www.zdrave.bg Open in urlscan Pro
78.90.206.186  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

• http://relay-bg.ads.httpool.com/ HTTP 303
• http://tas-bg.toboads.com/js/adi-ec561a14.js

Request Chain 51

• http://www.facebook.com/plugins/likebox.php?id=194681971570&width=300&connections=10&stream=false&header=false&height=255 HTTP 301
• https://www.facebook.com/plugins/likebox.php?id=194681971570&width=300&connections=10&stream=false&header=false&height=255

Request Chain 80

• http://gabg.hit.gemius.pl/fpdata.js?href=www.zdrave.bg HTTP 301
• https://gabg.hit.gemius.pl/_sslredir/fpdata.js?href=www.zdrave.bg

Request Chain 81

• http://pixel.sitescout.com/iap/ea24b8a97ba6cbd8 HTTP 302
• https://pixel.sitescout.com/iap/ea24b8a97ba6cbd8

Request Chain 82

• http://ib.adnxs.com/seg?add=9942225 HTTP 307
• https://ib.adnxs.com/sbounce?%2Fseg%3Fadd%3D9942225 HTTP 307
• https://ib.adnxs.com/bounce?%2Fsbounce%3F%252Fseg%253Fadd%253D9942225

Request Chain 83

• http://pixel.sitescout.com/iap/1dedaf03ba2c1838 HTTP 302
• https://pixel.sitescout.com/iap/1dedaf03ba2c1838

Request Chain 84

• http://ib.adnxs.com/seg?add=9922745 HTTP 307
• https://ib.adnxs.com/sbounce?%2Fseg%3Fadd%3D9922745 HTTP 307
• https://ib.adnxs.com/bounce?%2Fsbounce%3F%252Fseg%253Fadd%253D9922745

Request Chain 99

• http://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 115

• https://vertbaudet.commander1.com/v3/?tcs=1055&cmp=Criteo-Contextual&chn=display-NC&ctry=fr&div=web&med=display&src=Criteo HTTP 302
• https://vertbaudet.commander1.com/v3/?firsttime=1&tcs=1055&cmp=Criteo-Contextual&chn=display-NC&ctry=fr&div=web&med=display&src=Criteo

Request Chain 130

• https://hal900026.redintelligence.net/request.php?zone=fhkhqaajy36n&nw=20&renderingType=javascript&namespace=294311e9a6&subid=&uid=bfe374d6726521d4&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D2735294968634420233%26mt_id%3D6686402%26mt_adid%3D216536%26mt_sid%3D4637209%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Db4676132-f348-4c01-b0ae-fde767697d55%26mt_cid%3Db4676132-f348-4c01-b0ae-fde767697d55%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCrB0mSPMyYcDCEaWk3gOGgqmoAs-HjptcwIbZgsYCwI23ARABIABg-4GAgIgKggEXY2EtcHViLTcwMzE4MzE1NTc4MzAzMzXIAQngAgCoAwGqBNMBT9Ah3Dl-7L89hqy3lV55gpOmP7kGfLQ-seBq4ZWjKtOVjeuUDAG4ywnPVlFOBlvl-_oY8KFQICdii8yrn9vmacm0ZBxuPpSUQh-zC5900phFZk2bf2PRbw1oqQWx_uim7sXU_Ww2FdDLfvy5fkjEBb7vhrvjXp_wHkw8Bff5sHMZuuOu-Id5qzi0OszufFepHC3O4Bf3diT0RnZpg_8KqnBZzcwYttoLUzvZfkdFPwqOJdp2EeTRK3VEmSCa7TMnj4CcJlTX7JY3_4qvxbelmiiE9OAEAYAG2ZW0xqaNwvvgAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1HkyZUFKBzFERqzL7pNxKKDSwGSw%2526client%253Dca-pub-7031831557830335%2526adurl%253D%26redirect%3D&documentReferer=http%3A%2F%2Fwww.zdrave.bg%2F&ancestorOrigins=http%3A%2F%2Fwww.zdrave.bg&random=2256187986754&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
• https://hal900026.redintelligence.net/request.php?zone=fhkhqaajy36n&nw=20&renderingType=javascript&namespace=294311e9a6&subid=&uid=bfe374d6726521d4&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D2735294968634420233%26mt_id%3D6686402%26mt_adid%3D216536%26mt_sid%3D4637209%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Db4676132-f348-4c01-b0ae-fde767697d55%26mt_cid%3Db4676132-f348-4c01-b0ae-fde767697d55%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCrB0mSPMyYcDCEaWk3gOGgqmoAs-HjptcwIbZgsYCwI23ARABIABg-4GAgIgKggEXY2EtcHViLTcwMzE4MzE1NTc4MzAzMzXIAQngAgCoAwGqBNMBT9Ah3Dl-7L89hqy3lV55gpOmP7kGfLQ-seBq4ZWjKtOVjeuUDAG4ywnPVlFOBlvl-_oY8KFQICdii8yrn9vmacm0ZBxuPpSUQh-zC5900phFZk2bf2PRbw1oqQWx_uim7sXU_Ww2FdDLfvy5fkjEBb7vhrvjXp_wHkw8Bff5sHMZuuOu-Id5qzi0OszufFepHC3O4Bf3diT0RnZpg_8KqnBZzcwYttoLUzvZfkdFPwqOJdp2EeTRK3VEmSCa7TMnj4CcJlTX7JY3_4qvxbelmiiE9OAEAYAG2ZW0xqaNwvvgAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1HkyZUFKBzFERqzL7pNxKKDSwGSw%2526client%253Dca-pub-7031831557830335%2526adurl%253D%26redirect%3D&documentReferer=http%3A%2F%2Fwww.zdrave.bg%2F&ancestorOrigins=http%3A%2F%2Fwww.zdrave.bg&random=2256187986754&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 132

• http://gabg.hit.gemius.pl/_1630729033185/rexdot.js?l=100&id=ous70LtcMDg4hZBoeTML28UFPzHZvwdNi.i4cwExhdr.Y7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=http%3A%2F%2Fwww.zdrave.bg%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=AoRlFOPjWhX5SBPsFqCoc43AN.BTSu_XiWujrvekNiT.i7&vis=1&fpcap= HTTP 301
• https://gabg.hit.gemius.pl/_sslredir/_1630729033185/rexdot.js?l=100&id=ous70LtcMDg4hZBoeTML28UFPzHZvwdNi.i4cwExhdr.Y7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=http%3A%2F%2Fwww.zdrave.bg%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=AoRlFOPjWhX5SBPsFqCoc43AN.BTSu_XiWujrvekNiT.i7&vis=1&fpcap= HTTP 301
• https://gabg.hit.gemius.pl/__/_sslredir/_1630729033185/rexdot.js?l=100&id=ous70LtcMDg4hZBoeTML28UFPzHZvwdNi.i4cwExhdr.Y7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=http%3A%2F%2Fwww.zdrave.bg%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=AoRlFOPjWhX5SBPsFqCoc43AN.BTSu_XiWujrvekNiT.i7&vis=1&fpcap=

