ray
73968db5bbfd72f7-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame D779
Redirect Chain
  • https://ag.innovid.com/trk?tid=11711&google_gid=CAESEDTn3M2_hxS3E3PVK04r81Y&google_cver=1&google_push=AehlK4Cyq4DAMUBrgczABYTOpAir-l-F9oEMKMi2iGxp04VDmYgZt6rgYfEL9AMKtgofmw7N8bKGwA-xcuvQDlPPr2MRxxF...
  • https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AehlK4Cyq4DAMUBrgczABYTOpAir-l-F9oEMKMi2iGxp04VDmYgZt6rgYfEL9AMKtgofmw7N8bKGwA-xcuvQDlPPr2MRxxFG-Tj4&google_hm=mB1xi_olTX2YG8cQ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AehlK4Cyq4DAMUBrgczABYTOpAir-l-F9oEMKMi2iGxp04VDmYgZt6rgYfEL9AMKtgofmw7N8bKGwA-xcuvQDlPPr2MRxxFG-Tj4&google_hm=mB1xi_olTX2YG8cQtqyJdg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417948&pi=t.ma~as.6208660382&w=300&lmt=1660279441&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1660279440821&bpp=3&bdt=626&idt=287&shv=r20220809&mjsv=m202208090101&ptt=9&saldr=aa&correlator=7089674479857&frm=23&ife=5&pv=1&ga_vid=2117477704.1660279439&ga_sid=1660279439&ga_hid=1055133219&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=914&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068911%2C31062930&oid=2&pvsid=1068919097747722&tmod=471124192&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.nfvot6esipdg&fsb=1&dtd=298
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AehlK4Cyq4DAMUBrgczABYTOpAir-l-F9oEMKMi2iGxp04VDmYgZt6rgYfEL9AMKtgofmw7N8bKGwA-xcuvQDlPPr2MRxxFG-Tj4&google_hm=mB1xi_olTX2YG8cQtqyJdg
pragma
no-cache
date
Fri, 12 Aug 2022 04:44:02 GMT
cache-control
no-cache
content-length
0
request-time
2
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame D779 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IPF0Enj_2SLMUu8XEa-Iioo0Fy0_LjZxtrHAujkc1lcJqUOHS0_sCI0WE9d3WjDRtmgjqu
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417948&pi=t.ma~as.6208660382&w=300&lmt=1660279441&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1660279440821&bpp=3&bdt=626&idt=287&shv=r20220809&mjsv=m202208090101&ptt=9&saldr=aa&correlator=7089674479857&frm=23&ife=5&pv=1&ga_vid=2117477704.1660279439&ga_sid=1660279439&ga_hid=1055133219&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=914&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068911%2C31062930&oid=2&pvsid=1068919097747722&tmod=471124192&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.nfvot6esipdg&fsb=1&dtd=298
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:02 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js
pagead2.googlesyndication.com/bg/ Frame 51E5 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c5c65b03ca907b7c00d725a83a860c1e4be9d1b970c43b99d025036dc34e81c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 07:40:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
248600
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14139
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 09 Aug 2023 07:40:42 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CF54 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
39012
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 11 Aug 2022 17:53:50 GMT
expires
Fri, 11 Aug 2023 17:53:50 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 4CF5 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
24f8dcd7d7325228f8445b12572d027d0c54057c2a518030b4c83626141cef21
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-gdpcQcDL3p2YMWTdWVwFTA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-gdpcQcDL3p2YMWTdWVwFTA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 12 Aug 2022 04:44:02 GMT
expires
Fri, 12 Aug 2022 04:44:02 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js
pagead2.googlesyndication.com/bg/ Frame 68A2 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c5c65b03ca907b7c00d725a83a860c1e4be9d1b970c43b99d025036dc34e81c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 07:40:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
248600
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14139
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 09 Aug 2023 07:40:42 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9328 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
39012
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 11 Aug 2022 17:53:50 GMT
expires
Fri, 11 Aug 2023 17:53:50 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 1BCA 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
06d06cc73e18eb26f24f33bd6c66f4901a08ff7c12c119338f20d24a40fcd872
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-odkA8HUI6ntlB4kkmUvCiw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-odkA8HUI6ntlB4kkmUvCiw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 12 Aug 2022 04:44:02 GMT
expires
Fri, 12 Aug 2022 04:44:02 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
um
u-ams02.e-planning.net/ Frame 5213 		42 B
103 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u-ams02.e-planning.net/um?dc=3ab023ac29ea5990&fi=43a10520d0702469&uid=f480e52263601e65ea80c40c597af449
Requested by
Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3ab023ac29ea5990%26fi%3D43a10520d0702469%26uid%3D%7B%7BVID%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.249 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://vid.vidoomy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-type
image/gif
date
Fri, 12 Aug 2022 04:44:02 GMT
server
openresty
styles.css
s0.2mdn.net/sadbundle/1959314168492866429/ Frame B546 		1 KB
520 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/1959314168492866429/styles.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1959314168492866429/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93dd9bdfb4786776e0be67aeb0f1bd07f2c8164d05c859888ea58aa5130afb2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1959314168492866429/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 12:55:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
229694
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
491
x-xss-protection
0
last-modified
Tue, 09 Aug 2022 12:43:28 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Aug 2023 12:55:48 GMT
tweenmax_1.19.0_643d6911392a3398cb1607993edabfa7_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame B546 		109 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.19.0_643d6911392a3398cb1607993edabfa7_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1959314168492866429/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
36c0ec05d79bd9d3164effc3eca0f1962cd6f82bb1f41cb212e080910be24153
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1959314168492866429/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37530
x-xss-protection
0
last-modified
Tue, 06 Sep 2016 20:51:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 Aug 2022 04:44:02 GMT
main.js
s0.2mdn.net/sadbundle/1959314168492866429/ Frame B546 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/1959314168492866429/main.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1959314168492866429/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69441dcfb941a2e5b4ad898b22589d40edf42108aca20e07799d4ec0668536eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1959314168492866429/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 12:55:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
229694
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2182
x-xss-protection
0
last-modified
Tue, 09 Aug 2022 12:43:28 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Aug 2023 12:55:48 GMT
styles.css
s0.2mdn.net/sadbundle/17540355389342664024/ Frame 7F0B 		1 KB
524 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17540355389342664024/styles.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17540355389342664024/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e3d912ca3f1497bd7a00e7044519bfa14d184b7ea37d2010e2e42de8f0933b00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17540355389342664024/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 12:56:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
229625
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
495
x-xss-protection
0
last-modified
Tue, 09 Aug 2022 12:44:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Aug 2023 12:56:57 GMT
tweenmax_1.19.0_643d6911392a3398cb1607993edabfa7_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 7F0B 		109 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.19.0_643d6911392a3398cb1607993edabfa7_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17540355389342664024/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
36c0ec05d79bd9d3164effc3eca0f1962cd6f82bb1f41cb212e080910be24153
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17540355389342664024/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37530
x-xss-protection
0
last-modified
Tue, 06 Sep 2016 20:51:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 Aug 2022 04:44:02 GMT
main.js
s0.2mdn.net/sadbundle/17540355389342664024/ Frame 7F0B 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17540355389342664024/main.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17540355389342664024/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69441dcfb941a2e5b4ad898b22589d40edf42108aca20e07799d4ec0668536eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17540355389342664024/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 12:56:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
229625
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2182
x-xss-protection
0
last-modified
Tue, 09 Aug 2022 12:44:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Aug 2023 12:56:57 GMT
1657637830060.css
s0.2mdn.net/sadbundle/10562741012611280829/ Frame DD8C 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/10562741012611280829/1657637830060.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10562741012611280829/index.html?e=69&leftOffset=0&topOffset=0&c=3AyXPlNykl&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
270eaafe105c00067ea41fdb126bb391b1d3c647a9dc2866be1a0ca539d6733f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10562741012611280829/index.html?e=69&leftOffset=0&topOffset=0&c=3AyXPlNykl&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 07:06:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
77870
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2354
x-xss-protection
0
last-modified
Thu, 21 Jul 2022 07:05:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 11 Aug 2023 07:06:12 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame DD8C 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10562741012611280829/index.html?e=69&leftOffset=0&topOffset=0&c=3AyXPlNykl&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10562741012611280829/index.html?e=69&leftOffset=0&topOffset=0&c=3AyXPlNykl&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 07:12:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
77474
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 Aug 2022 07:12:48 GMT
1657637830060.js
s0.2mdn.net/sadbundle/10562741012611280829/ Frame DD8C 		34 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/10562741012611280829/1657637830060.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10562741012611280829/index.html?e=69&leftOffset=0&topOffset=0&c=3AyXPlNykl&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a48498f5db8ae8a7624a0150932e184eb1de17b6e2407d237aba929a60102ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10562741012611280829/index.html?e=69&leftOffset=0&topOffset=0&c=3AyXPlNykl&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 07:06:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
77870
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11484
x-xss-protection
0
last-modified
Thu, 21 Jul 2022 07:05:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 11 Aug 2023 07:06:12 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 7500 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuEmsL99LnCHiftHJOGiBCrkgPiS1Sx-ehCX_cHF0FLUzesssTSGbZbXLN0n2TzaBRLcwzsHWdJyoF1lbRMFFntF47ym-jyENExK7m9cH5FJSM_LTsESc7IhD0icEM7Vn1UgrdFdmcnz4Hz&sai=AMfl-YR0ACi72ifH5sHjLY-2k7vIzY1ZwluSPaIL0L1TPWeOFSCRq-3CMpr7-MRu326pH0vDCM1Jswy02q0zSyUUzS9P3eQdPehHXtg&sig=Cg0ArKJSzDyIMxDGAl2sEAE&cid=CAASEuRoBZ5XTc4hrxTHZryz2UFiwg&id=lidar2&mcvt=1032&p=0,0,90,728&mtos=1032,1032,1032,1032,1032&tos=1032,0,0,0,0&v=20220810&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3481491427&rs=2&la=0&cr=0&vs=4&r=v&rst=1660279441044&rpt=881&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 1E7B 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CK6UTBCgoVkYoduQrQEwAQ&v=APEucNUcWc1qTZu7zxtqEyDANCg42MwLXGfz2oPx1Ys5ifrQB75Qe8lDdCGmUiQEBASAQlG65UD88fyS6VEEDXNsGM7SZHr5Gg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155820292&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1660279441768&bpp=5&bdt=108&idt=211&shv=r20220809&mjsv=m202208080101&ptt=5&saldr=sa&correlator=7012374508926&frm=8&ife=1&pv=2&ga_vid=512157470.1660279442&ga_sid=1660279442&ga_hid=1939227915&ga_fc=0&nhd=2&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=450867083&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31064018&oid=2&pvsid=1101300467501551&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.xk6nio62alsx&fsb=1&dtd=221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155820292&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1660279441768&bpp=5&bdt=108&idt=211&shv=r20220809&mjsv=m202208080101&ptt=5&saldr=sa&correlator=7012374508926&frm=8&ife=1&pv=2&ga_vid=512157470.1660279442&ga_sid=1660279442&ga_hid=1939227915&ga_fc=0&nhd=2&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=450867083&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31064018&oid=2&pvsid=1101300467501551&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.xk6nio62alsx&fsb=1&dtd=221
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Aug 2022 04:44:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame A448 		62 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BjTIP81iiS_TcbxAE1QJWmC0zh4jNZOnxp1caKulNwq-YiKc--4jKFN689p9lv_MzCIr7dng70tvqDe8FbnXF9zCu_Rt5jnHDM76klklZnBdPgAVXtx3l92OXCeG-guUKUuVtihOQYkuIJJwuN-oXR6gOHUA&cry=1&dbm_d=AKAmf-DqUSElatQF04SSpYDBDVGYQp1FhHFVdzvSzuY3u3QWOZaNDdjp5N8lj2-rH32Q4SIP5nLnAd_xJROOddbLPOCL5WzZ8NVEVyfUQen64FBA_3IuQvMgn6c3Ozo3cjw1xE1D6hH7Oggv_sVMpcJzyGXWFtGNwbiJ-ZW-Icyk2GkwZn-19YnvRXN7zE1HOyLVexYZEzbgKpfF-L8V6Vziiu9aOWpfPZYjklNpWsLhbC9wsCJ_Plob_jdde89-eYhRaUzrZ4okqV7TqQD3UVMjspCkrvhr8aEKTZCcV7ILxpr1mf7IdpD6LbsNyhXbd9R2hjSs9v4sgdyfFcZW0IN7MYZQlvEmK4REh8jCpuARSltHV_wyonx3dDUpssNfeG1bDFDibqnvhYmCM7EJ9_o9jDerdqHPnTO3C_lJKQ1AvVp-Ar_ekLcuw0mgp5Qvw2i0zCHE3wdAJScP47BIYxYkMz3qLkiJ9Yg8wOJhWHkxB4gV9k1_MtuvE4ix9HF6MX_YNYcJ_udeH7-C7f6OdJtXFcA4uS6rR9cMAo-isCRGE_lGY0jSw_VbMdFRDARsutQM6QiyVS2o3SLVUH8hqhZxGYm9pb8aMTHyLWkuRKfYlroQ-ukSpjhJskRni6em3ocM9YKzF6-sdX00dQ1geFt3Jsx1FWqyZAymRFORVwvAi-hXfLQrUM9z6j8YTZoe3q55f4B3lSzD-urhW1wiQVOpND8WrgdlyS3xQBs370fz53P5ptRCd33laJgxwSC8GIF0suTd75EK4pQNEuyEISZgUKPtw_8gOg2uT62iZONxQV11TNq6WXg8MBHrAz7PQDyAWlsA7hkrt-8TDOXppo-sPryj6cX3psztARi7Th0weyI0YpZC15EsdWVSSBq4AosX9_xFWS_TD4dg5dV6WuT-YJmuKKwLflODKEdZVnAh5H4a09TRhRSSSRZruofh2WmMrp5D55LoAbrCYNQEJ-C1fVB-mBmOZKBG7E3Pv0aNhRJ0vSaC6JcrmSNaLb6QffUqOD4bRxcxzUVoAAdXpY-oBsM7qe3idRC4kI_leaSgwSnik-W2GCZQV_CqeWWkID_t-5lj8ANOYJFz6G9kBt0I0DjtT1one5q92XSUU7PwEVpfWOCA8m1QL5Q1qh_mg1gFfOHK4hmLzBqlsCzHZ__G9lsJnAf-kKi6YNjaeW0h37IsbSPdey9ISbhzBpG7F0FEru0GRKpdyP6NZ45kJK6ABpa2smcgivd3JLlw3PY9TmzBm9MJT3u_u-dMQ_6fdxxN-k2ooGtkvH2HpDoQ7drE9wHCblIPgk9HD_O039hTLrWCzxouoEjHWFMJe7iGlG9XWeqpXHPvcCrVnf6DK9sjnRspei3LxqXUaOUvgfokBqUK9Jm4UJlmiurQjMgIJh1sFbR-mKlbxuU_oxkFRIzWgqWt6J8Oix5To0Tcw4frNijCO9NXOPkpnJrzaT0BqNB8EC3KQTp-4295bzO_UQdyokKN_WQ8RQ0Ifl570rlZejEbxYWQwz762afPJ4bzmtWZBguCRxTVmdLjYNPyZ-I5RnEgh_KysREr3IIda9NUppKQVwPRkFRdFAHZK4f-NEi9WIi9ibkOi4WQ7ddVpPsFQXLuk-Sdb13FNXyLWtxjcBJJXdNNy8Bh6WJtzY3gRkaOcMf25-HiwF1-W9lLlAAlwcliKsQVO2PyRT-7VdfU3R-Z2FhDthGpsAX5Q_t83ioKe3puqgEeh_5kjy8BihtYYxyVsRwOKlVWCi5SspGfHtSfUDJ_BgW8CHM6F9sxRvn_opK6MPmesyQH1CoNaeJ46MX7YvTN5k3JC-0TdRBbsRjF2_5hIxkraBCSDYLb9f_R1Z-Q9OHHPwOgKnakjqlAFQEhTKH7-jtv1_0fFLay0vkqCMV2qFCjd_VkRPUQRK2ahk3uYqnGgpKacyReHG3hEXOaS4Zi5pFYgV_RlK4Zcd8NPp-eQ3mV7ECoGdZXKGQKq8-9xJWZqeEcozT5zeMYp8DY8e5MQLOO87WWei_JPPhb8j0qoiA_YoUnrOAO1L-OHuVExbPLYQo1qp2cWFRM9CREuBkCcUTWJM3-gtNQxeBKH7j4w9FquiOQgRLiXiDGhOh_tJ7xE5ca4L4CHGVkqBuDqiVTHjDZiVYvPAaNmuXaQdF1Qsvj6zvzfMrUlIdUOLN_4Ttt29BxcE90zLQaqJLs_lj2Pz8C-Xso4gw9ixrJ8paAlgKfKs_s5bcqz93LOpZ5ac5zTterAi_19fY-i8I3ILrQMaeK4oif-Xwhc_EsjBvcUmVNl1xtR5KZdwZpse-_-u8Jc2ut9wJYdCCTTQQc1hlTLLzXGrRanZze3jxrWmYPOoscEiKrvM5Jt8iCTXoL9hotP3cIirOFhxsEnBq8A1Gb51Uw3jB4EVx52xOWirrmQf1zb_-eUV7N1IAfzA_AEJDYZ-Sg0LH8CefG-zcTpPnFIGTCSFDfZYMk5DNIPHAp2Him8tgzUOgwT_oKP7kA_XNbOEtvozQ9860Hmrz7cx3C5UPfJmjUXJw01dd1WCaBc6zmdb2KNKBxVKUzSgfA3F1-RBZnvZKXLn2YvZuBHDWQxKcKdzwGPpTmkuXgYt9ilCmmZBLx1oQsS4071A3PsEL3XBLrq2CuK55qeGv3GTIowRByZqrQF5Xx5UsG-rTEHjEHSKP6uDGA_UZBVBULLp_bnkiKZce7P5RUUCiE8hF3A1BjMRa0wc95u-aDAkRtA6RY7WpoQH8246uKFVLz6suHyFUu-hGi_2ULN-El7ZqfDSEYjW4FJTQFeV1zWg0kd_w0jNocTCtxb3PZTTi53WcSwh9M28uXdaJE18RyQXdVCevSdL3YsUq6zcxx7hy6nrbL-0I6yZxfgaH65fEwh7YKRThWhhoJoPPcQ7caXq0cMoXHHdFY9BKnkSPiXa0S_qvHxNAlRoDJCqcyIdKJ1nDY1BK0fVd0fEaloDC4BEV6cNPVpBO-90keRd8p08bQoY0dWl-jpCr6ieKx4kgrVw0X06i_H965rnXnd2WbhJm1ytJ8vB19G7E48IugbU44GAy9Tu51VQUvyP84H-DGTAlLqqck7BTIhxriyx_IB2CZnoOfmbh2ph2Lkm3rau040xQREBzOjcRSnZ-idOoYyszL8eHoc4naGGFgZEATMkpXopjawTtOD2ZfUJcvE4mxixWeYfqViloJKtpg0rL95Sp_3ViTtygdt7GF9u_35R4MNxsGHSZlMjSK1RVBGsBH7j8HfZ15hyOdlYKL5SbNoJxdvpNlF228BSAKqf-uwMSbICZ5l4kGnk_zRy0g2STWuoVDICmuqpYTI_SG_rgQemuZRWHPz3kiCDaxzbAmsc9Srg&cid=CAASEuRoWG6bghlOciiMvikgEpymyA&rfl=4%2Chttp%253A%252F%252Fzdorovia.com.ua%242%2C%2Chttps%253A%252F%252Ffile.adpartner.pro%252F%240