149 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
4 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set / Show response www.zdrave.bg/	34 KB 10 KB	397ms 273ms	Document text/html	78.90.206.186 A1
General Check archive.org Show headers Download Go to Full URL http://www.zdrave.bg/ Protocol HTTP/1.1 Server 78.90.206.186 , Bulgaria, ASN35141 (A1, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash e7778e28d5291f08df66b364acaf564d12982c12ac050cfb3f7c31a59a46a6f8 Request headers Host www.zdrave.bg Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Server nginx Date Sat, 04 Sep 2021 04:17:11 GMT Content-Type text/html Content-Length 9500 Connection keep-alive Keep-Alive timeout=5 Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma no-cache Set-Cookie PHPSESSID=b5a6838ceca17469bba24f44edcbb3a4; path=/ Vary Accept-Encoding Content-Encoding gzip
GET H/1.1	200 OK	swfobject.js Show response www.zdrave.bg/js/	7 KB 3 KB	53ms 53ms	Script application/x-javascript	78.90.206.186 A1
General Check archive.org Show headers Download Go to Full URL http://www.zdrave.bg/js/swfobject.js Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol HTTP/1.1 Server 78.90.206.186 , Bulgaria, ASN35141 (A1, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash f2172868bc46d74ad32f2715bc25a8716e07a784b2ecb24d9d077d2125c6c993 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.zdrave.bg Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept */* Referer http://www.zdrave.bg/ Cookie PHPSESSID=b5a6838ceca17469bba24f44edcbb3a4 Connection keep-alive Cache-Control no-cache Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Sat, 04 Sep 2021 04:17:11 GMT Content-Encoding gzip Last-Modified Fri, 02 Aug 2013 09:16:07 GMT Server nginx ETag W/"51fb78d7-1ae0" Vary Accept-Encoding Content-Type application/x-javascript Transfer-Encoding chunked Connection keep-alive Keep-Alive timeout=5
GET H/1.1	200 OK	jquery.js Show response www.zdrave.bg/js/	95 KB 33 KB	109ms 90ms	Script application/x-javascript	78.90.206.186 A1
General Check archive.org Show headers Download Go to Full URL http://www.zdrave.bg/js/jquery.js Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol HTTP/1.1 Server 78.90.206.186 , Bulgaria, ASN35141 (A1, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash 28cd1264bd1c0efccf4e7e030e8fc0dac7f2176f8d88ba60c8714ea738a8f550 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.zdrave.bg Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept */* Referer http://www.zdrave.bg/ Cookie PHPSESSID=b5a6838ceca17469bba24f44edcbb3a4 Connection keep-alive Cache-Control no-cache Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Sat, 04 Sep 2021 04:17:11 GMT Content-Encoding gzip Last-Modified Fri, 02 Aug 2013 09:16:07 GMT Server nginx ETag W/"51fb78d7-17d59" Vary Accept-Encoding Content-Type application/x-javascript Transfer-Encoding chunked Connection keep-alive Keep-Alive timeout=5
GET H/1.1	200 OK	zdrave.js Show response www.zdrave.bg/js/	14 KB 5 KB	109ms 91ms	Script application/x-javascript	78.90.206.186 A1
General Check archive.org Show headers Download Go to Full URL http://www.zdrave.bg/js/zdrave.js Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol HTTP/1.1 Server 78.90.206.186 , Bulgaria, ASN35141 (A1, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash be6fd99e19aac74aa0fd01a271bae13e65496afad769c0df1e5648bd9a2cd950 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.zdrave.bg Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept */* Referer http://www.zdrave.bg/ Cookie PHPSESSID=b5a6838ceca17469bba24f44edcbb3a4 Connection keep-alive Cache-Control no-cache Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Sat, 04 Sep 2021 04:17:11 GMT Content-Encoding gzip Last-Modified Fri, 02 Aug 2013 09:16:07 GMT Server nginx ETag W/"51fb78d7-39e0" Vary Accept-Encoding Content-Type application/x-javascript Transfer-Encoding chunked Connection keep-alive Keep-Alive timeout=5
GET H2	200	gpt.js Show response www.googletagservices.com/tag/js/	70 KB 24 KB	22ms 14ms	Script text/javascript	2a00:1450:4001:808::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/tag/js/gpt.js Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4f2f64ff6932d3e275ba1a102c41cb7eb483c237a6bf96f15ed4bff7107384bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sat, 04 Sep 2021 04:17:12 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "977 / 802 of 1000 / last-modified: 1630707028" vary Accept-Encoding content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 24940 x-xss-protection 0 expires Sat, 04 Sep 2021 04:17:12 GMT
GET H2	200	sportal.gdpr.js Show response gdpr.sportal.bg/	19 KB 8 KB	312ms 61ms	Script application/javascript	85.14.4.130 EVOLINK-AS
General Check archive.org Show headers Download Go to Full URL https://gdpr.sportal.bg/sportal.gdpr.js Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 85.14.4.130 , Bulgaria, ASN8262 (EVOLINK-AS, BG), Reverse DNS sportal.bg Software nginx / Resource Hash 782a77ad65b778b8745670755fa9b2bc96e05c865936460082e3e493ddfd72f9 Request headers Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sat, 04 Sep 2021 04:17:12 GMT content-encoding gzip last-modified Wed, 05 Jun 2019 12:19:53 GMT server nginx etag W/"5cf7b369-4a2e" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript access-control-allow-origin * access-control-expose-headers Content-Length,Content-Range access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
GET H/1.1	200 OK	zdrave_styles.css www.zdrave.bg/css/	39 KB 9 KB	105ms 88ms	Stylesheet text/css	78.90.206.186 A1
General Check archive.org Show headers Download Go to Full URL http://www.zdrave.bg/css/zdrave_styles.css Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol HTTP/1.1 Server 78.90.206.186 , Bulgaria, ASN35141 (A1, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash 76fd4dd5c74aea6b02fc8ee6090b0bc6a59eda5f9d6ff38b02ed1eda91a99a48 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.zdrave.bg Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept text/css,*/*;q=0.1 Referer http://www.zdrave.bg/ Cookie PHPSESSID=b5a6838ceca17469bba24f44edcbb3a4 Connection keep-alive Cache-Control no-cache Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Sat, 04 Sep 2021 04:17:11 GMT Content-Encoding gzip Last-Modified Fri, 02 Aug 2013 09:14:56 GMT Server nginx ETag W/"51fb7890-9b37" Vary Accept-Encoding Content-Type text/css Transfer-Encoding chunked Connection keep-alive Keep-Alive timeout=5
GET H/1.1	200 OK	zdrave_search_submit.gif www.zdrave.bg/images/	1 KB 2 KB	60ms 53ms	Image image/gif	78.90.206.186 A1
General Check archive.org Show headers Download Go to Show image Full URL http://www.zdrave.bg/images/zdrave_search_submit.gif Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol HTTP/1.1 Server 78.90.206.186 , Bulgaria, ASN35141 (A1, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash 58556977e7860db2b6db32a94b0f4549ef12839318d98455cc553b5e4bd32c65 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.zdrave.bg Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.zdrave.bg/ Cookie PHPSESSID=b5a6838ceca17469bba24f44edcbb3a4 Connection keep-alive Cache-Control no-cache Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Sat, 04 Sep 2021 04:17:12 GMT Last-Modified Fri, 02 Aug 2013 09:06:43 GMT Server nginx ETag "51fb76a3-577" Content-Type image/gif Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 1399
GET H/1.1	200 OK	zdrave_header_logo.jpg www.zdrave.bg/images/	7 KB 8 KB	60ms 53ms	Image image/jpeg	78.90.206.186 A1
General Check archive.org Show headers Download Go to Show image Full URL http://www.zdrave.bg/images/zdrave_header_logo.jpg Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol HTTP/1.1 Server 78.90.206.186 , Bulgaria, ASN35141 (A1, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash 43135cf7c31641d06df7ff2d9a82cd764c227fc5fcd7ecfae563acb03dd7228c Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.zdrave.bg Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.zdrave.bg/ Cookie PHPSESSID=b5a6838ceca17469bba24f44edcbb3a4 Connection keep-alive Cache-Control no-cache Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Sat, 04 Sep 2021 04:17:12 GMT Last-Modified Fri, 02 Aug 2013 09:06:42 GMT Server nginx ETag "51fb76a2-1dca" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 7626
GET H/1.1	200 OK	zdr_left_menu_header.gif www.zdrave.bg/images/	1 KB 1 KB	59ms 54ms	Image image/gif	78.90.206.186 A1
General Check archive.org Show headers Download Go to Show image Full URL http://www.zdrave.bg/images/zdr_left_menu_header.gif Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol HTTP/1.1 Server 78.90.206.186 , Bulgaria, ASN35141 (A1, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash 2def643052cff38eef41134268f401bcfcc4eeabfc3080fe3a3f0f7026b84a5c Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.zdrave.bg Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.zdrave.bg/ Cookie PHPSESSID=b5a6838ceca17469bba24f44edcbb3a4 Connection keep-alive Cache-Control no-cache Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Sat, 04 Sep 2021 04:17:12 GMT Last-Modified Fri, 02 Aug 2013 09:06:42 GMT Server nginx ETag "51fb76a2-4ce" Content-Type image/gif Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 1230
GET H/1.1	200 OK	zdr_left_deseases_header.gif www.zdrave.bg/images/	1 KB 2 KB	59ms 54ms	Image image/gif	78.90.206.186 A1
General Check archive.org Show headers Download Go to Show image Full URL http://www.zdrave.bg/images/zdr_left_deseases_header.gif Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol HTTP/1.1 Server 78.90.206.186 , Bulgaria, ASN35141 (A1, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash 1c377127bcfa3c889dd0bf2b470b8e82892429dc22ddc8fd267f071dc74d3e42 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.zdrave.bg Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.zdrave.bg/ Cookie PHPSESSID=b5a6838ceca17469bba24f44edcbb3a4 Connection keep-alive Cache-Control no-cache Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Sat, 04 Sep 2021 04:17:12 GMT Last-Modified Fri, 02 Aug 2013 09:06:43 GMT Server nginx ETag "51fb76a3-55f" Content-Type image/gif Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 1375
GET H/1.1	200 OK	zdr_header_rss.gif www.zdrave.bg/images/	699 B 953 B	111ms 88ms	Image image/gif	78.90.206.186 A1
General Check archive.org Show headers Download Go to Show image Full URL http://www.zdrave.bg/images/zdr_header_rss.gif Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol HTTP/1.1 Server 78.90.206.186 , Bulgaria, ASN35141 (A1, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash 473f3e92b1252dba029b6c5d036d7dbfd02b1c7d8e3fda3350c22045f21ed733 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.zdrave.bg Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.zdrave.bg/ Cookie PHPSESSID=b5a6838ceca17469bba24f44edcbb3a4 Connection keep-alive Cache-Control no-cache Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Sat, 04 Sep 2021 04:17:12 GMT Last-Modified Fri, 02 Aug 2013 09:06:43 GMT Server nginx ETag "51fb76a3-2bb" Content-Type image/gif Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 699
GET H/1.1	200 OK	5782.jpg www.zdrave.bg/images/250/	16 KB 16 KB	111ms 88ms	Image image/jpeg	78.90.206.186 A1
General Check archive.org Show headers Download Go to Show image Full URL http://www.zdrave.bg/images/250/5782.jpg Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol HTTP/1.1 Server 78.90.206.186 , Bulgaria, ASN35141 (A1, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash 102423e1eefe81cf7be86b18c52ff4f91e0905b64277582386529dfaaa85e844 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.zdrave.bg Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.zdrave.bg/ Cookie PHPSESSID=b5a6838ceca17469bba24f44edcbb3a4 Connection keep-alive Cache-Control no-cache Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Sat, 04 Sep 2021 04:17:12 GMT Last-Modified Fri, 02 Aug 2013 09:08:03 GMT Server nginx ETag "51fb76f3-3fb6" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 16310
GET H/1.1	200 OK	5447.jpg www.zdrave.bg/images/250/	14 KB 14 KB	107ms 88ms	Image image/jpeg	78.90.206.186 A1
General Check archive.org Show headers Download Go to Show image Full URL http://www.zdrave.bg/images/250/5447.jpg Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol HTTP/1.1 Server 78.90.206.186 , Bulgaria, ASN35141 (A1, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash 38c41f2a23606c4ac956be11f4ed1cb6fd451007b5afd53000bce1a9999ef273 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.zdrave.bg Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.zdrave.bg/ Cookie PHPSESSID=b5a6838ceca17469bba24f44edcbb3a4 Connection keep-alive Cache-Control no-cache Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Sat, 04 Sep 2021 04:17:12 GMT Last-Modified Fri, 02 Aug 2013 09:08:17 GMT Server nginx ETag "51fb7701-37d8" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 14296
GET H/1.1	200 OK	5785.jpg www.zdrave.bg/images/250/	21 KB 21 KB	106ms 87ms	Image image/jpeg	78.90.206.186 A1
General Check archive.org Show headers Download Go to Show image Full URL http://www.zdrave.bg/images/250/5785.jpg Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol HTTP/1.1 Server 78.90.206.186 , Bulgaria, ASN35141 (A1, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash 9fec94b4ff143599afb447b8fd3a2c2b3ba59caee8670c59042fb7bd3433f58b Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.zdrave.bg Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.zdrave.bg/ Cookie PHPSESSID=b5a6838ceca17469bba24f44edcbb3a4 Connection keep-alive Cache-Control no-cache Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Sat, 04 Sep 2021 04:17:12 GMT Last-Modified Fri, 02 Aug 2013 09:07:50 GMT Server nginx ETag "51fb76e6-530e" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 21262
GET H/1.1	200 OK	5783.jpg www.zdrave.bg/images/250/	18 KB 18 KB	53ms 52ms	Image image/jpeg	78.90.206.186 A1
General Check archive.org Show headers Download Go to Show image Full URL http://www.zdrave.bg/images/250/5783.jpg Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol HTTP/1.1 Server 78.90.206.186 , Bulgaria, ASN35141 (A1, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash bb998a86cbac87a0d49bb25b54abc93972824501d99531b2c69e2de3ecebc13a Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.zdrave.bg Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.zdrave.bg/ Cookie PHPSESSID=b5a6838ceca17469bba24f44edcbb3a4 Connection keep-alive Cache-Control no-cache Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Sat, 04 Sep 2021 04:17:12 GMT Last-Modified Fri, 02 Aug 2013 09:07:59 GMT Server nginx ETag "51fb76ef-48d4" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 18644
GET H/1.1	200 OK	5707.jpg www.zdrave.bg/images/250/	21 KB 21 KB	53ms 52ms	Image image/jpeg	78.90.206.186 A1
General Check archive.org Show headers Download Go to Show image Full URL http://www.zdrave.bg/images/250/5707.jpg Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol HTTP/1.1 Server 78.90.206.186 , Bulgaria, ASN35141 (A1, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash 8d63fba992512d3d08c8a9f7b770fd6203622bdc6284e30af91d516f5a753eb9 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.zdrave.bg Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.zdrave.bg/ Cookie PHPSESSID=b5a6838ceca17469bba24f44edcbb3a4 Connection keep-alive Cache-Control no-cache Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Sat, 04 Sep 2021 04:17:12 GMT Last-Modified Fri, 02 Aug 2013 09:07:24 GMT Server nginx ETag "51fb76cc-5442" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 21570
GET H/1.1	200 OK	zdr_arrow_left.gif www.zdrave.bg/images/	53 B 277 B	178ms 54ms	Image image/gif	78.90.206.186 A1
General Check archive.org Show headers Download Go to Show image Full URL http://www.zdrave.bg/images/zdr_arrow_left.gif Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol HTTP/1.1 Server 78.90.206.186 , Bulgaria, ASN35141 (A1, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash ab100b2b5cea43ed7e6d90205014fed9b4df8d7aa8c04dba39c61f3667d1adc8 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.zdrave.bg Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.zdrave.bg/ Cookie PHPSESSID=b5a6838ceca17469bba24f44edcbb3a4 Connection keep-alive Cache-Control no-cache Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Sat, 04 Sep 2021 04:17:12 GMT Last-Modified Fri, 02 Aug 2013 09:06:43 GMT Server nginx ETag "51fb76a3-35" Content-Type image/gif Connection close Accept-Ranges bytes Content-Length 53
GET H/1.1	200 OK	zdr_arrow_right.gif www.zdrave.bg/images/	56 B 280 B	178ms 54ms	Image image/gif	78.90.206.186 A1
General Check archive.org Show headers Download Go to Show image Full URL http://www.zdrave.bg/images/zdr_arrow_right.gif Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol HTTP/1.1 Server 78.90.206.186 , Bulgaria, ASN35141 (A1, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash 4352dcef55a499ed21de78785c1d6c67db60bd24a37d5df8859d987682cb8fb1 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.zdrave.bg Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.zdrave.bg/ Cookie PHPSESSID=b5a6838ceca17469bba24f44edcbb3a4 Connection keep-alive Cache-Control no-cache Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Sat, 04 Sep 2021 04:17:12 GMT Last-Modified Fri, 02 Aug 2013 09:06:43 GMT Server nginx ETag "51fb76a3-38" Content-Type image/gif Connection close Accept-Ranges bytes Content-Length 56
GET H/1.1	200 OK	zdr_center_more_header.gif www.zdrave.bg/images/	2 KB 2 KB	175ms 53ms	Image image/gif	78.90.206.186 A1
General Check archive.org Show headers Download Go to Show image Full URL http://www.zdrave.bg/images/zdr_center_more_header.gif Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol HTTP/1.1 Server 78.90.206.186 , Bulgaria, ASN35141 (A1, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash 5e0a6d389252a6a887d3b5e3c860d758d47162b44481550be199436d95079145 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.zdrave.bg Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.zdrave.bg/ Cookie PHPSESSID=b5a6838ceca17469bba24f44edcbb3a4 Connection keep-alive Cache-Control no-cache Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Sat, 04 Sep 2021 04:17:12 GMT Last-Modified Fri, 02 Aug 2013 09:06:43 GMT Server nginx ETag "51fb76a3-889" Content-Type image/gif Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 2185
GET H/1.1	200 OK	6202.jpg www.zdrave.bg/images/80/	4 KB 4 KB	177ms 54ms	Image image/jpeg	78.90.206.186 A1
General Check archive.org Show headers Download Go to Show image Full URL http://www.zdrave.bg/images/80/6202.jpg Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol HTTP/1.1 Server 78.90.206.186 , Bulgaria, ASN35141 (A1, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash b5c9b565e21dce9ebed5eab5acfa741ba584d656fefad1e0766cf34ad869b8d8 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.zdrave.bg Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.zdrave.bg/ Cookie PHPSESSID=b5a6838ceca17469bba24f44edcbb3a4 Connection keep-alive Cache-Control no-cache Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Sat, 04 Sep 2021 04:17:12 GMT Last-Modified Thu, 11 Feb 2021 15:12:50 GMT Server nginx ETag "60254972-108f" Content-Type image/jpeg Connection close Accept-Ranges bytes Content-Length 4239
GET H/1.1	200 OK	2219.jpg www.zdrave.bg/images/80/	4 KB 4 KB	121ms 53ms	Image image/jpeg	78.90.206.186 A1
General Check archive.org Show headers Download Go to Show image Full URL http://www.zdrave.bg/images/80/2219.jpg Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol HTTP/1.1 Server 78.90.206.186 , Bulgaria, ASN35141 (A1, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash e599f75928c9adfc5466b3a9391433e89623967d26665b7c7897ea69f2ebf0d4 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.zdrave.bg Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.zdrave.bg/ Cookie PHPSESSID=b5a6838ceca17469bba24f44edcbb3a4 Connection keep-alive Cache-Control no-cache Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Sat, 04 Sep 2021 04:17:12 GMT Last-Modified Fri, 02 Aug 2013 09:11:04 GMT Server nginx ETag "51fb77a8-e21" Content-Type image/jpeg Connection close Accept-Ranges bytes Content-Length 3617
GET H/1.1	200 OK	zdr_u-know_header.gif www.zdrave.bg/images/	2 KB 2 KB	228ms 87ms	Image image/gif	78.90.206.186 A1
General Check archive.org Show headers Download Go to Show image Full URL http://www.zdrave.bg/images/zdr_u-know_header.gif Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol HTTP/1.1 Server 78.90.206.186 , Bulgaria, ASN35141 (A1, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash e47b9e815087e2fc99bbf6cbf261c70deb464a65398b4f20b20a12594fa1e479 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.zdrave.bg Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.zdrave.bg/ Cookie PHPSESSID=b5a6838ceca17469bba24f44edcbb3a4 Connection keep-alive Cache-Control no-cache Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Sat, 04 Sep 2021 04:17:12 GMT Last-Modified Fri, 02 Aug 2013 09:06:43 GMT Server nginx ETag "51fb76a3-78a" Content-Type image/gif Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 1930
GET H/1.1	200 OK	5283.jpg www.zdrave.bg/images/60/	3 KB 3 KB	53ms 53ms	Image image/jpeg	78.90.206.186 A1
General Check archive.org Show headers Download Go to Show image Full URL http://www.zdrave.bg/images/60/5283.jpg Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol HTTP/1.1 Server 78.90.206.186 , Bulgaria, ASN35141 (A1, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash c12883dc07f971d67e5b7c0b6bbb496858e0721f94d05706bac6215bf9b6908b Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.zdrave.bg Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.zdrave.bg/ Cookie PHPSESSID=b5a6838ceca17469bba24f44edcbb3a4 Connection keep-alive Cache-Control no-cache Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Sat, 04 Sep 2021 04:17:12 GMT Last-Modified Fri, 02 Aug 2013 09:11:41 GMT Server nginx ETag "51fb77cd-cc8" Content-Type image/jpeg Connection close Accept-Ranges bytes Content-Length 3272
GET H/1.1	200 OK	4665.jpg www.zdrave.bg/images/60/	2 KB 3 KB	53ms 52ms	Image image/jpeg	78.90.206.186 A1
General Check archive.org Show headers Download Go to Show image Full URL http://www.zdrave.bg/images/60/4665.jpg Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol HTTP/1.1 Server 78.90.206.186 , Bulgaria, ASN35141 (A1, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash 8a33f2d843dec50c117b7023802cfef9631c4e163bacdbd88b7eb6dc8512f6cf Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.zdrave.bg Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.zdrave.bg/ Cookie PHPSESSID=b5a6838ceca17469bba24f44edcbb3a4 Connection keep-alive Cache-Control no-cache Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Sat, 04 Sep 2021 04:17:12 GMT Last-Modified Fri, 02 Aug 2013 09:11:40 GMT Server nginx ETag "51fb77cc-93f" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 2367
GET H/1.1	200 OK	677.jpg www.zdrave.bg/images/60/	3 KB 3 KB	56ms 53ms	Image image/jpeg	78.90.206.186 A1
General Check archive.org Show headers Download Go to Show image Full URL http://www.zdrave.bg/images/60/677.jpg Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol HTTP/1.1 Server 78.90.206.186 , Bulgaria, ASN35141 (A1, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash db9d01707fe76a51a28349eca999d875004049d3ba47686e7274fa1c79b0a869 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.zdrave.bg Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.zdrave.bg/ Cookie PHPSESSID=b5a6838ceca17469bba24f44edcbb3a4 Connection keep-alive Cache-Control no-cache Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Sat, 04 Sep 2021 04:17:12 GMT Last-Modified Fri, 02 Aug 2013 09:11:20 GMT Server nginx ETag "51fb77b8-cf9" Content-Type image/jpeg Connection close Accept-Ranges bytes Content-Length 3321
GET H/1.1	200 OK	5289.jpg www.zdrave.bg/images/60/	3 KB 3 KB	64ms 53ms	Image image/jpeg	78.90.206.186 A1
General Check archive.org Show headers Download Go to Show image Full URL http://www.zdrave.bg/images/60/5289.jpg Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol HTTP/1.1 Server 78.90.206.186 , Bulgaria, ASN35141 (A1, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash 6d57e824e059301698f353db1cf92025de2a6d1e6f8c5abbffc24fc768e13550 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.zdrave.bg Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.zdrave.bg/ Cookie PHPSESSID=b5a6838ceca17469bba24f44edcbb3a4 Connection keep-alive Cache-Control no-cache Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Sat, 04 Sep 2021 04:17:12 GMT Last-Modified Fri, 02 Aug 2013 09:11:41 GMT Server nginx ETag "51fb77cd-a79" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 2681
GET H/1.1	200 OK	3700.jpg www.zdrave.bg/images/60/	3 KB 3 KB	91ms 87ms	Image image/jpeg	78.90.206.186 A1
General Check archive.org Show headers Download Go to Show image Full URL http://www.zdrave.bg/images/60/3700.jpg Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol HTTP/1.1 Server 78.90.206.186 , Bulgaria, ASN35141 (A1, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash b583d05bbbb011366fea9dda74ebd9cf77ac7b83fc1736e7c8529d151e6277d5 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.zdrave.bg Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.zdrave.bg/ Cookie PHPSESSID=b5a6838ceca17469bba24f44edcbb3a4 Connection keep-alive Cache-Control no-cache Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Sat, 04 Sep 2021 04:17:12 GMT Last-Modified Fri, 02 Aug 2013 09:11:51 GMT Server nginx ETag "51fb77d7-aa5" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 2725
GET H/1.1	200 OK	4977.jpg www.zdrave.bg/images/60/	3 KB 3 KB	53ms 53ms	Image image/jpeg	78.90.206.186 A1
General Check archive.org Show headers Download Go to Show image Full URL http://www.zdrave.bg/images/60/4977.jpg Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol HTTP/1.1 Server 78.90.206.186 , Bulgaria, ASN35141 (A1, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash a960c0aa92033ca3ecfdd81cec7a4443d8e73f7081f1d5fb91f165e05e2d58eb Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.zdrave.bg Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.zdrave.bg/ Cookie PHPSESSID=b5a6838ceca17469bba24f44edcbb3a4 Connection keep-alive Cache-Control no-cache Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Sat, 04 Sep 2021 04:17:12 GMT Last-Modified Fri, 02 Aug 2013 09:11:48 GMT Server nginx ETag "51fb77d4-b56" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 2902
GET H/1.1	200 OK	5822.jpg www.zdrave.bg/images/80/	3 KB 3 KB	215ms 55ms	Image image/jpeg	78.90.206.186 A1
General Check archive.org Show headers Download Go to Show image Full URL http://www.zdrave.bg/images/80/5822.jpg Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol HTTP/1.1 Server 78.90.206.186 , Bulgaria, ASN35141 (A1, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash be8a61c5d7715ba61c258ac1b146a8e29da020251bd6dee9cc36424a050e560a Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.zdrave.bg Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.zdrave.bg/ Cookie PHPSESSID=b5a6838ceca17469bba24f44edcbb3a4 Connection keep-alive Cache-Control no-cache Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Sat, 04 Sep 2021 04:17:12 GMT Last-Modified Fri, 02 Aug 2013 09:10:20 GMT Server nginx ETag "51fb777c-c31" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 3121
GET H/1.1	200 OK	adi-ec561a14.js Show response tas-bg.toboads.com/js/ Redirect Chain http://relay-bg.ads.httpool.com/ http://tas-bg.toboads.com/js/adi-ec561a14.js	121 KB 121 KB	124ms 77ms	Script text/javascript	91.209.18.100 HTTPOOL-NET-AS
General Check archive.org Show headers Download Go to Full URL http://tas-bg.toboads.com/js/adi-ec561a14.js Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol HTTP/1.1 Server 91.209.18.100 , Slovenia, ASN8558 (HTTPOOL-NET-AS, SI), Reverse DNS tas.toboads.com Software nginx / PHP/7.1.13 Resource Hash 03232ddd3dcbd5d0f07160384a4c08c4bef0e84a91acec0278193f6591f0f3ce Request headers Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Sat, 04 Sep 2021 04:17:12 GMT Last-Modified Wed, 14 Apr 2021 13:12:12 GMT Server nginx X-Powered-By PHP/7.1.13 ETag W/"ebadc3b25a8662991415a39814ec4260" Transfer-Encoding chunked P3P policyref="/w3c/p3p.xml", CP="httpool" Cache-Control private, max-age=21254400 Connection keep-alive Content-Type text/javascript;charset=UTF-8 Expires Thu, 16 Dec 2021 14:12:12 GMT Redirect headers Date Sat, 04 Sep 2021 04:17:12 GMT Last-Modified Sat, 04 Sep 2021 04:17:12 GMT Server nginx X-Powered-By PHP/7.1.13 Transfer-Encoding chunked Content-Type text/html; charset=UTF-8 Location http://tas-bg.toboads.com/js/adi-ec561a14.js Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0 Connection keep-alive
GET H/1.1	200 OK	zdr_right_quiz_vote.gif www.zdrave.bg/images/	734 B 988 B	53ms 53ms	Image image/gif	78.90.206.186 A1
General Check archive.org Show headers Download Go to Show image Full URL http://www.zdrave.bg/images/zdr_right_quiz_vote.gif Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol HTTP/1.1 Server 78.90.206.186 , Bulgaria, ASN35141 (A1, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash 581b5d3edb9fc27999b016832d576b42d39a6702eacf9e9ec60d8c0a6917e381 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.zdrave.bg Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.zdrave.bg/ Cookie PHPSESSID=b5a6838ceca17469bba24f44edcbb3a4 Connection keep-alive Cache-Control no-cache Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Sat, 04 Sep 2021 04:17:12 GMT Last-Modified Fri, 02 Aug 2013 09:06:42 GMT Server nginx ETag "51fb76a2-2de" Content-Type image/gif Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 734
GET H/1.1	200 OK	all.js Show response connect.facebook.net/en_US/	3 KB 3 KB	8ms 6ms	Script application/x-javascript	2a03:2880:f02d:100:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL http://connect.facebook.net/en_US/all.js Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol HTTP/1.1 Server 2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 7ba115d2067bcdf3c361bb0bf9f6688ce3c71a0e0c66bb881dda8eadbe6604cf Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000; preload; includeSubDomains Content-Encoding gzip X-Content-Type-Options nosniff Content-MD5 31p6PkmS+hNj25J9tBLXvA== content-security-policy-report-only default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; cross-origin-resource-policy cross-origin Connection close Alt-Svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 Content-Length 1685 x-fb-rlafr 0 X-FB-Debug zwVOlb2Ox0BUTUL4SCY8ZJjLQ3rL8+WanYOpGkRXNbuuDik3IP0V56GEzcYLmvsaRR6MaQ2YQt2v9vTxEmgLJw== X-FB-TRIP-ID 917726464 x-fb-content-md5 44aeb60be2c74cf6606ae94514a16018 X-Frame-Options DENY Date Sat, 04 Sep 2021 04:17:12 GMT Vary Accept-Encoding Content-Type application/x-javascript; charset=utf-8 Access-Control-Allow-Origin * Access-Control-Expose-Headers X-FB-Content-MD5 Cache-Control public,max-age=1200,stale-while-revalidate=3600 ETag "2c3c1cbed271970dbbfa5b0aa84c932c" timing-allow-origin * Priority u=3,i Expires Sat, 04 Sep 2021 04:18:26 GMT
GET H/1.1	200 OK	bullet_orange_top_menu.gif www.zdrave.bg/images/	1 KB 1 KB	53ms 52ms	Image image/gif	78.90.206.186 A1
General Check archive.org Show headers Download Go to Show image Full URL http://www.zdrave.bg/images/bullet_orange_top_menu.gif Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/css/zdrave_styles.css Protocol HTTP/1.1 Server 78.90.206.186 , Bulgaria, ASN35141 (A1, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash 294a8041d261138b6673afb0ce72c680992d5a4091009aa655e6e79297f9d9df Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.zdrave.bg Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.zdrave.bg/css/zdrave_styles.css Cookie PHPSESSID=b5a6838ceca17469bba24f44edcbb3a4 Connection keep-alive Cache-Control no-cache Referer http://www.zdrave.bg/css/zdrave_styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Sat, 04 Sep 2021 04:17:12 GMT Last-Modified Fri, 02 Aug 2013 09:06:44 GMT Server nginx ETag "51fb76a4-44c" Content-Type image/gif Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 1100
GET H/1.1	200 OK	zdrave_header_bottom_full_bg.gif www.zdrave.bg/images/	1 KB 2 KB	79ms 52ms	Image image/gif	78.90.206.186 A1
General Check archive.org Show headers Download Go to Show image Full URL http://www.zdrave.bg/images/zdrave_header_bottom_full_bg.gif Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/css/zdrave_styles.css Protocol HTTP/1.1 Server 78.90.206.186 , Bulgaria, ASN35141 (A1, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash 97b37c3497e067d19d97bdf7b62b5749b3e132ca56220e5698d8d66d90757dd5 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.zdrave.bg Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.zdrave.bg/css/zdrave_styles.css Cookie PHPSESSID=b5a6838ceca17469bba24f44edcbb3a4 Connection keep-alive Cache-Control no-cache Referer http://www.zdrave.bg/css/zdrave_styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Sat, 04 Sep 2021 04:17:12 GMT Last-Modified Fri, 02 Aug 2013 09:06:43 GMT Server nginx ETag "51fb76a3-536" Content-Type image/gif Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 1334
GET H/1.1	200 OK	zdrave_header_container_bg.jpg www.zdrave.bg/images/	3 KB 3 KB	79ms 53ms	Image image/jpeg	78.90.206.186 A1
General Check archive.org Show headers Download Go to Show image Full URL http://www.zdrave.bg/images/zdrave_header_container_bg.jpg Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/css/zdrave_styles.css Protocol HTTP/1.1 Server 78.90.206.186 , Bulgaria, ASN35141 (A1, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash 85d4ef637cacccef5919fa290c3c104c8682d939e7f0b1e4d0cfb67f09307778 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.zdrave.bg Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.zdrave.bg/css/zdrave_styles.css Cookie PHPSESSID=b5a6838ceca17469bba24f44edcbb3a4 Connection keep-alive Cache-Control no-cache Referer http://www.zdrave.bg/css/zdrave_styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Sat, 04 Sep 2021 04:17:12 GMT Last-Modified Fri, 02 Aug 2013 09:06:43 GMT Server nginx ETag "51fb76a3-be5" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 3045
GET H/1.1	200 OK	zdrave_dropdown_menu_bckgr_last.gif www.zdrave.bg/images/	169 B 422 B	134ms 53ms	Image image/gif	78.90.206.186 A1
General Check archive.org Show headers Download Go to Show image Full URL http://www.zdrave.bg/images/zdrave_dropdown_menu_bckgr_last.gif Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/css/zdrave_styles.css Protocol HTTP/1.1 Server 78.90.206.186 , Bulgaria, ASN35141 (A1, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash ff4c6510b024bdf4d4a38848129fe74137b0d2eb3acaee253854a51e385e2273 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.zdrave.bg Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.zdrave.bg/css/zdrave_styles.css Cookie PHPSESSID=b5a6838ceca17469bba24f44edcbb3a4 Connection keep-alive Cache-Control no-cache Referer http://www.zdrave.bg/css/zdrave_styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Sat, 04 Sep 2021 04:17:12 GMT Last-Modified Fri, 02 Aug 2013 09:06:42 GMT Server nginx ETag "51fb76a2-a9" Content-Type image/gif Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 169
GET H/1.1	200 OK	zdrave_dropdown_menu_bckgr_circle.gif www.zdrave.bg/images/	49 B 301 B	79ms 53ms	Image image/gif	78.90.206.186 A1
General Check archive.org Show headers Download Go to Show image Full URL http://www.zdrave.bg/images/zdrave_dropdown_menu_bckgr_circle.gif Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/css/zdrave_styles.css Protocol HTTP/1.1 Server 78.90.206.186 , Bulgaria, ASN35141 (A1, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash e33d9e3eb211444580014e5a7ee28f61f8ad40ada8a191246ee2988cf9567285 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.zdrave.bg Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.zdrave.bg/css/zdrave_styles.css Cookie PHPSESSID=b5a6838ceca17469bba24f44edcbb3a4 Connection keep-alive Cache-Control no-cache Referer http://www.zdrave.bg/css/zdrave_styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Sat, 04 Sep 2021 04:17:12 GMT Last-Modified Fri, 02 Aug 2013 09:06:43 GMT Server nginx ETag "51fb76a3-31" Content-Type image/gif Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 49
GET H/1.1	200 OK	zdr_left_menu_plus.gif www.zdrave.bg/images/	4 KB 4 KB	79ms 52ms	Image image/gif	78.90.206.186 A1
General Check archive.org Show headers Download Go to Show image Full URL http://www.zdrave.bg/images/zdr_left_menu_plus.gif Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/css/zdrave_styles.css Protocol HTTP/1.1 Server 78.90.206.186 , Bulgaria, ASN35141 (A1, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash 866adec983f3c77bb4f6584cbffc36290ba9e0252b7ea388240e5e58fd8e6876 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.zdrave.bg Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.zdrave.bg/css/zdrave_styles.css Cookie PHPSESSID=b5a6838ceca17469bba24f44edcbb3a4 Connection keep-alive Cache-Control no-cache Referer http://www.zdrave.bg/css/zdrave_styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Sat, 04 Sep 2021 04:17:12 GMT Last-Modified Fri, 02 Aug 2013 09:06:43 GMT Server nginx ETag "51fb76a3-f34" Content-Type image/gif Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 3892
GET H/1.1	200 OK	zdr_center_top_header.gif www.zdrave.bg/images/	3 KB 3 KB	151ms 52ms	Image image/gif	78.90.206.186 A1
General Check archive.org Show headers Download Go to Show image Full URL http://www.zdrave.bg/images/zdr_center_top_header.gif Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/css/zdrave_styles.css Protocol HTTP/1.1 Server 78.90.206.186 , Bulgaria, ASN35141 (A1, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash 4f3a3090e0884756fa93224898619ab10c0bf0e216421914dc787287a76cedbc Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.zdrave.bg Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.zdrave.bg/css/zdrave_styles.css Cookie PHPSESSID=b5a6838ceca17469bba24f44edcbb3a4 Connection keep-alive Cache-Control no-cache Referer http://www.zdrave.bg/css/zdrave_styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Sat, 04 Sep 2021 04:17:12 GMT Last-Modified Fri, 02 Aug 2013 09:06:43 GMT Server nginx ETag "51fb76a3-a4c" Content-Type image/gif Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 2636
GET H/1.1	200 OK	zdr_bullet_romb.gif www.zdrave.bg/images/	134 B 387 B	120ms 53ms	Image image/gif	78.90.206.186 A1
General Check archive.org Show headers Download Go to Show image Full URL http://www.zdrave.bg/images/zdr_bullet_romb.gif Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol HTTP/1.1 Server 78.90.206.186 , Bulgaria, ASN35141 (A1, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash 796c84eac5bb533e3ed7bf97fb67fa1d1ab6b6115f81a82c9d1994ea415f7a44 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.zdrave.bg Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.zdrave.bg/ Cookie PHPSESSID=b5a6838ceca17469bba24f44edcbb3a4 Connection keep-alive Cache-Control no-cache Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Sat, 04 Sep 2021 04:17:12 GMT Last-Modified Fri, 02 Aug 2013 09:06:43 GMT Server nginx ETag "51fb76a3-86" Content-Type image/gif Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 134
GET H/1.1	200 OK	zdr_center_header_faq.gif www.zdrave.bg/images/	3 KB 3 KB	120ms 53ms	Image image/gif	78.90.206.186 A1
General Check archive.org Show headers Download Go to Show image Full URL http://www.zdrave.bg/images/zdr_center_header_faq.gif Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol HTTP/1.1 Server 78.90.206.186 , Bulgaria, ASN35141 (A1, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash 4d6f39ef46419482e924286a45ce79748ed22edb7de4bafa7575597214ef373b Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.zdrave.bg Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.zdrave.bg/ Cookie PHPSESSID=b5a6838ceca17469bba24f44edcbb3a4 Connection keep-alive Cache-Control no-cache Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Sat, 04 Sep 2021 04:17:12 GMT Last-Modified Fri, 02 Aug 2013 09:06:43 GMT Server nginx ETag "51fb76a3-c4c" Content-Type image/gif Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 3148