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
721f53266e5db5f999da58d4d77a0171169b23d3566c4d0a128996e86402a5d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155820292&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1660279441768&bpp=5&bdt=108&idt=211&shv=r20220809&mjsv=m202208080101&ptt=5&saldr=sa&correlator=7012374508926&frm=8&ife=1&pv=2&ga_vid=512157470.1660279442&ga_sid=1660279442&ga_hid=1939227915&ga_fc=0&nhd=2&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=450867083&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31064018&oid=2&pvsid=1101300467501551&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.xk6nio62alsx&fsb=1&dtd=221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:03 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31192
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame A448 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155820292&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1660279441768&bpp=5&bdt=108&idt=211&shv=r20220809&mjsv=m202208080101&ptt=5&saldr=sa&correlator=7012374508926&frm=8&ife=1&pv=2&ga_vid=512157470.1660279442&ga_sid=1660279442&ga_hid=1939227915&ga_fc=0&nhd=2&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=450867083&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31064018&oid=2&pvsid=1101300467501551&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.xk6nio62alsx&fsb=1&dtd=221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:34:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
566
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Aug 2022 04:34:37 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A448 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155820292&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1660279441768&bpp=5&bdt=108&idt=211&shv=r20220809&mjsv=m202208080101&ptt=5&saldr=sa&correlator=7012374508926&frm=8&ife=1&pv=2&ga_vid=512157470.1660279442&ga_sid=1660279442&ga_hid=1939227915&ga_fc=0&nhd=2&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=450867083&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31064018&oid=2&pvsid=1101300467501551&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.xk6nio62alsx&fsb=1&dtd=221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44015
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1660137096112928"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 12 Aug 2022 04:44:03 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame A448 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155820292&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1660279441768&bpp=5&bdt=108&idt=211&shv=r20220809&mjsv=m202208080101&ptt=5&saldr=sa&correlator=7012374508926&frm=8&ife=1&pv=2&ga_vid=512157470.1660279442&ga_sid=1660279442&ga_hid=1939227915&ga_fc=0&nhd=2&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=450867083&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31064018&oid=2&pvsid=1101300467501551&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.xk6nio62alsx&fsb=1&dtd=221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:25:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1124
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Aug 2022 04:25:19 GMT
l
www.google.com/ads/measurement/ Frame A448 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT5R3m_ikI5-PY9Ofa9L5xJh0uIqW8qLtNpDbkm-HhCBaCbledXB0aW66zXyYFDpDxiXO-421UEvm-LMpTOXXuCHDCSOw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155820292&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1660279441768&bpp=5&bdt=108&idt=211&shv=r20220809&mjsv=m202208080101&ptt=5&saldr=sa&correlator=7012374508926&frm=8&ife=1&pv=2&ga_vid=512157470.1660279442&ga_sid=1660279442&ga_hid=1939227915&ga_fc=0&nhd=2&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=450867083&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31064018&oid=2&pvsid=1101300467501551&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.xk6nio62alsx&fsb=1&dtd=221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame A448 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AGnHhHlTVpPg--e7P0QtuPZTCMpbaJujoBkOQLnWGytAQKSTsEXcsL2BfRGmXHhoclYB-97cxCi3eB20eGDujjgGA6usrNDjkMRCMHRsmrSX7Bbxs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155820292&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1660279441768&bpp=5&bdt=108&idt=211&shv=r20220809&mjsv=m202208080101&ptt=5&saldr=sa&correlator=7012374508926&frm=8&ife=1&pv=2&ga_vid=512157470.1660279442&ga_sid=1660279442&ga_hid=1939227915&ga_fc=0&nhd=2&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=450867083&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31064018&oid=2&pvsid=1101300467501551&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.xk6nio62alsx&fsb=1&dtd=221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
u-ams02.e-planning.net/ Frame DB9D 		42 B
103 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u-ams02.e-planning.net/um?dc=3ab023ac29ea5990&fi=43a10520d0702469&uid=f66c2b0869940a26a878505394b8e720
Requested by
Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3ab023ac29ea5990%26fi%3D43a10520d0702469%26uid%3D%7B%7BVID%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.249 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://vid.vidoomy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-type
image/gif
date
Fri, 12 Aug 2022 04:44:03 GMT
server
openresty
sodar
pagead2.googlesyndication.com/pagead/ Frame 4CF5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220809&jk=2581001340955888&rc=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 1BCA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220809&jk=1938943004259031&rc=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
bg1.jpg
s0.2mdn.net/sadbundle/1959314168492866429/ Frame B546 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1959314168492866429/bg1.jpg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417948&pi=t.ma~as.6208660382&w=300&lmt=1660279441&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1660279440821&bpp=3&bdt=626&idt=287&shv=r20220809&mjsv=m202208090101&ptt=9&saldr=aa&correlator=7089674479857&frm=23&ife=5&pv=1&ga_vid=2117477704.1660279439&ga_sid=1660279439&ga_hid=1055133219&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=914&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068911%2C31062930&oid=2&pvsid=1068919097747722&tmod=471124192&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.nfvot6esipdg&fsb=1&dtd=298
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
954557dd5c5519ab1fc213c8bb174ca27b75396c072a142fe06770b828f299b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1959314168492866429/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 12:55:49 GMT
x-content-type-options
nosniff
age
229694
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37222
x-xss-protection
0
last-modified
Tue, 09 Aug 2022 12:43:28 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Aug 2023 12:55:49 GMT
b1.png
s0.2mdn.net/sadbundle/1959314168492866429/ Frame B546 		454 B
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1959314168492866429/b1.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417948&pi=t.ma~as.6208660382&w=300&lmt=1660279441&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1660279440821&bpp=3&bdt=626&idt=287&shv=r20220809&mjsv=m202208090101&ptt=9&saldr=aa&correlator=7089674479857&frm=23&ife=5&pv=1&ga_vid=2117477704.1660279439&ga_sid=1660279439&ga_hid=1055133219&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=914&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068911%2C31062930&oid=2&pvsid=1068919097747722&tmod=471124192&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.nfvot6esipdg&fsb=1&dtd=298
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b5db3bb38bd76da9e83a688bdcc8001ea36d2d9721b598c01e8e1c3a5325e6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1959314168492866429/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 12:55:49 GMT
x-content-type-options
nosniff
age
229694
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
454
x-xss-protection
0
last-modified
Tue, 09 Aug 2022 12:43:28 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Aug 2023 12:55:49 GMT
h1.png
s0.2mdn.net/sadbundle/1959314168492866429/ Frame B546 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1959314168492866429/h1.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417948&pi=t.ma~as.6208660382&w=300&lmt=1660279441&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1660279440821&bpp=3&bdt=626&idt=287&shv=r20220809&mjsv=m202208090101&ptt=9&saldr=aa&correlator=7089674479857&frm=23&ife=5&pv=1&ga_vid=2117477704.1660279439&ga_sid=1660279439&ga_hid=1055133219&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=914&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068911%2C31062930&oid=2&pvsid=1068919097747722&tmod=471124192&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.nfvot6esipdg&fsb=1&dtd=298
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
00215534b8bfbee85755fa9aa4a9b6991284de6c25528d09fa2bb7298a2b0519
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1959314168492866429/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 12:55:49 GMT
x-content-type-options
nosniff
age
229694
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13570
x-xss-protection
0
last-modified
Tue, 09 Aug 2022 12:43:28 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Aug 2023 12:55:49 GMT
h2.png
s0.2mdn.net/sadbundle/1959314168492866429/ Frame B546 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1959314168492866429/h2.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417948&pi=t.ma~as.6208660382&w=300&lmt=1660279441&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1660279440821&bpp=3&bdt=626&idt=287&shv=r20220809&mjsv=m202208090101&ptt=9&saldr=aa&correlator=7089674479857&frm=23&ife=5&pv=1&ga_vid=2117477704.1660279439&ga_sid=1660279439&ga_hid=1055133219&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=914&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068911%2C31062930&oid=2&pvsid=1068919097747722&tmod=471124192&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.nfvot6esipdg&fsb=1&dtd=298
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e1bdf6f2f0ae6db22067d27ff6560f2720ea2cddcbe953d4e317d2e7e8b17328
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1959314168492866429/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 12:55:49 GMT
x-content-type-options
nosniff
age
229694
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11140
x-xss-protection
0
last-modified
Tue, 09 Aug 2022 12:43:28 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Aug 2023 12:55:49 GMT
h3.png
s0.2mdn.net/sadbundle/1959314168492866429/ Frame B546 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1959314168492866429/h3.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417948&pi=t.ma~as.6208660382&w=300&lmt=1660279441&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1660279440821&bpp=3&bdt=626&idt=287&shv=r20220809&mjsv=m202208090101&ptt=9&saldr=aa&correlator=7089674479857&frm=23&ife=5&pv=1&ga_vid=2117477704.1660279439&ga_sid=1660279439&ga_hid=1055133219&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=914&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068911%2C31062930&oid=2&pvsid=1068919097747722&tmod=471124192&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.nfvot6esipdg&fsb=1&dtd=298
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d257e529cf82beeb2dce7c62b7f7deb6747384677d1f4b5ff6e7c7936278e717
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1959314168492866429/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 12:55:49 GMT
x-content-type-options
nosniff
age
229694
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2211
x-xss-protection
0
last-modified
Tue, 09 Aug 2022 12:43:28 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Aug 2023 12:55:49 GMT
cta.png
s0.2mdn.net/sadbundle/1959314168492866429/ Frame B546 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1959314168492866429/cta.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417948&pi=t.ma~as.6208660382&w=300&lmt=1660279441&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1660279440821&bpp=3&bdt=626&idt=287&shv=r20220809&mjsv=m202208090101&ptt=9&saldr=aa&correlator=7089674479857&frm=23&ife=5&pv=1&ga_vid=2117477704.1660279439&ga_sid=1660279439&ga_hid=1055133219&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=914&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068911%2C31062930&oid=2&pvsid=1068919097747722&tmod=471124192&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.nfvot6esipdg&fsb=1&dtd=298
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33ac7c2a73fd64b2ea828e6a46e26d79a25439d11db5cf50b532af5697ff85d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1959314168492866429/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 12:55:49 GMT
x-content-type-options
nosniff
age
229694
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1527
x-xss-protection
0
last-modified
Tue, 09 Aug 2022 12:43:28 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Aug 2023 12:55:49 GMT
logo.png
s0.2mdn.net/sadbundle/1959314168492866429/ Frame B546 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1959314168492866429/logo.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417948&pi=t.ma~as.6208660382&w=300&lmt=1660279441&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1660279440821&bpp=3&bdt=626&idt=287&shv=r20220809&mjsv=m202208090101&ptt=9&saldr=aa&correlator=7089674479857&frm=23&ife=5&pv=1&ga_vid=2117477704.1660279439&ga_sid=1660279439&ga_hid=1055133219&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=914&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068911%2C31062930&oid=2&pvsid=1068919097747722&tmod=471124192&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.nfvot6esipdg&fsb=1&dtd=298
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
57c6676f4aae666c5dd775495b931dbcee43f6c3b09f2fb7cf07b108a445d4a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1959314168492866429/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 12:55:49 GMT
x-content-type-options
nosniff
age
229694
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1159
x-xss-protection
0
last-modified
Tue, 09 Aug 2022 12:43:28 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Aug 2023 12:55:49 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 98AD 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv_ft-Vtw244JJKmG6Z2xAHF4ay1cwJLOqXK7qC3FKb2rG5SqAxhOQtYl_p13-5XUhTLBV1sqF-n9IWM9HQCnYocsXVouZuqbRZ9Y4bUbb69lOgC79jkgIgkkpFCvhL1QLZin70esw9drbOczuM-EFh3p-TxYnwPSv_yPI1_03J6qTf1GLAGcPYbXisoRWc0XnCmaqM8rDeVzf1JKjJGzbI6vw4XlkdYcD11PsnG380ca1OfN0EJqLcYmmbwM2TkYTTIOH8nJwSR4JMlfScmB4W6kVSHBcghthKNS-Kd8zVbqBFPxL1rDyh4KfVMjUlG-T53XVnRYTog4M9AZJT2qapOap9PSo5opXFZif43tMKh4Rf3sa9CGpoECQ91EJrBRJlXyvEAH4CunA_dDGBI8PRABGg5hN2m3XUN6h5-TiXdCHsHpG1n0ttBO8gcXsHsiQZQ4B88RXUYWAOhXGr_YXlLlh0HxwW5tDclUIhPcGJX8j3YSayJ_sgI6mNFvubhOVWTX0P4M__0cjbbC61vqGtplKZK9deOSG_zLkEsOFMKjq-jgUIIQddZrMc8i0DQehCSSEasNAtcHDbGxh20Zn9iPV_AFPREghUijczYUyxLxK3cb0ho5QyrEnkXPCU9iDGgXm7HPshEXB5hLEWuUtT95Mnjch-V-UFm0cimjl6gtRpthfCl3dKZPyLdovTXhRKiQG0O8gaCKIrBgsmRUKhzEZvvXvB6stCQ4TMozHOsbG8IBgJcUXLsUrGJQO7gmKDvuVXh3s-ecmE3vosnenFSDVaFgUWg3PCWaL5gan73WQCog37K70sqctUkzWWUQbf0mx6R3I_h1_-TzMO6lynxNsmjJoAMi1aeEwlK2WaNtC2gE0jMJAUbcA-2jKDm9VBoZU-stERse-aF0Y0iUaR5kfIS2gu7NgULe2_o4_aspJ49T_ly0u6_sGz_ArNQU-5K-tKDhKIJg4zrk6whlzsNYCmh7jEjKp6mo7NKfQXrO2HBbJXHJL4XUuFZb9al5VVNbsBo5K67NGNj8I_9aE3buBy5y6jyCmZ3xs-bOUXdVDFSxHhaxT_hfZKUzq0A-Z1k4o6lc3zBaezXFXcluiGGCz6iTMaTVAmhOnHVhBtxwB-L_65VElUOjFW-t06-XNK5earDLIYJcZwQvHOt0ZsBOSdaXYQUT7rMqnQb8625NzyHWVQUSiEOe-CQ68AQKVsujBCBQxkaNxj&sai=AMfl-YSvOjdP1Knlz2rqivZ15AOKFM5PVT9dhrlivNIkqjqAgvodN2oFvm9fjjKCsUYwPJd36wPRQqEq0tHlgEC2kycG18j7uhV76uy5UsGlocft4JeseJkRTI7sjNw5vN2Kc0ZLDH1Axx3nAHGe4ruRCWhasYIy7w&sig=Cg0ArKJSzMRPK-u2pwtsEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1141&vt=11&dtpt=902&dett=3&cstd=237&cisv=r20220810.53194&adurl=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 12 Aug 2022 04:44:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
activeview
pagead2.googlesyndication.com/pcs/ Frame 3AC6 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuLy9_AGzCPvcL0Srb_XfvFT9oOGDpRWH7-guFsibHVaJ00zpi2S9oh6HL7-G3sbZkv_LfenN-YNqFgqw_JTt1ANj7tSIHYAQ3qtqmZqYL75A_dJB1-QRobhnTbCgUaKLzaJgsXWPDukSzh&sai=AMfl-YTGetGLO-9YyAwFaLgAWMaMWWUmVqh5UPv8kw_teL8KhPAFYahjPb592OvseMW3dGbNKS3Zrvyh-CMACXfcaCvg1bMA0ekeiVE&sig=Cg0ArKJSzOiKEwFUBrM8EAE&cid=CAASEuRoCanhGbYWkuvlOR3cS7g3Tg&id=lidar2&mcvt=1025&p=0,0,200,200&mtos=1025,1025,1025,1025,1025&tos=1025,0,0,0,0&v=20220810&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=132049923&rs=2&la=0&cr=0&vs=4&r=v&rst=1660279441522&rpt=527&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js
pagead2.googlesyndication.com/bg/ Frame CF54 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c5c65b03ca907b7c00d725a83a860c1e4be9d1b970c43b99d025036dc34e81c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 07:40:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
248601
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14139
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 09 Aug 2023 07:40:42 GMT
nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js
pagead2.googlesyndication.com/bg/ Frame 9328 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c5c65b03ca907b7c00d725a83a860c1e4be9d1b970c43b99d025036dc34e81c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 07:40:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
248601
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14139
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 09 Aug 2023 07:40:42 GMT
logo.svg
s0.2mdn.net/sadbundle/10562741012611280829/ Frame DD8C 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10562741012611280829/logo.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10562741012611280829/1657637830060.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac1f8c2a4ee7c0ee40acb4937d0459e1e290abfa8229c4b7fc4d7992858e1cd9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10562741012611280829/1657637830060.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 07:06:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
77870
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1365
x-xss-protection
0
last-modified
Thu, 21 Jul 2022 07:05:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 11 Aug 2023 07:06:13 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/ Frame A448 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BjTIP81iiS_TcbxAE1QJWmC0zh4jNZOnxp1caKulNwq-YiKc--4jKFN689p9lv_MzCIr7dng70tvqDe8FbnXF9zCu_Rt5jnHDM76klklZnBdPgAVXtx3l92OXCeG-guUKUuVtihOQYkuIJJwuN-oXR6gOHUA&cry=1&dbm_d=AKAmf-DqUSElatQF04SSpYDBDVGYQp1FhHFVdzvSzuY3u3QWOZaNDdjp5N8lj2-rH32Q4SIP5nLnAd_xJROOddbLPOCL5WzZ8NVEVyfUQen64FBA_3IuQvMgn6c3Ozo3cjw1xE1D6hH7Oggv_sVMpcJzyGXWFtGNwbiJ-ZW-Icyk2GkwZn-19YnvRXN7zE1HOyLVexYZEzbgKpfF-L8V6Vziiu9aOWpfPZYjklNpWsLhbC9wsCJ_Plob_jdde89-eYhRaUzrZ4okqV7TqQD3UVMjspCkrvhr8aEKTZCcV7ILxpr1mf7IdpD6LbsNyhXbd9R2hjSs9v4sgdyfFcZW0IN7MYZQlvEmK4REh8jCpuARSltHV_wyonx3dDUpssNfeG1bDFDibqnvhYmCM7EJ9_o9jDerdqHPnTO3C_lJKQ1AvVp-Ar_ekLcuw0mgp5Qvw2i0zCHE3wdAJScP47BIYxYkMz3qLkiJ9Yg8wOJhWHkxB4gV9k1_MtuvE4ix9HF6MX_YNYcJ_udeH7-C7f6OdJtXFcA4uS6rR9cMAo-isCRGE_lGY0jSw_VbMdFRDARsutQM6QiyVS2o3SLVUH8hqhZxGYm9pb8aMTHyLWkuRKfYlroQ-ukSpjhJskRni6em3ocM9YKzF6-sdX00dQ1geFt3Jsx1FWqyZAymRFORVwvAi-hXfLQrUM9z6j8YTZoe3q55f4B3lSzD-urhW1wiQVOpND8WrgdlyS3xQBs370fz53P5ptRCd33laJgxwSC8GIF0suTd75EK4pQNEuyEISZgUKPtw_8gOg2uT62iZONxQV11TNq6WXg8MBHrAz7PQDyAWlsA7hkrt-8TDOXppo-sPryj6cX3psztARi7Th0weyI0YpZC15EsdWVSSBq4AosX9_xFWS_TD4dg5dV6WuT-YJmuKKwLflODKEdZVnAh5H4a09TRhRSSSRZruofh2WmMrp5D55LoAbrCYNQEJ-C1fVB-mBmOZKBG7E3Pv0aNhRJ0vSaC6JcrmSNaLb6QffUqOD4bRxcxzUVoAAdXpY-oBsM7qe3idRC4kI_leaSgwSnik-W2GCZQV_CqeWWkID_t-5lj8ANOYJFz6G9kBt0I0DjtT1one5q92XSUU7PwEVpfWOCA8m1QL5Q1qh_mg1gFfOHK4hmLzBqlsCzHZ__G9lsJnAf-kKi6YNjaeW0h37IsbSPdey9ISbhzBpG7F0FEru0GRKpdyP6NZ45kJK6ABpa2smcgivd3JLlw3PY9TmzBm9MJT3u_u-dMQ_6fdxxN-k2ooGtkvH2HpDoQ7drE9wHCblIPgk9HD_O039hTLrWCzxouoEjHWFMJe7iGlG9XWeqpXHPvcCrVnf6DK9sjnRspei3LxqXUaOUvgfokBqUK9Jm4UJlmiurQjMgIJh1sFbR-mKlbxuU_oxkFRIzWgqWt6J8Oix5To0Tcw4frNijCO9NXOPkpnJrzaT0BqNB8EC3KQTp-4295bzO_UQdyokKN_WQ8RQ0Ifl570rlZejEbxYWQwz762afPJ4bzmtWZBguCRxTVmdLjYNPyZ-I5RnEgh_KysREr3IIda9NUppKQVwPRkFRdFAHZK4f-NEi9WIi9ibkOi4WQ7ddVpPsFQXLuk-Sdb13FNXyLWtxjcBJJXdNNy8Bh6WJtzY3gRkaOcMf25-HiwF1-W9lLlAAlwcliKsQVO2PyRT-7VdfU3R-Z2FhDthGpsAX5Q_t83ioKe3puqgEeh_5kjy8BihtYYxyVsRwOKlVWCi5SspGfHtSfUDJ_BgW8CHM6F9sxRvn_opK6MPmesyQH1CoNaeJ46MX7YvTN5k3JC-0TdRBbsRjF2_5hIxkraBCSDYLb9f_R1Z-Q9OHHPwOgKnakjqlAFQEhTKH7-jtv1_0fFLay0vkqCMV2qFCjd_VkRPUQRK2ahk3uYqnGgpKacyReHG3hEXOaS4Zi5pFYgV_RlK4Zcd8NPp-eQ3mV7ECoGdZXKGQKq8-9xJWZqeEcozT5zeMYp8DY8e5MQLOO87WWei_JPPhb8j0qoiA_YoUnrOAO1L-OHuVExbPLYQo1qp2cWFRM9CREuBkCcUTWJM3-gtNQxeBKH7j4w9FquiOQgRLiXiDGhOh_tJ7xE5ca4L4CHGVkqBuDqiVTHjDZiVYvPAaNmuXaQdF1Qsvj6zvzfMrUlIdUOLN_4Ttt29BxcE90zLQaqJLs_lj2Pz8C-Xso4gw9ixrJ8paAlgKfKs_s5bcqz93LOpZ5ac5zTterAi_19fY-i8I3ILrQMaeK4oif-Xwhc_EsjBvcUmVNl1xtR5KZdwZpse-_-u8Jc2ut9wJYdCCTTQQc1hlTLLzXGrRanZze3jxrWmYPOoscEiKrvM5Jt8iCTXoL9hotP3cIirOFhxsEnBq8A1Gb51Uw3jB4EVx52xOWirrmQf1zb_-eUV7N1IAfzA_AEJDYZ-Sg0LH8CefG-zcTpPnFIGTCSFDfZYMk5DNIPHAp2Him8tgzUOgwT_oKP7kA_XNbOEtvozQ9860Hmrz7cx3C5UPfJmjUXJw01dd1WCaBc6zmdb2KNKBxVKUzSgfA3F1-RBZnvZKXLn2YvZuBHDWQxKcKdzwGPpTmkuXgYt9ilCmmZBLx1oQsS4071A3PsEL3XBLrq2CuK55qeGv3GTIowRByZqrQF5Xx5UsG-rTEHjEHSKP6uDGA_UZBVBULLp_bnkiKZce7P5RUUCiE8hF3A1BjMRa0wc95u-aDAkRtA6RY7WpoQH8246uKFVLz6suHyFUu-hGi_2ULN-El7ZqfDSEYjW4FJTQFeV1zWg0kd_w0jNocTCtxb3PZTTi53WcSwh9M28uXdaJE18RyQXdVCevSdL3YsUq6zcxx7hy6nrbL-0I6yZxfgaH65fEwh7YKRThWhhoJoPPcQ7caXq0cMoXHHdFY9BKnkSPiXa0S_qvHxNAlRoDJCqcyIdKJ1nDY1BK0fVd0fEaloDC4BEV6cNPVpBO-90keRd8p08bQoY0dWl-jpCr6ieKx4kgrVw0X06i_H965rnXnd2WbhJm1ytJ8vB19G7E48IugbU44GAy9Tu51VQUvyP84H-DGTAlLqqck7BTIhxriyx_IB2CZnoOfmbh2ph2Lkm3rau040xQREBzOjcRSnZ-idOoYyszL8eHoc4naGGFgZEATMkpXopjawTtOD2ZfUJcvE4mxixWeYfqViloJKtpg0rL95Sp_3ViTtygdt7GF9u_35R4MNxsGHSZlMjSK1RVBGsBH7j8HfZ15hyOdlYKL5SbNoJxdvpNlF228BSAKqf-uwMSbICZ5l4kGnk_zRy0g2STWuoVDICmuqpYTI_SG_rgQemuZRWHPz3kiCDaxzbAmsc9Srg&cid=CAASEuRoWG6bghlOciiMvikgEpymyA&rfl=4%2Chttp%253A%252F%252Fzdorovia.com.ua%242%2C%2Chttps%253A%252F%252Ffile.adpartner.pro%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:25:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1117
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11819
x-xss-protection
0
server
cafe
etag
10563440404697844360
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Aug 2022 04:25:26 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/elements/html/ Frame A448 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BjTIP81iiS_TcbxAE1QJWmC0zh4jNZOnxp1caKulNwq-YiKc--4jKFN689p9lv_MzCIr7dng70tvqDe8FbnXF9zCu_Rt5jnHDM76klklZnBdPgAVXtx3l92OXCeG-guUKUuVtihOQYkuIJJwuN-oXR6gOHUA&cry=1&dbm_d=AKAmf-DqUSElatQF04SSpYDBDVGYQp1FhHFVdzvSzuY3u3QWOZaNDdjp5N8lj2-rH32Q4SIP5nLnAd_xJROOddbLPOCL5WzZ8NVEVyfUQen64FBA_3IuQvMgn6c3Ozo3cjw1xE1D6hH7Oggv_sVMpcJzyGXWFtGNwbiJ-ZW-Icyk2GkwZn-19YnvRXN7zE1HOyLVexYZEzbgKpfF-L8V6Vziiu9aOWpfPZYjklNpWsLhbC9wsCJ_Plob_jdde89-eYhRaUzrZ4okqV7TqQD3UVMjspCkrvhr8aEKTZCcV7ILxpr1mf7IdpD6LbsNyhXbd9R2hjSs9v4sgdyfFcZW0IN7MYZQlvEmK4REh8jCpuARSltHV_wyonx3dDUpssNfeG1bDFDibqnvhYmCM7EJ9_o9jDerdqHPnTO3C_lJKQ1AvVp-Ar_ekLcuw0mgp5Qvw2i0zCHE3wdAJScP47BIYxYkMz3qLkiJ9Yg8wOJhWHkxB4gV9k1_MtuvE4ix9HF6MX_YNYcJ_udeH7-C7f6OdJtXFcA4uS6rR9cMAo-isCRGE_lGY0jSw_VbMdFRDARsutQM6QiyVS2o3SLVUH8hqhZxGYm9pb8aMTHyLWkuRKfYlroQ-ukSpjhJskRni6em3ocM9YKzF6-sdX00dQ1geFt3Jsx1FWqyZAymRFORVwvAi-hXfLQrUM9z6j8YTZoe3q55f4B3lSzD-urhW1wiQVOpND8WrgdlyS3xQBs370fz53P5ptRCd33laJgxwSC8GIF0suTd75EK4pQNEuyEISZgUKPtw_8gOg2uT62iZONxQV11TNq6WXg8MBHrAz7PQDyAWlsA7hkrt-8TDOXppo-sPryj6cX3psztARi7Th0weyI0YpZC15EsdWVSSBq4AosX9_xFWS_TD4dg5dV6WuT-YJmuKKwLflODKEdZVnAh5H4a09TRhRSSSRZruofh2WmMrp5D55LoAbrCYNQEJ-C1fVB-mBmOZKBG7E3Pv0aNhRJ0vSaC6JcrmSNaLb6QffUqOD4bRxcxzUVoAAdXpY-oBsM7qe3idRC4kI_leaSgwSnik-W2GCZQV_CqeWWkID_t-5lj8ANOYJFz6G9kBt0I0DjtT1one5q92XSUU7PwEVpfWOCA8m1QL5Q1qh_mg1gFfOHK4hmLzBqlsCzHZ__G9lsJnAf-kKi6YNjaeW0h37IsbSPdey9ISbhzBpG7F0FEru0GRKpdyP6NZ45kJK6ABpa2smcgivd3JLlw3PY9TmzBm9MJT3u_u-dMQ_6fdxxN-k2ooGtkvH2HpDoQ7drE9wHCblIPgk9HD_O039hTLrWCzxouoEjHWFMJe7iGlG9XWeqpXHPvcCrVnf6DK9sjnRspei3LxqXUaOUvgfokBqUK9Jm4UJlmiurQjMgIJh1sFbR-mKlbxuU_oxkFRIzWgqWt6J8Oix5To0Tcw4frNijCO9NXOPkpnJrzaT0BqNB8EC3KQTp-4295bzO_UQdyokKN_WQ8RQ0Ifl570rlZejEbxYWQwz762afPJ4bzmtWZBguCRxTVmdLjYNPyZ-I5RnEgh_KysREr3IIda9NUppKQVwPRkFRdFAHZK4f-NEi9WIi9ibkOi4WQ7ddVpPsFQXLuk-Sdb13FNXyLWtxjcBJJXdNNy8Bh6WJtzY3gRkaOcMf25-HiwF1-W9lLlAAlwcliKsQVO2PyRT-7VdfU3R-Z2FhDthGpsAX5Q_t83ioKe3puqgEeh_5kjy8BihtYYxyVsRwOKlVWCi5SspGfHtSfUDJ_BgW8CHM6F9sxRvn_opK6MPmesyQH1CoNaeJ46MX7YvTN5k3JC-0TdRBbsRjF2_5hIxkraBCSDYLb9f_R1Z-Q9OHHPwOgKnakjqlAFQEhTKH7-jtv1_0fFLay0vkqCMV2qFCjd_VkRPUQRK2ahk3uYqnGgpKacyReHG3hEXOaS4Zi5pFYgV_RlK4Zcd8NPp-eQ3mV7ECoGdZXKGQKq8-9xJWZqeEcozT5zeMYp8DY8e5MQLOO87WWei_JPPhb8j0qoiA_YoUnrOAO1L-OHuVExbPLYQo1qp2cWFRM9CREuBkCcUTWJM3-gtNQxeBKH7j4w9FquiOQgRLiXiDGhOh_tJ7xE5ca4L4CHGVkqBuDqiVTHjDZiVYvPAaNmuXaQdF1Qsvj6zvzfMrUlIdUOLN_4Ttt29BxcE90zLQaqJLs_lj2Pz8C-Xso4gw9ixrJ8paAlgKfKs_s5bcqz93LOpZ5ac5zTterAi_19fY-i8I3ILrQMaeK4oif-Xwhc_EsjBvcUmVNl1xtR5KZdwZpse-_-u8Jc2ut9wJYdCCTTQQc1hlTLLzXGrRanZze3jxrWmYPOoscEiKrvM5Jt8iCTXoL9hotP3cIirOFhxsEnBq8A1Gb51Uw3jB4EVx52xOWirrmQf1zb_-eUV7N1IAfzA_AEJDYZ-Sg0LH8CefG-zcTpPnFIGTCSFDfZYMk5DNIPHAp2Him8tgzUOgwT_oKP7kA_XNbOEtvozQ9860Hmrz7cx3C5UPfJmjUXJw01dd1WCaBc6zmdb2KNKBxVKUzSgfA3F1-RBZnvZKXLn2YvZuBHDWQxKcKdzwGPpTmkuXgYt9ilCmmZBLx1oQsS4071A3PsEL3XBLrq2CuK55qeGv3GTIowRByZqrQF5Xx5UsG-rTEHjEHSKP6uDGA_UZBVBULLp_bnkiKZce7P5RUUCiE8hF3A1BjMRa0wc95u-aDAkRtA6RY7WpoQH8246uKFVLz6suHyFUu-hGi_2ULN-El7ZqfDSEYjW4FJTQFeV1zWg0kd_w0jNocTCtxb3PZTTi53WcSwh9M28uXdaJE18RyQXdVCevSdL3YsUq6zcxx7hy6nrbL-0I6yZxfgaH65fEwh7YKRThWhhoJoPPcQ7caXq0cMoXHHdFY9BKnkSPiXa0S_qvHxNAlRoDJCqcyIdKJ1nDY1BK0fVd0fEaloDC4BEV6cNPVpBO-90keRd8p08bQoY0dWl-jpCr6ieKx4kgrVw0X06i_H965rnXnd2WbhJm1ytJ8vB19G7E48IugbU44GAy9Tu51VQUvyP84H-DGTAlLqqck7BTIhxriyx_IB2CZnoOfmbh2ph2Lkm3rau040xQREBzOjcRSnZ-idOoYyszL8eHoc4naGGFgZEATMkpXopjawTtOD2ZfUJcvE4mxixWeYfqViloJKtpg0rL95Sp_3ViTtygdt7GF9u_35R4MNxsGHSZlMjSK1RVBGsBH7j8HfZ15hyOdlYKL5SbNoJxdvpNlF228BSAKqf-uwMSbICZ5l4kGnk_zRy0g2STWuoVDICmuqpYTI_SG_rgQemuZRWHPz3kiCDaxzbAmsc9Srg&cid=CAASEuRoWG6bghlOciiMvikgEpymyA&rfl=4%2Chttp%253A%252F%252Fzdorovia.com.ua%242%2C%2Chttps%253A%252F%252Ffile.adpartner.pro%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:03:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2424
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
18418590997839133011
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Aug 2022 04:03:39 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame A448 		0
27 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu5asmHWfgy5rkLyGly4PSkD06AJhYmxDG3JEuqnc2DltUHslvw2OMD_UZADXP9fVgWOHElBZxGijV3-yPGxB1Oj5B8ZvqC2MBxppsGS236ElsQoQmpU5UKch-L58wo3rnyQaAsnI-Th_IbFbj8pFK1fE01VIkCpBoP3e5_x09KWopoJCKFwim45MerD8MkJYPeGZTFASZwwYg5e9MHeWrnGh_NSpWZq8QXgDLgR47M0LfYqkByUvL-cROOZNsCOEpZ_ucmWqxGVVuAsiSKW6IEKQT5fC9AdBbFPJ-YZgROX7h5qdSKOuS_GsU9A1QDguOcxTuRSfUCbaXu5hrbHMK2sOD7snY9_I5w9r0c5RB_39JgwKEgSVWqJvMIBwd3fWIVcUTMCOiAU3KtcBXO8dUW2lVMkgDHtKfFKLk9Tezx-m5G2i48okRhLZEQlLyQSurXBuigXjQw1_cNbRGpI6I_KIRxU4QPFkHJDlw7-xPtCG73xYHm5CzGeTcPWV7tTeJzIayvdCoHnXmIvdTC8OcYGe888VDkKJm199l4itXbMtUpsItbUmqBgf7DiFXQQKSl1TNg7kHDbg0TtHse1SSCzdEUcVZiJP2ORdlGBCJt45BqdKPtYjoW6t_AL1wt5ta455zb0xrUVsKBD24Ke4Caj4MaapS9Pw459JuXS6f1MNBaTj3-iewQiqUBx1-LoK1eNov7JYi63t80M5Tx-hMQ-Tu0vus9eQVSXSk5KGm1NL63n6iye82ztbZD31UyUqEt1tJcpp5O27p9u2vuMOBnjtEg3ht1qT1xClwIfgdrh_757ibnf0yehw9Og7rXySP8EffvX_962PzgP1-MNk0ffEAUMrELPnSMlLrVJCXNWhRgEGyaZ0sRYNzQwMQX6JvaAp3ktu5TefZe7A2Pxk6dkVTIj4GK9ps60Is91-o2JGCmxQTgh_U5iz8AM2e41R2VcQ17axwiaJP-MwDfBod2Mc4kElGQv5gdSsyS1n1HLpDUymCWtxWlyygOwsT6jf4h-RlODPNXTXGUwRo-z_wb1Wzpzdy5Xhy69mFig8OsyGX5GlIqzeDDf4CavUO7nYnVKZTaUxxcOBp8ZdxZxXFUdw6uLDW1vzdjdq1Orj-AsozEGGNZeppMF53aWl4tPahqeRYkNeeSCFQDirWIfw&sai=AMfl-YQNoHjHHgkzuQ7TokcLuKrucbp0ZY06Ji9N-1DvGj7MtO9NCUSa5SGa6PTrgn_D0xEGkIFgaJPWaUT5GvdDey-WSkFpeIt5QCOrMVMRa_Ui21mzwOGnXlp2kdqvbAbCMZgMj4DAfe7oDatUkiszoGVFUMIwNQ&sig=Cg0ArKJSzMFcMicgkXLaEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220810.81468&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BjTIP81iiS_TcbxAE1QJWmC0zh4jNZOnxp1caKulNwq-YiKc--4jKFN689p9lv_MzCIr7dng70tvqDe8FbnXF9zCu_Rt5jnHDM76klklZnBdPgAVXtx3l92OXCeG-guUKUuVtihOQYkuIJJwuN-oXR6gOHUA&cry=1&dbm_d=AKAmf-DqUSElatQF04SSpYDBDVGYQp1FhHFVdzvSzuY3u3QWOZaNDdjp5N8lj2-rH32Q4SIP5nLnAd_xJROOddbLPOCL5WzZ8NVEVyfUQen64FBA_3IuQvMgn6c3Ozo3cjw1xE1D6hH7Oggv_sVMpcJzyGXWFtGNwbiJ-ZW-Icyk2GkwZn-19YnvRXN7zE1HOyLVexYZEzbgKpfF-L8V6Vziiu9aOWpfPZYjklNpWsLhbC9wsCJ_Plob_jdde89-eYhRaUzrZ4okqV7TqQD3UVMjspCkrvhr8aEKTZCcV7ILxpr1mf7IdpD6LbsNyhXbd9R2hjSs9v4sgdyfFcZW0IN7MYZQlvEmK4REh8jCpuARSltHV_wyonx3dDUpssNfeG1bDFDibqnvhYmCM7EJ9_o9jDerdqHPnTO3C_lJKQ1AvVp-Ar_ekLcuw0mgp5Qvw2i0zCHE3wdAJScP47BIYxYkMz3qLkiJ9Yg8wOJhWHkxB4gV9k1_MtuvE4ix9HF6MX_YNYcJ_udeH7-C7f6OdJtXFcA4uS6rR9cMAo-isCRGE_lGY0jSw_VbMdFRDARsutQM6QiyVS2o3SLVUH8hqhZxGYm9pb8aMTHyLWkuRKfYlroQ-ukSpjhJskRni6em3ocM9YKzF6-sdX00dQ1geFt3Jsx1FWqyZAymRFORVwvAi-hXfLQrUM9z6j8YTZoe3q55f4B3lSzD-urhW1wiQVOpND8WrgdlyS3xQBs370fz53P5ptRCd33laJgxwSC8GIF0suTd75EK4pQNEuyEISZgUKPtw_8gOg2uT62iZONxQV11TNq6WXg8MBHrAz7PQDyAWlsA7hkrt-8TDOXppo-sPryj6cX3psztARi7Th0weyI0YpZC15EsdWVSSBq4AosX9_xFWS_TD4dg5dV6WuT-YJmuKKwLflODKEdZVnAh5H4a09TRhRSSSRZruofh2WmMrp5D55LoAbrCYNQEJ-C1fVB-mBmOZKBG7E3Pv0aNhRJ0vSaC6JcrmSNaLb6QffUqOD4bRxcxzUVoAAdXpY-oBsM7qe3idRC4kI_leaSgwSnik-W2GCZQV_CqeWWkID_t-5lj8ANOYJFz6G9kBt0I0DjtT1one5q92XSUU7PwEVpfWOCA8m1QL5Q1qh_mg1gFfOHK4hmLzBqlsCzHZ__G9lsJnAf-kKi6YNjaeW0h37IsbSPdey9ISbhzBpG7F0FEru0GRKpdyP6NZ45kJK6ABpa2smcgivd3JLlw3PY9TmzBm9MJT3u_u-dMQ_6fdxxN-k2ooGtkvH2HpDoQ7drE9wHCblIPgk9HD_O039hTLrWCzxouoEjHWFMJe7iGlG9XWeqpXHPvcCrVnf6DK9sjnRspei3LxqXUaOUvgfokBqUK9Jm4UJlmiurQjMgIJh1sFbR-mKlbxuU_oxkFRIzWgqWt6J8Oix5To0Tcw4frNijCO9NXOPkpnJrzaT0BqNB8EC3KQTp-4295bzO_UQdyokKN_WQ8RQ0Ifl570rlZejEbxYWQwz762afPJ4bzmtWZBguCRxTVmdLjYNPyZ-I5RnEgh_KysREr3IIda9NUppKQVwPRkFRdFAHZK4f-NEi9WIi9ibkOi4WQ7ddVpPsFQXLuk-Sdb13FNXyLWtxjcBJJXdNNy8Bh6WJtzY3gRkaOcMf25-HiwF1-W9lLlAAlwcliKsQVO2PyRT-7VdfU3R-Z2FhDthGpsAX5Q_t83ioKe3puqgEeh_5kjy8BihtYYxyVsRwOKlVWCi5SspGfHtSfUDJ_BgW8CHM6F9sxRvn_opK6MPmesyQH1CoNaeJ46MX7YvTN5k3JC-0TdRBbsRjF2_5hIxkraBCSDYLb9f_R1Z-Q9OHHPwOgKnakjqlAFQEhTKH7-jtv1_0fFLay0vkqCMV2qFCjd_VkRPUQRK2ahk3uYqnGgpKacyReHG3hEXOaS4Zi5pFYgV_RlK4Zcd8NPp-eQ3mV7ECoGdZXKGQKq8-9xJWZqeEcozT5zeMYp8DY8e5MQLOO87WWei_JPPhb8j0qoiA_YoUnrOAO1L-OHuVExbPLYQo1qp2cWFRM9CREuBkCcUTWJM3-gtNQxeBKH7j4w9FquiOQgRLiXiDGhOh_tJ7xE5ca4L4CHGVkqBuDqiVTHjDZiVYvPAaNmuXaQdF1Qsvj6zvzfMrUlIdUOLN_4Ttt29BxcE90zLQaqJLs_lj2Pz8C-Xso4gw9ixrJ8paAlgKfKs_s5bcqz93LOpZ5ac5zTterAi_19fY-i8I3ILrQMaeK4oif-Xwhc_EsjBvcUmVNl1xtR5KZdwZpse-_-u8Jc2ut9wJYdCCTTQQc1hlTLLzXGrRanZze3jxrWmYPOoscEiKrvM5Jt8iCTXoL9hotP3cIirOFhxsEnBq8A1Gb51Uw3jB4EVx52xOWirrmQf1zb_-eUV7N1IAfzA_AEJDYZ-Sg0LH8CefG-zcTpPnFIGTCSFDfZYMk5DNIPHAp2Him8tgzUOgwT_oKP7kA_XNbOEtvozQ9860Hmrz7cx3C5UPfJmjUXJw01dd1WCaBc6zmdb2KNKBxVKUzSgfA3F1-RBZnvZKXLn2YvZuBHDWQxKcKdzwGPpTmkuXgYt9ilCmmZBLx1oQsS4071A3PsEL3XBLrq2CuK55qeGv3GTIowRByZqrQF5Xx5UsG-rTEHjEHSKP6uDGA_UZBVBULLp_bnkiKZce7P5RUUCiE8hF3A1BjMRa0wc95u-aDAkRtA6RY7WpoQH8246uKFVLz6suHyFUu-hGi_2ULN-El7ZqfDSEYjW4FJTQFeV1zWg0kd_w0jNocTCtxb3PZTTi53WcSwh9M28uXdaJE18RyQXdVCevSdL3YsUq6zcxx7hy6nrbL-0I6yZxfgaH65fEwh7YKRThWhhoJoPPcQ7caXq0cMoXHHdFY9BKnkSPiXa0S_qvHxNAlRoDJCqcyIdKJ1nDY1BK0fVd0fEaloDC4BEV6cNPVpBO-90keRd8p08bQoY0dWl-jpCr6ieKx4kgrVw0X06i_H965rnXnd2WbhJm1ytJ8vB19G7E48IugbU44GAy9Tu51VQUvyP84H-DGTAlLqqck7BTIhxriyx_IB2CZnoOfmbh2ph2Lkm3rau040xQREBzOjcRSnZ-idOoYyszL8eHoc4naGGFgZEATMkpXopjawTtOD2ZfUJcvE4mxixWeYfqViloJKtpg0rL95Sp_3ViTtygdt7GF9u_35R4MNxsGHSZlMjSK1RVBGsBH7j8HfZ15hyOdlYKL5SbNoJxdvpNlF228BSAKqf-uwMSbICZ5l4kGnk_zRy0g2STWuoVDICmuqpYTI_SG_rgQemuZRWHPz3kiCDaxzbAmsc9Srg&cid=CAASEuRoWG6bghlOciiMvikgEpymyA&rfl=4%2Chttp%253A%252F%252Fzdorovia.com.ua%242%2C%2Chttps%253A%252F%252Ffile.adpartner.pro%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Fri, 