GET H/1.1	200 OK	zdrave_advice_header.gif www.zdrave.bg/images/	1 KB 1 KB	120ms 53ms	Image image/gif	78.90.206.186 A1
General Check archive.org Show headers Download Go to Show image Full URL http://www.zdrave.bg/images/zdrave_advice_header.gif Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/css/zdrave_styles.css Protocol HTTP/1.1 Server 78.90.206.186 , Bulgaria, ASN35141 (A1, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash 9ba6247d89411f5e450c2348f4605a57f12122b29cf102671929c26c905e66b1 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.zdrave.bg Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.zdrave.bg/css/zdrave_styles.css Cookie PHPSESSID=b5a6838ceca17469bba24f44edcbb3a4 Connection keep-alive Cache-Control no-cache Referer http://www.zdrave.bg/css/zdrave_styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Sat, 04 Sep 2021 04:17:12 GMT Last-Modified Fri, 02 Aug 2013 09:06:43 GMT Server nginx ETag "51fb76a3-43e" Content-Type image/gif Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 1086
GET H2	200	all.js Show response connect.facebook.net/en_US/	222 KB 66 KB	21ms 6ms	Script application/x-javascript	2a03:2880:f02d:100:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/all.js?hash=de50500e51809ea0f81a7be704186d01 Requested by Host: connect.facebook.net URL: http://connect.facebook.net/en_US/all.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash f290093834915de1c1c704351fa428eaab92079c5293322fa1928ff5d80c0c4d Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Origin http://www.zdrave.bg Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff content-md5 Yc2uy9DpTz8NZp93YO69DA== cross-origin-resource-policy cross-origin expires Sun, 04 Sep 2022 03:39:52 GMT alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 66846 x-fb-rlafr 0 x-fb-debug F5VmIWmYpN9N/3Q93v1vSf8Qs5TZngys+mg5dtuPAW20JYCavgtMt9//w9Q+AzBhYSjtPrxGip9c8bYO6sdv0Q== x-fb-trip-id 2050670934 x-fb-content-md5 5621132ac131272582069895a3131deb cross-origin-opener-policy same-origin-allow-popups cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" date Sat, 04 Sep 2021 04:17:12 GMT x-frame-options DENY report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public,max-age=31536000,stale-while-revalidate=3600,immutable etag "3a1d0d769748c107965cb6fca1c8aefb" timing-allow-origin * priority u=3,i access-control-expose-headers X-FB-Content-MD5
GET H2	200	pubads_impl_2021090101.js Show response securepubads.g.doubleclick.net/gpt/	333 KB 117 KB	37ms 36ms	Script text/javascript	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090101.js?31062471 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software sffe / Resource Hash 8d9f1e7a5653eade39c663ba7e740f5f8b51fde9a7fcc7e2d59b0338598e5075 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sat, 04 Sep 2021 04:17:12 GMT content-encoding gzip x-content-type-options nosniff last-modified Wed, 01 Sep 2021 08:42:46 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control private, immutable, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 119248 x-xss-protection 0 expires Sat, 04 Sep 2021 04:17:12 GMT
GET H2	200	ppub_config Show response securepubads.g.doubleclick.net/pagead/	108 B 278 B	71ms 71ms	XHR application/json	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.zdrave.bg Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash 23d195e2b1448029a98c3a1bf50be0ab4719e60caeebbb5b1b232983e335869a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers timing-allow-origin * date Sat, 04 Sep 2021 04:17:12 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private, max-age=3600, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 91 x-xss-protection 0 expires Sat, 04 Sep 2021 04:17:12 GMT
GET H/1.1	200 OK	zdrave_topic_accent_header.gif www.zdrave.bg/images/	2 KB 2 KB	184ms 53ms	Image image/gif	78.90.206.186 A1
General Check archive.org Show headers Download Go to Show image Full URL http://www.zdrave.bg/images/zdrave_topic_accent_header.gif Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/css/zdrave_styles.css Protocol HTTP/1.1 Server 78.90.206.186 , Bulgaria, ASN35141 (A1, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash 350d86c0140550202426b067ebeb07ccdab9974634cd9679316cd8e72dcbfd7e Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.zdrave.bg Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.zdrave.bg/css/zdrave_styles.css Cookie PHPSESSID=b5a6838ceca17469bba24f44edcbb3a4 Connection keep-alive Cache-Control no-cache Referer http://www.zdrave.bg/css/zdrave_styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Sat, 04 Sep 2021 04:17:12 GMT Last-Modified Fri, 02 Aug 2013 09:06:42 GMT Server nginx ETag "51fb76a2-7e7" Content-Type image/gif Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 2023
GET H/1.1	200 OK	bullet_yellow_green_bg.gif www.zdrave.bg/images/	131 B 384 B	262ms 87ms	Image image/gif	78.90.206.186 A1
General Check archive.org Show headers Download Go to Show image Full URL http://www.zdrave.bg/images/bullet_yellow_green_bg.gif Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/css/zdrave_styles.css Protocol HTTP/1.1 Server 78.90.206.186 , Bulgaria, ASN35141 (A1, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash 1de6e720901fe5ca658c1323b895ef2d0a14508e1403cbfc1b18d938c610d452 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.zdrave.bg Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.zdrave.bg/css/zdrave_styles.css Cookie PHPSESSID=b5a6838ceca17469bba24f44edcbb3a4 Connection keep-alive Cache-Control no-cache Referer http://www.zdrave.bg/css/zdrave_styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Sat, 04 Sep 2021 04:17:12 GMT Last-Modified Fri, 02 Aug 2013 09:06:43 GMT Server nginx ETag "51fb76a3-83" Content-Type image/gif Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 131
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 165 B	15ms 15ms	Script application/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.zdrave.bg Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090101.js?31062471 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers timing-allow-origin * date Sat, 04 Sep 2021 04:17:12 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3-29	200	ads Show response securepubads.g.doubleclick.net/gampad/	79 KB 20 KB	320ms 318ms	XHR text/plain	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1810207103986679&correlator=346666654058650&output=ldjh&impl=fifs&eid=31060439%2C31062471%2C21068031%2C31062297&vrg=2021090101&ptt=17&sc=0&sfv=1-0-38&ecs=20210904&iu_parts=26641721%2Czdrave.bg_160x600%2Czdrave.bg_300x250%2Czdrave.bg_branding_megaboard&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=160x600%2C300x600%7C300x250%2C1x1%7C728x90%7C980x200&cookie_enabled=1&bc=23&abxe=1&lmt=1630729032&dt=1630729032231&dlt=1630729031843&idt=361&frm=20&biw=1600&bih=1200&oid=3&adxs=310%2C990%2C562&adys=811%2C283%2C37&adks=210898386%2C3271815912%2C192288229&ucis=1%7C2%7C3&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=http%3A%2F%2Fwww.zdrave.bg%2F&vis=1&scr_x=0&scr_y=0&psz=160x600%7C300x0%7C728x90&msz=160x-1%7C300x0%7C728x0&ga_vid=750673169.1630729032&ga_sid=1630729032&ga_hid=1921641621&ga_fc=false&fws=0%2C0%2C0&ohw=0%2C0%2C0&btvi=0%7C0%7C0 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090101.js?31062471 Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash b4b1680d9a5d3b413e4e7efadd161bfb5917cfcf11d6e5ac4c47ce666812ed0b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sat, 04 Sep 2021 04:17:12 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20558 x-xss-protection 0 google-lineitem-id -1,-1,-1 pragma no-cache server cafe google-creative-id -1,-1,-1 content-type text/plain; charset=UTF-8 access-control-allow-origin http://www.zdrave.bg access-control-expose-headers x-google-amp-ad-validated-version cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html Show response bb8f1f5ebfaeeba276feb7f8c1cb2658.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4B20	6 KB 3 KB	59ms 14ms	Document text/html	2a00:1450:4001:82f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://bb8f1f5ebfaeeba276feb7f8c1cb2658.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090101.js?31062471 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority bb8f1f5ebfaeeba276feb7f8c1cb2658.safeframe.googlesyndication.com :scheme https :path /safeframe/1-0-38/html/container.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer http://www.zdrave.bg/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Referer http://www.zdrave.bg/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin timing-allow-origin * content-length 3108 date Sat, 04 Sep 2021 04:17:12 GMT expires Sun, 04 Sep 2022 04:17:12 GMT cache-control public, immutable, max-age=31536000 last-modified Tue, 02 Mar 2021 20:17:03 GMT x-content-type-options nosniff server sffe x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H/1.1	200 OK	adl-d9566a3e.js Show response tas-bg.toboads.com/js/	367 B 759 B	66ms 66ms	Script text/javascript	91.209.18.100 HTTPOOL-NET-AS
General Check archive.org Show headers Download Go to Full URL http://tas-bg.toboads.com/js/adl-d9566a3e.js?b=1&rq=128956ab-d58d-2e9a-6204-0c0805cfdd63&vt=8a78d53b-572b-4dfc-9799-4cf31f91ccb5&isf=false&zn=533338dda&tm=0&af=300x250&fv=undefined&nw=0&co=1&vh=1200&vw=1600&asc=0&srf=http%3A%2F%2Fwww.zdrave.bg%2F&loc=eq-srf&rn=a0fa4a88-df98-5d57-b4df-b3ae1c146ba4&ct=be2be0e6-ef03-4a25-4f21-b5a533066462&c=hA_c_0_c4bb2f43&ah=0& Requested by Host: URL: webpack:///../javascript/src/WindowManager.js? Protocol HTTP/1.1 Server 91.209.18.100 , Slovenia, ASN8558 (HTTPOOL-NET-AS, SI), Reverse DNS tas.toboads.com Software nginx / PHP/7.1.13 Resource Hash 2b884d8ef3ad0920fa184bea4c4572f438c7cfcb221895a0db6e6ed00a42b3ab Request headers Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers Pragma no-cache Date Sat, 04 Sep 2021 04:17:12 GMT Last-Modified Sat, 04 Sep 2021 04:17:12 GMT Server nginx X-Powered-By PHP/7.1.13 Transfer-Encoding chunked P3P policyref="/w3c/p3p.xml", CP="httpool" Cache-Control private, max-age: 0 Connection keep-alive Content-Type text/javascript; charset=utf-8 Expires Sat, 04 Sep 2021 03:17:12 GMT
GET H2	200	likebox.php Show response www.facebook.com/plugins/ Frame 06F1 Redirect Chain http://www.facebook.com/plugins/likebox.php?id=194681971570&width=300&connections=10&stream=false&header=false&height=255 https://www.facebook.com/plugins/likebox.php?id=194681971570&width=300&connections=10&stream=false&header=false&height=255	14 KB 6 KB	39ms 39ms	Document text/html	2a03:2880:f12d:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/plugins/likebox.php?id=194681971570&width=300&connections=10&stream=false&header=false&height=255 Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 10d441ce0c59041608390c74920230e1cf4fd5c7c20d12485b67bd554555a309 Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority www.facebook.com :scheme https :path /plugins/likebox.php?id=194681971570&width=300&connections=10&stream=false&header=false&height=255 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer http://www.zdrave.bg/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Referer http://www.zdrave.bg/ Response headers vary Accept-Encoding content-encoding br x-fb-rlafr 0 cross-origin-opener-policy unsafe-none pragma no-cache cache-control private, no-cache, no-store, must-revalidate expires Sat, 01 Jan 2000 00:00:00 GMT x-content-type-options nosniff x-xss-protection 0 content-security-policy-report-only default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com;worker-src blob:;report-uri https://www.facebook.com/csp/reporting/?minimize=0; content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; strict-transport-security max-age=15552000; preload content-type text/html; charset="utf-8" x-fb-debug GxiYf01uM35ba6Pef7UBMCVIuArJPxzaXAvUrD2RYnoftooFKrV/gzH4x/7e9HNM2tX5/9YtBOkZ1fpw4nCe0g== date Sat, 04 Sep 2021 04:17:12 GMT priority u=3,i alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 Redirect headers Location https://www.facebook.com/plugins/likebox.php?id=194681971570&width=300&connections=10&stream=false&header=false&height=255 Content-Type text/html; charset="utf-8" X-FB-Debug 8ZxLrLhRnKETdwSrrvx/mQIvvfLjJPMz5VDQ2CQULwdfY2zjH0WREVB4bqVigWeD/DPH180BxXiQIJNJOSep+Q== Date Sat, 04 Sep 2021 04:17:12 GMT Priority u=3,i Alt-Svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 Connection keep-alive Content-Length 0
GET H/1.1	200 OK	ga.js Show response www.google-analytics.com/	45 KB 17 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:82a::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL http://www.google-analytics.com/ga.js Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol HTTP/1.1 Server 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Strict-Transport-Security max-age=10886400; includeSubDomains; preload Content-Encoding gzip X-Content-Type-Options nosniff Last-Modified Wed, 11 Aug 2021 00:32:57 GMT Server Golfe2 Age 553 Date Sat, 04 Sep 2021 04:07:59 GMT Vary Accept-Encoding Content-Type text/javascript Cache-Control public, max-age=7200 Cross-Origin-Resource-Policy cross-origin Content-Length 17168 Expires Sat, 04 Sep 2021 06:07:59 GMT
GET H/1.1	200 OK	xgemius.js Show response gabg.hit.gemius.pl/	40 KB 11 KB	120ms 95ms	Script application/x-javascript	78.128.6.42 TELEPOINT
General Check archive.org Show headers Download Go to Full URL http://gabg.hit.gemius.pl/xgemius.js Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol HTTP/1.1 Server 78.128.6.42 , Bulgaria, ASN31083 (TELEPOINT, BG), Reverse DNS ip-6-42.telehouse.bg Software GHC / Resource Hash 99a336d42e4e130971fac5e498ac76a43d12fd0acb56a846543dfaa37eccb67c Request headers Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Sat, 04 Sep 2021 04:17:12 GMT Content-Encoding gzip Last-Modified Mon, 23 Aug 2021 12:01:23 GMT Server GHC Vary Accept-Encoding,Origin P3P CP="NOI DSP COR NID PSAo OUR IND" Cache-Control max-age=43200 Cross-Origin-Resource-Policy cross-origin Connection keep-alive Accept-Ranges none Content-Type application/x-javascript Keep-Alive timeout=10 Content-Length 10838 Expires Sat, 04 Sep 2021 16:17:12 GMT
GET H/1.1	200 OK	/ Show response bg.search.etargetnet.com/a/	574 B 1 KB	145ms 74ms	Script application/javascript	195.168.10.173 AS-BENESTRA Brati...
General Check archive.org Show headers Download Go to Full URL http://bg.search.etargetnet.com/a/?ref=69700 Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol HTTP/1.1 Server 195.168.10.173 Nitra, Slovakia, ASN5578 (AS-BENESTRA Bratislava, Slovak Republic, SK), Reverse DNS a45.etarget.sh.cust.gts.sk Software nginx / Resource Hash b1a6d5f4ffb9218e749c18808d39035c35fd82bae68544aa27bf7ac9c1dba6a8 Request headers Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Pragma cache Date Sat, 04 Sep 2021 04:17:12 GMT Content-Encoding gzip Server nginx Vary Accept-Encoding P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM", policyref="/w3c/p3p.xml" Y-Protected-By Bulbasaur/mblade01-01-a Cache-Control max-age=7200 Transfer-Encoding chunked Connection keep-alive X-Protected-By Bee/0.41 Content-Type application/javascript; charset=windows-1250 Expires Sat, 04 Sep 2021 06:17:12 GMT
GET H/1.1	200 OK	zdr_right_top_header.gif www.zdrave.bg/images/	2 KB 2 KB	53ms 52ms	Image image/gif	78.90.206.186 A1
General Check archive.org Show headers Download Go to Show image Full URL http://www.zdrave.bg/images/zdr_right_top_header.gif Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/css/zdrave_styles.css Protocol HTTP/1.1 Server 78.90.206.186 , Bulgaria, ASN35141 (A1, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash 9cc2a05d65d6805b9ea06989155a430932bf4d994915a617ecaeab4dd2dc5bdf Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.zdrave.bg Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.zdrave.bg/css/zdrave_styles.css Cookie PHPSESSID=b5a6838ceca17469bba24f44edcbb3a4; etargetTimedXbg69700=1 Connection keep-alive Cache-Control no-cache Referer http://www.zdrave.bg/css/zdrave_styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Sat, 04 Sep 2021 04:17:12 GMT Last-Modified Fri, 02 Aug 2013 09:06:44 GMT Server nginx ETag "51fb76a4-7de" Content-Type image/gif Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 2014
GET H/1.1	200 OK	zdr_right_quiz_header.gif www.zdrave.bg/images/	2 KB 2 KB	54ms 53ms	Image image/gif	78.90.206.186 A1
General Check archive.org Show headers Download Go to Show image Full URL http://www.zdrave.bg/images/zdr_right_quiz_header.gif Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/css/zdrave_styles.css Protocol HTTP/1.1 Server 78.90.206.186 , Bulgaria, ASN35141 (A1, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash 45f03badef9166a1e3a0a32d90c2142aa3426de23b7729770328ce8d0853f0bc Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.zdrave.bg Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.zdrave.bg/css/zdrave_styles.css Cookie PHPSESSID=b5a6838ceca17469bba24f44edcbb3a4; etargetTimedXbg69700=1 Connection keep-alive Cache-Control no-cache Referer http://www.zdrave.bg/css/zdrave_styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Sat, 04 Sep 2021 04:17:12 GMT Last-Modified Fri, 02 Aug 2013 09:06:42 GMT Server nginx ETag "51fb76a2-67a" Content-Type image/gif Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 1658
GET H/1.1	200 OK	bullet_orange.gif www.zdrave.bg/images/	53 B 305 B	54ms 53ms	Image image/gif	78.90.206.186 A1
General Check archive.org Show headers Download Go to Show image Full URL http://www.zdrave.bg/images/bullet_orange.gif Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/css/zdrave_styles.css Protocol HTTP/1.1 Server 78.90.206.186 , Bulgaria, ASN35141 (A1, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash 94e3d2444192a16a5440e24074941287108059b70bef2202a2bdcfd882f5a75b Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.zdrave.bg Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.zdrave.bg/css/zdrave_styles.css Cookie PHPSESSID=b5a6838ceca17469bba24f44edcbb3a4; etargetTimedXbg69700=1 Connection keep-alive Cache-Control no-cache Referer http://www.zdrave.bg/css/zdrave_styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Sat, 04 Sep 2021 04:17:12 GMT Last-Modified Fri, 02 Aug 2013 09:06:43 GMT Server nginx ETag "51fb76a3-35" Content-Type image/gif Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 53
GET H/1.1	200 OK	adl-d9566a3e.js Show response tas-bg.toboads.com/js/	235 B 626 B	60ms 59ms	Script text/javascript	91.209.18.100 HTTPOOL-NET-AS
General Check archive.org Show headers Download Go to Full URL http://tas-bg.toboads.com/js/adl-d9566a3e.js?b=2&rq=128956ab-d58d-2e9a-6204-0c0805cfdd63&vt=8a78d53b-572b-4dfc-9799-4cf31f91ccb5&isf=false&zn=e45aec764&tm=0&af=0x0&fv=undefined&nw=0&co=1&vh=1200&vw=1600&asc=0&srf=http%3A%2F%2Fwww.zdrave.bg%2F&loc=eq-srf&rn=c165733e-f11f-4998-222c-44fb120ea9c7&ct=b1ece73a-4252-3e40-01b4-e8bc21857f0c&c=hA_c_1_1fe3a686&ah=0& Requested by Host: URL: webpack:///../javascript/src/WindowManager.js? Protocol HTTP/1.1 Server 91.209.18.100 , Slovenia, ASN8558 (HTTPOOL-NET-AS, SI), Reverse DNS tas.toboads.com Software nginx / PHP/7.1.13 Resource Hash a60e341c9ef962f76ad081bec90c3cab5f0a69c0cf5a20799967941a179b212a Request headers Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers Pragma no-cache Date Sat, 04 Sep 2021 04:17:12 GMT Last-Modified Sat, 04 Sep 2021 04:17:12 GMT Server nginx X-Powered-By PHP/7.1.13 Transfer-Encoding chunked P3P policyref="/w3c/p3p.xml", CP="httpool" Cache-Control private, max-age: 0 Connection keep-alive Content-Type text/javascript; charset=utf-8 Expires Sat, 04 Sep 2021 03:17:12 GMT
GET H/1.1	200 OK	__utm.gif www.google-analytics.com/r/	35 B 417 B	13ms 13ms	Image image/gif	2a00:1450:4001:82a::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=999733082&utmhn=www.zdrave.bg&utmcs=windows-1251&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%B7%D0%B0%20%D0%B7%D0%B4%D1%80%D0%B0%D0%B2%D0%B5%D1%82%D0%BE%20%D0%BD%D0%B0%20%D0%B2%D1%81%D0%B5%D0%BA%D0%B8%2C%20%D0%B2%D1%81%D0%B5%D0%BA%D0%B8%20%D0%B4%D0%B5%D0%BD%20%7C%20%D0%B7%D0%B4%D1%80%D0%B0%D0%B2%D0%B5.bg&utmhid=1921641621&utmr=-&utmp=%2F&utmht=1630729032501&utmac=UA-324471-1&utmcc=__utma%3D2577403.750673169.1630729032.1630729032.1630729032.1%3B%2B__utmz%3D2577403.1630729032.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1468247229&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAQAAAAE~ Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol HTTP/1.1 Server 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Pragma no-cache Date Sat, 04 Sep 2021 04:17:12 GMT X-Content-Type-Options nosniff Last-Modified Sun, 17 May 1998 03:00:00 GMT Server Golfe2 Content-Type image/gif Access-Control-Allow-Origin * Cache-Control no-cache, no-store, must-revalidate Cross-Origin-Resource-Policy cross-origin Content-Length 35 Expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	loadingAnimation.gif www.zdrave.bg/	6 KB 6 KB	54ms 54ms	Image image/gif	78.90.206.186 A1
General Check archive.org Show headers Download Go to Show image Full URL http://www.zdrave.bg/loadingAnimation.gif Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol HTTP/1.1 Server 78.90.206.186 , Bulgaria, ASN35141 (A1, BG), Reverse DNS mh-186.msk.bg Software nginx / Resource Hash e69abd7e0cc82f336e61fea889e406ecbbeb7ece1df960231b7a9ba0d1dd1676 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.zdrave.bg Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.zdrave.bg/ Cookie PHPSESSID=b5a6838ceca17469bba24f44edcbb3a4; etargetTimedXbg69700=1; __utmc=2577403; __utmz=2577403.1630729032.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utma=2577403.750673169.1630729032.1630729032.1630729032.1; __utmb=2577403.1.10.1630729032 Connection keep-alive Cache-Control no-cache Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Sat, 04 Sep 2021 04:17:12 GMT Last-Modified Fri, 02 Aug 2013 09:06:39 GMT Server nginx ETag "51fb769f-16fe" Content-Type image/gif Connection close Accept-Ranges bytes Content-Length 5886
GET H2	200	runtime.js Show response gdpr.sportal.bg/	1 KB 1 KB	63ms 62ms	Script application/javascript	85.14.4.130 EVOLINK-AS
General Check archive.org Show headers Download Go to Full URL https://gdpr.sportal.bg/runtime.js Requested by Host: gdpr.sportal.bg URL: https://gdpr.sportal.bg/sportal.gdpr.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 85.14.4.130 , Bulgaria, ASN8262 (EVOLINK-AS, BG), Reverse DNS sportal.bg Software nginx / Resource Hash 6b15ff8756e97e5bea28b6c68a88e362cc912702ac0e2a74b7f2fe0153fe95de Request headers Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sat, 04 Sep 2021 04:17:12 GMT content-encoding gzip last-modified Thu, 22 Aug 2019 12:08:08 GMT server nginx etag W/"5d5e85a8-5de" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript access-control-allow-origin * access-control-expose-headers Content-Length,Content-Range access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
GET H2	200	dependencies.js Show response gdpr.sportal.bg/	345 KB 123 KB	109ms 108ms	Script application/javascript	85.14.4.130 EVOLINK-AS
General Check archive.org Show headers Download Go to Full URL https://gdpr.sportal.bg/dependencies.js Requested by Host: gdpr.sportal.bg URL: https://gdpr.sportal.bg/sportal.gdpr.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 85.14.4.130 , Bulgaria, ASN8262 (EVOLINK-AS, BG), Reverse DNS sportal.bg Software nginx / Resource Hash 529e7649235a7ada58f6f8e1ac45cc35a271ad3ca5f4e9499477d0039206b4e4 Request headers Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sat, 04 Sep 2021 04:17:12 GMT content-encoding gzip last-modified Thu, 22 Aug 2019 12:08:08 GMT server nginx etag W/"5d5e85a8-5657d" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript access-control-allow-origin * access-control-expose-headers Content-Length,Content-Range access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
GET H2	200	app.js Show response gdpr.sportal.bg/	32 KB 9 KB	287ms 286ms	Script application/javascript	85.14.4.130 EVOLINK-AS
General Check archive.org Show headers Download Go to Full URL https://gdpr.sportal.bg/app.js Requested by Host: gdpr.sportal.bg URL: https://gdpr.sportal.bg/sportal.gdpr.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 85.14.4.130 , Bulgaria, ASN8262 (EVOLINK-AS, BG), Reverse DNS sportal.bg Software nginx / Resource Hash fe322532eb93c5b3c159a5f6456b53ebd4e8855e77964cccac8ae089e741f28a Request headers Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sat, 04 Sep 2021 04:17:12 GMT content-encoding gzip last-modified Thu, 22 Aug 2019 12:08:08 GMT server nginx etag W/"5d5e85a8-7e7d" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript access-control-allow-origin * access-control-expose-headers Content-Length,Content-Range access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
GET H3-29	200	w4_AyR1fhfQ.css www.facebook.com/rsrc.php/v3/yY/l/0,cross/ Frame 06F1	24 KB 5 KB	6ms 6ms	Stylesheet text/css	2a03:2880:f12d:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/rsrc.php/v3/yY/l/0,cross/w4_AyR1fhfQ.css?_nc_x=Ij3Wp8lg5Kz Requested by Host: www.facebook.com URL: https://www.facebook.com/plugins/likebox.php?id=194681971570&width=300&connections=10&stream=false&header=false&height=255 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash d5a6b07c4c9cecea13bec850dc9a46eb99e48a1c1c128fbe99bcdd11b81fb18b Security Headers Name Value X-Content-Type-Options nosniff Request headers Origin https://www.facebook.com Referer https://www.facebook.com/plugins/likebox.php?id=194681971570&width=300&connections=10&stream=false&header=false&height=255 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Fri, 03 Sep 2021 17:47:33 GMT content-encoding br x-content-type-options nosniff content-md5 ALZnTWXizpBTXU45NNhqoQ== content-security-policy-report-only default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;frame-src *.facebook.com *.fbsbx.com;worker-src blob:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; cross-origin-resource-policy cross-origin content-length 5499 x-fb-rlafr 0 x-fb-debug 6ixc0o4kKuZsdVkntQSIU0+HSGqCp8SlRUXJ/Jkz31k2hsj/CfJeVa59VaPoFB4MqAnp8ZTJZQbdOWHmstiHNw== last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public,max-age=31536000,immutable timing-allow-origin * priority u=3,i expires Sat, 03 Sep 2022 17:47:33 GMT
GET H3-29	200	container.html Show response bb8f1f5ebfaeeba276feb7f8c1cb2658.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame BBB5	6 KB 3 KB	21ms 8ms	Document text/html	2a00:1450:4001:82f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://bb8f1f5ebfaeeba276feb7f8c1cb2658.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090101.js?31062471 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority bb8f1f5ebfaeeba276feb7f8c1cb2658.safeframe.googlesyndication.com :scheme https :path /safeframe/1-0-38/html/container.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer http://www.zdrave.bg/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Referer http://www.zdrave.bg/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin timing-allow-origin * content-length 3108 date Sat, 04 Sep 2021 04:17:12 GMT expires Sun, 04 Sep 2022 04:17:12 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, immutable, max-age=31536000 age 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	container.html Show response bb8f1f5ebfaeeba276feb7f8c1cb2658.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FE99	6 KB 3 KB	16ms 7ms	Document text/html	2a00:1450:4001:82f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://bb8f1f5ebfaeeba276feb7f8c1cb2658.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090101.js?31062471 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority bb8f1f5ebfaeeba276feb7f8c1cb2658.safeframe.googlesyndication.com :scheme https :path /safeframe/1-0-38/html/container.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer http://www.zdrave.bg/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Referer http://www.zdrave.bg/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin timing-allow-origin * content-length 3108 date Sat, 04 Sep 2021 04:17:12 GMT expires Sun, 04 Sep 2022 04:17:12 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, immutable, max-age=31536000 age 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	osd.js Show response www.googletagservices.com/activeview/js/current/	72 KB 27 KB	32ms 31ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/osd.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090101.js?31062471 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bd3a2482b7b952b621e16a05c3bb1847829d057fb1384f4c32d1362b8153e967 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sat, 04 Sep 2021 04:17:12 GMT content-encoding gzip content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl server sffe etag "1630496339498273" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 x-content-type-options nosniff accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 27562 x-xss-protection 0 expires Sat, 04 Sep 2021 04:17:12 GMT
GET H2	200	amp4ads-v0.mjs Show response cdn.ampproject.org/rtv/012108170213000/ Frame 15C0	188 KB 54 KB	8ms 5ms	Script text/javascript	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012108170213000/amp4ads-v0.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090101.js?31062471 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c76cc68adbbc958993e23bf9ad18979f7aeaab6274b1f2322afb581d22eb855f Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 198127 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 55333 x-xss-protection 0 server sffe date Wed, 01 Sep 2021 21:15:05 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "55ff93a1040e5c38" accept-ranges bytes timing-allow-origin * expires Thu, 01 Sep 2022 21:15:05 GMT
GET H2	200	amp-ad-exit-0.1.mjs Show response cdn.ampproject.org/rtv/012108170213000/v0/ Frame 15C0	13 KB 5 KB	10ms 7ms	Script text/javascript	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012108170213000/v0/amp-ad-exit-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090101.js?31062471 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash fae2773cd95cb857866b4b3a54777c88f6c03e0167bf323c2a1f431985887b61 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 199036 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4999 x-xss-protection 0 server sffe date Wed, 01 Sep 2021 20:59:56 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "6b551ff8c0a78d7e" accept-ranges bytes timing-allow-origin * expires Thu, 01 Sep 2022 20:59:56 GMT
GET H2	200	amp-analytics-0.1.mjs Show response cdn.ampproject.org/rtv/012108170213000/v0/ Frame 15C0	89 KB 28 KB	10ms 8ms	Script text/javascript	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012108170213000/v0/amp-analytics-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090101.js?31062471 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 48bb89434a42b4fb519f27e9272e018e8151383b4b7f46f26260f5fd29e5f05e Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 199036 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 28538 x-xss-protection 0 server sffe date Wed, 01 Sep 2021 20:59:56 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "523ca413d5eb4bb0" accept-ranges bytes timing-allow-origin * expires Thu, 01 Sep 2022 20:59:56 GMT
GET H2	200	amp-fit-text-0.1.mjs Show response cdn.ampproject.org/rtv/012108170213000/v0/ Frame 15C0	4 KB 2 KB	14ms 12ms	Script text/javascript	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012108170213000/v0/amp-fit-text-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090101.js?31062471 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f4a74fe2cef1d4e3ca293944e20763b350954439d0966a662691d304d9e1aac3 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 199036 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1653 x-xss-protection 0 server sffe date Wed, 01 Sep 2021 20:59:56 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "a4d9605fb26cf0ce" accept-ranges bytes timing-allow-origin * expires Thu, 01 Sep 2022 20:59:56 GMT
GET H2	200	amp-form-0.1.mjs Show response cdn.ampproject.org/rtv/012108170213000/v0/ Frame 15C0	40 KB 13 KB	14ms 13ms	Script text/javascript	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012108170213000/v0/amp-form-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090101.js?31062471 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9158e53d7052a6df65c12e3a59a8c77a8be353425523e4eff057fa5578e654ad Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 199036 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 12821 x-xss-protection 0 server sffe date Wed, 01 Sep 2021 20:59:56 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "bd81b3ba02634f28" accept-ranges bytes timing-allow-origin * expires Thu, 01 Sep 2022 20:59:56 GMT
GET DATA	200 OK	truncated / Frame 15C0	215 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash c5d20319eabb4faa44665bce92252b337d7cee7414e2d4890869ef5a2f5fcb0a Request headers Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Content-Type image/png
GET H2	200	12324022130576419579 tpc.googlesyndication.com/simgad/ Frame 15C0	82 KB 82 KB	9ms 7ms	Image image/gif	2a00:1450:4001:82f::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/12324022130576419579 Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 04285e037c5d720e097f5d89f8fb145aaef877e15e7f2ee957a6dc2d65311409 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 01 Sep 2021 04:51:56 GMT x-content-type-options nosniff age 257116 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 84086 x-xss-protection 0 last-modified Tue, 10 Aug 2021 15:32:53 GMT server sffe content-type image/gif access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 01 Sep 2022 04:51:56 GMT
GET H2	200	bg.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame 15C0	3 KB 3 KB	8ms 6ms	Image image/png	2a00:1450:4001:82f::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/bg.png Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4bdd1166ae125d8c5b128008f13ae09b8739b127c28027ef086e36aa9166b5cd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers timing-allow-origin * date Fri, 03 Sep 2021 18:03:06 GMT x-content-type-options nosniff server cafe age 36846 etag 9696399085754783419 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control public, max-age=86400 cross-origin-resource-policy cross-origin content-type image/png alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2658 x-xss-protection 0 expires Sat, 04 Sep 2021 18:03:06 GMT
GET H2	200	icon.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame 15C0	295 B 568 B	7ms 6ms	Image image/png	2a00:1450:4001:82f::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers timing-allow-origin * date Fri, 03 Sep 2021 14:25:46 GMT x-content-type-options nosniff server cafe age 49886 etag 426692510519060060 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control public, max-age=86400 cross-origin-resource-policy cross-origin content-type image/png alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 295 x-xss-protection 0 expires Sat, 04 Sep 2021 14:25:46 GMT
GET H/1.1	204 No Content	l www.google.com/ads/measurement/ Frame 15C0	0 0	14ms 13ms	Image text/html	2a00:1450:4001:831::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL http://www.google.com/ads/measurement/l?ebcid=ALh7CaRKGwIitKahN6XLrnpmE25LbzZw4DbtWHcgYWnJDQBfVK59rUoThwGCwL5YdZN79SsJfzG3NKVHwk7B8NnsBxHiFguOEQ Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol HTTP/1.1 Server 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers
GET H3-29	200	adview securepubads.g.doubleclick.net/pagead/ Frame 15C0	0 0	40ms 39ms	Image text/html	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=CvKr7SPMyYcHCEaWk3gOGgqmoAv3tyPJktNmh0d0O3-SivcABEAEgyaGNH2D7gYCAiAqgAd2Qq4gDyAEDqQK3zvaIH-6zPuACAKgDAcgDCKoE2AFP0DmgBRWk1OfOwB4JZ65Db6MoIBZSszZz0VsdXTvyHwaCbje1rC7CYn1B1IgyrKtRNxwHK6I1RcpiRoapef7VfXj183FSLxYfiasVtAAjsO3nV-VedwKEYbC0CfvPblkm62_TyRB88pv5rokekbcDA7cW_d8ZnNM7CCKR4bAgXq0St0nlWcE1IuWYEHSypuk6zDP3thogF7LhARXRJF9ip5uBdPwJTTMYDScU5dUJASoNGCJEFaGkF8QQjRJtqO4bWF8EdBTRzBMBqobLuO4tRoXUxvl_fXnABJL_wrjfA-AEAZIFBAgEGAGSBQQIBRgEoAYDgAeL79R3qAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G9gHAfIHAxDwLtIICQiI4YAQEAEYHYAKA8gLAdgTDdAVAYAXAbIXHgocCAASFHB1Yi03MDMxODMxNTU3ODMwMzM1GLGTGQ&sigh=GoXq__rMXX0 Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers
GET H/1.1	200 OK	alt.php Show response tas-bg.toboads.com/ Frame F623	5 KB 2 KB	52ms 51ms	Document text/html	91.209.18.100 HTTPOOL-NET-AS
General Check archive.org Show headers Download Go to Full URL http://tas-bg.toboads.com/alt.php?rq=128956ab-d58d-2e9a-6204-0c0805cfdd63&vt=8a78d53b-572b-4dfc-9799-4cf31f91ccb5&brand=generic&af=300x250&clr_border=FFFFFF&clr_bg=FFFFFF&clr_title=4170a0&clr_link=fac588&clr_text=000000&nw=0&zn=533338dda& Requested by Host: URL: webpack:///../javascript/src/WindowManager.js? Protocol HTTP/1.1 Server 91.209.18.100 , Slovenia, ASN8558 (HTTPOOL-NET-AS, SI), Reverse DNS tas.toboads.com Software nginx / PHP/7.1.13 Resource Hash 6b1ef4fccff6168cf7ef61c86050808e9f1a905b89cbecec7428337e380c882f Request headers Host tas-bg.toboads.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer http://www.zdrave.bg/ Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Referer http://www.zdrave.bg/ Response headers Server nginx Content-Type text/html; charset=utf-8 Transfer-Encoding chunked Connection keep-alive X-Powered-By PHP/7.1.13 Cache-control private, max-age: 0 Date Sat, 04 Sep 2021 04:17:12 GMT Content-Encoding gzip
GET H2	200	fpdata.js Show response gabg.hit.gemius.pl/_sslredir/ Redirect Chain http://gabg.hit.gemius.pl/fpdata.js?href=www.zdrave.bg https://gabg.hit.gemius.pl/_sslredir/fpdata.js?href=www.zdrave.bg	278 B 509 B	382ms 83ms	Script application/x-javascript	78.128.6.42 TELEPOINT
General Check archive.org Show headers Download Go to Full URL https://gabg.hit.gemius.pl/_sslredir/fpdata.js?href=www.zdrave.bg Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 78.128.6.42 , Bulgaria, ASN31083 (TELEPOINT, BG), Reverse DNS ip-6-42.telehouse.bg Software GHC / Resource Hash bf17a2bebb143cdcd54ef8d7bcdf36ec0d25dcb5b9d5f4721e3243827a4b287b Request headers Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sat, 04 Sep 2021 04:17:13 GMT last-modified Mon, 16 Jul 2012 10:03:40 GMT server GHC etag PRIVATE7520710249 p3p CP="NOI DSP COR NID PSAo OUR IND" cache-control private, max-age=2592000 cross-origin-resource-policy cross-origin accept-ranges none content-type application/x-javascript content-length 278 expires Mon, 04 Oct 2021 04:17:13 GMT Redirect headers Pragma no-cache Date Sat, 04 Sep 2021 04:17:12 GMT Server GHC P3P CP="NOI DSP COR NID PSAo OUR IND" Location https://gabg.hit.gemius.pl/_sslredir/fpdata.js?href=www.zdrave.bg Cache-Control no-store, no-cache, must-revalidate, max-age=0 Cross-Origin-Resource-Policy cross-origin Connection keep-alive Accept-Ranges none Keep-Alive timeout=10 Content-Length 0 Expires Fri, 03 Sep 2021 04:17:12 GMT
GET H2	204	ea24b8a97ba6cbd8 pixel.sitescout.com/iap/ Redirect Chain http://pixel.sitescout.com/iap/ea24b8a97ba6cbd8 https://pixel.sitescout.com/iap/ea24b8a97ba6cbd8	0 191 B	314ms 29ms	Image text/plain	66.155.71.149 COGECO-PEER1
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.sitescout.com/iap/ea24b8a97ba6cbd8 Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA), Reverse DNS Software AC1.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers pragma no-cache date Sat, 04 Sep 2021 04:17:12 GMT cache-control max-age=0,no-cache,no-store server AC1.1 p3p CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml" expires Tue, 11 Oct 1977 12:34:56 GMT Redirect headers location https://pixel.sitescout.com/iap/ea24b8a97ba6cbd8 cache-control no-cache content-length 0