12 Aug 2022 04:44:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame A448 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BjTIP81iiS_TcbxAE1QJWmC0zh4jNZOnxp1caKulNwq-YiKc--4jKFN689p9lv_MzCIr7dng70tvqDe8FbnXF9zCu_Rt5jnHDM76klklZnBdPgAVXtx3l92OXCeG-guUKUuVtihOQYkuIJJwuN-oXR6gOHUA&cry=1&dbm_d=AKAmf-DqUSElatQF04SSpYDBDVGYQp1FhHFVdzvSzuY3u3QWOZaNDdjp5N8lj2-rH32Q4SIP5nLnAd_xJROOddbLPOCL5WzZ8NVEVyfUQen64FBA_3IuQvMgn6c3Ozo3cjw1xE1D6hH7Oggv_sVMpcJzyGXWFtGNwbiJ-ZW-Icyk2GkwZn-19YnvRXN7zE1HOyLVexYZEzbgKpfF-L8V6Vziiu9aOWpfPZYjklNpWsLhbC9wsCJ_Plob_jdde89-eYhRaUzrZ4okqV7TqQD3UVMjspCkrvhr8aEKTZCcV7ILxpr1mf7IdpD6LbsNyhXbd9R2hjSs9v4sgdyfFcZW0IN7MYZQlvEmK4REh8jCpuARSltHV_wyonx3dDUpssNfeG1bDFDibqnvhYmCM7EJ9_o9jDerdqHPnTO3C_lJKQ1AvVp-Ar_ekLcuw0mgp5Qvw2i0zCHE3wdAJScP47BIYxYkMz3qLkiJ9Yg8wOJhWHkxB4gV9k1_MtuvE4ix9HF6MX_YNYcJ_udeH7-C7f6OdJtXFcA4uS6rR9cMAo-isCRGE_lGY0jSw_VbMdFRDARsutQM6QiyVS2o3SLVUH8hqhZxGYm9pb8aMTHyLWkuRKfYlroQ-ukSpjhJskRni6em3ocM9YKzF6-sdX00dQ1geFt3Jsx1FWqyZAymRFORVwvAi-hXfLQrUM9z6j8YTZoe3q55f4B3lSzD-urhW1wiQVOpND8WrgdlyS3xQBs370fz53P5ptRCd33laJgxwSC8GIF0suTd75EK4pQNEuyEISZgUKPtw_8gOg2uT62iZONxQV11TNq6WXg8MBHrAz7PQDyAWlsA7hkrt-8TDOXppo-sPryj6cX3psztARi7Th0weyI0YpZC15EsdWVSSBq4AosX9_xFWS_TD4dg5dV6WuT-YJmuKKwLflODKEdZVnAh5H4a09TRhRSSSRZruofh2WmMrp5D55LoAbrCYNQEJ-C1fVB-mBmOZKBG7E3Pv0aNhRJ0vSaC6JcrmSNaLb6QffUqOD4bRxcxzUVoAAdXpY-oBsM7qe3idRC4kI_leaSgwSnik-W2GCZQV_CqeWWkID_t-5lj8ANOYJFz6G9kBt0I0DjtT1one5q92XSUU7PwEVpfWOCA8m1QL5Q1qh_mg1gFfOHK4hmLzBqlsCzHZ__G9lsJnAf-kKi6YNjaeW0h37IsbSPdey9ISbhzBpG7F0FEru0GRKpdyP6NZ45kJK6ABpa2smcgivd3JLlw3PY9TmzBm9MJT3u_u-dMQ_6fdxxN-k2ooGtkvH2HpDoQ7drE9wHCblIPgk9HD_O039hTLrWCzxouoEjHWFMJe7iGlG9XWeqpXHPvcCrVnf6DK9sjnRspei3LxqXUaOUvgfokBqUK9Jm4UJlmiurQjMgIJh1sFbR-mKlbxuU_oxkFRIzWgqWt6J8Oix5To0Tcw4frNijCO9NXOPkpnJrzaT0BqNB8EC3KQTp-4295bzO_UQdyokKN_WQ8RQ0Ifl570rlZejEbxYWQwz762afPJ4bzmtWZBguCRxTVmdLjYNPyZ-I5RnEgh_KysREr3IIda9NUppKQVwPRkFRdFAHZK4f-NEi9WIi9ibkOi4WQ7ddVpPsFQXLuk-Sdb13FNXyLWtxjcBJJXdNNy8Bh6WJtzY3gRkaOcMf25-HiwF1-W9lLlAAlwcliKsQVO2PyRT-7VdfU3R-Z2FhDthGpsAX5Q_t83ioKe3puqgEeh_5kjy8BihtYYxyVsRwOKlVWCi5SspGfHtSfUDJ_BgW8CHM6F9sxRvn_opK6MPmesyQH1CoNaeJ46MX7YvTN5k3JC-0TdRBbsRjF2_5hIxkraBCSDYLb9f_R1Z-Q9OHHPwOgKnakjqlAFQEhTKH7-jtv1_0fFLay0vkqCMV2qFCjd_VkRPUQRK2ahk3uYqnGgpKacyReHG3hEXOaS4Zi5pFYgV_RlK4Zcd8NPp-eQ3mV7ECoGdZXKGQKq8-9xJWZqeEcozT5zeMYp8DY8e5MQLOO87WWei_JPPhb8j0qoiA_YoUnrOAO1L-OHuVExbPLYQo1qp2cWFRM9CREuBkCcUTWJM3-gtNQxeBKH7j4w9FquiOQgRLiXiDGhOh_tJ7xE5ca4L4CHGVkqBuDqiVTHjDZiVYvPAaNmuXaQdF1Qsvj6zvzfMrUlIdUOLN_4Ttt29BxcE90zLQaqJLs_lj2Pz8C-Xso4gw9ixrJ8paAlgKfKs_s5bcqz93LOpZ5ac5zTterAi_19fY-i8I3ILrQMaeK4oif-Xwhc_EsjBvcUmVNl1xtR5KZdwZpse-_-u8Jc2ut9wJYdCCTTQQc1hlTLLzXGrRanZze3jxrWmYPOoscEiKrvM5Jt8iCTXoL9hotP3cIirOFhxsEnBq8A1Gb51Uw3jB4EVx52xOWirrmQf1zb_-eUV7N1IAfzA_AEJDYZ-Sg0LH8CefG-zcTpPnFIGTCSFDfZYMk5DNIPHAp2Him8tgzUOgwT_oKP7kA_XNbOEtvozQ9860Hmrz7cx3C5UPfJmjUXJw01dd1WCaBc6zmdb2KNKBxVKUzSgfA3F1-RBZnvZKXLn2YvZuBHDWQxKcKdzwGPpTmkuXgYt9ilCmmZBLx1oQsS4071A3PsEL3XBLrq2CuK55qeGv3GTIowRByZqrQF5Xx5UsG-rTEHjEHSKP6uDGA_UZBVBULLp_bnkiKZce7P5RUUCiE8hF3A1BjMRa0wc95u-aDAkRtA6RY7WpoQH8246uKFVLz6suHyFUu-hGi_2ULN-El7ZqfDSEYjW4FJTQFeV1zWg0kd_w0jNocTCtxb3PZTTi53WcSwh9M28uXdaJE18RyQXdVCevSdL3YsUq6zcxx7hy6nrbL-0I6yZxfgaH65fEwh7YKRThWhhoJoPPcQ7caXq0cMoXHHdFY9BKnkSPiXa0S_qvHxNAlRoDJCqcyIdKJ1nDY1BK0fVd0fEaloDC4BEV6cNPVpBO-90keRd8p08bQoY0dWl-jpCr6ieKx4kgrVw0X06i_H965rnXnd2WbhJm1ytJ8vB19G7E48IugbU44GAy9Tu51VQUvyP84H-DGTAlLqqck7BTIhxriyx_IB2CZnoOfmbh2ph2Lkm3rau040xQREBzOjcRSnZ-idOoYyszL8eHoc4naGGFgZEATMkpXopjawTtOD2ZfUJcvE4mxixWeYfqViloJKtpg0rL95Sp_3ViTtygdt7GF9u_35R4MNxsGHSZlMjSK1RVBGsBH7j8HfZ15hyOdlYKL5SbNoJxdvpNlF228BSAKqf-uwMSbICZ5l4kGnk_zRy0g2STWuoVDICmuqpYTI_SG_rgQemuZRWHPz3kiCDaxzbAmsc9Srg&cid=CAASEuRoWG6bghlOciiMvikgEpymyA&rfl=4%2Chttp%253A%252F%252Fzdorovia.com.ua%242%2C%2Chttps%253A%252F%252Ffile.adpartner.pro%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 16:26:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
44278
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Aug 2023 16:26:05 GMT
1128928205684729030
s0.2mdn.net/simgad/ Frame A448 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/1128928205684729030
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155820292&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1660279441768&bpp=5&bdt=108&idt=211&shv=r20220809&mjsv=m202208080101&ptt=5&saldr=sa&correlator=7012374508926&frm=8&ife=1&pv=2&ga_vid=512157470.1660279442&ga_sid=1660279442&ga_hid=1939227915&ga_fc=0&nhd=2&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=450867083&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31064018&oid=2&pvsid=1101300467501551&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.xk6nio62alsx&fsb=1&dtd=221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ffbc795fbfe6190d6dcaeca72aa7c7c7c930425662d58d4adbbd337f3090680
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 05 Aug 2022 09:22:54 GMT
x-content-type-options
nosniff
age
588069
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68219
x-xss-protection
0
last-modified
Mon, 14 Jun 2021 07:59:28 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 05 Aug 2023 09:22:54 GMT
bg1.jpg
s0.2mdn.net/sadbundle/17540355389342664024/ Frame 7F0B 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17540355389342664024/bg1.jpg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417942&pi=t.ma~as.7553037928&w=728&lmt=1660279441&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1660279440592&bpp=4&bdt=1010&idt=435&shv=r20220809&mjsv=m202208080101&ptt=9&saldr=aa&correlator=7089674479857&frm=23&ife=5&pv=1&ga_vid=2117477704.1660279439&ga_sid=1660279439&ga_hid=377329752&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531514&oid=2&pvsid=2828283966670232&tmod=1092595463&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.tx2bxs9y3cti&fsb=1&dtd=451
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d67f80416350b30b9f1d9412eee88b02f069c31d778c0861f0721f7c28f5a3f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17540355389342664024/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 12:56:57 GMT
x-content-type-options
nosniff
age
229626
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20656
x-xss-protection
0
last-modified
Tue, 09 Aug 2022 12:44:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Aug 2023 12:56:57 GMT
b1.png
s0.2mdn.net/sadbundle/17540355389342664024/ Frame 7F0B 		421 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17540355389342664024/b1.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417942&pi=t.ma~as.7553037928&w=728&lmt=1660279441&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1660279440592&bpp=4&bdt=1010&idt=435&shv=r20220809&mjsv=m202208080101&ptt=9&saldr=aa&correlator=7089674479857&frm=23&ife=5&pv=1&ga_vid=2117477704.1660279439&ga_sid=1660279439&ga_hid=377329752&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531514&oid=2&pvsid=2828283966670232&tmod=1092595463&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.tx2bxs9y3cti&fsb=1&dtd=451
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cbc098b106cb6c879d78f3fcf5cb3cb9ebfcceb6a60bbf8cfef355ebb661d924
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17540355389342664024/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 12:56:57 GMT
x-content-type-options
nosniff
age
229626
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
421
x-xss-protection
0
last-modified
Tue, 09 Aug 2022 12:44:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Aug 2023 12:56:57 GMT
h1.png
s0.2mdn.net/sadbundle/17540355389342664024/ Frame 7F0B 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17540355389342664024/h1.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417942&pi=t.ma~as.7553037928&w=728&lmt=1660279441&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1660279440592&bpp=4&bdt=1010&idt=435&shv=r20220809&mjsv=m202208080101&ptt=9&saldr=aa&correlator=7089674479857&frm=23&ife=5&pv=1&ga_vid=2117477704.1660279439&ga_sid=1660279439&ga_hid=377329752&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531514&oid=2&pvsid=2828283966670232&tmod=1092595463&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.tx2bxs9y3cti&fsb=1&dtd=451
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b8b4801b20c34b012de161039f1f859b2fc80644711ea4f2bf9611a75b41ce7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17540355389342664024/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 12:56:57 GMT
x-content-type-options
nosniff
age
229626
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1964
x-xss-protection
0
last-modified
Tue, 09 Aug 2022 12:44:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Aug 2023 12:56:57 GMT
h2.png
s0.2mdn.net/sadbundle/17540355389342664024/ Frame 7F0B 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17540355389342664024/h2.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417942&pi=t.ma~as.7553037928&w=728&lmt=1660279441&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1660279440592&bpp=4&bdt=1010&idt=435&shv=r20220809&mjsv=m202208080101&ptt=9&saldr=aa&correlator=7089674479857&frm=23&ife=5&pv=1&ga_vid=2117477704.1660279439&ga_sid=1660279439&ga_hid=377329752&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531514&oid=2&pvsid=2828283966670232&tmod=1092595463&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.tx2bxs9y3cti&fsb=1&dtd=451
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9ff1a0033ed24a5a3274d4792174cd0fbfac2da714ebcd2f0e6b38b96dca3d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17540355389342664024/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 12:56:57 GMT
x-content-type-options
nosniff
age
229626
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3522
x-xss-protection
0
last-modified
Tue, 09 Aug 2022 12:44:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Aug 2023 12:56:57 GMT
h3.png
s0.2mdn.net/sadbundle/17540355389342664024/ Frame 7F0B 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17540355389342664024/h3.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417942&pi=t.ma~as.7553037928&w=728&lmt=1660279441&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1660279440592&bpp=4&bdt=1010&idt=435&shv=r20220809&mjsv=m202208080101&ptt=9&saldr=aa&correlator=7089674479857&frm=23&ife=5&pv=1&ga_vid=2117477704.1660279439&ga_sid=1660279439&ga_hid=377329752&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531514&oid=2&pvsid=2828283966670232&tmod=1092595463&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.tx2bxs9y3cti&fsb=1&dtd=451
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b3ef1c1a0f5a027c937ca9f20ffe65773796f38a07bd9277115ad3ed5c6791dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17540355389342664024/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 12:56:57 GMT
x-content-type-options
nosniff
age
229626
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2383
x-xss-protection
0
last-modified
Tue, 09 Aug 2022 12:44:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Aug 2023 12:56:57 GMT
cta.png
s0.2mdn.net/sadbundle/17540355389342664024/ Frame 7F0B 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17540355389342664024/cta.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417942&pi=t.ma~as.7553037928&w=728&lmt=1660279441&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1660279440592&bpp=4&bdt=1010&idt=435&shv=r20220809&mjsv=m202208080101&ptt=9&saldr=aa&correlator=7089674479857&frm=23&ife=5&pv=1&ga_vid=2117477704.1660279439&ga_sid=1660279439&ga_hid=377329752&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531514&oid=2&pvsid=2828283966670232&tmod=1092595463&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.tx2bxs9y3cti&fsb=1&dtd=451
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
467ca9a0c173f3885961822b419e20a09de9ad517d3df9cc43f5020ac2fae437
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17540355389342664024/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 12:56:57 GMT
x-content-type-options
nosniff
age
229626
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1345
x-xss-protection
0
last-modified
Tue, 09 Aug 2022 12:44:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Aug 2023 12:56:57 GMT
logo.png
s0.2mdn.net/sadbundle/17540355389342664024/ Frame 7F0B 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17540355389342664024/logo.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417942&pi=t.ma~as.7553037928&w=728&lmt=1660279441&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1660279440592&bpp=4&bdt=1010&idt=435&shv=r20220809&mjsv=m202208080101&ptt=9&saldr=aa&correlator=7089674479857&frm=23&ife=5&pv=1&ga_vid=2117477704.1660279439&ga_sid=1660279439&ga_hid=377329752&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531514&oid=2&pvsid=2828283966670232&tmod=1092595463&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.tx2bxs9y3cti&fsb=1&dtd=451
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
25c7ba7dacd1fb2729340d88f61049fd6fb901a246ed3b07a81561ade0a8ebf4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17540355389342664024/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 12:56:57 GMT
x-content-type-options
nosniff
age
229626
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2971
x-xss-protection
0
last-modified
Tue, 09 Aug 2022 12:44:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Aug 2023 12:56:57 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 7500 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssJrpr-cmliQ5qZWt5Vz0B1ij5ojyH0gO5J9XsqSvGq4DuobdNv88AxeMQpjpmHVoN8Myg1kyXJpneibWQQrP1hc6dw597v1E08CRMi7IGUMU1ZedkKO-aTnFX7PcDxE4fVg2r0b4CLUp3xZCW44MXOh1IJvaLO9f8ErJaEGsX-tExwLEYifXWjlWtjiZdl7ZFnselR4CRH3xpg-S3AuztarpLyzGLKwVk_JswRN7yMeEPSwCMOsxBFjqynhWNh2LBSVyo6btC5BMGR6DvWab8Ha5og6CIrO_kSRf9BOc8r-9_R_3tMVR-xi8QHPoc20gAmm58LLLVVhT4ooqVPlV7i21wd53kT8qYzm6zN436FbeWLOJV5d2DVtwXnupBAKDxewpxD1uxfdrFWV8K9uNWAWP1cbORoayKNr79jfP9lSy77I4VvT43zK3oEgDMgKCL08x_VUQS03o4FtOedORapjuTFJlAtU2qIabClic-VDs0XapA4NhyNnfZ30VTdKfoUWJmIgilqMyWJbQekve1hUZtBOPcfeeR8dM6VxgPIk5zLCl_Bn53c2Wz6bDwquS_VxM2korkSyYlzRtwg2a4ua8f-IAy2k-EZopsi-NYxseXQdsNC8UcIwfdIfno_B_1MD9v20SWTaw4-NjIvpXTKLWFa106kRPWeZ3L8L5Plyv2VrM1KZbSCmgdsRqUY2M1FT_GQk2cg73NdZJlpi1tKEMlZHOkJOu1k-VtUzYR87vy-QhDwuIqTwSafe8l_V_-WmsQhf0XsmlAkBw_jxFXN07VDu974Grp1ZKZ4imWEeb-z0PqLzvgHzdGJ9vUu1gDRDMt4OtVZMaZPgSSPfPIQ08IHv9LLfHrLiAUAfk-60J1eMxHtfCojrJX2E-SML8J0FGG4rienno8lBB7FM3WPsxOloXXVIA4GiAiOC1tive-3Pxa8AqdVia7cxkUxPjOgthswiVDXIi03_AatNjXQJjjkcy6PdtTQNllxhDk_ge169B6Bzu2mR3wbJKzyH5xvQjHmv0NAz7kBPf8Pary4CK3sUv_Ox2IDvMfxAoEHoAmWJZxM0IFy8NAP1DTxBOtzmlaPr8hJmrQbNFpRzWKtYoA6d_93tj5k_e4rHiUOSdwWUGUPr2jWe5BoTig05eqnptZTQxvl5d4ovE20tYuss1voyQHGPvDDxjyWIPOsmZYHFHAf7tXHfX2SeI1976oE2dT3yGcO109O&sai=AMfl-YRhYCAeuisEWKjynUC7k55mcsxUK74WLyvku3Dl2gkm5LivOqP9UtNqlJRYk2gue_lp3DZAy14iiG9-kYV2E1JyI5hZX6G8wz0KPVIATLrF5gpu595-5Aiw5OXiE0ScUaVTgCd3XS4WpVlJXR8FbPGxg5XYzQ&sig=Cg0ArKJSzIU6PLVWgTSpEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1497&vt=11&dtpt=1154&dett=3&cstd=341&cisv=r20220810.33726&adurl=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 12 Aug 2022 04:44:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