GET H/1.1	200 OK	bounce ib.adnxs.com/ Redirect Chain http://ib.adnxs.com/seg?add=9942225 https://ib.adnxs.com/sbounce?%2Fseg%3Fadd%3D9942225 https://ib.adnxs.com/bounce?%2Fsbounce%3F%252Fseg%253Fadd%253D9942225	43 B 1021 B	77ms 48ms	Image image/gif	37.252.172.38 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/bounce?%2Fsbounce%3F%252Fseg%253Fadd%253D9942225 Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.17.9 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Pragma no-cache Date Sat, 04 Sep 2021 04:17:12 GMT X-Proxy-Origin 82.102.18.114; 82.102.18.114; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com AN-X-Request-Uuid a7f756a7-4ba6-4e6f-aefd-a366974ab409 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type image/gif Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers Pragma no-cache Date Sat, 04 Sep 2021 04:17:12 GMT X-Proxy-Origin 82.102.18.114; 82.102.18.114; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com AN-X-Request-Uuid 2d0cb9e7-6816-489d-a5b4-336fc64b2d2c Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://ib.adnxs.com/bounce?%2Fsbounce%3F%252Fseg%253Fadd%253D9942225 Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	204	1dedaf03ba2c1838 pixel.sitescout.com/iap/ Redirect Chain http://pixel.sitescout.com/iap/1dedaf03ba2c1838 https://pixel.sitescout.com/iap/1dedaf03ba2c1838	0 191 B	314ms 29ms	Image text/plain	66.155.71.149 COGECO-PEER1
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.sitescout.com/iap/1dedaf03ba2c1838 Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA), Reverse DNS Software AC1.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers pragma no-cache date Sat, 04 Sep 2021 04:17:12 GMT cache-control max-age=0,no-cache,no-store server AC1.1 p3p CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml" expires Tue, 11 Oct 1977 12:34:56 GMT Redirect headers location https://pixel.sitescout.com/iap/1dedaf03ba2c1838 cache-control no-cache content-length 0
GET H/1.1	200 OK	bounce ib.adnxs.com/ Redirect Chain http://ib.adnxs.com/seg?add=9922745 https://ib.adnxs.com/sbounce?%2Fseg%3Fadd%3D9922745 https://ib.adnxs.com/bounce?%2Fsbounce%3F%252Fseg%253Fadd%253D9922745	43 B 1020 B	66ms 28ms	Image image/gif	37.252.172.38 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/bounce?%2Fsbounce%3F%252Fseg%253Fadd%253D9922745 Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.17.9 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Pragma no-cache Date Sat, 04 Sep 2021 04:17:12 GMT X-Proxy-Origin 82.102.18.114; 82.102.18.114; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com AN-X-Request-Uuid 22253359-208c-492d-a6bc-486938737420 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type image/gif Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers Pragma no-cache Date Sat, 04 Sep 2021 04:17:12 GMT X-Proxy-Origin 82.102.18.114; 82.102.18.114; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com AN-X-Request-Uuid 5a12f2c2-71b1-49e8-8643-b05e8f89a503 Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://ib.adnxs.com/bounce?%2Fsbounce%3F%252Fseg%253Fadd%253D9922745 Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H3-29	200	adview securepubads.g.doubleclick.net/pagead/ Frame FE99	0 0	43ms 41ms	Fetch text/html	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=C0fWRSPMyYcDCEaWk3gOGgqmoAs-HjptcwIbZgsYCwI23ARABIABg-4GAgIgKggEXY2EtcHViLTcwMzE4MzE1NTc4MzAzMzXIAQngAgCoAwGqBNABT9Ah3Dl-7L89hqy3lV55gpOmP7kGfLQ-seBq4ZWjKtOVjeuUDAG4ywnPVlFOBlvl-_oY8KFQICdii8yrn9vmacm0ZBxuPpSUQh-zC5900phFZk2bf2PRbw1oqQWx_uim7sXU_Ww2FdDLfvy5fkjEBb7vhrvjXp_wHkw8Bff5sHMZuuOu-Id5qzi0OszufFepHC3O4Bf3diT0RnZpg_8KqnBZzcwYttoLUzvZfkdFPwqOJdp2EeTRK3VEmSCa7XElghIwtvDQYTJ_VFLvake4juAEAYAG2ZW0xqaNwvvgAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBABgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTcwMzE4MzE1NTc4MzAzMzUYsZMZ&sigh=J3_NGJoX5rk&tpd=AGWhJmsUv2DrKPqYsGwCzviFsvhEp_b6VYMNmvE-kxYK8jMOZyXjCufHO2MJ4T9jlC7g8yEqsgjZ62Pr7ACbY4yRW5VA3tR0zZsr6TA1UE4pP0gYuhVUDri0jwzxreJGA98YLdxaXqIDlx8kqS_7urKxhO20F-B--LssDeO3c8L-hwQlm5Of_UyJzpzAIbGxXawuYcUMh1F-mdxqoEhey9MD_QF5o8jJI3CrM9QLg2mZiOdYAOxDrAYNSWFjhiEbRsU3Cfs2JdT1-81PeSJL9isTRZxZWOmuaO93HUVplsUZA-Zl91w4loxV2LV8GbKNrnENGZ3Q4RPutAu7VlJxVGp9xSRtTlB9qeH4ip4F087sfYkqP0ABVsewAQGBW3Lxq_54apn7YtHvUqClbnyeOoV8YuZ62A7M1RCVI54qVpIaBHL7w5GQeVuPMmEf1FwHl4ZOxvaIGqIYSQ0h5pVhoTdJ-T80MZdoOm43C3yS43PScg9JkVAT2fxehQXiTdHqHpKoASv6vfEGnMqohmEtc9K4NUn5Lyx2C8us7tqXvCtH_38nYGK4x2BHUr3ehBP5mIkyWIgi8U4rjgwYqMzVZA53j3AuV2UVYZEQSrD0_whodyc2sKts93ZN5KiWG8fIo_dVoEKBqFrrcHXD58PDS0LWJ8737N4Np5hl6SjyVs0SJz20n-jCNVJa4f66iA5Ux_wNUca0AVnGcuJrZ_I9BZFWRglEYGbFNdWBqtxLyzS-osd0-SnTb2B4i0M_wvN62AfFbUhpNAs5lfR8lZA3jog4dArSfMVrmOyXzRarWKnwyd4E-PJPGDV7JGtxC92o9cY1EgZp9NBbCSbrfA5h9bdS0fh_AdPf1Oy3IDypRGeT3rdmodPR0DoQ5eP5lV4ZF9O3zjgURx6lkyO24P4561QgrRzj7tWIEU9-W4IT1aq7FxJfXkLc2j7ZDN2dQ_vnZbUWEa026mB0XLY3jwxrOOILXRMcT_p936vDKyRpXwOPU4nbkZA0JxeBKzihNqMqhoqfngMYks8_YEd5OXa5tD4P2KRKumvMppc7gv7qoreGCYtY3OWA2PQM-bykC2jB5U4jaBZ9i1DbbrZbQrQ Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software / Resource Hash Request headers Referer https://bb8f1f5ebfaeeba276feb7f8c1cb2658.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers
GET H/1.1	200 OK	js Show response tags.mathtag.com/notify/ Frame FE99	2 KB 2 KB	96ms 28ms	Script application/x-javascript	185.29.132.242 MEDIAMATH-INC
General Check archive.org Show headers Download Go to Full URL https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWVdabU5EazVPREV0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzI3MzUyOTQ5Njg2MzQ0MjAyMzMvNjY4NjQwMi80NjM3MjA5LzQvRmpuVU9FWUJBc3pzbUt5VzkzNGRRcU8yWDdPWFV4d1BYQm5vTnpVTTJONC8xLzQvMC8wLzg5OTA3Mi8xMzgyNDIwOTkyLzIxNjUzNi82MTQ2ODAvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8yNzM1Mjk0OTY4NjM0NDIwMjMzL3pyaC8wLzczOC8yNi85OTkvMjU4LzgyLjEwMi4xOC4wLzAuMDAwLzE2MzA3MjkwMzIvMTYzMDc0MTYzMi80L3B1Yi03MDMxODMxNTU3ODMwMzM1Lw/BjP1ESMQNEo9LqYs5XwDtGnAfy8&nodeid=2801&group=eu&auctionid=2735294968634420233&shardkey=2735294968634420233&sid=4637209&cid=6686402&bp=a_adafih&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.67&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrB0mSPMyYcDCEaWk3gOGgqmoAs-HjptcwIbZgsYCwI23ARABIABg-4GAgIgKggEXY2EtcHViLTcwMzE4MzE1NTc4MzAzMzXIAQngAgCoAwGqBNMBT9Ah3Dl-7L89hqy3lV55gpOmP7kGfLQ-seBq4ZWjKtOVjeuUDAG4ywnPVlFOBlvl-_oY8KFQICdii8yrn9vmacm0ZBxuPpSUQh-zC5900phFZk2bf2PRbw1oqQWx_uim7sXU_Ww2FdDLfvy5fkjEBb7vhrvjXp_wHkw8Bff5sHMZuuOu-Id5qzi0OszufFepHC3O4Bf3diT0RnZpg_8KqnBZzcwYttoLUzvZfkdFPwqOJdp2EeTRK3VEmSCa7TMnj4CcJlTX7JY3_4qvxbelmiiE9OAEAYAG2ZW0xqaNwvvgAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1HkyZUFKBzFERqzL7pNxKKDSwGSw%26client%3Dca-pub-7031831557830335%26adurl%3D Requested by Host: bb8f1f5ebfaeeba276feb7f8c1cb2658.safeframe.googlesyndication.com URL: https://bb8f1f5ebfaeeba276feb7f8c1cb2658.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.29.132.242 , United Kingdom, ASN30419 (MEDIAMATH-INC, US), Reverse DNS Software MMBD/3.204.0 / Resource Hash 3af7ec01ff2183322e003ec00b67fb0d7e67a5c4d97b9622eae074be13fe758b Request headers Referer https://bb8f1f5ebfaeeba276feb7f8c1cb2658.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Sat, 04 Sep 2021 04:17:12 GMT Content-Encoding gzip x-mm-bid-request-time 1630729032 Last-Modified Sat, 04 Sep 2021 04:17:12 GMT Server MMBD/3.204.0 x-mm-latency 1 (1) P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" x-mm-dbg Count Cache-Control no-cache x-mm-host zrh-router-x43, zrh-bidder-x156 Connection close Content-Type application/x-javascript; charset=UTF-8 Expires Sat, 04 Sep 2021 04:17:11 GMT
GET H3-29	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/ Frame FE99	2 KB 1 KB	8ms 6ms	Script text/javascript	2a00:1450:4001:82f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/window_focus_fy2019.js Requested by Host: bb8f1f5ebfaeeba276feb7f8c1cb2658.safeframe.googlesyndication.com URL: https://bb8f1f5ebfaeeba276feb7f8c1cb2658.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://bb8f1f5ebfaeeba276feb7f8c1cb2658.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sat, 04 Sep 2021 01:21:16 GMT content-encoding gzip x-content-type-options nosniff age 10556 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1339 x-xss-protection 0 server cafe etag 2275704724217174249 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 18 Sep 2021 01:21:16 GMT
GET H3-29	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame FE99	122 KB 37 KB	21ms 19ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: bb8f1f5ebfaeeba276feb7f8c1cb2658.safeframe.googlesyndication.com URL: https://bb8f1f5ebfaeeba276feb7f8c1cb2658.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0299ce766df424b69a25530d8afe7c2352cb6240c7510fe7be67d8cd53bd3467 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://bb8f1f5ebfaeeba276feb7f8c1cb2658.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sat, 04 Sep 2021 04:17:12 GMT content-encoding gzip content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl server sffe etag "1630496346997469" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 x-content-type-options nosniff accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37796 x-xss-protection 0 expires Sat, 04 Sep 2021 04:17:12 GMT
GET H3-29	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/ Frame FE99	14 KB 6 KB	7ms 5ms	Script text/javascript	2a00:1450:4001:82f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/qs_click_protection_fy2019.js Requested by Host: bb8f1f5ebfaeeba276feb7f8c1cb2658.safeframe.googlesyndication.com URL: https://bb8f1f5ebfaeeba276feb7f8c1cb2658.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://bb8f1f5ebfaeeba276feb7f8c1cb2658.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sat, 04 Sep 2021 03:37:04 GMT content-encoding gzip x-content-type-options nosniff age 2408 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6183 x-xss-protection 0 server cafe etag 901432759052127119 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 18 Sep 2021 03:37:04 GMT
GET H3-29	200	ext.js Show response tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame FE99	22 KB 7 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:82f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js Requested by Host: bb8f1f5ebfaeeba276feb7f8c1cb2658.safeframe.googlesyndication.com URL: https://bb8f1f5ebfaeeba276feb7f8c1cb2658.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://bb8f1f5ebfaeeba276feb7f8c1cb2658.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Thu, 02 Sep 2021 08:11:00 GMT content-encoding gzip x-content-type-options nosniff age 158772 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7022 x-xss-protection 0 last-modified Tue, 02 Mar 2021 20:17:03 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control public, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 02 Sep 2022 08:11:00 GMT
GET H3-29	200	adview securepubads.g.doubleclick.net/pagead/ Frame BBB5	0 0	41ms 40ms	Fetch text/html	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=Ck8zgSPMyYb_CEaWk3gOGgqmoAsme0rFc1Z2R93DAjbcBEAEgAGD7gYCAiAqCARdjYS1wdWItNzAzMTgzMTU1NzgzMDMzNaAB1bbS6gPIAQmpArfO9ogf7rM-4AIAqAMBqgTWAU_QrPE6-qNSYhdzUBvn7U-Y7KrJv-tSzayEY7JzY8pJzB7qnicpzENYOwHWpbqL4KE6LjQ5XWACNaZexNDSdxsfCAIWKCJRPDKPgAN1gGK1nS-3-MYWnO4Ik07hXD2Uh0Q63hDBl8W0J8Ma4nhTHIXPOfCpmCrvPeRKz3o4kOqroDXo-4ixxcUMwrWwcR4vRCiPubpsMqaupeHMlL3hL7OQzluPbgggvUI3sdEfFSJr2yQv-JfiGyXt5K3Pf7uBgn_A7Mo1aYVzasnE2p-_1LETLvN_47rgBAGABvTj5frsu8nbugGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAYAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi03MDMxODMxNTU3ODMwMzM1GLGTGQ&sigh=1edtbUZTG78 Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software / Resource Hash Request headers Referer https://bb8f1f5ebfaeeba276feb7f8c1cb2658.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers
GET H2	200	notify rtb.fr.eu.criteo.com/google/auction/ Frame BBB5	0 0	68ms 22ms	Fetch	2a02:2638::2 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=ULLiD5s1oAHYBJ2DYgICAAAALDtmbSIJZ40QR_MyYbiprNYnpTfDn7LjABI&wp=YTLzSAAEYT8Kd5IlAApBBlYXK_yYxlJ8Lj0ZNw Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash Request headers Referer https://bb8f1f5ebfaeeba276feb7f8c1cb2658.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sat, 04 Sep 2021 04:17:11 GMT server Kestrel content-length 0 server-processing-duration-in-ticks 270680
GET H2	200	afr.php Show response ads.eu.criteo.com/delivery/r/ Frame F1FE	166 KB 50 KB	159ms 111ms	Document text/html	2a02:2638::18 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://ads.eu.criteo.com/delivery/r/afr.php?z=YTLzSAAEYT8Kd5IlAApBBlYXK_yYxlJ8Lj0ZNw&u=%7CQDwUlkxN9asFPpux2IDyTfCdFq8D59wNqeVPPNP9dKc%3D%7C&c1=wLMhjbQtwRcHpX-UI5w-LBeKB38JpSkd1gvLfLnanndVO3sAKKRlsprVJf9vv-kZaZ27L3yB6rLqa5qAqjqpdnkqF9uz6RLp1XHD3BDlvlxZGjkA7ZzzUOM8ZhbitZAPm-bUdx7a1FQX-jWlOEeBRMvHWeFr-Hdq71s6OsjHGriotAsRkZDia6zO7XIOElCt2nuwt_lcoWQhM9DIlVtlUUffZOARuULxwswtY3G3ux06GpRLGb3q8ts3WJI2-m3nn42ns6F4bMj8RxGx6ZxtyKZxFpV1OCFfJEal1GFhcIZd9NWWd5l2FmiMK6A0KyvWG56jThbuEBZDWwfD4DDsjs_ZXxqAhpDmeDDGePBG3_e0WtcuZGJRqCsoKFMFJnVyqLI5v6aWdNo8-KJXf8XypJkVvGQsxhDGlEuGQil5IZKRTuWEeadIjHV5Uaf_IsjQlr5-D5QszmZ5Rwlc6Gkaawh9k_3GVqqWa5D6X0c1nA8Okrcuur5URSk4VGbOVjzmrz98qEZ9bLc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCl11jSPMyYb_CEaWk3gOGgqmoAsme0rFc1Z2R93DAjbcBEAEgAGD7gYCAiAqCARdjYS1wdWItNzAzMTgzMTU1NzgzMDMzNaAB1bbS6gPIAQmpArfO9ogf7rM-4AIAqAMBqgTZAU_QrPE6-qNSYhdzUBvn7U-Y7KrJv-tSzayEY7JzY8pJzB7qnicpzENYOwHWpbqL4KE6LjQ5XWACNaZexNDSdxsfCAIWKCJRPDKPgAN1gGK1nS-3-MYWnO4Ik07hXD2Uh0Q63hDBl8W0J8Ma4nhTHIXPOfCpmCrvPeRKz3o4kOqroDXo-4ixxcUMwrWwcR4vRCiPubpsMqaupeHMlL3hL7OQzluPbgggvUI3sdEfFSJr2yQv-JfiGyXt5K3Pf7uBgn_A7Mp3a4jh7WpYySAjwBLDE1WH6q7Ha9DgBAGABvTj5frsu8nbugGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_04NrZNcOtLvM4rpJI8G4whvQ-NWQ%26client%3Dca-pub-7031831557830335%26adurl%3D Requested by Host: bb8f1f5ebfaeeba276feb7f8c1cb2658.safeframe.googlesyndication.com URL: https://bb8f1f5ebfaeeba276feb7f8c1cb2658.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638::18 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 77da69769f878babe4dfdd4c68496d1dbd26a2cd6fa52f10d808d90fe5188097 Request headers :method GET :authority ads.eu.criteo.com :scheme https :path /delivery/r/afr.php?z=YTLzSAAEYT8Kd5IlAApBBlYXK_yYxlJ8Lj0ZNw&u=%7CQDwUlkxN9asFPpux2IDyTfCdFq8D59wNqeVPPNP9dKc%3D%7C&c1=wLMhjbQtwRcHpX-UI5w-LBeKB38JpSkd1gvLfLnanndVO3sAKKRlsprVJf9vv-kZaZ27L3yB6rLqa5qAqjqpdnkqF9uz6RLp1XHD3BDlvlxZGjkA7ZzzUOM8ZhbitZAPm-bUdx7a1FQX-jWlOEeBRMvHWeFr-Hdq71s6OsjHGriotAsRkZDia6zO7XIOElCt2nuwt_lcoWQhM9DIlVtlUUffZOARuULxwswtY3G3ux06GpRLGb3q8ts3WJI2-m3nn42ns6F4bMj8RxGx6ZxtyKZxFpV1OCFfJEal1GFhcIZd9NWWd5l2FmiMK6A0KyvWG56jThbuEBZDWwfD4DDsjs_ZXxqAhpDmeDDGePBG3_e0WtcuZGJRqCsoKFMFJnVyqLI5v6aWdNo8-KJXf8XypJkVvGQsxhDGlEuGQil5IZKRTuWEeadIjHV5Uaf_IsjQlr5-D5QszmZ5Rwlc6Gkaawh9k_3GVqqWa5D6X0c1nA8Okrcuur5URSk4VGbOVjzmrz98qEZ9bLc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCl11jSPMyYb_CEaWk3gOGgqmoAsme0rFc1Z2R93DAjbcBEAEgAGD7gYCAiAqCARdjYS1wdWItNzAzMTgzMTU1NzgzMDMzNaAB1bbS6gPIAQmpArfO9ogf7rM-4AIAqAMBqgTZAU_QrPE6-qNSYhdzUBvn7U-Y7KrJv-tSzayEY7JzY8pJzB7qnicpzENYOwHWpbqL4KE6LjQ5XWACNaZexNDSdxsfCAIWKCJRPDKPgAN1gGK1nS-3-MYWnO4Ik07hXD2Uh0Q63hDBl8W0J8Ma4nhTHIXPOfCpmCrvPeRKz3o4kOqroDXo-4ixxcUMwrWwcR4vRCiPubpsMqaupeHMlL3hL7OQzluPbgggvUI3sdEfFSJr2yQv-JfiGyXt5K3Pf7uBgn_A7Mp3a4jh7WpYySAjwBLDE1WH6q7Ha9DgBAGABvTj5frsu8nbugGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_04NrZNcOtLvM4rpJI8G4whvQ-NWQ%26client%3Dca-pub-7031831557830335%26adurl%3D pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://bb8f1f5ebfaeeba276feb7f8c1cb2658.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Referer https://bb8f1f5ebfaeeba276feb7f8c1cb2658.safeframe.googlesyndication.com/ Response headers date Sat, 04 Sep 2021 04:17:12 GMT content-type text/html server Kestrel cache-control private, max-age=0, no-cache pragma no-cache expires Mon, 26 Jul 1997 05:00:00 GMT access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin * access-control-max-age 1000 cross-origin-resource-policy cross-origin p3p CP='CUR ADM OUR NOR STA NID' report-to {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=NV9OtT7mXyoCQeOJPkX-yWLwp2VY426V-9RsxAwAwKOqdnZ8o_u_oW5bmBxCB7sMcugIUm7y82vZ7eygBa7TveAYClvEnV03cozouCJmdy2sAo4wU0YLfDKYKXvUDKL6UEzXmuVOQyy7_ZFlQzm8qY7P87LdVDsxaIT0S1zncFxsxm8Hd9G2d9qHZawcCxDOyTXiKXGn7uLQnJSvSYTsdruyEywx0ic0DLqa0K5o5_uaIx0FYvufbQhfzwk"}], "max_age": 86400} link <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin server-processing-duration-in-ticks 88870609 content-encoding gzip vary Accept-Encoding
GET H3-29	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/ Frame BBB5	2 KB 1 KB	6ms 5ms	Script text/javascript	2a00:1450:4001:82f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/window_focus_fy2019.js Requested by Host: bb8f1f5ebfaeeba276feb7f8c1cb2658.safeframe.googlesyndication.com URL: https://bb8f1f5ebfaeeba276feb7f8c1cb2658.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://bb8f1f5ebfaeeba276feb7f8c1cb2658.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sat, 04 Sep 2021 01:21:16 GMT content-encoding gzip x-content-type-options nosniff age 10556 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1339 x-xss-protection 0 server cafe etag 2275704724217174249 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 18 Sep 2021 01:21:16 GMT
GET H3-29	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame BBB5	122 KB 37 KB	31ms 30ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: bb8f1f5ebfaeeba276feb7f8c1cb2658.safeframe.googlesyndication.com URL: https://bb8f1f5ebfaeeba276feb7f8c1cb2658.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0299ce766df424b69a25530d8afe7c2352cb6240c7510fe7be67d8cd53bd3467 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://bb8f1f5ebfaeeba276feb7f8c1cb2658.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sat, 04 Sep 2021 04:17:12 GMT content-encoding gzip content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl server sffe etag "1630496346997469" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 x-content-type-options nosniff accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37796 x-xss-protection 0 expires Sat, 04 Sep 2021 04:17:12 GMT
GET H3-29	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/ Frame BBB5	14 KB 6 KB	6ms 5ms	Script text/javascript	2a00:1450:4001:82f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/qs_click_protection_fy2019.js Requested by Host: bb8f1f5ebfaeeba276feb7f8c1cb2658.safeframe.googlesyndication.com URL: https://bb8f1f5ebfaeeba276feb7f8c1cb2658.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://bb8f1f5ebfaeeba276feb7f8c1cb2658.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sat, 04 Sep 2021 03:37:04 GMT content-encoding gzip x-content-type-options nosniff age 2408 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6183 x-xss-protection 0 server cafe etag 901432759052127119 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 18 Sep 2021 03:37:04 GMT
GET H3-29	204	l www.google.com/ads/measurement/ Frame BBB5	0 0	15ms 13ms	Image text/html	2a00:1450:4001:80f::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaQQxZkuMYVuyNNFYgpanZp-YuaDZFrDoxCGAMfjfm14FUOwWJfJQOVG7WSKb4q3mXPACFdxtUU99xb8wz5XingtZhITTg Requested by Host: bb8f1f5ebfaeeba276feb7f8c1cb2658.safeframe.googlesyndication.com URL: https://bb8f1f5ebfaeeba276feb7f8c1cb2658.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://bb8f1f5ebfaeeba276feb7f8c1cb2658.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers
GET H3-29	200	ext.js Show response tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame BBB5	22 KB 7 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:82f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js Requested by Host: bb8f1f5ebfaeeba276feb7f8c1cb2658.safeframe.googlesyndication.com URL: https://bb8f1f5ebfaeeba276feb7f8c1cb2658.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://bb8f1f5ebfaeeba276feb7f8c1cb2658.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Thu, 02 Sep 2021 08:11:00 GMT content-encoding gzip x-content-type-options nosniff age 158772 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7022 x-xss-protection 0 last-modified Tue, 02 Mar 2021 20:17:03 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control public, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 02 Sep 2022 08:11:00 GMT