view
googleads4.g.doubleclick.net/pcs/ Frame 3AC6 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu1JQLvMHJGsxG9LGA8javN4pXZ4RYhSNHT2vUS_S_Am7Q5c-hrgQ-ffWaHkj4Cm4t3ibK9GIo_p3vGb5sCaRD6aSmVx2CAIEFfhFtUAtORYxBvVisu9zmdCI8BbUZ3JiH1aFILojrrsuoMoABUCZAoNt2lQnm6C9jiuBrPdVdr0VWhjyUJLjnTHZR12Hxa4LC91VQKZq3VHJOkxsbcs1YaeEBv57EwJKNGrNsYVlwce2-VhJjsi_E3Jkb9QDWBMDuG3_FdVH91aVCuMFc4ELXBT1QIfNSHmO2gAAIn648zgpuuE8jXblqpwxqxmOk7o8AvNmZRSfA2IciryVdnsQJG4Elp3xwW0GOnGPtfZ-20Z82lo5yojsASksUiEYfBSXRx8NzCzTSYnVrU8gXD3BC056H8tW-GSi9mPgM2j-fv34gBcMnSrIA_i5Tg4_MBNUHCPw1VBuwVNYJ2wiXq92viRyJyMZJ8EfOK2menUp5MRzxi_Lyqb4az2uZl4V4ZvoyW8s0QxoxSh87wtE4jCjgr0qYs7CAQJSyNGYE0aIMiED0rEemumsZ7LWocBLA2XXBQergxBVDlmNKel7K-4-oc5K22_zV7iAjBNcP-H6pMS5NHgWJlwM5tEyTxLe6jV4cS5feJ4DGt2l0n002jt9b3FqJRidhgSANysWN6zGS_aN3geT9WA_ctukFI95DFW0g8Yz2kHcAwZIIbLGcbUChP7Y99r_9rC5Pgjq888gMmf172QX5x5Xh-tvDBi76oF3c6UdWQHyaUsZXZmrIxyjEhUGsQNQcbZgj_CGyc7_84fPvsxQe-hy3CslhE_adZYfee-H3gxSPqvdjy5njn10TwqHHOT6q3kpi5iLyP5pBeJkECAjt4FtJRU8imW8tHAN_fEBwUoEeWjwJJoczBC80P_kBaLylQGgeYQfCUlLYue_mR0SkAls2fLPtgHUS2vg-HS9NROic8CICq3GusH8jgvN8Z7KqD7pudlrChcWA9QPuplVQJ_JX3_XMpLnOIIAT9oE3VO7sCM7VYlcLLwYYTzKMYS_IzGUu56LqV-zv3ha7Bqf12-46cyjIe5SEn5On1NmFvldLtb9FzeD9vnLJ0M5J10bOyohzl9Xs218N2CAjk5tsWqXFz1cPItgvp9SYNmhshuBXbOpzCuVux0nOiEPeXT9vmxEXTC88hWiWzWR0nrBtQLlOiP62jWV9sZ6kGvXS8FPo&sai=AMfl-YRp80SuRn9g9ylXscFdOYVaZL73re3mlAOk77dOFWGzLceDT2O4P0loeeCGq20pjJiXzBxvS15IfefYxnXshJGzp5lyExqNRqrbOd3tvqJGGAUs7r9HnNMCRBigafs0-viWHJttKvgux-MgrrtuBYMMB1Tf6g&sig=Cg0ArKJSzKn_CXROJ9mAEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1572&vt=11&dtpt=1200&dett=3&cstd=368&cisv=r20220810.88626&adurl=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 12 Aug 2022 04:44:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1/ Frame DD8C 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10562741012611280829/1657637830060.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 09:10:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
329596
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5437
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 08 Aug 2023 09:10:47 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame DD8C 		7 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
01ba7e4af560c71d954998f6ca1ddc0e8adff8e443eaf5ce88fbe8bef84ac08b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 12 Aug 2022 04:44:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5519
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame A448 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu5asmHWfgy5rkLyGly4PSkD06AJhYmxDG3JEuqnc2DltUHslvw2OMD_UZADXP9fVgWOHElBZxGijV3-yPGxB1Oj5B8ZvqC2MBxppsGS236ElsQoQmpU5UKch-L58wo3rnyQaAsnI-Th_IbFbj8pFK1fE01VIkCpBoP3e5_x09KWopoJCKFwim45MerD8MkJYPeGZTFASZwwYg5e9MHeWrnGh_NSpWZq8QXgDLgR47M0LfYqkByUvL-cROOZNsCOEpZ_ucmWqxGVVuAsiSKW6IEKQT5fC9AdBbFPJ-YZgROX7h5qdSKOuS_GsU9A1QDguOcxTuRSfUCbaXu5hrbHMK2sOD7snY9_I5w9r0c5RB_39JgwKEgSVWqJvMIBwd3fWIVcUTMCOiAU3KtcBXO8dUW2lVMkgDHtKfFKLk9Tezx-m5G2i48okRhLZEQlLyQSurXBuigXjQw1_cNbRGpI6I_KIRxU4QPFkHJDlw7-xPtCG73xYHm5CzGeTcPWV7tTeJzIayvdCoHnXmIvdTC8OcYGe888VDkKJm199l4itXbMtUpsItbUmqBgf7DiFXQQKSl1TNg7kHDbg0TtHse1SSCzdEUcVZiJP2ORdlGBCJt45BqdKPtYjoW6t_AL1wt5ta455zb0xrUVsKBD24Ke4Caj4MaapS9Pw459JuXS6f1MNBaTj3-iewQiqUBx1-LoK1eNov7JYi63t80M5Tx-hMQ-Tu0vus9eQVSXSk5KGm1NL63n6iye82ztbZD31UyUqEt1tJcpp5O27p9u2vuMOBnjtEg3ht1qT1xClwIfgdrh_757ibnf0yehw9Og7rXySP8EffvX_962PzgP1-MNk0ffEAUMrELPnSMlLrVJCXNWhRgEGyaZ0sRYNzQwMQX6JvaAp3ktu5TefZe7A2Pxk6dkVTIj4GK9ps60Is91-o2JGCmxQTgh_U5iz8AM2e41R2VcQ17axwiaJP-MwDfBod2Mc4kElGQv5gdSsyS1n1HLpDUymCWtxWlyygOwsT6jf4h-RlODPNXTXGUwRo-z_wb1Wzpzdy5Xhy69mFig8OsyGX5GlIqzeDDf4CavUO7nYnVKZTaUxxcOBp8ZdxZxXFUdw6uLDW1vzdjdq1Orj-AsozEGGNZeppMF53aWl4tPahqeRYkNeeSCFQDirWIfw&sai=AMfl-YQNoHjHHgkzuQ7TokcLuKrucbp0ZY06Ji9N-1DvGj7MtO9NCUSa5SGa6PTrgn_D0xEGkIFgaJPWaUT5GvdDey-WSkFpeIt5QCOrMVMRa_Ui21mzwOGnXlp2kdqvbAbCMZgMj4DAfe7oDatUkiszoGVFUMIwNQ&sig=Cg0ArKJSzMFcMicgkXLaEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=151&vt=11&dtpt=150&dett=2&cstd=0&cisv=r20220810.81468&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BjTIP81iiS_TcbxAE1QJWmC0zh4jNZOnxp1caKulNwq-YiKc--4jKFN689p9lv_MzCIr7dng70tvqDe8FbnXF9zCu_Rt5jnHDM76klklZnBdPgAVXtx3l92OXCeG-guUKUuVtihOQYkuIJJwuN-oXR6gOHUA&cry=1&dbm_d=AKAmf-DqUSElatQF04SSpYDBDVGYQp1FhHFVdzvSzuY3u3QWOZaNDdjp5N8lj2-rH32Q4SIP5nLnAd_xJROOddbLPOCL5WzZ8NVEVyfUQen64FBA_3IuQvMgn6c3Ozo3cjw1xE1D6hH7Oggv_sVMpcJzyGXWFtGNwbiJ-ZW-Icyk2GkwZn-19YnvRXN7zE1HOyLVexYZEzbgKpfF-L8V6Vziiu9aOWpfPZYjklNpWsLhbC9wsCJ_Plob_jdde89-eYhRaUzrZ4okqV7TqQD3UVMjspCkrvhr8aEKTZCcV7ILxpr1mf7IdpD6LbsNyhXbd9R2hjSs9v4sgdyfFcZW0IN7MYZQlvEmK4REh8jCpuARSltHV_wyonx3dDUpssNfeG1bDFDibqnvhYmCM7EJ9_o9jDerdqHPnTO3C_lJKQ1AvVp-Ar_ekLcuw0mgp5Qvw2i0zCHE3wdAJScP47BIYxYkMz3qLkiJ9Yg8wOJhWHkxB4gV9k1_MtuvE4ix9HF6MX_YNYcJ_udeH7-C7f6OdJtXFcA4uS6rR9cMAo-isCRGE_lGY0jSw_VbMdFRDARsutQM6QiyVS2o3SLVUH8hqhZxGYm9pb8aMTHyLWkuRKfYlroQ-ukSpjhJskRni6em3ocM9YKzF6-sdX00dQ1geFt3Jsx1FWqyZAymRFORVwvAi-hXfLQrUM9z6j8YTZoe3q55f4B3lSzD-urhW1wiQVOpND8WrgdlyS3xQBs370fz53P5ptRCd33laJgxwSC8GIF0suTd75EK4pQNEuyEISZgUKPtw_8gOg2uT62iZONxQV11TNq6WXg8MBHrAz7PQDyAWlsA7hkrt-8TDOXppo-sPryj6cX3psztARi7Th0weyI0YpZC15EsdWVSSBq4AosX9_xFWS_TD4dg5dV6WuT-YJmuKKwLflODKEdZVnAh5H4a09TRhRSSSRZruofh2WmMrp5D55LoAbrCYNQEJ-C1fVB-mBmOZKBG7E3Pv0aNhRJ0vSaC6JcrmSNaLb6QffUqOD4bRxcxzUVoAAdXpY-oBsM7qe3idRC4kI_leaSgwSnik-W2GCZQV_CqeWWkID_t-5lj8ANOYJFz6G9kBt0I0DjtT1one5q92XSUU7PwEVpfWOCA8m1QL5Q1qh_mg1gFfOHK4hmLzBqlsCzHZ__G9lsJnAf-kKi6YNjaeW0h37IsbSPdey9ISbhzBpG7F0FEru0GRKpdyP6NZ45kJK6ABpa2smcgivd3JLlw3PY9TmzBm9MJT3u_u-dMQ_6fdxxN-k2ooGtkvH2HpDoQ7drE9wHCblIPgk9HD_O039hTLrWCzxouoEjHWFMJe7iGlG9XWeqpXHPvcCrVnf6DK9sjnRspei3LxqXUaOUvgfokBqUK9Jm4UJlmiurQjMgIJh1sFbR-mKlbxuU_oxkFRIzWgqWt6J8Oix5To0Tcw4frNijCO9NXOPkpnJrzaT0BqNB8EC3KQTp-4295bzO_UQdyokKN_WQ8RQ0Ifl570rlZejEbxYWQwz762afPJ4bzmtWZBguCRxTVmdLjYNPyZ-I5RnEgh_KysREr3IIda9NUppKQVwPRkFRdFAHZK4f-NEi9WIi9ibkOi4WQ7ddVpPsFQXLuk-Sdb13FNXyLWtxjcBJJXdNNy8Bh6WJtzY3gRkaOcMf25-HiwF1-W9lLlAAlwcliKsQVO2PyRT-7VdfU3R-Z2FhDthGpsAX5Q_t83ioKe3puqgEeh_5kjy8BihtYYxyVsRwOKlVWCi5SspGfHtSfUDJ_BgW8CHM6F9sxRvn_opK6MPmesyQH1CoNaeJ46MX7YvTN5k3JC-0TdRBbsRjF2_5hIxkraBCSDYLb9f_R1Z-Q9OHHPwOgKnakjqlAFQEhTKH7-jtv1_0fFLay0vkqCMV2qFCjd_VkRPUQRK2ahk3uYqnGgpKacyReHG3hEXOaS4Zi5pFYgV_RlK4Zcd8NPp-eQ3mV7ECoGdZXKGQKq8-9xJWZqeEcozT5zeMYp8DY8e5MQLOO87WWei_JPPhb8j0qoiA_YoUnrOAO1L-OHuVExbPLYQo1qp2cWFRM9CREuBkCcUTWJM3-gtNQxeBKH7j4w9FquiOQgRLiXiDGhOh_tJ7xE5ca4L4CHGVkqBuDqiVTHjDZiVYvPAaNmuXaQdF1Qsvj6zvzfMrUlIdUOLN_4Ttt29BxcE90zLQaqJLs_lj2Pz8C-Xso4gw9ixrJ8paAlgKfKs_s5bcqz93LOpZ5ac5zTterAi_19fY-i8I3ILrQMaeK4oif-Xwhc_EsjBvcUmVNl1xtR5KZdwZpse-_-u8Jc2ut9wJYdCCTTQQc1hlTLLzXGrRanZze3jxrWmYPOoscEiKrvM5Jt8iCTXoL9hotP3cIirOFhxsEnBq8A1Gb51Uw3jB4EVx52xOWirrmQf1zb_-eUV7N1IAfzA_AEJDYZ-Sg0LH8CefG-zcTpPnFIGTCSFDfZYMk5DNIPHAp2Him8tgzUOgwT_oKP7kA_XNbOEtvozQ9860Hmrz7cx3C5UPfJmjUXJw01dd1WCaBc6zmdb2KNKBxVKUzSgfA3F1-RBZnvZKXLn2YvZuBHDWQxKcKdzwGPpTmkuXgYt9ilCmmZBLx1oQsS4071A3PsEL3XBLrq2CuK55qeGv3GTIowRByZqrQF5Xx5UsG-rTEHjEHSKP6uDGA_UZBVBULLp_bnkiKZce7P5RUUCiE8hF3A1BjMRa0wc95u-aDAkRtA6RY7WpoQH8246uKFVLz6suHyFUu-hGi_2ULN-El7ZqfDSEYjW4FJTQFeV1zWg0kd_w0jNocTCtxb3PZTTi53WcSwh9M28uXdaJE18RyQXdVCevSdL3YsUq6zcxx7hy6nrbL-0I6yZxfgaH65fEwh7YKRThWhhoJoPPcQ7caXq0cMoXHHdFY9BKnkSPiXa0S_qvHxNAlRoDJCqcyIdKJ1nDY1BK0fVd0fEaloDC4BEV6cNPVpBO-90keRd8p08bQoY0dWl-jpCr6ieKx4kgrVw0X06i_H965rnXnd2WbhJm1ytJ8vB19G7E48IugbU44GAy9Tu51VQUvyP84H-DGTAlLqqck7BTIhxriyx_IB2CZnoOfmbh2ph2Lkm3rau040xQREBzOjcRSnZ-idOoYyszL8eHoc4naGGFgZEATMkpXopjawTtOD2ZfUJcvE4mxixWeYfqViloJKtpg0rL95Sp_3ViTtygdt7GF9u_35R4MNxsGHSZlMjSK1RVBGsBH7j8HfZ15hyOdlYKL5SbNoJxdvpNlF228BSAKqf-uwMSbICZ5l4kGnk_zRy0g2STWuoVDICmuqpYTI_SG_rgQemuZRWHPz3kiCDaxzbAmsc9Srg&cid=CAASEuRoWG6bghlOciiMvikgEpymyA&rfl=4%2Chttp%253A%252F%252Fzdorovia.com.ua%242%2C%2Chttps%253A%252F%252Ffile.adpartner.pro%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 12 Aug 2022 04:44:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
truncated
/ Frame A448 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ec14f131fcff30ac56fe806683440afef4a577c2bb096f74aefc14c42912b652

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame E8FB 		0
21 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bu5S8kdr1YsaaIvCB7_UP9a6PuAgAAAAAOAHgBAI&bg=!lpWlldHNAAa4hXTbmIU7ACkAdvg8Wl-b_-1wfc3ktpm3DyREsKT0KSyraCRDJUTsxTMJTq-f5dJpwQIAAAF5UgAAAAJoAQeZAuLYrMPwx3mR8w9HZcto-xHqGx-0uPvORgXphytmPibQ4gjniQtbp2dwqSb_sZzgnppcT47xvPb9uXbqeR5F0lTGRkRvSLayJIVX1NHhEn4R8y59fZm1JEbZl5uHqGHJcL3dGWTK3C3mBu6HzCcp7-ywWeE51rotQulS26R17AYlSTzPiSMwc2qBx8foJg7Y1jFCLc0Dkng1s9VCIWh4PNRUD_YBmdODcxtyPeDhQh62n3ZG3PsJoC9xk9vE1eByMoRbreTjdvI0INfm2khNBkmwPQf361eR2txBVVAitgdGC56UpYAzwz63RBnsbtrgrGgUHR6EhkQJF0EsohmH2hm6K0u1jUxaMuE1nPNzNHBOKoPzAV9NAp0bs0SSIA55Z5i8KhjyWZKcxvLUlTJ9GcDl_riGVkZ3d8U59r0uVOK_vDlO7I7ma6_kvlB36oat3tBxcF45MIRE5ZcoRJK8Vsc1v2gTjw32EpDfuCHT4SEj0sx5zDMj0YtRG_9frFbLwB19GiFuH0CA1rdjGoeI9pcSowyhaJ1oA9SRXtLlgJtHbbioBzdrT8ZwFuaoGj5vQTAp4MMTNjiW2A9ynr_is8DcoX4TTCh_pjdVsrBmgB6aatq_isKJwEinzNSWmwsXPbh_7ujGj4fxLglM3eu2OrT7PbDMx_y7HXV3VgeQrRBcssdaz_qrpk3y-_c_-I1vsH4TFrA9PvPmwG9JFNtefuO0kDberedBqgIBNasacmDYFLnRULOVdyCk19hnarhAkqMXxmsyYB06LsP1OjhxTvP6TV9pHTrSSAhZPAaWa53695r2RD3ipuk7Ooruc57BOJ40ioSZhQ_fI2MdSaDpZwDV_-9DOyd0QuhSwhEAl7bfSqDrb3dG7i8e94fi_gw5rGWLCQWF518Mdrre3c0jm4Pk1Jy-wMvY_JawOShPrPN525uGVqUKF8nGS5g8eWzjtpTRWw9LGeLn6V48tkKC7WSQfCM
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame EB34 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
44278
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 11 Aug 2022 16:26:05 GMT
expires
Fri, 11 Aug 2023 16:26:05 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 68A2 		0
21 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BY1dHkdr1YtrtLvGL7_UP0Z-36AEAAAAAOAHgBAI&bg=!v7ylvPjNAAa4hXTbmIU7ACkAdvg8WuM0_Vz60vAZ3Mf4mvl0g06nGg_v6cpIHdj4oxiKyXpiB3EICQIAAAFIUgAAAAJoAQcKAE5ey5z3fOjIJEkcVU5yutrQr5u8I8F6AtUuyaDi3vodPhCnIQY2YKpJqcEweYIubz_5jkBRWu-AxItITGXUlgSroK05dSRvy6MYVUns1waZAulZsC6zISIbOA4xTHZlokeS8N9wO63Y4wxhcnH1JPcOrsglVQc5KDQo7ObZBgS1f5qJXx1YEP_9fMtMHNkgbKe_FSdjxYYwmhUeSTWhPsx8PbFrPVYrwk30aYUQjW_GNK0mwcpRz9n7coY5CKF2wzU-zeM2LIVMkmp7AZAKgXuwQUJYOlusRH2tNTx2xK0UwzvjRaIirTE6RxgXVFYGRtEYv3jeqt4Nl9XxacppT2GEDeMy-k0n0_hDEaYWsDZKsRKyAR-msOCsaDskSaIF0m367P73biCxVkXhxiw2amdOgkC8AT3LHD6_hwowgREeitCrJ6X2wj5u5bC5Sr9s9NFM4i9LyXuE5MHBDpDcODEqLDAYeZpFJjhqALTeIXWXcjize1cw-mO8_0Q8qzFeGqORAjzJgy-8nDMEQhH_w40yEsvtedOiVUPd7ZyTuuM5nLOgO39_8Ln_CXlYe7xMkhMhXCqf5mIyaXaEjUFjXFsdTUSDXAfKSdeVHxBdZ8OOkW48d9A8dvdhu3jHPDzlEh4ncbe1IGRpX5LpAfZyW8C-05TTGTCqR9WvB9IjWRdD29m0jV3Zr3jig9fIWTBS09o8jYznCmZqVr05V1pUiN0k5QVbLFYIDL9bYCMsqD8IhtDzgW5SFqGUylvC1pLU-F9CgrDG-7nBwGvY0mi5XdGafawD5OpAi44hyITSCOPffSM5yaitTaYblRT8pMDVso8Y0rGCk28HqqRz_zXZyPWqOyiMmOKkhXKSTTfFg3MuDD_Y0FqgIzTv8A4A5xLdefhOT0UCuktDuscOeV_OasdVJwmlnJFuBeELS7WgJJUg3j-XkcoNs3Ya1tLz_LDiD1GHPLDQ2soFi4s1vl6fhRtGNoj_g_BVW_Ew4tkMuF5g6tzabcyoQKETl1DrA8Vgk3tlyJdciYUQiXAF_vu7_IORFt1OnGYE7rWeKfL-qaubKW9AZJVlIU3q8ksbsTvFfKqGsH3gNTzg2SDm
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 51E5 		0
21 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BqNNTkdr1Yt7zIpSB9u8P7aGbqA0AAAAAOAHgBAI&bg=!3N-l35vNAAa4hXTbmIU7ACkAdvg8WsV5DcVO0nW0R3Al_lQUwfFZDW2OVfYKddNjbC3Dx5HC18SXuQIAAAFlUgAAAAJoAQeZAv-1tGCpUcbA5kcvFxf777-K8J_-4dp29kt_8xDLWfdCy0ySZz4mIieqdJi5wIuRvoQsKKHhgdIDBujZuzcr7NKrRN9F_5igXvnmvgwRKeOarnYJYZeGF2iVq3Fc7dl8GdElOPm7af8xW4gm4CJlH1zJaXfDaScaiFDDw3reRufeyJA2CHUdOTw47NSFCkb-GS9q1v1ZAUQeyu_Upmc2uYOV6G_VpX8BOfnqi-rbzWS_mS5BZrUd8_d1JH_x4m8xHV9v_soMGRb7BVvkCDJ14htBg7j2INk2qEc5m6I0iyGHi_KmgOiOxzyJQmIWB6NhFFEbLHeIWg7C8P-qYC_PINQZFiXGxkQ9xA0mZ1mghirT5XJEfDw0HWH3mYwwJcnrWEULQwE8dxEG8EYFp4Gx0NvuR0_b57WcAc5LfmCSwbwp_3w8DFEiwZpJbHZmzbZNiEl66gEq65GwHmC8cEjQnuNw4DHJrl89uzAFsRtN62oNgLep496zI7F2DxeFw9l5ibdlScNmXxp3gEqGqp1SxYs8dnxhMVkAH2-gl3b-MVlELtGBbUh56Oqx_Kri5RuyGIMQVJXJlQaJERWc3nyXUwLBTlt_PC5vEXP_X57ngBqqCiNbEUhAZSFBGfQRdXlh9O1RE5PAISFLTRsi6PwNBvk41xT8kUuJN_WuQoo7D5bEyBaqsUffY5on5gMrOanR-TCzchGnfMcuEh1EIrxuqUcr-CFKsZGMvQRNNNpo4mGlJ02YMN_SVtigdfvNURT1yNoO1PNKsU38y_XdUJCNUXHV3Fkxwm0aFQXmNZmx4nT0oWNVdo8wNrw4tNDROJGDA8tpzJrY2bLFW6cuYuWyNoPvN-m_OOInu03WQo3jP2aX_dhLkVl9Q2mY8wS9fkmv2ODaKWigg8yTuG3kgib0xxJCkOrLesU2qboU7Ajp-QWyUEI_CnUTePF3ti3mtKrbUahnQQvfbs_XuNlL6YO8_nbdkjkbYfhuWkRlLRmaGJym8NNJH_mgJj01DpojxhWsZQ
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame DD8C 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 12 Aug 2022 04:44:03 GMT
generate_204
tpc.googlesyndication.com/ Frame CF54 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?g0gSLw
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:03 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 9328 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?wfsiCw
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:03 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 369C 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220809&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2e0c2ede5200dec66bd90df0038c33125eb91b3096b1e068e4e10b888a72a1ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 12 Aug 2022 04:44:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11003
x-xss-protection
0
nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js
pagead2.googlesyndication.com/bg/ Frame EB34 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c5c65b03ca907b7c00d725a83a860c1e4be9d1b970c43b99d025036dc34e81c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 07:40:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
248601
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14139
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 09 Aug 2023 07:40:42 GMT
nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js
pagead2.googlesyndication.com/bg/ Frame B0CE 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c5c65b03ca907b7c00d725a83a860c1e4be9d1b970c43b99d025036dc34e81c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 07:40:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
248601
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14139
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 09 Aug 2023 07:40:42 GMT
congstarfont.woff2
s0.2mdn.net/creatives/assets/4234010/ Frame DD8C 		98 KB
98 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4234010/congstarfont.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10562741012611280829/1657637830060.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d019867c120344469403527c7d958861b81d0fc873813c97ee135f707d74122
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/10562741012611280829/1657637830060.css
Origin
https://s0.2mdn.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:37:05 GMT
x-content-type-options
nosniff
age
418
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100772
x-xss-protection
0
last-modified
Thu, 05 Aug 2021 09:13:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 Aug 2022 04:52:05 GMT
86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff
s0.2mdn.net/creatives/assets/1881029/ Frame DD8C 		57 KB
57 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/1881029/86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10562741012611280829/1657637830060.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
853a8c7e34be5549a44fc541e13876f5c2838123142f527dab2265950feaeefb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/10562741012611280829/1657637830060.css
Origin
https://s0.2mdn.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:42:03 GMT
x-content-type-options
nosniff
age
120
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58447
x-xss-protection
0
last-modified
Wed, 15 Feb 2017 10:23:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 Aug 2022 04:57:03 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 369C 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 12 Aug 2022 04:44:03 GMT
lquadratisch_congstar-xc0fc584a-f12e-4904-809b-d9dfdb018f3f.png
s0.2mdn.net/4528404/ Frame DD8C 		92 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/lquadratisch_congstar-xc0fc584a-f12e-4904-809b-d9dfdb018f3f.png
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef78b0de63fc33d07fc75e41360c194aa1afd68c7540fecee6218f1d52037a96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/10562741012611280829/index.html?e=69&leftOffset=0&topOffset=0&c=3AyXPlNykl&t=1&renderingType=2&ev=01_247
Origin
https://s0.2mdn.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 09:25:21 GMT
x-content-type-options
nosniff
age
69522
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
94148
x-xss-protection
0
last-modified
Fri, 30 Jul 2021 07:12:53 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 Aug 2022 09:25:21 GMT
m1pxfe7f07bf-18f0-4375-9c94-23dd3a5c13e7.png
s0.2mdn.net/4528404/ Frame DD8C 		157 B
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/m1pxfe7f07bf-18f0-4375-9c94-23dd3a5c13e7.png
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c32d94582973c620eee44273526d176fdbca5b8b36505c6142ed3c90c71882b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/10562741012611280829/index.html?e=69&leftOffset=0&topOffset=0&c=3AyXPlNykl&t=1&renderingType=2&ev=01_247
Origin
https://s0.2mdn.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 14:48:02 GMT
x-content-type-options
nosniff
age
50161
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
157
x-xss-protection
0
last-modified
Tue, 25 Jan 2022 13:08:41 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 Aug 2022 14:48:02 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C756 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
39013
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 11 Aug 2022 17:53:50 GMT
expires
Fri, 11 Aug 2023 17:53:50 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame AE81 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a5d45c532560cf4f92f5c08ff431a07683167ff8e62b50408f79fff5b34bcc7c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-eDOn3U6sh3ibmk0YN7tNnQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-eDOn3U6sh3ibmk0YN7tNnQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 12 Aug 2022 04:44:03 GMT
expires
Fri, 12 Aug 2022 04:44:03 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
gen_204
pagead2.googlesyndication.com/pagead/ Frame EB34 		0
21 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BoPLmk9r1YqPPA4uwgQfUwp_oAQAAAAA4AeAEAg&bg=!AQKlAkbNAAa4hXTbmIU7ACkAdvg8Wkd8tmFXLFvakCHrFQZEby3xICoVqeSr_jWcy0egJZ_KCdZukgIAAACRUgAAAANoAQcKAEYjYnv1JsE0RW72iCmOE58DIxzCH5gjU1QwJIhrbysuZ4D65SOTAu0gOKuF1MQHAyVAi-ZgfhDbJK76fUklhh1M3woixi-ImQMWir1NCirNDpCAEgHPscdsgwyas_APl2gmIF1vN4QRxZplBTv_Mald7ezE9RqEycwkUoEoYZawy4Qm93-gVMCv1QKQrw0BORVmpRSB_UyK-k6sK--ACnGqFMIT3bAGOr3rMw5Li_HI1wlHXDDIePOeD_uHt1KZ1bIZ561UKAKgF7kNKk5cdwRlVOTGdTo9LqVW5e8x5Jp-WRqMXs3B_0pCjyhKZ-1YjKvniNl4KCptUd64xFrwXFC7R9yA5Ht8aaSEs66GAHYO7v6SWMNhXMqlDRvcr5AqZewnSHdC8rLQV2VEQOBsIAif6ncBwiWyFwXJqXFPr3ickN9H_f1DwQz5GrTuaJQCRf-zMwG9v4si9efhxw5FhqWAVAF4XuPatSC0PnYsJ2-XDcZ-jp7ligaOnSFEs5iw0Y8N0W0m7g3XnmNIVygZ9sCg1zSO4L5UsSAwSTL97usImhRC-nOyiHQ6_iZi8bqKF0U9FDyrxkyt4D5T86h8Mjf9H7ldKDWdS-WLxnQmFO_YSg9SU7K1EXo9XLAh1hFrJLcyf1XDjKC7CChLQmCOCw14h8Ubjh06Uzlkd1089QjyqnxGnZjCHqfykxlwG6X8NaC92Zx4Qt4eN8EYW_aDIpmnlz94HyA92e6IjvdO-H-NJ09Tn_uznPrPi10PgTVXD1jPVFr5rnue4bsDKUQx64q3D0ImszRxv9iMeb9ECe8qCZ-b_3uEzc1Pd75AoSzmEohDlZZIX5ypjmMGQVzkXdBxM4Z7iDrzBCipWQrRtaSWWSAkhL97Nnbfe7x27a4uvP5EGQHOX9FL_yv3OEhkas8aAXDxdIYBP9TgZvNWs_OpRzPF1daKU_SFu-gvZG-muR_pcTiqlIh6NUKAja8BK2ziho5heF1evg-IbBBjR_U_3rx1-yonNwgBdFc37ANTZMxkddj5KRUTV7z8qr_Bt7_ETEzfO-7FAz7xJkSMIVTE-4RLbOE_cFznmz9IcnKAII75KOl82xUN3F4aa7IdX1lagdJ4RZUJnYmrg9tJaQgd4Sa1TrV7_dC-L4etQn6QGg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
lquadratisch_congstar-xc0fc584a-f12e-4904-809b-d9dfdb018f3f.png
s0.2mdn.net/4528404/ Frame DD8C 		92 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/lquadratisch_congstar-xc0fc584a-f12e-4904-809b-d9dfdb018f3f.png
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef78b0de63fc33d07fc75e41360c194aa1afd68c7540fecee6218f1d52037a96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10562741012611280829/index.html?e=69&leftOffset=0&topOffset=0&c=3AyXPlNykl&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 09:25:21 GMT
x-content-type-options
nosniff
age
69522
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
94148
x-xss-protection
0
last-modified
Fri, 30 Jul 2021 07:12:53 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 Aug 2022 09:25:21 GMT
nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js
pagead2.googlesyndication.com/bg/ Frame C756 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c5c65b03ca907b7c00d725a83a860c1e4be9d1b970c43b99d025036dc34e81c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 07:40:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
248601
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14139
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 09 Aug 2023 07:40:42 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame AE81 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220809&jk=1101300467501551&rc=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame C756 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?r40r0g
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:44:03 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame D1D7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220809&jk=2581001340955888&bg=!KyilKGzNAAa4hXTbmIU7ACkAdvg8Wgdn4K2UGK8k64km2sT3elKbjA6meZmbrV-LqgDiw02TWKSOmAIAAADDUgAAAANoAQeZAsS3cZRsd06XjYwna8A-NYtVljYlPAZfx3W-GIWexlfDQZpppAFKqajwQcmablrhsP4-9e1glG7onFXRwtUYyINKXgRekH7YuVhnr3iUUisDgvVQwpFOx20rUnm3fB3nN_1Bx9yggTNw4Q6u3BpS03ozT3P_ZPNkQv7mUloxi-CKI44n6bnHFX2iPX6s1o_p5dL8CkfcpZK2N5uEofYGoCaS6DWWHTPlcd-NMZmcuM8fheo0ZqChjKmqfiisA5PVerMV_Sqh5ZX_SDXSAJ6VqGbHIno_LbvYf1R56MWrw2WyLS6m3f-zSYlZ_Y7-J2Xe2AVISAwQxRqJRR7MsqLVtl3Ys9ZIwcCgvJ1MdoaFkqNSPECOJKVH--MDE5iFTvVD9_Dzt6RxaLtYuD1Fg8E6EVarquw6lF5HqIQ_ZLCSceAdRlW_yORap34rzF8_MoibRwupMKXPu3LRE2zji4EhH-MiOLjB4bSDJugyz8yQ1kgfJeuhQu8_B9HN3wcDOr9MsZrGhwWmW3i8tynVCjs3HKHiM-F4oqaFdpEwX_8mTYWIkH2UnxyQCq8y6buxVdtltziwV_Y0pxpCf2ga4PCWfUhosUDE9bJIM8lXPtuUDXCL0bUSc0OpSP1OJJ8pE7zT72NVSVWhX2xNTZQQ0vWYy1oILIkuLkiiwljcFnaLefJFnoj4J-c2AoMys3q4cLdD0llnHNPEbLE9Mne-217sOIrimHCbwaNA4eRHlGc0qJuprcqB4Wt7pJvfb38UuWGv-ul--Jkt9ohCINsffKhhBsaghwA0Lc26QCJQjqPo7yt6AHQyRinZKzrTV_VFQO6lpv1FZ4PAKV9EDfkXhtXCz_25HjviBlkQjj1qAzDu4jAeznSbUw9hCQdLe7z6fwc9wJzKrG3fDMKgXSFYT6mh_KAK3Z4aWPq6c41XbXBqsqRe52naeFA
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 9639 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220809&jk=1938943004259031&bg=!IyClIGTNAAa4hXTbmIU7ACkAdvg8Woc6gQROpXQvwn_2cCmmMrwbi5lG0NmHbE_qWFYg_xmGhUtt9AIAAAC5UgAAAANoAQeZAtdSHbXkJUCMJl6jGy-OuyrTZYwYcNAJBdAeL_zB06C6tHxBk1Nhu0hXSYbAUQYvY8voXM7pM5gXMJABZpSwlE1dFJ4j3usAXvJGfVuq5QzaLtGGh7KMwygtAtEH_aajAiLRaftoV52cTLLBMb4RsdtLSwFbPxHRrqGpdfpK9czE12k2oMjr9pTWSX-1U-qfpfJpFh3ucdol0RhcJYSzxQBi4BlOTI8qEPOq2kl27yIIOGTKUDRvh35_Li5KYb22EOYYRsjRDFSy86Ygsfz9U449uvY66In2omgRavpkentgICS5WZgUczM_ZVjXon9O42uxUhFOXR6m5QnV-z9j7XqZEGXZadyGshG2Ctkh1mPtV-tUmcykhIRgQSB9E539bj5BD-kRq7VpmpvzrxYUuRR85xjtWuGvX6efg6_-qXJS_pu_c8ZBJ77agrthuD3p3F7wcs9SS-xu0T0isWdNhqj6akyMGFt2RQPdPYik3g4b7n_RflFiOJ3RbOJFGaph1ciaUg68d8MueyFc8OBdqCBA3TWFnsNw4GZPYstFl8MKy66FOwVCcgAJ41KreV1d1b8YIz0tWDVVbcpAE3Xcv6A2nj-paqfWQ_2OLE-srpo7tJzs2BzFi539F_VCuLExkfxl3CXGzZd5kkPgCHOUKIyDTUS2jV0KlK_jK3X3iQjbpk6RxfO8QnBZqu07xVYIFxKQeOeKnQzIdQygf0iNhPyTMp95vpkikW9VopSknCziIraexEg_U4XuGnryl4NIjZYrZdKktPD2nVwiD97WA7TIRvdLDc0i0eXPAaH77c5AldzPg320tnQ0U9M-2_1EK8v8yQ130VZmPnLQbruDSeUYYGE3B7UZ_CgWm9z8UF9CxuQM17lLLb_QlJQuIke1MNZenDJ3pIGueLl8JGknfy7B9yDvCLT4xBkf5wEI35EW42s8UA3jDZxAWvoEW1dsDGX5PC0FDb5-
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 98AD 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssaqT57clfSsmNRDEChKUyb1U4wuj3l-2LYFUc4Qf1lQKNcg2J7gFu05zNZNREOpN9kqAGqDqN8_G79FFf-OD9TifvGMNlTSrBaVEc902fzdWeokuw2nimt6HdMfs45FFu2IvQrEhaX0G13&sai=AMfl-YSMao-WEa8qKhfOV4v7Hj4WmUnFpUnlRCeoNdpgqZyoOmqn5_orvpsLJTMSNVsbcw_E4uixGoUZeZyE4Xi2OjpvuS9o7WD5gj4&sig=Cg0ArKJSzNFISes0LK8EEAE&cid=CAASEuRorZCX8T_c1SruUtDM2-LKqQ&id=lidar2&mcvt=1001&p=0,0,250,300&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220810&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2159672584&rs=2&la=0&cr=0&vs=4&r=v&rst=1660279441120&rpt=1902&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 369C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220809&jk=1101300467501551&bg=!7u2l7anNAAa4hXTbmIU7ACkAdvg8WiQq8YDarhYQCT159fGFPxFg7LJlSYxCwYCFbFr-Q-5klSWjFQIAAABQUgAAAARoAQeZAtUHARE8LYmWpDTn4TyMBPSFbsEzAjruG3ksh-0Y6bq0hscnknp5s-HWQ8FHk36Ne7tlseUr70sXuzNm5Sh0A8JuuvS9MoOvi_DOOD07_2UMibzau4UAYpfB1I5xHwf2c4hnX38-4Xsjlidl6T_Wnwm3QWs68-4nq3m8a6VcdozUGlaZSRaA0tmKa4IaXfnlftV_Qs6qsNRBPJNE6gENyCrNEQjyHjwGwohaiyBld5Fe2WYqAXLNQBR9gN6Fbf-mr-IoPzRRZIRyX6gUDVsh6pPaeO7YNFg-V_DRs8Pm6xwaybtWszKKMK7xCl4sgZPUMTk3seFQBovNJidrv6jKDjDqFrPGtxcLP1xCImKPir1RxkQwYlm1H0D3yr8TZ7IqHnwJ8cZskuGpRFQ0B0mQWQPI97tGtLvtgO53UrlvLC9Lugvx9pa5M43kw49a6onetd7GvC1lblQ84WI8T6D6d6-GMO4xaklVfI-UNzRJqI0TOc1ouEpPHm7mfKEH3VUHGAvtly7VIkIbbpwKyZVhlH-onOdeQvLgqRjTafLQ8yojaABlckMfZxt6Q6PUb-bCJG8K8chqLz3e4OjpP-lhyhxNz2LCLD21Gl8r3wSbA44dvq2hsAhcgpH_qRLfGo10l8JZQxosrbl0R5Iq8BeQpPQK7qJZ-p0h9t00gvbKDq6IPT0lPmAHXDVA2hkidxHvIjyoovS9h-PTrGw2I_AGnqji4bv5lIOQHejg6t3Q9pXq0NzuO1ijaXcRthn1N0n0LysF2yY3UXEP5G9swbwX3VGqpjQ8al24MPJ9F8UgB46iL0LIn8Aoi10LhQIC_qqx9LAQUHmzbn3A_BIOgVJwLLXVVKXCWfzQEVmNXTzLG95nSX6pc04QviFsDiymQNgEWbhKZeWNSxOwpaAyQeLr0X0_yX6L5fnfdSi1HDQ4fNzwxMIjwCzn3ieNFpaZ65RnOvaYGZ4jaQ
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
m1pxfe7f07bf-18f0-4375-9c94-23dd3a5c13e7.png
s0.2mdn.net/4528404/ Frame DD8C 		157 B
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/m1pxfe7f07bf-18f0-4375-9c94-23dd3a5c13e7.png
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c32d94582973c620eee44273526d176fdbca5b8b36505c6142ed3c90c71882b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10562741012611280829/index.html?e=69&leftOffset=0&topOffset=0&c=3AyXPlNykl&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 14:48:02 GMT
x-content-type-options
nosniff
age
50164
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
157
x-xss-protection
0
last-modified
Tue, 25 Jan 2022 13:08:41 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 Aug 2022 14:48:02 GMT
dc_oe=ChMInoDf8r7A-QIVlID9Bx3t0AbVEAAYACC3vfdKQhMIuPDF8r7A-QIVjYKDBx0ahwjv;stragg=1;&timestamp=1660279446720;str=Show%20Slide%200;strtype=1
ade.googlesyndication.com/ddm/activity/ Frame 3AC6 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMInoDf8r7A-QIVlID9Bx3t0AbVEAAYACC3vfdKQhMIuPDF8r7A-QIVjYKDBx0ahwjv;stragg=1;&timestamp=1660279446720;str=Show%20Slide%200;strtype=1
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:44:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
static.xx.fbcdn.net
URL
https://static.xx.fbcdn.net/rsrc.php/v3/yf/l/0,cross/NXlhMMSkI0K.css?_nc_x=Ij3Wp8lg5Kz
Domain
static.xx.fbcdn.net
URL
https://static.xx.fbcdn.net/rsrc.php/v3/yv/l/0,cross/rtsyxo94AM8.css?_nc_x=Ij3Wp8lg5Kz
Domain
static.xx.fbcdn.net
URL
https://static.xx.fbcdn.net/rsrc.php/v3/y8/r/iQocXHWDn35.js?_nc_x=Ij3Wp8lg5Kz
Domain
static.xx.fbcdn.net
URL
https://static.xx.fbcdn.net/rsrc.php/v3/yC/r/dCGwBGltnR2.js?_nc_x=Ij3Wp8lg5Kz
Domain
static.xx.fbcdn.net
URL
https://static.xx.fbcdn.net/rsrc.php/v3/yY/r/VImYLfLzq21.js?_nc_x=Ij3Wp8lg5Kz
Domain
static.xx.fbcdn.net
URL
https://static.xx.fbcdn.net/rsrc.php/v3/yr/r/EghkBOpgO2g.js?_nc_x=Ij3Wp8lg5Kz
Domain
static.xx.fbcdn.net
URL
https://static.xx.fbcdn.net/rsrc.php/v3ibcU4/yl/l/en_GB/nK8la3HqiXy.js?_nc_x=Ij3Wp8lg5Kz
Domain
static.xx.fbcdn.net
URL
https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/MDNj1eUK5bV.js?_nc_x=Ij3Wp8lg5Kz
Domain
adx.com.ru
URL
https://adx.com.ru/adspend-sync?uid=62f5da90c52f155dcba8ff6e&r=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fadspend%2F8Qvfzrid7dtdBwbnPWMAiS%3Fsign%3D3082097917%26location%3Dhttps%253A%252F%252Ftop-fwz1.mail.ru%252Fcounter%253Fid%253D3138228%253Bpid%253D62f5da90c52f155dcba8ff6e

Verdicts & Comments Add Verdict or Comment

153 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation undefined| returnExports number| vdata1660279438885 function| videojs object| vttjs function| VTTRegion function| WebVTT undefined| Youtube function| $ function| jQuery object| ddmenu function| setEqualHeight function| setCookie function| getCookie function| deleteCookie function| contentBorder function| validate function| json_encode function| toggleSpoiler function| addcat function| ShowOrHide function| DoDiv function| check_uncheck_all function| showpreview function| insertext function| insertimage function| quote function| confirmit function| emailCheck function| in_array function| center_div function| sack object| admixerVast object| globalAmlAds object| head object| script object| _gaq string| iS object| iD object| iP string| iR string| iT string| iH number| iI number| f string| x object| bmN object| bmD object| bs object| bm object| bmS string| r object| admixerJSONP function| HELPER object| __core-js_shared__ object| core object| admixerML object| globalAml object| admixerAds object| admixerLoad object| globalAmlLoad object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| hb_dmx_res object| _gat object| gaGlobal object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportGELQueue_ object| ytLoggingTransportGELProtoQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ number| bannerNum object| adexOpt object| APC string| unitNum object| functionCallbacks boolean| functionLock boolean| apuidExists function| waitForApuID boolean| initVisitTime object| logVisitTime number| sessionPageview object| result string| key string| apuid object| sessionData object| loadedBanners object| onMainScriptLoad object| loadAdpartnerBranding function| html2canvas function| _open function| adpartnerBranding object| banner1550_2200341753400048 object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_126 object| Criteo object| Criteo_126 object| google_reactive_ads_global_state object| ap_br_img number| k object| google_ad_modifications number| google_global_correlator object| google_prev_clients object| googletag

131 Cookies

Domain/Path Name / Value
.admixer.net/bs Name: am-uid
Value: 697b573e3a4444e5bed84c52be179dbd
.zdorovia.com.ua/ Name: ngTrackID
Value: 199522277bd53c1e5fbf0b298911a63f
.zdorovia.com.ua/ Name: PHPSESSID
Value: ju23raf1ksi3ucs8j0dbjn1ui3
zdorovia.com.ua/ Name: b
Value: b
zdorovia.com.ua/ Name:
Value: store.test
.youtube.com/ Name: YSC
Value: _8kXXdx07sU
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: QJn-lWkBjL4
.zdorovia.com.ua/ Name: __utma
Value: 148597372.2117477704.1660279439.1660279439.1660279439.1
.zdorovia.com.ua/ Name: __utmc
Value: 148597372
.zdorovia.com.ua/ Name: __utmz
Value: 148597372.1660279439.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.zdorovia.com.ua/ Name: __utmt
Value: 1
.zdorovia.com.ua/ Name: __utmb
Value: 148597372.1.10.1660279439
.admixer.net/ Name: am-uid
Value: 697b573e3a4444e5bed84c52be179dbd
zdorovia.com.ua/ Name: session_id
Value: 2bae461f-e33d-4c87-af26-e960099a20a7
zdorovia.com.ua/ Name: site_visited
Value: 1660365839.1
.ads.go2net.com.ua/ Name: am-uid
Value: 697b573e3a4444e5bed84c52be179dbd
.yadro.ru/ Name: FTID
Value: 1YzTgF0B4VuN1YzTgF0031pQ
a4p.adpartner.pro/ Name: apuid
Value: 5f9e8eb9-028a-4a7b-b2b7-6430ea96982b
.yadro.ru/ Name: VID
Value: 1e4F7M2xOvON1YzTgF0031qU
a4p.adpartner.pro/ Name: apudmg
Value: 1
.creativecdn.com/ Name: u
Value: 7jvVR239v8VMdcaKshdX
.creativecdn.com/ Name: ts
Value: 1660279439
zdorovia.com.ua/ Name: lapuid
Value: 5f9e8eb9-028a-4a7b-b2b7-6430ea96982b
ads.us.e-planning.net/ Name: CT
Value: 1
.e-planning.net/ Name: E
Value: ADad1O/rWZo0of0V
.csync.loopme.me/ Name: viewer_token
Value: 1434df1c-a4ef-46d8-bfd8-c394c675fbb7
.openx.net/ Name: i
Value: 6205cd52-c5e7-41a5-bd9a-84bf314e911b|1660279439
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-77e37cea-4dc1-4ace-a815-bcc6f48c205c-003%22%2C%22zdxidn%22%3A%222069.44%22%2C%22nxtrdr%22%3Afalse%7D
.adnxs.com/ Name: uuid2
Value: 7799509249833577706
.zeotap.com/ Name: zc
Value: edca303e-4dde-4b05-527e-8debcc82f85f