GET H2	200	si googleads.g.doubleclick.net/pagead/drt/ Frame 15C0 Redirect Chain http://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si	0 0	14ms 14ms	Image text/html	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://googleads.g.doubleclick.net/pagead/drt/si Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Redirect headers Date Sat, 04 Sep 2021 04:17:12 GMT X-Content-Type-Options nosniff Server safe Content-Type text/html; charset=UTF-8 Location https://googleads.g.doubleclick.net/pagead/drt/si Cache-Control private Content-Length 246 X-XSS-Protection 0
GET H3-29	200	12324022130576419579 tpc.googlesyndication.com/simgad/ Frame 15C0	82 KB 82 KB	8ms 7ms	Image image/gif	2a00:1450:4001:82f::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/12324022130576419579 Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/rtv/012108170213000/amp4ads-v0.mjs Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 04285e037c5d720e097f5d89f8fb145aaef877e15e7f2ee957a6dc2d65311409 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 01 Sep 2021 04:51:56 GMT x-content-type-options nosniff age 257116 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 84086 x-xss-protection 0 last-modified Tue, 10 Aug 2021 15:32:53 GMT server sffe content-type image/gif access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 01 Sep 2022 04:51:56 GMT
GET H3-29	200	bg.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame 15C0	3 KB 3 KB	8ms 7ms	Image image/png	2a00:1450:4001:82f::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/bg.png Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/rtv/012108170213000/amp4ads-v0.mjs Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4bdd1166ae125d8c5b128008f13ae09b8739b127c28027ef086e36aa9166b5cd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers timing-allow-origin * date Fri, 03 Sep 2021 18:03:06 GMT x-content-type-options nosniff server cafe age 36846 etag 9696399085754783419 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control public, max-age=86400 cross-origin-resource-policy cross-origin content-type image/png alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2658 x-xss-protection 0 expires Sat, 04 Sep 2021 18:03:06 GMT
GET H3-29	200	icon.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame 15C0	295 B 319 B	6ms 6ms	Image image/png	2a00:1450:4001:82f::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/rtv/012108170213000/amp4ads-v0.mjs Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers timing-allow-origin * date Fri, 03 Sep 2021 14:25:46 GMT x-content-type-options nosniff server cafe age 49886 etag 426692510519060060 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control public, max-age=86400 cross-origin-resource-policy cross-origin content-type image/png alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 295 x-xss-protection 0 expires Sat, 04 Sep 2021 14:25:46 GMT
GET H/1.1	200 OK	fhkhqaajy36n Show response hal9000.redintelligence.net/zone/ Frame FE99	11 KB 4 KB	238ms 42ms	Script text/html	159.69.70.9 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal9000.redintelligence.net/zone/fhkhqaajy36n?subid=&rnd=2735294968634420233&extVar[]=DOUBLEBORDER:1&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D2735294968634420233%26mt_id%3D6686402%26mt_adid%3D216536%26mt_sid%3D4637209%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Db4676132-f348-4c01-b0ae-fde767697d55%26mt_cid%3Db4676132-f348-4c01-b0ae-fde767697d55%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCrB0mSPMyYcDCEaWk3gOGgqmoAs-HjptcwIbZgsYCwI23ARABIABg-4GAgIgKggEXY2EtcHViLTcwMzE4MzE1NTc4MzAzMzXIAQngAgCoAwGqBNMBT9Ah3Dl-7L89hqy3lV55gpOmP7kGfLQ-seBq4ZWjKtOVjeuUDAG4ywnPVlFOBlvl-_oY8KFQICdii8yrn9vmacm0ZBxuPpSUQh-zC5900phFZk2bf2PRbw1oqQWx_uim7sXU_Ww2FdDLfvy5fkjEBb7vhrvjXp_wHkw8Bff5sHMZuuOu-Id5qzi0OszufFepHC3O4Bf3diT0RnZpg_8KqnBZzcwYttoLUzvZfkdFPwqOJdp2EeTRK3VEmSCa7TMnj4CcJlTX7JY3_4qvxbelmiiE9OAEAYAG2ZW0xqaNwvvgAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1HkyZUFKBzFERqzL7pNxKKDSwGSw%2526client%253Dca-pub-7031831557830335%2526adurl%253D%26redirect%3D Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 159.69.70.9 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.9.70.69.159.clients.your-server.de Software Apache / Resource Hash 82c7c94866cb9e5f64fc5a76f0a9cfa24c628e718b579197d1896f23470c9a64 Request headers Referer https://bb8f1f5ebfaeeba276feb7f8c1cb2658.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Sat, 04 Sep 2021 04:17:13 GMT Content-Encoding gzip Server Apache Connection close Content-Length 3423 Vary Accept-Encoding Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	ck-confirm tags.mathtag.com/ Frame FE99	49 B 330 B	85ms 29ms	Image image/gif	185.29.132.242 MEDIAMATH-INC
General Check archive.org Show headers Download Go to Show image Full URL https://tags.mathtag.com/ck-confirm?bid_id=2735294968634420233&node_id=2801&exch_id=4 Requested by Host: tags.mathtag.com URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWVdabU5EazVPREV0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzI3MzUyOTQ5Njg2MzQ0MjAyMzMvNjY4NjQwMi80NjM3MjA5LzQvRmpuVU9FWUJBc3pzbUt5VzkzNGRRcU8yWDdPWFV4d1BYQm5vTnpVTTJONC8xLzQvMC8wLzg5OTA3Mi8xMzgyNDIwOTkyLzIxNjUzNi82MTQ2ODAvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8yNzM1Mjk0OTY4NjM0NDIwMjMzL3pyaC8wLzczOC8yNi85OTkvMjU4LzgyLjEwMi4xOC4wLzAuMDAwLzE2MzA3MjkwMzIvMTYzMDc0MTYzMi80L3B1Yi03MDMxODMxNTU3ODMwMzM1Lw/BjP1ESMQNEo9LqYs5XwDtGnAfy8&nodeid=2801&group=eu&auctionid=2735294968634420233&shardkey=2735294968634420233&sid=4637209&cid=6686402&bp=a_adafih&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.67&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrB0mSPMyYcDCEaWk3gOGgqmoAs-HjptcwIbZgsYCwI23ARABIABg-4GAgIgKggEXY2EtcHViLTcwMzE4MzE1NTc4MzAzMzXIAQngAgCoAwGqBNMBT9Ah3Dl-7L89hqy3lV55gpOmP7kGfLQ-seBq4ZWjKtOVjeuUDAG4ywnPVlFOBlvl-_oY8KFQICdii8yrn9vmacm0ZBxuPpSUQh-zC5900phFZk2bf2PRbw1oqQWx_uim7sXU_Ww2FdDLfvy5fkjEBb7vhrvjXp_wHkw8Bff5sHMZuuOu-Id5qzi0OszufFepHC3O4Bf3diT0RnZpg_8KqnBZzcwYttoLUzvZfkdFPwqOJdp2EeTRK3VEmSCa7TMnj4CcJlTX7JY3_4qvxbelmiiE9OAEAYAG2ZW0xqaNwvvgAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1HkyZUFKBzFERqzL7pNxKKDSwGSw%26client%3Dca-pub-7031831557830335%26adurl%3D Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.29.132.242 , United Kingdom, ASN30419 (MEDIAMATH-INC, US), Reverse DNS Software MMBD/3.204.0 / Resource Hash 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944 Request headers Referer https://bb8f1f5ebfaeeba276feb7f8c1cb2658.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Sat, 04 Sep 2021 04:17:12 GMT Server MMBD/3.204.0 Content-Type image/gif Cache-Control no-cache x-mm-host zrh-router-x66, zrh-bidder-x156 Connection keep-alive Keep-Alive timeout=360 Content-Length 49 Expires Sat, 04 Sep 2021 04:17:11 GMT
GET H/1.1	200 OK	img pixel.mathtag.com/event/ Frame FE99	43 B 360 B	240ms 44ms	Image image/gif	2.18.233.201 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=2735294968634420233&v3=614680&v4=4637209&v5=6686402&mt_nsync=1&no_attr=1 Requested by Host: tags.mathtag.com URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWVdabU5EazVPREV0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzI3MzUyOTQ5Njg2MzQ0MjAyMzMvNjY4NjQwMi80NjM3MjA5LzQvRmpuVU9FWUJBc3pzbUt5VzkzNGRRcU8yWDdPWFV4d1BYQm5vTnpVTTJONC8xLzQvMC8wLzg5OTA3Mi8xMzgyNDIwOTkyLzIxNjUzNi82MTQ2ODAvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8yNzM1Mjk0OTY4NjM0NDIwMjMzL3pyaC8wLzczOC8yNi85OTkvMjU4LzgyLjEwMi4xOC4wLzAuMDAwLzE2MzA3MjkwMzIvMTYzMDc0MTYzMi80L3B1Yi03MDMxODMxNTU3ODMwMzM1Lw/BjP1ESMQNEo9LqYs5XwDtGnAfy8&nodeid=2801&group=eu&auctionid=2735294968634420233&shardkey=2735294968634420233&sid=4637209&cid=6686402&bp=a_adafih&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.67&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrB0mSPMyYcDCEaWk3gOGgqmoAs-HjptcwIbZgsYCwI23ARABIABg-4GAgIgKggEXY2EtcHViLTcwMzE4MzE1NTc4MzAzMzXIAQngAgCoAwGqBNMBT9Ah3Dl-7L89hqy3lV55gpOmP7kGfLQ-seBq4ZWjKtOVjeuUDAG4ywnPVlFOBlvl-_oY8KFQICdii8yrn9vmacm0ZBxuPpSUQh-zC5900phFZk2bf2PRbw1oqQWx_uim7sXU_Ww2FdDLfvy5fkjEBb7vhrvjXp_wHkw8Bff5sHMZuuOu-Id5qzi0OszufFepHC3O4Bf3diT0RnZpg_8KqnBZzcwYttoLUzvZfkdFPwqOJdp2EeTRK3VEmSCa7TMnj4CcJlTX7JY3_4qvxbelmiiE9OAEAYAG2ZW0xqaNwvvgAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1HkyZUFKBzFERqzL7pNxKKDSwGSw%26client%3Dca-pub-7031831557830335%26adurl%3D Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-233-201.deploy.static.akamaitechnologies.com Software MT3 3905 f19d76c master cdg-pixel-x27 / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://bb8f1f5ebfaeeba276feb7f8c1cb2658.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Sat, 04 Sep 2021 04:17:13 GMT Server MT3 3905 f19d76c master cdg-pixel-x27 P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Cache-Control no-cache Connection keep-alive Content-Type image/gif Content-Length 43 Expires Sat, 04 Sep 2021 04:17:11 GMT
GET H/1.1	200 OK	img tags.mathtag.com/event/ Frame FE99	49 B 330 B	85ms 29ms	Image image/gif	185.29.132.242 MEDIAMATH-INC
General Check archive.org Show headers Download Go to Show image Full URL https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=2735294968634420233&st=4637209&time=1630729032&nodeid=2801 Requested by Host: tags.mathtag.com URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWVdabU5EazVPREV0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzI3MzUyOTQ5Njg2MzQ0MjAyMzMvNjY4NjQwMi80NjM3MjA5LzQvRmpuVU9FWUJBc3pzbUt5VzkzNGRRcU8yWDdPWFV4d1BYQm5vTnpVTTJONC8xLzQvMC8wLzg5OTA3Mi8xMzgyNDIwOTkyLzIxNjUzNi82MTQ2ODAvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8yNzM1Mjk0OTY4NjM0NDIwMjMzL3pyaC8wLzczOC8yNi85OTkvMjU4LzgyLjEwMi4xOC4wLzAuMDAwLzE2MzA3MjkwMzIvMTYzMDc0MTYzMi80L3B1Yi03MDMxODMxNTU3ODMwMzM1Lw/BjP1ESMQNEo9LqYs5XwDtGnAfy8&nodeid=2801&group=eu&auctionid=2735294968634420233&shardkey=2735294968634420233&sid=4637209&cid=6686402&bp=a_adafih&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.67&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrB0mSPMyYcDCEaWk3gOGgqmoAs-HjptcwIbZgsYCwI23ARABIABg-4GAgIgKggEXY2EtcHViLTcwMzE4MzE1NTc4MzAzMzXIAQngAgCoAwGqBNMBT9Ah3Dl-7L89hqy3lV55gpOmP7kGfLQ-seBq4ZWjKtOVjeuUDAG4ywnPVlFOBlvl-_oY8KFQICdii8yrn9vmacm0ZBxuPpSUQh-zC5900phFZk2bf2PRbw1oqQWx_uim7sXU_Ww2FdDLfvy5fkjEBb7vhrvjXp_wHkw8Bff5sHMZuuOu-Id5qzi0OszufFepHC3O4Bf3diT0RnZpg_8KqnBZzcwYttoLUzvZfkdFPwqOJdp2EeTRK3VEmSCa7TMnj4CcJlTX7JY3_4qvxbelmiiE9OAEAYAG2ZW0xqaNwvvgAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1HkyZUFKBzFERqzL7pNxKKDSwGSw%26client%3Dca-pub-7031831557830335%26adurl%3D Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.29.132.242 , United Kingdom, ASN30419 (MEDIAMATH-INC, US), Reverse DNS Software MMBD/3.204.0 / Resource Hash 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944 Request headers Referer https://bb8f1f5ebfaeeba276feb7f8c1cb2658.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Sat, 04 Sep 2021 04:17:12 GMT Server MMBD/3.204.0 Content-Type image/gif Cache-Control no-cache x-mm-host zrh-router-x66, zrh-bidder-x156 Connection keep-alive Keep-Alive timeout=360 Content-Length 49 Expires Sat, 04 Sep 2021 04:17:11 GMT
GET DATA	200 OK	truncated / Frame BBB5	212 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d3eed8582f0977aa03165ce5f531c91617e11b67efc953bd8cbac8e3810dd4c8 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Content-Type image/png
GET		purposes-bg.json vendorlist.consensu.org/	0 0
GET		vendorlist.json vendorlist.consensu.org/	0 0
GET H2	200	custom_purposes.json Show response gdpr.sportal.bg/	2 KB 1 KB	221ms 55ms	XHR application/json	85.14.4.130 EVOLINK-AS
General Check archive.org Show headers Download Go to Full URL https://gdpr.sportal.bg/custom_purposes.json Requested by Host: gdpr.sportal.bg URL: https://gdpr.sportal.bg/dependencies.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 85.14.4.130 , Bulgaria, ASN8262 (EVOLINK-AS, BG), Reverse DNS sportal.bg Software nginx / Resource Hash e9b220c805348a7838456a6b487e3b23fa3534437804888f46f504c221c2d006 Request headers Accept application/json, text/plain, */* Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sat, 04 Sep 2021 04:17:13 GMT content-encoding gzip last-modified Wed, 05 Jun 2019 12:52:50 GMT server nginx etag W/"5cf7bb22-9f3" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/json access-control-allow-origin * access-control-expose-headers Content-Length,Content-Range access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
GET H2	200	privacy_small.svg static.criteo.net/flash/icon/ Frame F1FE	2 KB 1 KB	79ms 21ms	Image image/svg+xml	2a02:2638::3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/privacy_small.svg Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YTLzSAAEYT8Kd5IlAApBBlYXK_yYxlJ8Lj0ZNw&u=%7CQDwUlkxN9asFPpux2IDyTfCdFq8D59wNqeVPPNP9dKc%3D%7C&c1=wLMhjbQtwRcHpX-UI5w-LBeKB38JpSkd1gvLfLnanndVO3sAKKRlsprVJf9vv-kZaZ27L3yB6rLqa5qAqjqpdnkqF9uz6RLp1XHD3BDlvlxZGjkA7ZzzUOM8ZhbitZAPm-bUdx7a1FQX-jWlOEeBRMvHWeFr-Hdq71s6OsjHGriotAsRkZDia6zO7XIOElCt2nuwt_lcoWQhM9DIlVtlUUffZOARuULxwswtY3G3ux06GpRLGb3q8ts3WJI2-m3nn42ns6F4bMj8RxGx6ZxtyKZxFpV1OCFfJEal1GFhcIZd9NWWd5l2FmiMK6A0KyvWG56jThbuEBZDWwfD4DDsjs_ZXxqAhpDmeDDGePBG3_e0WtcuZGJRqCsoKFMFJnVyqLI5v6aWdNo8-KJXf8XypJkVvGQsxhDGlEuGQil5IZKRTuWEeadIjHV5Uaf_IsjQlr5-D5QszmZ5Rwlc6Gkaawh9k_3GVqqWa5D6X0c1nA8Okrcuur5URSk4VGbOVjzmrz98qEZ9bLc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCl11jSPMyYb_CEaWk3gOGgqmoAsme0rFc1Z2R93DAjbcBEAEgAGD7gYCAiAqCARdjYS1wdWItNzAzMTgzMTU1NzgzMDMzNaAB1bbS6gPIAQmpArfO9ogf7rM-4AIAqAMBqgTZAU_QrPE6-qNSYhdzUBvn7U-Y7KrJv-tSzayEY7JzY8pJzB7qnicpzENYOwHWpbqL4KE6LjQ5XWACNaZexNDSdxsfCAIWKCJRPDKPgAN1gGK1nS-3-MYWnO4Ik07hXD2Uh0Q63hDBl8W0J8Ma4nhTHIXPOfCpmCrvPeRKz3o4kOqroDXo-4ixxcUMwrWwcR4vRCiPubpsMqaupeHMlL3hL7OQzluPbgggvUI3sdEfFSJr2yQv-JfiGyXt5K3Pf7uBgn_A7Mp3a4jh7WpYySAjwBLDE1WH6q7Ha9DgBAGABvTj5frsu8nbugGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_04NrZNcOtLvM4rpJI8G4whvQ-NWQ%26client%3Dca-pub-7031831557830335%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37 Request headers Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sat, 04 Sep 2021 04:17:13 GMT content-encoding gzip last-modified Tue, 11 Feb 2020 14:30:28 GMT server nginx cross-origin-embedder-policy require-corp etag W/"5e42ba84-6aa" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Tue, 30 Aug 2022 04:17:13 GMT
GET H2	200	adchoices_en.svg static.criteo.net/flash/icon/ Frame F1FE	2 KB 1 KB	79ms 22ms	Image image/svg+xml	2a02:2638::3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/adchoices_en.svg Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YTLzSAAEYT8Kd5IlAApBBlYXK_yYxlJ8Lj0ZNw&u=%7CQDwUlkxN9asFPpux2IDyTfCdFq8D59wNqeVPPNP9dKc%3D%7C&c1=wLMhjbQtwRcHpX-UI5w-LBeKB38JpSkd1gvLfLnanndVO3sAKKRlsprVJf9vv-kZaZ27L3yB6rLqa5qAqjqpdnkqF9uz6RLp1XHD3BDlvlxZGjkA7ZzzUOM8ZhbitZAPm-bUdx7a1FQX-jWlOEeBRMvHWeFr-Hdq71s6OsjHGriotAsRkZDia6zO7XIOElCt2nuwt_lcoWQhM9DIlVtlUUffZOARuULxwswtY3G3ux06GpRLGb3q8ts3WJI2-m3nn42ns6F4bMj8RxGx6ZxtyKZxFpV1OCFfJEal1GFhcIZd9NWWd5l2FmiMK6A0KyvWG56jThbuEBZDWwfD4DDsjs_ZXxqAhpDmeDDGePBG3_e0WtcuZGJRqCsoKFMFJnVyqLI5v6aWdNo8-KJXf8XypJkVvGQsxhDGlEuGQil5IZKRTuWEeadIjHV5Uaf_IsjQlr5-D5QszmZ5Rwlc6Gkaawh9k_3GVqqWa5D6X0c1nA8Okrcuur5URSk4VGbOVjzmrz98qEZ9bLc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCl11jSPMyYb_CEaWk3gOGgqmoAsme0rFc1Z2R93DAjbcBEAEgAGD7gYCAiAqCARdjYS1wdWItNzAzMTgzMTU1NzgzMDMzNaAB1bbS6gPIAQmpArfO9ogf7rM-4AIAqAMBqgTZAU_QrPE6-qNSYhdzUBvn7U-Y7KrJv-tSzayEY7JzY8pJzB7qnicpzENYOwHWpbqL4KE6LjQ5XWACNaZexNDSdxsfCAIWKCJRPDKPgAN1gGK1nS-3-MYWnO4Ik07hXD2Uh0Q63hDBl8W0J8Ma4nhTHIXPOfCpmCrvPeRKz3o4kOqroDXo-4ixxcUMwrWwcR4vRCiPubpsMqaupeHMlL3hL7OQzluPbgggvUI3sdEfFSJr2yQv-JfiGyXt5K3Pf7uBgn_A7Mp3a4jh7WpYySAjwBLDE1WH6q7Ha9DgBAGABvTj5frsu8nbugGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_04NrZNcOtLvM4rpJI8G4whvQ-NWQ%26client%3Dca-pub-7031831557830335%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash 60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573 Request headers Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sat, 04 Sep 2021 04:17:13 GMT content-encoding gzip last-modified Tue, 11 Feb 2020 14:27:58 GMT server nginx cross-origin-embedder-policy require-corp etag W/"5e42b9ee-759" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Tue, 30 Aug 2022 04:17:13 GMT
GET H2	200	close_button.svg static.criteo.net/flash/icon/ Frame F1FE	308 B 608 B	74ms 22ms	Image image/svg+xml	2a02:2638::3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/close_button.svg Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YTLzSAAEYT8Kd5IlAApBBlYXK_yYxlJ8Lj0ZNw&u=%7CQDwUlkxN9asFPpux2IDyTfCdFq8D59wNqeVPPNP9dKc%3D%7C&c1=wLMhjbQtwRcHpX-UI5w-LBeKB38JpSkd1gvLfLnanndVO3sAKKRlsprVJf9vv-kZaZ27L3yB6rLqa5qAqjqpdnkqF9uz6RLp1XHD3BDlvlxZGjkA7ZzzUOM8ZhbitZAPm-bUdx7a1FQX-jWlOEeBRMvHWeFr-Hdq71s6OsjHGriotAsRkZDia6zO7XIOElCt2nuwt_lcoWQhM9DIlVtlUUffZOARuULxwswtY3G3ux06GpRLGb3q8ts3WJI2-m3nn42ns6F4bMj8RxGx6ZxtyKZxFpV1OCFfJEal1GFhcIZd9NWWd5l2FmiMK6A0KyvWG56jThbuEBZDWwfD4DDsjs_ZXxqAhpDmeDDGePBG3_e0WtcuZGJRqCsoKFMFJnVyqLI5v6aWdNo8-KJXf8XypJkVvGQsxhDGlEuGQil5IZKRTuWEeadIjHV5Uaf_IsjQlr5-D5QszmZ5Rwlc6Gkaawh9k_3GVqqWa5D6X0c1nA8Okrcuur5URSk4VGbOVjzmrz98qEZ9bLc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCl11jSPMyYb_CEaWk3gOGgqmoAsme0rFc1Z2R93DAjbcBEAEgAGD7gYCAiAqCARdjYS1wdWItNzAzMTgzMTU1NzgzMDMzNaAB1bbS6gPIAQmpArfO9ogf7rM-4AIAqAMBqgTZAU_QrPE6-qNSYhdzUBvn7U-Y7KrJv-tSzayEY7JzY8pJzB7qnicpzENYOwHWpbqL4KE6LjQ5XWACNaZexNDSdxsfCAIWKCJRPDKPgAN1gGK1nS-3-MYWnO4Ik07hXD2Uh0Q63hDBl8W0J8Ma4nhTHIXPOfCpmCrvPeRKz3o4kOqroDXo-4ixxcUMwrWwcR4vRCiPubpsMqaupeHMlL3hL7OQzluPbgggvUI3sdEfFSJr2yQv-JfiGyXt5K3Pf7uBgn_A7Mp3a4jh7WpYySAjwBLDE1WH6q7Ha9DgBAGABvTj5frsu8nbugGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_04NrZNcOtLvM4rpJI8G4whvQ-NWQ%26client%3Dca-pub-7031831557830335%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash 8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395 Request headers Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sat, 04 Sep 2021 04:17:13 GMT last-modified Fri, 14 Feb 2020 13:51:32 GMT server nginx cross-origin-embedder-policy require-corp etag "5e46a5e4-134" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * content-length 308 expires Tue, 30 Aug 2022 04:17:13 GMT
GET H2	200	back_button.svg static.criteo.net/flash/icon/ Frame F1FE	507 B 807 B	74ms 22ms	Image image/svg+xml	2a02:2638::3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/back_button.svg Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YTLzSAAEYT8Kd5IlAApBBlYXK_yYxlJ8Lj0ZNw&u=%7CQDwUlkxN9asFPpux2IDyTfCdFq8D59wNqeVPPNP9dKc%3D%7C&c1=wLMhjbQtwRcHpX-UI5w-LBeKB38JpSkd1gvLfLnanndVO3sAKKRlsprVJf9vv-kZaZ27L3yB6rLqa5qAqjqpdnkqF9uz6RLp1XHD3BDlvlxZGjkA7ZzzUOM8ZhbitZAPm-bUdx7a1FQX-jWlOEeBRMvHWeFr-Hdq71s6OsjHGriotAsRkZDia6zO7XIOElCt2nuwt_lcoWQhM9DIlVtlUUffZOARuULxwswtY3G3ux06GpRLGb3q8ts3WJI2-m3nn42ns6F4bMj8RxGx6ZxtyKZxFpV1OCFfJEal1GFhcIZd9NWWd5l2FmiMK6A0KyvWG56jThbuEBZDWwfD4DDsjs_ZXxqAhpDmeDDGePBG3_e0WtcuZGJRqCsoKFMFJnVyqLI5v6aWdNo8-KJXf8XypJkVvGQsxhDGlEuGQil5IZKRTuWEeadIjHV5Uaf_IsjQlr5-D5QszmZ5Rwlc6Gkaawh9k_3GVqqWa5D6X0c1nA8Okrcuur5URSk4VGbOVjzmrz98qEZ9bLc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCl11jSPMyYb_CEaWk3gOGgqmoAsme0rFc1Z2R93DAjbcBEAEgAGD7gYCAiAqCARdjYS1wdWItNzAzMTgzMTU1NzgzMDMzNaAB1bbS6gPIAQmpArfO9ogf7rM-4AIAqAMBqgTZAU_QrPE6-qNSYhdzUBvn7U-Y7KrJv-tSzayEY7JzY8pJzB7qnicpzENYOwHWpbqL4KE6LjQ5XWACNaZexNDSdxsfCAIWKCJRPDKPgAN1gGK1nS-3-MYWnO4Ik07hXD2Uh0Q63hDBl8W0J8Ma4nhTHIXPOfCpmCrvPeRKz3o4kOqroDXo-4ixxcUMwrWwcR4vRCiPubpsMqaupeHMlL3hL7OQzluPbgggvUI3sdEfFSJr2yQv-JfiGyXt5K3Pf7uBgn_A7Mp3a4jh7WpYySAjwBLDE1WH6q7Ha9DgBAGABvTj5frsu8nbugGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_04NrZNcOtLvM4rpJI8G4whvQ-NWQ%26client%3Dca-pub-7031831557830335%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash 8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422 Request headers Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sat, 04 Sep 2021 04:17:13 GMT last-modified Thu, 01 Apr 2021 14:03:13 GMT server nginx cross-origin-embedder-policy require-corp etag "6065d2a1-1fb" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * content-length 507 expires Tue, 30 Aug 2022 04:17:13 GMT