.adform.net/ Name: C
Value: 1
.yahoo.com/ Name: A3
Value: d=AQABBJDa9WICEDydaP-hw9zMGxC3JuIe-MsFEgEBAQEs92L_YgAAAAAA_eMAAA&S=AQAAAj4fI0IVkmGH5bxvPZbh-6g
.360yield.com/ Name: tuuid
Value: 515fe546-fda1-4cda-b8f5-a653c7415c4c
.360yield.com/ Name: tuuid_lu
Value: 1660279440
.bidswitch.net/ Name: tuuid
Value: 4e746a59-ecec-4d7d-8e77-93fe461a88b0
.bidswitch.net/ Name: c
Value: 1660279440
.bidswitch.net/ Name: tuuid_lu
Value: 1660279440
pa.tns-ua.com/ Name: uid
Value: Z7AECC9DE27F4B09B25CCA3E3826E864
.adform.net/ Name: uid
Value: 2507871231717652556
.disqus.com/ Name: zeta-ssp-user-id
Value: 8c1f3c42-96cb-2277-b418-ec7d8d78108f
.adx.opera.com/ Name: UID
Value: 1715d4bded564596b717dde3383869ed
.casalemedia.com/ Name: CMST
Value: YvXakGL12pAA
.casalemedia.com/ Name: CMPS
Value: 1115
.tapad.com/ Name: TapAd_TS
Value: 1660279440247
.tapad.com/ Name: TapAd_DID
Value: df84487a-2355-4213-b201-793328432e5b
.tidaltv.com/ Name: tidal_ttid
Value: 60336be5-dff1-4d63-a34e-5713ee366bca
.adtelligent.com/ Name: vmuid
Value: f5510b651dfb71a4
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: tuuid
Value: 2c22421b-987f-52e0-9bc8-746df93daefd
.dpm.demdex.net/ Name: dpm
Value: 77178267387971667252146531016147296694
.demdex.net/ Name: demdex
Value: 77178267387971667252146531016147296694
.tidaltv.com/ Name: sync-his
Value: "H4sIAAAAAAAAADM0NjIwtzK0MAIA+DnxmQkAAAA="
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.lemmatechnologies.com/ Name: uid
Value: 623331ea-19f9-11ed-921f-801844df0ab8
.betweendigital.com/ Name: ut
Value: YvXakAAGLgh_VFFJ1jQsEuj6pD3TPzAZGzonQA==
.casalemedia.com/ Name: CMID
Value: YvXakKiDGI75kSTold2WjQAA
.casalemedia.com/ Name: CMPRO
Value: 1144
.exchange.buzzoola.com/ Name: uuid
Value: c49258a6-dfce-4c6a-6b54-e5cd243ddffb
.adfarm1.adition.com/ Name: UserID1
Value: 7130845897030039694
.weborama.fr/ Name: AFFICHE_W
Value: mvszxZdVw@Ga24
.theadex.com/ Name: tis_jAL
Value: jALeAvgy
.theadex.com/ Name: axd
Value: 4302460444888065233
.crwdcntrl.net/ Name: _cc_cc
Value: ctst
.console.adtarget.com.tr/ Name: vmuid
Value: 9688f602e7544b82
.agkn.com/ Name: ab
Value: 0001%3AKjyQ10%2FEPR778BCqy7c1xNsuEAvi%2BB5A
.krxd.net/ Name: _kuid_
Value: PA1UJr8c
.richaudience.com/ Name: avcid-zeo-uid
Value: edca303e-4dde-4b05-527e-8debcc82f85f
.doubleclick.net/ Name: IDE
Value: AHWqTUmaBCwf9DV6rUKdNCOaQoAVtqe4icNAhVVJ0aS3pzWc-wMm25bSggGN1dPcciw
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YvXakAAFzmZxkQBC
.adtelligent.com/ Name: a319130
Value: 1434df1c-a4ef-46d8-bfd8-c394c675fbb7
.adtelligent.com/ Name: a307558
Value: 5f9e8eb9-028a-4a7b-b2b7-6430ea96982b
.adtelligent.com/ Name: a309255
Value: 88777dc4-d5ff-4dbb-8cc0-8c42d432606b
.adtelligent.com/ Name: a307971
Value: ADad1O/rWZo0of0V
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA__vFyGtoZmZgZG5pYmJgYWgKAFomhi8QAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MjE2MgIic3MLY0sTCwsTIT5DXQ_dlLSS1LDcIuccSwAzqOC1JQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MjE2MgIic3MLY0sTCwsTIT5DXQ_dlLSS1LDcIuccSwAzqOC1JQAAAA
.adtelligent.com/ Name: a318342
Value: 9688f602e7544b82
.zeotap.com/ Name: zsc
Value: %08%96zen%EA%F3%07%F5%DB%F3%A7%8F-%AF%B0%85%0D%14%06%E1%2C%01%DC%1B%A9%ED5%02%26I%83%8A%E6%BB%25%09%8F%A3%A7%CC3n%84w%E2%87%FE%3DL%13%EE%7C%C1%DE%27%C8R0%9F%97I%86%F8%26%A2%7Dgo%D73~1%F6%E5%AF%9E%90%EC%EB%82%EA%9F%B0%C0%866%AD%BD1%84I%A0%2C%C2%B1%90%06E3%C1%84%00%84%1A%93%AD%89%82K%D3%1F%24F%B2e%03%5D%C1%E4%10%A6%8A%CB%EF.%BB%FF%8C%FA%F0%7F%8A%AB%2F7%14x%7B%01%0Ad%980%AC%BA%A9%D3%AE%DC%D2%F8%D7%A7%C7%7D%F1%DD%05l%C9A%A0%FF%9C%3E%87g
.casalemedia.com/ Name: CMRUM3
Value: 5862f5da9005a0&c462f5da9005a0&4162f5da9005a00&bc62f5da9005a00&e662f5da902760&3362f5da9005a0&3962f5da9027605124322322778394884&5162f5da9005a0&8262f5da90a8c0&0462f5da9005a0&0b62f5da9005a0&b062f5da9005a00&f162f5da9005a0&2d62f5da9005a0CAESEJxuiRNho_GtfQoPfHXO-r8&2762f5da900b40&4062f5da9005a0&0362f5da9005a0&1862f5da9005a0&ce62f5da9005a0&5a62f5da9005a0&2e62f5da9005a0&4962f5da9005a0
.adtelligent.com/ Name: a289656
Value: 515fe546-fda1-4cda-b8f5-a653c7415c4c
.adtelligent.com/ Name: p440467
Value: 697b573e3a4444e5bed84c52be179dbd
rtb.com.ru/ Name: as-user
Value: 62f5da90c52f155dcba8ff6e
.adtelligent.com/ Name: a297253
Value: 7799509249833577706
.adtelligent.com/ Name: a584890
Value: 7799509249833577706
pool.admedo.com/ Name: tuuid
Value: ff401483-6f8c-4fd5-9988-fe2aa262eaa1
pool.admedo.com/ Name: c
Value: 1660279441
pool.admedo.com/ Name: tuuid_lu
Value: 1660279441
.fwmrm.net/ Name: _uid
Value: "e309a_7130845901316255832"
.console.adtarget.com.tr/ Name: a307457
Value: 2507871231717652556
zdorovia.com.ua/ Name: session_pageview
Value: 1660279441.3
.turn.com/ Name: uid
Value: 4014191389595819986
.zdorovia.com.ua/ Name: __gads
Value: ID=56b04c1d66de8442-22c661b5edcd0070:T=1660279441:RT=1660279441:S=ALNI_Mbux0d5AsJm8Qlx2kGI7THM16Hvlg
.simpli.fi/ Name: suid
Value: 6E02C08CB82549C5B62BA13446FB70C9
.quantserve.com/ Name: mc
Value: 62f5da91-64bd3-3e0a6-268a2
.adnxs.com/ Name: anj
Value: dTM7k!M40<EVNsVF']wIg2C')j`pI=!]tc#8i_jCf!vUN2Q:5d=GoI0J8u9`9pca95/0a?^vWf05.lMz4v01Q<jMKuu'ngl$rQs6Re4r:[f-zyRnu7%8%<([kg%xd-h@%NVLCw3TuSKU!UgFZ.dm+w.wL4W1Qw2]J@kRC
.mathtag.com/ Name: uuid
Value: 7f2862f5-da91-4100-85d5-55d68aef2b2f
.analytics.yahoo.com/ Name: IDSYNC
Value: "1985~26jg:18yl~26jg"
.quantserve.com/ Name: d
Value: EFABEAHrJoEK_fsQ
.admixer.co.kr/ Name: __auid
Value: 4973a64e904e50c9758ed25cdcafa0e3
.admixer.co.kr/ Name: __puid_103
Value: 697b573e3a4444e5bed84c52be179dbd
.admixer.co.kr/ Name: __id_utm
Value: 20220812
.admixer.co.kr/ Name: __id_inf_103
Value: 0_697b573e3a4444e5bed84c52be179dbd
.audrte.com/ Name: arcki2_TTT
Value: 1660279442324!3i36soJlC-gQ-qk8155oIRZQg!H4sIAAAAAAAAACWWyXEEIQxFg+FMFUhiUTiIJf8Q/Ho8F3umaZC+/sLbeu+8L0utNZs2yXPtlZvP7rY1avVU+hU9a+cj17O+WNmlrhyu+zQ98mqkGkVes53FVmS79WS/r2Q7/Wndr8XzVJ9Jk9Mza1a26J6nLMnRw+XOboPjolOMn5r79pat+8ur1clxd4/Die/V5MtWH6VnKTKyjnaz17nyerO1cN6UlmT7e4VF40bL2urNqwY71eU9Wnl7z6TvPh1v59Ifi/x59r5uPl5vs14mpaQ194nZZr4FHCi85Zj9d3qblbKL9tQn2LxiebQxwYnC3OJxnPQ3Z9hhJ7ltT9+S96V7i8tOdUbmnJj0duO15PfXX9DOt9NsntfmTN+9jlvtFnup7/5unzdbcRAVa+D0LNuTVnctJZalrhplz5JHcR75jRyNM+ceReOM7WemG6czdWGsHGLH+U8Bs8pezM1iX0lDGOcpTOz2b6fFgLWNzFl0ZHN9iF9WjqMrl6MjWy1QpZSSp72jHm2uc9K6MGXwfPPJKlaYHTsFXXnRx6en67XALMtrKceNRc2VlavUdeKOMqenDqZLpud7v+42pFrRDERL2F293XfT2iNGX+wkQnfGlCN25Kc6uo59oTU4UUE7I1c9J6uNgxAezFw7trZ1S5R0WyyFZpnmOO5ejjv75WK80BCPykvj+BOn8KGHRSU6NdHCrcwKoKHkSe/u7Ts4qQOWCWeigJmLur1er9Q5Uy2yuyLO42hAV2zGRvWNbainb1id3m6yuim/HoFPtBi7lXwdCNo8YixqE2XWCTCq8OlMBSKqQ7Kn80qBJWl8DwcO4EvRrYEYQsIL+vFtEwt4L51pdqegtvgGvKHKRBgw09Y4r7dyPd13/FdzOGOlCmFsvvOaT6cXiWElmfU557mUQ7kqg9niJfnAJx8x/SmI19detQdBEJJd7TlAC9d4KmjHS5fkzca9++Sri0XnIwAukNssUvYZq46Wdo+5ZCiGAunsCH2OgDnv2DWUW2wm0Xn1qGTpEbCgMrvFqM9ZZ4wlp66d1LS3h6vsLb+dmJ0GMvQuE+Fidy89rw5RNfefWgA5e/OVZdhE4zP4JIQcVZvCTJhnHxjeOrNb+/rrfdTd03l6ILLkumRlLRgr3uAws3ofHvYMpxvt+aJx/bnvAqelLGpdhtTOxDZjQeM4jOf9PbLPzHFfwNzBTqt3zCpJQ1vSP2Z2ajKmOA+eFr30GSKIRrFDUkLk5e7zs0O6W6tgVx2LWGafmaXGUHDsSs/lfN1BAF6HFMd5fyKZkcptA+JYfj44btgHhtKd8+czTl034RbHXCP3uAyw6aZ7tI6Xr68ujzoSKYaq0ZDw6n+2rO4X2KrMgYei9USk9YI/opY1wQkcIEXN7Sn6G7UVWclghDZq6gZLNJjt5Ht+G52Jk0WXAds+Z75DTaOTLYx69YKtN4p9R3y/mY6d2StqYWFlEZ46DT6gX/UW882HEOQRtqXm8T7DkB+fKqF2404TvBWLtknsnQbYG9exOghF6IMTkSxjVzwOO+zjItua95h0RxRi9mQouXobePtH3z3XNTIyf8BluApVmHzuU2SrC1moqbynJPdldp+CBwHjCwvWEtvCrWuMdMIrAuMkdE1NIAoddv40cIOsiEqU4S4Fi/hswr4bRoUqxGsUnwLtauAF+10lSYPZQX/Uwlgc7AOgSHWFeMSGyyqHoI/2uYZqRS3kmXOEdNztSUmFfHZYS/K++vmT5VneysifDNmOkoj8pqQK7bS1Ff/h+ZL+YXvOrqi89ZqOk0QNf1uQGQgqARRgT6245OtGeKbB3QFPQ7Jv/mZXM+NAMjLrPUXLQVKbKxZusHNFr0C4f3z4BuB79Fbd6uTywD5BGHTZ362HG8J8jlp2J/Abp5Ety9EytgTibGdSeP4+2K+RHlW3ISngP7g9LCLUYEGQfDSSiXpC7pLTPlK0gIhGhjfc1ZqUzw7xcV9k5lLFahOD2vzA5UE+5h2sZR2cqFA9Ud3iGBeaBSNwqu+aAlWYOmPDGAXZczF4eoclLkjtBbcB0hnr8Y+ZAxa8szd+vOpj0eEqp1wHuD+hK0rgQjP1K7y8UiHyFvsD0hD+i7EKAAA=
.audrte.com/ Name: arcki2_ddp
Value: CAESEI-6XlN7DtuiMh33d456ojE!20210804!1660279442385
.audrte.com/ Name: arcki2_adform
Value: 2507871231717652556!20210804!1660279442465
.e.dlx.addthis.com/ Name: na_tc
Value: Y
.audrte.com/ Name: arcki2
Value: 3i36soJlC-gQ-qk8155oIRZQg!20210804!1660279442645
.innovid.com/ Name: uuid
Value: 981d718b-fa25-4d7d-981b-c710b6ac8976-20220812 00:44:02
.spotxchange.com/ Name: audience
Value: 63a7dc82-19f9-11ed-929e-1a7cb9e30206
.agkn.com/ Name: u
Value: C|0CEAAAAAAKoiXEgAAAAAAAQ13AQCAAQpAAAAAAA
.adtriba.com/ Name: atbgdid
Value: 3d68574a-42f0-40d4-a6b2-ddda750742f4
.eyeota.net/ Name: mako_uid
Value: 182905dcd78-69b00000010f5d84
.addthis.com/ Name: na_id
Value: 2022081204440200015715585245
.addthis.com/ Name: na_tc
Value: Y
.addthis.com/ Name: uid
Value: 62f5da92b1d3ca76
.addthis.com/ Name: ouid
Value: 62f5da920001854aaf4f205d554c72b1c038af6fa23ca3c96611
.dlx.addthis.com/ Name: na_rn
Value: 0
.dlx.addthis.com/ Name: na_sr
Value: 20220812
.dlx.addthis.com/ Name: na_srp
Value: 3614
.dlx.addthis.com/ Name: na_sc_e
Value: 0
.casalemedia.com/ Name: CMTS
Value: 5154
.eyeota.net/ Name: SERVERID
Value: 23940~DM
prodmp.ru/ Name: rai
Value: 49a286177d3daddc739a5f1d8b2ffb68
prodmp.ru/ Name: rai_new
Value: ddfdadbeea1e101fb07aaf381b9f7e80
.yandex.ru/ Name: yuidss
Value: 1797125811660279445
.yandex.ru/ Name: yandexuid
Value: 1797125811660279445
.aidata.io/ Name: __upin
Value: 13kGQDZPUtPmPoO9MpOINg
.aidata.io/ Name: __upints
Value: 1660279446
x01.aidata.io/ Name: adsp
Value: 1
.dmg.digitaltarget.ru/ Name: viuserid
Value: xdJIy4hyleQbuTc7nR9s

17 Console Messages

Source Level URL
Text
network error URL: http://zdorovia.com.ua/templates/default3/js/media.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
other warning URL: http://zdorovia.com.ua/(Line 850)
Message:
Unrecognized feature: 'web-share'.
network error URL: https://s.console.adtarget.com.tr/sync.html?aid=517350
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=611fdb6b-a91a-48af-6502-9a54b9594514&reqId=46bcbb39-347e-450d-593d-646b82e33105&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=edca303e-4dde-4b05-527e-8debcc82f85f&reqId=b3f79964-3c7d-46c2-5d00-57b84929d822&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
network error URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=611fdb6b-a91a-48af-6502-9a54b9594514&reqId=46bcbb39-347e-450d-593d-646b82e33105&zdid=1361
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=edca303e-4dde-4b05-527e-8debcc82f85f&reqId=b3f79964-3c7d-46c2-5d00-57b84929d822&zdid=1361
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://s.console.adtarget.com.tr/sync.html?aid=517350
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://tags.bluekai.com/site/87734?id=edca303e-4dde-4b05-527e-8debcc82f85f&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=edca303e-4dde-4b05-527e-8debcc82f85f&reqId=b3f79964-3c7d-46c2-5d00-57b84929d822&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://tags.bluekai.com/site/87734?id=611fdb6b-a91a-48af-6502-9a54b9594514&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=611fdb6b-a91a-48af-6502-9a54b9594514&reqId=46bcbb39-347e-450d-593d-646b82e33105&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=1&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAehlK4A90FnsA1lBiYmOqsf1TJmlw-T4A-vJhsGEgCZPpShV3IZCC6Qxmw_oL28mt4hsH6FbSQDNPQjtUohxsjgk6rWOyhCP7VkF-Q&google_gid=CAESECZewzW-kdFjHmkGejJqJvc&google_cver=1
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAehlK4AdI8pxsfMoru93tDVmr5LSFSM0IkHWh1CXaPBFv_YodOTjSv3_J9X8p8YpCNQ7Nfmp7A6B6hw8fykJTU8zJBw-XvsMK3w&google_gid=CAESECZewzW-kdFjHmkGejJqJvc&google_cver=1
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://adx.com.ru/adspend-sync?uid=62f5da90c52f155dcba8ff6e&r=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fadspend%2F8Qvfzrid7dtdBwbnPWMAiS%3Fsign%3D3082097917%26location%3Dhttps%253A%252F%252Ftop-fwz1.mail.ru%252Fcounter%253Fid%253D3138228%253Bpid%253D62f5da90c52f155dcba8ff6e
Message:
Failed to load resource: the server responded with a status of 429 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
a4p.adpartner.pro
aa.agkn.com
aax-eu.amazon-adsystem.com
ad.360yield.com
ad.turn.com
ade.googlesyndication.com
ads.betweendigital.com
ads.go2net.com.ua
ads.pubmatic.com
ads.us.e-planning.net
adservice.google.com
adservice.google.de
adx.adform.net
adx.com.ru
ag.innovid.com
ajax.googleapis.com
ap.lijit.com
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon.krxd.net
bidder.criteo.com
bidswitch-eu.splicky.com
bn01.er.bemail.it
c.bigmir.net
casale-match.dotomi.com
cdn.admixer.net
cm.adform.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
cms.quantserve.com
counter.yadro.ru
creativecdn.com
cs.mobfox.com
csync.loopme.me
d.adtriba.com
d.agkn.com
dmp.adform.net
dmp.theadex.com
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
e.dlx.addthis.com
euexchangesync.digitaleast.mobi
eus.rubiconproject.com
exchange.buzzoola.com
file.adpartner.pro
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gu.dyntrk.com
i.bigmir.net
i.e-planning.net
i.i.ua
ib.adnxs.com
ic.tynt.com
id.rlcdn.com
idsync.admixer.co.kr
idsync.frontend.weborama.fr
image6.pubmatic.com
image8.pubmatic.com
inv-nets.admixer.net
js.cookieless-data.com
loadeu.exelator.com
m.trafmag.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
mwzeom.zeotap.com
nashamama.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
onetag-sys.com
p.rfihub.com
pa.tns-ua.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel.everesttech.net
pixel.mathtag.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pool.admedo.com
pr-bh.ybp.yahoo.com
ps.eyeota.net
r.casalemedia.com
r.i.ua
rtb.adentifi.com
rtb.com.ru
rtb.openx.net
s.adtelligent.com
s.amazon-adsystem.com
s.console.adtarget.com.tr
s.e-planning.net
s0.2mdn.net
scontent.xx.fbcdn.net
scripts.go2net.com.ua
secure-assets.rubiconproject.com
secure.adnxs.com
spl.zeotap.com
ssp.disqus.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.criteo.net
static.xx.fbcdn.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adtelligent.com
sync.console.adtarget.com.tr
sync.lemmatechnologies.com
sync.mathtag.com
sync.richaudience.com
sync.search.spotxchange.com
sync.taboola.com
sync.teads.tv
sync.tidaltv.com
t.adx.opera.com
tags.bluekai.com
tags.crwdcntrl.net
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
u-ams02.e-planning.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
us.ck-ie.com
usermatch.krxd.net
vid.vidoomy.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.youtube.com
x.bidswitch.net
zdorovia.com.ua
adx.com.ru
static.xx.fbcdn.net
103.229.206.241
104.18.18.126
104.18.19.126
104.18.2.81
104.18.3.81
13.225.78.47
141.226.228.48
142.250.184.194
142.250.184.226
142.250.186.162
144.76.119.17
146.0.227.107
146.0.227.109
151.1.205.165
151.101.130.49
162.19.80.92
168.119.79.223
169.197.150.7
169.50.137.184
172.217.18.98
178.250.0.165
18.185.190.16
18.193.145.56
18.195.201.66
183.110.238.136
185.15.245.83
185.184.8.90
185.64.190.78
185.64.190.79
185.89.210.122
185.89.210.82
185.94.180.126
188.42.191.196
193.0.160.128
193.200.65.6
193.239.68.97
193.239.71.100
194.247.175.19
199.115.119.227
2001:678:cb4:bbbb::11
205.234.175.175
212.82.100.182
213.19.147.45
23.205.235.133
23.22.215.174
23.35.236.201
23.47.209.72
23.7.201.234
23.75.240.210
2600:1f18:6593:f602:4d5e:ab92:54cb:6c57
2606:4700:10::ac43:db6
2606:4700::6813:ac6c
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2a00:1450:4001:808::2004
2a00:1450:4001:80e::200e
2a00:1450:4001:811::200e
2a00:1450:4001:812::2002
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:830::200a
2a00:1450:4001:831::2006
2a00:1450:400c:c06::9a
2a02:2638::3
2a02:6ea0:c700::19
2a02:fa8:8806:13::1400
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a03:90c0:41:2801::254
2a04:4e42:200::300
2a05:d018:24:b002:d4fc:f527:7aed:872f
2a05:d018:d29:3605:7c9:2a47:8cb6:50cb
2a05:d01c:1d8:8100:ef96:9ea8:1cfe:fd9
2a0c:5c81:5095:0:225:90ff:fefa:245d
2a0c:5c81:5139::2
3.125.70.222
3.126.56.137
3.229.243.180
3.33.220.150
3.65.159.25
34.111.131.239
34.200.207.25
34.247.103.17
34.252.199.249
34.95.81.168
34.98.64.218
35.186.253.211
35.210.53.219
35.227.248.159
35.244.174.68
37.157.4.23
37.157.4.28
37.157.6.246
44.196.141.245
46.249.52.249
49.12.13.182
5.178.65.246
5.178.65.253
50.31.142.255
51.158.28.82
51.83.220.94
51.89.9.254
52.17.63.11
52.208.103.128
52.209.232.242
52.211.246.129
52.46.143.56
52.95.125.22
54.155.95.209
54.78.254.47
62.149.0.72
66.155.71.150
67.202.105.31
69.173.144.138
69.173.144.139
72.251.249.14
77.123.132.26
8.2.108.194
8.2.110.206
82.145.213.8
83.222.114.186
85.114.159.118
88.212.202.52
91.210.190.92
92.123.37.164
00215534b8bfbee85755fa9aa4a9b6991284de6c25528d09fa2bb7298a2b0519
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
01ba7e4af560c71d954998f6ca1ddc0e8adff8e443eaf5ce88fbe8bef84ac08b
03c7a73eb49d20a873dd15cf622bcc9ccab0355cd68dbde468734a89b1852f54
058182777a17818af3eeebc80eba780debf5e420d619b66adbbd2e84cd760f95
06d06cc73e18eb26f24f33bd6c66f4901a08ff7c12c119338f20d24a40fcd872
081bea1f69d4c8d86fa4f6fd61ea4348249bc79e2b967399b96e72016e3676b7
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0dc2a95d49f4854773ee37f6c1168a9e90d639f81b882b0327f490c291a9cfa3
0e1f8ae81889e837e923d788176d1ffb9a5b8b766a45e699326a8d5b6e9a5686
0f551bf4c3ae48fba2a996ea6488bdc0135d72f74b096f441e982bb0cf3729af
1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
140666625531e941e900caa4637eb21c39c9c812865382ca1ee0ceb764901502
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a
15b25322c978807eb0a01f7831091fd4b9add03a28f48236d309b42050a1aeac
1601f711c49f3e600c1c5d1d6789971a7b97d1f669184ae297f752fb328fdd9b
16089cad50034af52ebca1e2e7c310f76b4b6f625b89ad07d5b59ff377f332b0
16a6759adcd6e69cfcc15f23b440bb6e058b234a123a890c951aede390b5577e
16c86ea6fb040faa1f7f98ac001f5efdd4407cc8568f8b4fc6ed88dbadb8a54a
17cbb5ff7abf82890eacd6dd6cdfaf4ea2e7f6dcd3dea4082d8cd3b290e251ee
18da79f767f5a603e9b235ec78993380e8c00aaf1ec855049e8a79107e3013c6
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff
1c25aef47c67b97e59beabef6f8710905a2cfa67f9579478ebde8bee5ffb57d3
1c7ccd354d975ee1e5018cf91d57b416a928d1e9590cc2ee92cf312449145b1f
1d019867c120344469403527c7d958861b81d0fc873813c97ee135f707d74122
1dd7796d72b2353ca592f216dca81af1aff9eed564a0c1ed5d7555af6f3bb34d
1ea07232a647fbecd84a909c84a191bad02240c049f64109face6d822674fa75
1efb14d89d5411e02729fd72359b8f5b0502c42590cede7e2fc2496ebf3c430a
2322498b4c15c8fa2583255ee24318ed39a56af26c9e0e6a0c3675da1e81809d
234974ef7ff86c2e11dc738796ccf88501649f864fad7d2d30b45f10211cb8c8
2364e3bf74552def676f1c5086eca57ad57ea116854a53d324d59ae503c4c05b
239a83f36e0eb1c181c4ec174b9a05ce02b44afc5685aa3dc828aa581ea3d7a0
24481621c8f6db79f5adc401cca02af739a0a6a86ad173cf8e523194381788a2
24d8a174b47136800c41d7b2ce4debb7b88f6edc64a09077cfbad45981098add
24f8dcd7d7325228f8445b12572d027d0c54057c2a518030b4c83626141cef21
2590c37a8df25d2ec796796a32a393e14a7fa4b5d6edd5529f6c05d4ec0b2692
25c7ba7dacd1fb2729340d88f61049fd6fb901a246ed3b07a81561ade0a8ebf4
26e62a17399b1a9ab21e130b14fdb4b4756d9cc3bcb93943cc791b6696280d5a
270eaafe105c00067ea41fdb126bb391b1d3c647a9dc2866be1a0ca539d6733f
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
28796af60e3612ee1dc8f6f63d0f44693bffb6fd2c972016fba177ef3bea9c3f
28f1cdf23027365c31ff2f5614d1945c50c04434dd7e05f8bcbe8c25a5eebd06
2a3d13042506b014659c201105249b75f7101f0c3175eea254b8f33bb5ea7bd8
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2abb534d22e24dae520b3bd3d1b39be706c890c380a876dfbc876dcfeb90bdd4
2bae72bcba59479508acbda8ac1ad7e4b7271d6df493240eeafeb409ec6d1ad7
2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b
2da35fbda1d1846dafe19cd1bc79afce518145cf24e6e7f318c5c4a18b811a0b
2da6dd1089512f5aa80c47d1d6dec46acf619fffac740bc706e6871221869419
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e0c2ede5200dec66bd90df0038c33125eb91b3096b1e068e4e10b888a72a1ac
306d5342ca0b82a5881ce148bbd99134d736d0fa462a683e56503801e36fdd93
30fe2b4dd3ea9446d92fa0dad1ce04ad1fb0729696ca6e04d6bfaacfb5681ed6
3221bcff01fb4818dcde2e92e8473dad0cec69c3d4d2232d52c68a63025bc282
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3329f8d11b17f51fe1754c846d84be4eb890082f19b7e06564ef973d7ca1a58c
33ac7c2a73fd64b2ea828e6a46e26d79a25439d11db5cf50b532af5697ff85d9
365e3d40b517a90f8fef5831636b636d94407dd42d3c51a2fe64cf41973e03f4
366bd4dcbc5cb7bc3af8d7c0d046abdd245b6c33564393d89a7ff5334223faea
36c0ec05d79bd9d3164effc3eca0f1962cd6f82bb1f41cb212e080910be24153
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
394d5d616b042d29e9a9f5b1bc9ef746b0d60cda23c7267dee55bf72fc46035b
3a340bead37e56428d5f67ca4b0f16982fb7cf4849c67698815ddcf7bc1211af
3bfcb29e3cc59e038dca6e1a4a2bf37f5c24edf62be8ead0fd4b651955544d15
3e25b0478e495776aeb31dbca4c92a9bffbad68161f91e261ef88aaf4ea2dd71
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
44211de63994498280bd3dbbe05c6ee308ccf1463f0ead91201f84d03bd1cf66
45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb
467ca9a0c173f3885961822b419e20a09de9ad517d3df9cc43f5020ac2fae437
4803ca05bf5d01dbd812e758881dc7cae6344da06c0fd9d19d42a341409a61e6
4864ee97c73bb521d2bb90c04e3c8319be47f1ee64fa2a0aa0f4c08799b785cf
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4ad0a1d9bb20358be18ad374a563021cb030d5d7ef1d1fb52c05a187340bce6d
4b59790bffc099e93409fb1f064ec7d2e7939610436f4413ff7388e11a6ddf6e
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c7f8d6b9dfbc90f92b5f2033728a5ffe2ad3c6a0ee42b7cd1af37de8f2f3c56
4cb0068e1737cf2dbd6ec5366d14b22eabd7c0e8a607681753b5aec7a1b46882
4d1f56b3032e5c392c0a0e812c52d5fcc3da8d9f157d1e21d78434196f58495e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50960b805a43cf5d098994ee13cdfdcddb3631a55175201006488e780636de5c
518044b9079d6b70b8997035cc0d9b69d8e578f1b2ec43c8cc06e819f58857a1
547e0b6a33dd02dbdee7f98804ea3434b1714beab2b32fc6c08b021e3159de1d
548e4669812ab53bae5e50eee71c0d6d951b6dd8e5176cb8c08c36ce3dbf37d3
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56ac7cb4fd40188f02743361007ee943e7749fa58ae458133736be4e93f5f241
56bc77edd072e72249cc648dae6511b6636c6b7051f0b59c05311c7c9e94a5ed
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
57c6676f4aae666c5dd775495b931dbcee43f6c3b09f2fb7cf07b108a445d4a8
58a00255468ee9be049e81e621215e29e50469887132b43830ca9b316e6f21b8
58b6892215d902e6d62c64ae69a83f3e75692443a179652b38527f509abf6086
593fa553d116f4269a8fc8b7fc11dc49efdb71da04c896b6e5872841c5ffa2d1
61bdfd54a6b568d5a806fc9347514ca721b887d02f7458bb3b0a15165e9b2612
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99
62e471195c960098b118dcec1b56e57c3fff8e2a3941eb53d1bcb206992daf87
641f868e8046a0df91150d538385b89a10efcd41c7da0a8ae180d68f725ab8b1
64a30eed5ef4a2b99ad87961c11feea289400aa8c202c40276b9c1c778d73c70
66e8dffe59e66c25e3d1f2df4b151b835f821e6b35fe0dd567d788f2db4fd84d
680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51
69441dcfb941a2e5b4ad898b22589d40edf42108aca20e07799d4ec0668536eb
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c32d94582973c620eee44273526d176fdbca5b8b36505c6142ed3c90c71882b
6c99335c99f774015d0426f4be281b926ff44a9bc89560d4be5b5bc1e3888ce5
6cb706286d335d6c1c71f0dfa2da12a28563585c6184d68b0294a8f976222b85
6d169fb4ccb87851ddbc032b7df13ac2aa7976be4d774ac93a11a09a1df1b2b0
6fc96e97ed993346d7433d2f01911aa85c9fa541d5a5145d435208218103d207
71849c671a5e607e906ff0d436236bdf6b14950397ad37e5daf0540eb9c84f58
71a0a0422eb36f7ca59227ed65f322ee44aa471e60aab81b354e92d1ea13c4ee
721f53266e5db5f999da58d4d77a0171169b23d3566c4d0a128996e86402a5d6
72c0a71edbb9542e13bd1b95045d742d7acee3ce8f78aa51399f61cee7e492fb
734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a
75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338
78020b8b9caf1fcf75e1a48241481104b27310fa4121790a134f95f03b5b046c
78cf3d28b5bc71f6bd5fd0bb5f918665edbabec61f11bbe46c64b47ffadb56b8
7a48498f5db8ae8a7624a0150932e184eb1de17b6e2407d237aba929a60102ff
7a84ab5cedca390158f4c968bb39557fbf2341a9376970d754f101b59ca117dd
7aaf5eaabdcf648af4b408b192e3fb2fb5152a635a7dddb1c7241147cadaf304
7b5db3bb38bd76da9e83a688bdcc8001ea36d2d9721b598c01e8e1c3a5325e6b
7b8b4801b20c34b012de161039f1f859b2fc80644711ea4f2bf9611a75b41ce7
7d102e486d52dfb71540ecaebf48ae846974d8f8edb1ab30dd661df7931ba159
7ecaefadad41efb3fb2dcc127d919af777b4f1de15254b69d8b1c89a52744b7f
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
81683dd6e9edf61c6606f28fb7b7261b7b88ea30e286d0a132f63c5ff42a2678
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
853a8c7e34be5549a44fc541e13876f5c2838123142f527dab2265950feaeefb
86785aca6fc8dddf864d7181f70ccee6f8b23b862ac3f78df065ed909c5b746e
86d232af9d0d652f0b20b2ffdc7c9883350500b20300c05e2f6eaf3a5fcf85b6
87379e9e46b3175db0905c6d5ffa9e5d705f48a3c1081605a267f709570578f4
87e7831816831bbf4b0a4ac5d2058d08cd5d50f61107753845bcc5ae302a92b8
87ea26ae2a0ed0569fe5fdddcf5d5e051eda8d66761f58d8356acd885c93732c
891a49223ff61fd79b6ba9fecaaa47aee1010a2f6641f852809ecf1396c4f3b9
8a08cb864af8c4a6ef3e24802901f7874e0c114c820c1c18bc09abeab75f6fe6
8a6b6aff4bba252a270317ba862f916d38766de33f6b982a58b79ef06fa48ef6
8a77716d191bdcbb71ccafbe17e67b9e6f45d58e3c7477e3c9b7d7b9321c6f5a
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b2ab6a7fe3ae86fb84fb7cebcf072592cef358bb73db32fdf2acc0758d63539
8d425663640d76f95c1ac14032c5aeaa49f1fafed8fd9fce3b81fc65b10f8ce1
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f0a19ee8c606b35a10904951e0a27da1896eafe33c6e88cb7bcbe455f05a24a
8f1cfed0d002b508c4a0471500123548969186e776400b4a83ee905e6dda1005
8f4b262ea13458af3f7508f3c93ac3589bbc01793104d9bfc041de85fcef79f2
9037591d13ec1cfbdb0a462d3ee4f91ddd3d99668d4cbb430355910457a6cf1f
90fc0d4d2666d3f5b0ce950a759f03f7755f52012ba11c5d68bad84ab0ea9a3d
93dd9bdfb4786776e0be67aeb0f1bd07f2c8164d05c859888ea58aa5130afb2b
9466e9e7baf16cf5f9f787bec7685504c8c228cab66a7d871983d223c67a1ade
946b9cc8ac7550a7ffe8d1e7b55ac8a8781f8f27e90236927ecc4de6fc668748
951ddd5d4b2422cbf8e42b83aaf29de8dffef686ad363dcf81d582e3fcba6e80
954557dd5c5519ab1fc213c8bb174ca27b75396c072a142fe06770b828f299b5
9658c8334f9fb0a11a098d0cf8e8f1d2a324a5dbe950cdd6eb5f5b267cea8905
96b1d4d66e314f4166ab9ce3ca43596a1e8231875a128c0959210b001b0637af
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
99507b31a0efe2b33d28b8eefe8aab9c7a38fb3a22ac8bd5a6732b515ed72c37
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9abc73488a88b4f7477f12b8d41eba35669364704b55e5ff2d71533d330d47b0
9abeb4ba8370abad2b98735433d8e4dee9e197d65efe69524d9c86189e3d1c88
9aca92d7fb026f85e32cb617ec9e27d4fe695b2faf61f7f35232f849bbe6bc80
9c5c65b03ca907b7c00d725a83a860c1e4be9d1b970c43b99d025036dc34e81c
9d63c21b199a414fea406678bff2a06c5e754b4f7a999b94399cd9d3e4336bcf
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
9ffbc795fbfe6190d6dcaeca72aa7c7c7c930425662d58d4adbbd337f3090680
a05f9c7b921d383e70f376162c6c89244d750c871eb042acf694c177ed1c666b
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a198693aa43d0892ffd3e66179f8107f44e3f4b3d10f1bec4eff7eca2d6abd59
a29306e7be8b3e743bf8a8431491142e215bf9bb31a004b13f591a4e1c9acc06
a35f3a8ace7962a26b325e9e5c038100d8ec5b58395b0b6a4d4e7f5e0a411ec9
a3d9317a1b8c2aa2fb35ecb3abb1915d33bb75665a78cc9b9d04f41064600d93
a46e02aed78b4773f4039ad8807da53fed0c2384a53b5e2afe6ad6ada85d4336
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5a4d7ec31e1eafeba8c3ab6589cf8b8b2b624b4c1afb7a62428aff04ada249e
a5c29adabc941d932e1917fc17d44ce7dd3f125a68fcd194042f6478d73ebb04
a5d45c532560cf4f92f5c08ff431a07683167ff8e62b50408f79fff5b34bcc7c
a6a3a85c0741871af4321668b2da710f89abc6ca0e9165e1b6c7439444c203d8
a87b440ba85911d7d2915e2aa93b00ecadfd8eef7d5494c6c83af7aedba48c05
a99c19bad36e3f00e24eeb39de21c28240dd78cf1bc62f9f5512bb6f8648a7b5
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa2e6d7260e270393b7b3f3426f0c8217e6eda69d9fbe7bfaf07de071cfc024f
ab612e26357285522cbacea29b729bfdff3b7342c75ee9438ab83a27ce4b297e
ac1f8c2a4ee7c0ee40acb4937d0459e1e290abfa8229c4b7fc4d7992858e1cd9
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
acf93cbb8374d6da6f1638ddcaaeb935d9195bad22b232c54b468eb81d40a9b4
acff2f7ced83945dfb1b2227c926ec6a29d4c9ef436b6cd78a0d0d7447286a09
af01712aa7ba5b2cad5c3adadba195f4a575d042673f73636e3dc8ee3798c858
b0f716b982e5c0b37fd0cb042794a1c1d52330df7e4c7c7f8ff3eaef71b9ae4d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b238ff3fb792b2efa823989c3273b89670a87da10632d6be9c81c43206f86fdf
b3d07383eaafa1a28161e0d58a2cce46a6adb2836603eea46f3676b54cc0cd49
b3ef1c1a0f5a027c937ca9f20ffe65773796f38a07bd9277115ad3ed5c6791dd
b45c62c7ea907efdd19b2ba950d0a8f261a514e34195a1e3b547ba8876b83862
b4e5d0bbbc53852c9fc90c30dff92386f756581d9b48dbbd11966098da6b63c6
b70c6c2ed793b5c4a9e9a7d543b489f810cfbcfba4fa326fc5730d2291fc5e38
b7c43fd75a6ed3a267427a714feebb9a1e4ba350dc540ffb2cddb472ac27bc25
b9ff1a0033ed24a5a3274d4792174cd0fbfac2da714ebcd2f0e6b38b96dca3d4
ba4902e59d784ddfe29c2564bafa8ab1c7a6446d4adb6d92f4bb7a8ef3366635
be7355eb9a5bec9879df598300abcf220ac951bfd5a62f26c7f3c5ee849887fc
bea4f71fbc2f72a8d092478d4b70c54348f5259c71b409ed23edb0bf4ffd1462
c005f271c9e93c4dc1288b196c12f6e037e6ddae04e421a2053dc5ae30597646
c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3318255a3de92e1749d9e294768216423bd13efe6ace877f90482a1cd7c137f
c5333fb18669e69b3056fe918ec182fe7e82faa128e104d2231f33cb64d37ab7
c64b45ae7318ceff7f8b2612651fbc1ad772a33baf4a83a1ab14eb704d50a58c
c7e7c9a58c561d93f29fab3943724cefdd1bb12a6183e2b449a56236f8cc783b
c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f
c9a290d9b6213e394d2d308a9e193b06f2773b1ac247317f41df41211e6bc77a
cbc098b106cb6c879d78f3fcf5cb3cb9ebfcceb6a60bbf8cfef355ebb661d924
d00195600440f2b310c1761d6c41af906070e402bec01f430f4c558ba424da5f
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d257e529cf82beeb2dce7c62b7f7deb6747384677d1f4b5ff6e7c7936278e717
d485c4dc543229efe5d97016e8b0efec6824111dbc9aca88d586ece94fa7ab11
d57b72eab46863e9c71c04589510c2e4b8e68d928f054421bddc11b8a0102a02
d664f280bef7dac567cc31841c4d3f9e9642fe6b0cd3e65f2fe08760532acee1
d67f80416350b30b9f1d9412eee88b02f069c31d778c0861f0721f7c28f5a3f2
d840ef1927c7aad49210faefc97f7005e3862dd4853cded03388216c009f01a2
da5a6aaf22887d6be1d6aaf85b1bf31db6372817faeef47bd9f21b89fcb78109
dac08bda89a9c0dba0b73a6e0dd4868de08600c8956f2e89beaa51fe8045aef8
dccaeb8aa4f4c779e6d9f2b0d51445b928b8f3d5275f673ea8f9559348dbe612
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd9cba424ea1205b288794c3c02af5acf41f97daaf3171bd653401bbcedbc07f
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
e1bdf6f2f0ae6db22067d27ff6560f2720ea2cddcbe953d4e317d2e7e8b17328
e2cbfcacc9d5d0f8871ee8f217873a4dc579c80403940429af11fbe2ec021b12
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d912ca3f1497bd7a00e7044519bfa14d184b7ea37d2010e2e42de8f0933b00
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e4501d959d3638f5749d6687283f31f7fc48d9e37770520cd0f275b632eeb5b4
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e58dd6001ec35b05f71949fda9688eaf3a6a9e01a60f07b7bc99dd030485735c
e747c2a5c6c3dab1862b2d02a764e6e9447bc7ba3ab2e270c8032c10dbeaffe4
e760cc70aa82d03ecbb3f7c1a228e2229dbaa94b232c230fcaee2ae2b4aa7e8a
e76d2c65d057cfe0ffe5494fd398d46eee545b7e70fb06010f0adaf64176507d
e77074927673ee280742cc1fe5b0dcc1573c46a62cba02241540e3c9306ead1f
e9215499e277596ed1b47a2a25a63eaf612691ae1879b7d4dee8dabcda88a697
eb49762bac0f22b332fc93eb47e3e4799e052b05f07073b8be9f1616baf75162
ec14f131fcff30ac56fe806683440afef4a577c2bb096f74aefc14c42912b652
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ec7fadf3dab689a8e4be94a7f5f85c86b77b3b90f5388f3f4e5cfc591bab2c49
ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef41ea915012b489db33d3f99dec488378dfb9780bda6f0ae9cbb4ecad9afa5e
ef78b0de63fc33d07fc75e41360c194aa1afd68c7540fecee6218f1d52037a96
f0caa9d92eaf74f0d6486888d5dffce099f088c30f6e5a567e3d58ef88e3c41a
f1fd3ef73029fbe138f1368b5ac1622fb89e8f88d1c212d451f6c421553e4b31
f2317be12e42eadd16e06351f8ee84c25a82c8b1811df6159fd499d8133ef81a
f4726e859dd2230293e1d3b48e9432dbb22afd5ee9672b5318258b53803c580f
f5c1252657d569220b7abaf36abd9d3c30550c7935f1af14d43a358d309c557a
f5f8bba3cb4e310070a9519a6d5ee76d9b4845a17d7c82a87ee66fe1b5504816
f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b
fb4a1ce6dfcba35211052403191f739a43aafef3ebab7af5e3866d02da0e60fe
fbcd31b37edb768ea8b1b6123cc714827d1e26f731e5796f0058689323ed861e
fc57f8555b4c236f78e334bcacfd870469dca6ea51e9254638c4c38c9da424ed
fc90b97c332ebea117c9304b72afcb165c336c08e9ab6db4a41bb71b54ba4f55
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb
ffbaf894ea765be1b967e83fcf8669ade7f4f8282185562276aa7902379e7e99