GET H/1.1	200 OK	/ vertbaudet.commander1.com/v3/ Frame F1FE Redirect Chain https://vertbaudet.commander1.com/v3/?tcs=1055&cmp=Criteo-Contextual&chn=display-NC&ctry=fr&div=web&med=display&src=Criteo https://vertbaudet.commander1.com/v3/?firsttime=1&tcs=1055&cmp=Criteo-Contextual&chn=display-NC&ctry=fr&div=web&med=display&src=Criteo	43 B 1 KB	42ms 39ms	Image image/gif	13.37.92.203 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://vertbaudet.commander1.com/v3/?firsttime=1&tcs=1055&cmp=Criteo-Contextual&chn=display-NC&ctry=fr&div=web&med=display&src=Criteo Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YTLzSAAEYT8Kd5IlAApBBlYXK_yYxlJ8Lj0ZNw&u=%7CQDwUlkxN9asFPpux2IDyTfCdFq8D59wNqeVPPNP9dKc%3D%7C&c1=wLMhjbQtwRcHpX-UI5w-LBeKB38JpSkd1gvLfLnanndVO3sAKKRlsprVJf9vv-kZaZ27L3yB6rLqa5qAqjqpdnkqF9uz6RLp1XHD3BDlvlxZGjkA7ZzzUOM8ZhbitZAPm-bUdx7a1FQX-jWlOEeBRMvHWeFr-Hdq71s6OsjHGriotAsRkZDia6zO7XIOElCt2nuwt_lcoWQhM9DIlVtlUUffZOARuULxwswtY3G3ux06GpRLGb3q8ts3WJI2-m3nn42ns6F4bMj8RxGx6ZxtyKZxFpV1OCFfJEal1GFhcIZd9NWWd5l2FmiMK6A0KyvWG56jThbuEBZDWwfD4DDsjs_ZXxqAhpDmeDDGePBG3_e0WtcuZGJRqCsoKFMFJnVyqLI5v6aWdNo8-KJXf8XypJkVvGQsxhDGlEuGQil5IZKRTuWEeadIjHV5Uaf_IsjQlr5-D5QszmZ5Rwlc6Gkaawh9k_3GVqqWa5D6X0c1nA8Okrcuur5URSk4VGbOVjzmrz98qEZ9bLc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCl11jSPMyYb_CEaWk3gOGgqmoAsme0rFc1Z2R93DAjbcBEAEgAGD7gYCAiAqCARdjYS1wdWItNzAzMTgzMTU1NzgzMDMzNaAB1bbS6gPIAQmpArfO9ogf7rM-4AIAqAMBqgTZAU_QrPE6-qNSYhdzUBvn7U-Y7KrJv-tSzayEY7JzY8pJzB7qnicpzENYOwHWpbqL4KE6LjQ5XWACNaZexNDSdxsfCAIWKCJRPDKPgAN1gGK1nS-3-MYWnO4Ik07hXD2Uh0Q63hDBl8W0J8Ma4nhTHIXPOfCpmCrvPeRKz3o4kOqroDXo-4ixxcUMwrWwcR4vRCiPubpsMqaupeHMlL3hL7OQzluPbgggvUI3sdEfFSJr2yQv-JfiGyXt5K3Pf7uBgn_A7Mp3a4jh7WpYySAjwBLDE1WH6q7Ha9DgBAGABvTj5frsu8nbugGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_04NrZNcOtLvM4rpJI8G4whvQ-NWQ%26client%3Dca-pub-7031831557830335%26adurl%3D Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.37.92.203 Paris, France, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-37-92-203.eu-west-3.compute.amazonaws.com Software web / Resource Hash 546c5cf136073615afda5cab173feff341171a26a848cf7ce09bb8bd8b07ce89 Request headers Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Pragma private Date Sat, 04 Sep 2021 04:17:13 GMT Content-Encoding gzip Server web Vary Accept-Encoding P3P policyref="/w3c/p3p.xml", CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA" Access-Control-Allow-Origin * Cache-Control private, max-age=486000, pre-check=486000 Transfer-Encoding chunked Connection keep-alive Content-Type image/gif Expires Fri, 03 Dec 21 06:17:13 +0100 Redirect headers Pragma private Date Sat, 04 Sep 2021 04:17:13 GMT Server web location https://vertbaudet.commander1.com/v3/?firsttime=1&tcs=1055&cmp=Criteo-Contextual&chn=display-NC&ctry=fr&div=web&med=display&src=Criteo Transfer-Encoding chunked P3P policyref="/w3c/p3p.xml", CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA" Access-Control-Allow-Origin * Cache-Control private, max-age=486000, pre-check=486000 Connection keep-alive Content-Type text/html Expires Fri, 03 Dec 21 06:17:13 +0100
GET H2	200	lg.php cat.fr.eu.criteo.com/delivery/ Frame F1FE	43 B 322 B	161ms 22ms	Image image/gif	178.250.0.160 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=GmV4a5vhuSQ9PQgmvLlxcnl-UpOK9VaZ_zduwwL--PBcdMHmPOT-wHBDUkp8bVZhaCtice4W-Eqv6QW93CVQV6Z2gaGWDpswD9ZkNiGxDfJztb2p3G_2zoDLkijUOprHqG8XNS5hmrz0shpTEy4TW8JwDDc-bg8NwQQanGw7yrDsQfB6z0n1AwUMV2rwQDDkeUW8LRhK7qq7x8jJ-H2s4g6vTOHgacdAqUxpBiE82W3KJKmYdhlWmPYwPPJ2vpYZIZLrpXwoMlvZWNwuKsslZHTSBbI4Fo66qrqowLsoo31xfVgfLfgvANPPYQ3cnqMl2Hm6Z4WXXFQJDhFDKvtN5QxiMlQSCBKl3Rm6TF9pTp-ZGMhH6RtmOcbh4qcg4IPXj4bIlUAI6fXYRS-22fXFdnQVLkMVSsgCOIeicZjHd2JEtuBh6tFtvDyQ0iDaHJPWiczgfg Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YTLzSAAEYT8Kd5IlAApBBlYXK_yYxlJ8Lj0ZNw&u=%7CQDwUlkxN9asFPpux2IDyTfCdFq8D59wNqeVPPNP9dKc%3D%7C&c1=wLMhjbQtwRcHpX-UI5w-LBeKB38JpSkd1gvLfLnanndVO3sAKKRlsprVJf9vv-kZaZ27L3yB6rLqa5qAqjqpdnkqF9uz6RLp1XHD3BDlvlxZGjkA7ZzzUOM8ZhbitZAPm-bUdx7a1FQX-jWlOEeBRMvHWeFr-Hdq71s6OsjHGriotAsRkZDia6zO7XIOElCt2nuwt_lcoWQhM9DIlVtlUUffZOARuULxwswtY3G3ux06GpRLGb3q8ts3WJI2-m3nn42ns6F4bMj8RxGx6ZxtyKZxFpV1OCFfJEal1GFhcIZd9NWWd5l2FmiMK6A0KyvWG56jThbuEBZDWwfD4DDsjs_ZXxqAhpDmeDDGePBG3_e0WtcuZGJRqCsoKFMFJnVyqLI5v6aWdNo8-KJXf8XypJkVvGQsxhDGlEuGQil5IZKRTuWEeadIjHV5Uaf_IsjQlr5-D5QszmZ5Rwlc6Gkaawh9k_3GVqqWa5D6X0c1nA8Okrcuur5URSk4VGbOVjzmrz98qEZ9bLc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCl11jSPMyYb_CEaWk3gOGgqmoAsme0rFc1Z2R93DAjbcBEAEgAGD7gYCAiAqCARdjYS1wdWItNzAzMTgzMTU1NzgzMDMzNaAB1bbS6gPIAQmpArfO9ogf7rM-4AIAqAMBqgTZAU_QrPE6-qNSYhdzUBvn7U-Y7KrJv-tSzayEY7JzY8pJzB7qnicpzENYOwHWpbqL4KE6LjQ5XWACNaZexNDSdxsfCAIWKCJRPDKPgAN1gGK1nS-3-MYWnO4Ik07hXD2Uh0Q63hDBl8W0J8Ma4nhTHIXPOfCpmCrvPeRKz3o4kOqroDXo-4ixxcUMwrWwcR4vRCiPubpsMqaupeHMlL3hL7OQzluPbgggvUI3sdEfFSJr2yQv-JfiGyXt5K3Pf7uBgn_A7Mp3a4jh7WpYySAjwBLDE1WH6q7Ha9DgBAGABvTj5frsu8nbugGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_04NrZNcOtLvM4rpJI8G4whvQ-NWQ%26client%3Dca-pub-7031831557830335%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers pragma no-cache date Sat, 04 Sep 2021 04:17:12 GMT server Microsoft-IIS/10.0 p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" cache-control no-cache cross-origin-resource-policy cross-origin server-processing-duration-in-ticks 5822 content-type image/gif content-length 43 expires Mon, 26 Jul 1997 05:00:00 GMT
GET H2	200	webfontloader.js Show response cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame F1FE	12 KB 5 KB	13ms 12ms	Script application/javascript	2606:4700::6810:125e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YTLzSAAEYT8Kd5IlAApBBlYXK_yYxlJ8Lj0ZNw&u=%7CQDwUlkxN9asFPpux2IDyTfCdFq8D59wNqeVPPNP9dKc%3D%7C&c1=wLMhjbQtwRcHpX-UI5w-LBeKB38JpSkd1gvLfLnanndVO3sAKKRlsprVJf9vv-kZaZ27L3yB6rLqa5qAqjqpdnkqF9uz6RLp1XHD3BDlvlxZGjkA7ZzzUOM8ZhbitZAPm-bUdx7a1FQX-jWlOEeBRMvHWeFr-Hdq71s6OsjHGriotAsRkZDia6zO7XIOElCt2nuwt_lcoWQhM9DIlVtlUUffZOARuULxwswtY3G3ux06GpRLGb3q8ts3WJI2-m3nn42ns6F4bMj8RxGx6ZxtyKZxFpV1OCFfJEal1GFhcIZd9NWWd5l2FmiMK6A0KyvWG56jThbuEBZDWwfD4DDsjs_ZXxqAhpDmeDDGePBG3_e0WtcuZGJRqCsoKFMFJnVyqLI5v6aWdNo8-KJXf8XypJkVvGQsxhDGlEuGQil5IZKRTuWEeadIjHV5Uaf_IsjQlr5-D5QszmZ5Rwlc6Gkaawh9k_3GVqqWa5D6X0c1nA8Okrcuur5URSk4VGbOVjzmrz98qEZ9bLc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCl11jSPMyYb_CEaWk3gOGgqmoAsme0rFc1Z2R93DAjbcBEAEgAGD7gYCAiAqCARdjYS1wdWItNzAzMTgzMTU1NzgzMDMzNaAB1bbS6gPIAQmpArfO9ogf7rM-4AIAqAMBqgTZAU_QrPE6-qNSYhdzUBvn7U-Y7KrJv-tSzayEY7JzY8pJzB7qnicpzENYOwHWpbqL4KE6LjQ5XWACNaZexNDSdxsfCAIWKCJRPDKPgAN1gGK1nS-3-MYWnO4Ik07hXD2Uh0Q63hDBl8W0J8Ma4nhTHIXPOfCpmCrvPeRKz3o4kOqroDXo-4ixxcUMwrWwcR4vRCiPubpsMqaupeHMlL3hL7OQzluPbgggvUI3sdEfFSJr2yQv-JfiGyXt5K3Pf7uBgn_A7Mp3a4jh7WpYySAjwBLDE1WH6q7Ha9DgBAGABvTj5frsu8nbugGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_04NrZNcOtLvM4rpJI8G4whvQ-NWQ%26client%3Dca-pub-7031831557830335%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sat, 04 Sep 2021 04:17:13 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 190722 cross-origin-resource-policy cross-origin alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 4420 timing-allow-origin * last-modified Mon, 04 May 2020 16:17:52 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb04030-30d9" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I69rT5k8XhJtINIAFGJ0m19FsJuw%2BPDNX0sBh4xKy%2BaAIuB%2B8semPQrSR1lm17BCCiKpsSnjZthiyEjFFSwHSXzrZRXV71qajnyW2lj%2BA56ZqilxL9cwmpbRf3Xerpozi3n9kJxJEhDPtRk%2BL2voTYO9"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 68946828a82c2c3e-FRA expires Thu, 25 Aug 2022 04:17:13 GMT
GET H2	200	animejs.js Show response static.criteo.net/animejs/ Frame F1FE	12 KB 6 KB	48ms 24ms	Script text/javascript	2a02:2638::3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/animejs/animejs.js Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YTLzSAAEYT8Kd5IlAApBBlYXK_yYxlJ8Lj0ZNw&u=%7CQDwUlkxN9asFPpux2IDyTfCdFq8D59wNqeVPPNP9dKc%3D%7C&c1=wLMhjbQtwRcHpX-UI5w-LBeKB38JpSkd1gvLfLnanndVO3sAKKRlsprVJf9vv-kZaZ27L3yB6rLqa5qAqjqpdnkqF9uz6RLp1XHD3BDlvlxZGjkA7ZzzUOM8ZhbitZAPm-bUdx7a1FQX-jWlOEeBRMvHWeFr-Hdq71s6OsjHGriotAsRkZDia6zO7XIOElCt2nuwt_lcoWQhM9DIlVtlUUffZOARuULxwswtY3G3ux06GpRLGb3q8ts3WJI2-m3nn42ns6F4bMj8RxGx6ZxtyKZxFpV1OCFfJEal1GFhcIZd9NWWd5l2FmiMK6A0KyvWG56jThbuEBZDWwfD4DDsjs_ZXxqAhpDmeDDGePBG3_e0WtcuZGJRqCsoKFMFJnVyqLI5v6aWdNo8-KJXf8XypJkVvGQsxhDGlEuGQil5IZKRTuWEeadIjHV5Uaf_IsjQlr5-D5QszmZ5Rwlc6Gkaawh9k_3GVqqWa5D6X0c1nA8Okrcuur5URSk4VGbOVjzmrz98qEZ9bLc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCl11jSPMyYb_CEaWk3gOGgqmoAsme0rFc1Z2R93DAjbcBEAEgAGD7gYCAiAqCARdjYS1wdWItNzAzMTgzMTU1NzgzMDMzNaAB1bbS6gPIAQmpArfO9ogf7rM-4AIAqAMBqgTZAU_QrPE6-qNSYhdzUBvn7U-Y7KrJv-tSzayEY7JzY8pJzB7qnicpzENYOwHWpbqL4KE6LjQ5XWACNaZexNDSdxsfCAIWKCJRPDKPgAN1gGK1nS-3-MYWnO4Ik07hXD2Uh0Q63hDBl8W0J8Ma4nhTHIXPOfCpmCrvPeRKz3o4kOqroDXo-4ixxcUMwrWwcR4vRCiPubpsMqaupeHMlL3hL7OQzluPbgggvUI3sdEfFSJr2yQv-JfiGyXt5K3Pf7uBgn_A7Mp3a4jh7WpYySAjwBLDE1WH6q7Ha9DgBAGABvTj5frsu8nbugGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_04NrZNcOtLvM4rpJI8G4whvQ-NWQ%26client%3Dca-pub-7031831557830335%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6 Request headers Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sat, 04 Sep 2021 04:17:13 GMT content-encoding gzip last-modified Tue, 26 Mar 2019 17:44:11 GMT server nginx cross-origin-embedder-policy require-corp etag W/"5c9a64eb-3181" content-type text/javascript access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Tue, 30 Aug 2022 04:17:13 GMT
GET H2	200	img pix.eu.criteo.net/img/ Frame F1FE	13 KB 13 KB	64ms 23ms	Image image/png	178.250.0.139 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://pix.eu.criteo.net/img/img?h=108&m=0&partner=895&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F895%2F151113%2Fafb16fda700443ae8c4ae4c4b4bdada4_logo_vertbaudet.png&v=3&w=316&s=JahMxPpC9AaE-TyXYDgQ5Q_y Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YTLzSAAEYT8Kd5IlAApBBlYXK_yYxlJ8Lj0ZNw&u=%7CQDwUlkxN9asFPpux2IDyTfCdFq8D59wNqeVPPNP9dKc%3D%7C&c1=wLMhjbQtwRcHpX-UI5w-LBeKB38JpSkd1gvLfLnanndVO3sAKKRlsprVJf9vv-kZaZ27L3yB6rLqa5qAqjqpdnkqF9uz6RLp1XHD3BDlvlxZGjkA7ZzzUOM8ZhbitZAPm-bUdx7a1FQX-jWlOEeBRMvHWeFr-Hdq71s6OsjHGriotAsRkZDia6zO7XIOElCt2nuwt_lcoWQhM9DIlVtlUUffZOARuULxwswtY3G3ux06GpRLGb3q8ts3WJI2-m3nn42ns6F4bMj8RxGx6ZxtyKZxFpV1OCFfJEal1GFhcIZd9NWWd5l2FmiMK6A0KyvWG56jThbuEBZDWwfD4DDsjs_ZXxqAhpDmeDDGePBG3_e0WtcuZGJRqCsoKFMFJnVyqLI5v6aWdNo8-KJXf8XypJkVvGQsxhDGlEuGQil5IZKRTuWEeadIjHV5Uaf_IsjQlr5-D5QszmZ5Rwlc6Gkaawh9k_3GVqqWa5D6X0c1nA8Okrcuur5URSk4VGbOVjzmrz98qEZ9bLc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCl11jSPMyYb_CEaWk3gOGgqmoAsme0rFc1Z2R93DAjbcBEAEgAGD7gYCAiAqCARdjYS1wdWItNzAzMTgzMTU1NzgzMDMzNaAB1bbS6gPIAQmpArfO9ogf7rM-4AIAqAMBqgTZAU_QrPE6-qNSYhdzUBvn7U-Y7KrJv-tSzayEY7JzY8pJzB7qnicpzENYOwHWpbqL4KE6LjQ5XWACNaZexNDSdxsfCAIWKCJRPDKPgAN1gGK1nS-3-MYWnO4Ik07hXD2Uh0Q63hDBl8W0J8Ma4nhTHIXPOfCpmCrvPeRKz3o4kOqroDXo-4ixxcUMwrWwcR4vRCiPubpsMqaupeHMlL3hL7OQzluPbgggvUI3sdEfFSJr2yQv-JfiGyXt5K3Pf7uBgn_A7Mp3a4jh7WpYySAjwBLDE1WH6q7Ha9DgBAGABvTj5frsu8nbugGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_04NrZNcOtLvM4rpJI8G4whvQ-NWQ%26client%3Dca-pub-7031831557830335%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS pix.par.vip.prod.criteo.com Software Finatra / Resource Hash 37cf7804c893b2ee436741b815ebaccbc38d4f05f68cf3bf9907b0528073f9ab Request headers Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sat, 04 Sep 2021 04:17:12 GMT last-modified Wed, 4 Jun 2008 06:06:06 GMT server Finatra vary Origin content-type image/png cache-control public, max-age=31104000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 13268 expires Sun, 04 Sep 2022 04:17:13 GMT
GET H2	200	img pix.eu.criteo.net/img/ Frame F1FE	7 KB 7 KB	92ms 51ms	Image image/webp	178.250.0.139 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://pix.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=895&q=80&r=0&u=https%3A%2F%2Fmedia.vertbaudet.fr%2FPictures%2Fvertbaudet%2F148264%2Fduffle-coat-a-capuche-fille-double-boutonnage-en-drap-de-laine.jpg%3Fwidth%3D285&v=3&w=400&s=42woee3QNcYdTNqBguawNrAg&b=400 Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YTLzSAAEYT8Kd5IlAApBBlYXK_yYxlJ8Lj0ZNw&u=%7CQDwUlkxN9asFPpux2IDyTfCdFq8D59wNqeVPPNP9dKc%3D%7C&c1=wLMhjbQtwRcHpX-UI5w-LBeKB38JpSkd1gvLfLnanndVO3sAKKRlsprVJf9vv-kZaZ27L3yB6rLqa5qAqjqpdnkqF9uz6RLp1XHD3BDlvlxZGjkA7ZzzUOM8ZhbitZAPm-bUdx7a1FQX-jWlOEeBRMvHWeFr-Hdq71s6OsjHGriotAsRkZDia6zO7XIOElCt2nuwt_lcoWQhM9DIlVtlUUffZOARuULxwswtY3G3ux06GpRLGb3q8ts3WJI2-m3nn42ns6F4bMj8RxGx6ZxtyKZxFpV1OCFfJEal1GFhcIZd9NWWd5l2FmiMK6A0KyvWG56jThbuEBZDWwfD4DDsjs_ZXxqAhpDmeDDGePBG3_e0WtcuZGJRqCsoKFMFJnVyqLI5v6aWdNo8-KJXf8XypJkVvGQsxhDGlEuGQil5IZKRTuWEeadIjHV5Uaf_IsjQlr5-D5QszmZ5Rwlc6Gkaawh9k_3GVqqWa5D6X0c1nA8Okrcuur5URSk4VGbOVjzmrz98qEZ9bLc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCl11jSPMyYb_CEaWk3gOGgqmoAsme0rFc1Z2R93DAjbcBEAEgAGD7gYCAiAqCARdjYS1wdWItNzAzMTgzMTU1NzgzMDMzNaAB1bbS6gPIAQmpArfO9ogf7rM-4AIAqAMBqgTZAU_QrPE6-qNSYhdzUBvn7U-Y7KrJv-tSzayEY7JzY8pJzB7qnicpzENYOwHWpbqL4KE6LjQ5XWACNaZexNDSdxsfCAIWKCJRPDKPgAN1gGK1nS-3-MYWnO4Ik07hXD2Uh0Q63hDBl8W0J8Ma4nhTHIXPOfCpmCrvPeRKz3o4kOqroDXo-4ixxcUMwrWwcR4vRCiPubpsMqaupeHMlL3hL7OQzluPbgggvUI3sdEfFSJr2yQv-JfiGyXt5K3Pf7uBgn_A7Mp3a4jh7WpYySAjwBLDE1WH6q7Ha9DgBAGABvTj5frsu8nbugGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_04NrZNcOtLvM4rpJI8G4whvQ-NWQ%26client%3Dca-pub-7031831557830335%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS pix.par.vip.prod.criteo.com Software Finatra / Resource Hash 3c1fccdc482ab6470bb7a29a220324edcbce7982e15730f970108fa85a810b59 Request headers Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sat, 04 Sep 2021 04:17:12 GMT last-modified Wed, 4 Jun 2008 06:06:06 GMT server Finatra vary Origin content-type image/webp cache-control public, max-age=31104000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 7140 expires Sun, 04 Sep 2022 04:17:13 GMT
GET H2	200	img pix.eu.criteo.net/img/ Frame F1FE	4 KB 4 KB	88ms 47ms	Image image/webp	178.250.0.139 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://pix.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=895&q=80&r=0&u=https%3A%2F%2Fmedia.vertbaudet.fr%2FPictures%2Fvertbaudet%2F187357%2Fmanteau-a-capuche-en-drap-de-laine-fille-garnissage-en-polyester-recycle.jpg%3Fwidth%3D285&v=3&w=400&s=51JyOaiTbh9mjr6trL3sKdiv&b=400 Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YTLzSAAEYT8Kd5IlAApBBlYXK_yYxlJ8Lj0ZNw&u=%7CQDwUlkxN9asFPpux2IDyTfCdFq8D59wNqeVPPNP9dKc%3D%7C&c1=wLMhjbQtwRcHpX-UI5w-LBeKB38JpSkd1gvLfLnanndVO3sAKKRlsprVJf9vv-kZaZ27L3yB6rLqa5qAqjqpdnkqF9uz6RLp1XHD3BDlvlxZGjkA7ZzzUOM8ZhbitZAPm-bUdx7a1FQX-jWlOEeBRMvHWeFr-Hdq71s6OsjHGriotAsRkZDia6zO7XIOElCt2nuwt_lcoWQhM9DIlVtlUUffZOARuULxwswtY3G3ux06GpRLGb3q8ts3WJI2-m3nn42ns6F4bMj8RxGx6ZxtyKZxFpV1OCFfJEal1GFhcIZd9NWWd5l2FmiMK6A0KyvWG56jThbuEBZDWwfD4DDsjs_ZXxqAhpDmeDDGePBG3_e0WtcuZGJRqCsoKFMFJnVyqLI5v6aWdNo8-KJXf8XypJkVvGQsxhDGlEuGQil5IZKRTuWEeadIjHV5Uaf_IsjQlr5-D5QszmZ5Rwlc6Gkaawh9k_3GVqqWa5D6X0c1nA8Okrcuur5URSk4VGbOVjzmrz98qEZ9bLc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCl11jSPMyYb_CEaWk3gOGgqmoAsme0rFc1Z2R93DAjbcBEAEgAGD7gYCAiAqCARdjYS1wdWItNzAzMTgzMTU1NzgzMDMzNaAB1bbS6gPIAQmpArfO9ogf7rM-4AIAqAMBqgTZAU_QrPE6-qNSYhdzUBvn7U-Y7KrJv-tSzayEY7JzY8pJzB7qnicpzENYOwHWpbqL4KE6LjQ5XWACNaZexNDSdxsfCAIWKCJRPDKPgAN1gGK1nS-3-MYWnO4Ik07hXD2Uh0Q63hDBl8W0J8Ma4nhTHIXPOfCpmCrvPeRKz3o4kOqroDXo-4ixxcUMwrWwcR4vRCiPubpsMqaupeHMlL3hL7OQzluPbgggvUI3sdEfFSJr2yQv-JfiGyXt5K3Pf7uBgn_A7Mp3a4jh7WpYySAjwBLDE1WH6q7Ha9DgBAGABvTj5frsu8nbugGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_04NrZNcOtLvM4rpJI8G4whvQ-NWQ%26client%3Dca-pub-7031831557830335%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS pix.par.vip.prod.criteo.com Software Finatra / Resource Hash ff38351ae3302a263cdcd37880c96d66079f6af2b160851a091fa01b2ae79de8 Request headers Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sat, 04 Sep 2021 04:17:12 GMT last-modified Wed, 4 Jun 2008 06:06:06 GMT server Finatra vary Origin content-type image/webp cache-control public, max-age=31104000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 4104 expires Sun, 04 Sep 2022 04:17:13 GMT
GET H2	200	img pix.eu.criteo.net/img/ Frame F1FE	5 KB 5 KB	89ms 48ms	Image image/webp	178.250.0.139 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://pix.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=895&q=80&r=0&u=https%3A%2F%2Fmedia.vertbaudet.fr%2FPictures%2Fvertbaudet%2F194052%2Fensemble-sport-en-molleton-garcon-sweat-a-capuche-pantalon-jogging.jpg%3Fwidth%3D285&v=3&w=400&s=-boW9e-e7OTlibx-aJ3InNA1&b=400 Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YTLzSAAEYT8Kd5IlAApBBlYXK_yYxlJ8Lj0ZNw&u=%7CQDwUlkxN9asFPpux2IDyTfCdFq8D59wNqeVPPNP9dKc%3D%7C&c1=wLMhjbQtwRcHpX-UI5w-LBeKB38JpSkd1gvLfLnanndVO3sAKKRlsprVJf9vv-kZaZ27L3yB6rLqa5qAqjqpdnkqF9uz6RLp1XHD3BDlvlxZGjkA7ZzzUOM8ZhbitZAPm-bUdx7a1FQX-jWlOEeBRMvHWeFr-Hdq71s6OsjHGriotAsRkZDia6zO7XIOElCt2nuwt_lcoWQhM9DIlVtlUUffZOARuULxwswtY3G3ux06GpRLGb3q8ts3WJI2-m3nn42ns6F4bMj8RxGx6ZxtyKZxFpV1OCFfJEal1GFhcIZd9NWWd5l2FmiMK6A0KyvWG56jThbuEBZDWwfD4DDsjs_ZXxqAhpDmeDDGePBG3_e0WtcuZGJRqCsoKFMFJnVyqLI5v6aWdNo8-KJXf8XypJkVvGQsxhDGlEuGQil5IZKRTuWEeadIjHV5Uaf_IsjQlr5-D5QszmZ5Rwlc6Gkaawh9k_3GVqqWa5D6X0c1nA8Okrcuur5URSk4VGbOVjzmrz98qEZ9bLc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCl11jSPMyYb_CEaWk3gOGgqmoAsme0rFc1Z2R93DAjbcBEAEgAGD7gYCAiAqCARdjYS1wdWItNzAzMTgzMTU1NzgzMDMzNaAB1bbS6gPIAQmpArfO9ogf7rM-4AIAqAMBqgTZAU_QrPE6-qNSYhdzUBvn7U-Y7KrJv-tSzayEY7JzY8pJzB7qnicpzENYOwHWpbqL4KE6LjQ5XWACNaZexNDSdxsfCAIWKCJRPDKPgAN1gGK1nS-3-MYWnO4Ik07hXD2Uh0Q63hDBl8W0J8Ma4nhTHIXPOfCpmCrvPeRKz3o4kOqroDXo-4ixxcUMwrWwcR4vRCiPubpsMqaupeHMlL3hL7OQzluPbgggvUI3sdEfFSJr2yQv-JfiGyXt5K3Pf7uBgn_A7Mp3a4jh7WpYySAjwBLDE1WH6q7Ha9DgBAGABvTj5frsu8nbugGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_04NrZNcOtLvM4rpJI8G4whvQ-NWQ%26client%3Dca-pub-7031831557830335%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS pix.par.vip.prod.criteo.com Software Finatra / Resource Hash 4722974e56ae8bfc4d087ea03ac6bdb91c74bb947bc64c73f6492b5fac2a6d68 Request headers Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sat, 04 Sep 2021 04:17:12 GMT last-modified Wed, 4 Jun 2008 06:06:06 GMT server Finatra vary Origin content-type image/webp cache-control public, max-age=31104000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 4896 expires Sun, 04 Sep 2022 04:17:13 GMT
GET H2	200	img pix.eu.criteo.net/img/ Frame F1FE	15 KB 15 KB	80ms 40ms	Image image/webp	178.250.0.139 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://pix.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=895&q=80&r=0&u=https%3A%2F%2Fmedia.vertbaudet.fr%2FPictures%2Fvertbaudet%2F115649%2Fparure-housse-de-couette-taie-doreiller-rock-star-oeko-tex.jpg%3Fwidth%3D285&v=3&w=400&s=aM7nrsUXkaebfGbUEG8M_gws&b=400 Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YTLzSAAEYT8Kd5IlAApBBlYXK_yYxlJ8Lj0ZNw&u=%7CQDwUlkxN9asFPpux2IDyTfCdFq8D59wNqeVPPNP9dKc%3D%7C&c1=wLMhjbQtwRcHpX-UI5w-LBeKB38JpSkd1gvLfLnanndVO3sAKKRlsprVJf9vv-kZaZ27L3yB6rLqa5qAqjqpdnkqF9uz6RLp1XHD3BDlvlxZGjkA7ZzzUOM8ZhbitZAPm-bUdx7a1FQX-jWlOEeBRMvHWeFr-Hdq71s6OsjHGriotAsRkZDia6zO7XIOElCt2nuwt_lcoWQhM9DIlVtlUUffZOARuULxwswtY3G3ux06GpRLGb3q8ts3WJI2-m3nn42ns6F4bMj8RxGx6ZxtyKZxFpV1OCFfJEal1GFhcIZd9NWWd5l2FmiMK6A0KyvWG56jThbuEBZDWwfD4DDsjs_ZXxqAhpDmeDDGePBG3_e0WtcuZGJRqCsoKFMFJnVyqLI5v6aWdNo8-KJXf8XypJkVvGQsxhDGlEuGQil5IZKRTuWEeadIjHV5Uaf_IsjQlr5-D5QszmZ5Rwlc6Gkaawh9k_3GVqqWa5D6X0c1nA8Okrcuur5URSk4VGbOVjzmrz98qEZ9bLc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCl11jSPMyYb_CEaWk3gOGgqmoAsme0rFc1Z2R93DAjbcBEAEgAGD7gYCAiAqCARdjYS1wdWItNzAzMTgzMTU1NzgzMDMzNaAB1bbS6gPIAQmpArfO9ogf7rM-4AIAqAMBqgTZAU_QrPE6-qNSYhdzUBvn7U-Y7KrJv-tSzayEY7JzY8pJzB7qnicpzENYOwHWpbqL4KE6LjQ5XWACNaZexNDSdxsfCAIWKCJRPDKPgAN1gGK1nS-3-MYWnO4Ik07hXD2Uh0Q63hDBl8W0J8Ma4nhTHIXPOfCpmCrvPeRKz3o4kOqroDXo-4ixxcUMwrWwcR4vRCiPubpsMqaupeHMlL3hL7OQzluPbgggvUI3sdEfFSJr2yQv-JfiGyXt5K3Pf7uBgn_A7Mp3a4jh7WpYySAjwBLDE1WH6q7Ha9DgBAGABvTj5frsu8nbugGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_04NrZNcOtLvM4rpJI8G4whvQ-NWQ%26client%3Dca-pub-7031831557830335%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS pix.par.vip.prod.criteo.com Software Finatra / Resource Hash 24c77bdc06a11015226372e8e4145bf360000f7fa13af554b6d90dfdfc46b7cf Request headers Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sat, 04 Sep 2021 04:17:12 GMT last-modified Wed, 4 Jun 2008 06:06:06 GMT server Finatra vary Origin content-type image/webp cache-control public, max-age=31104000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 15208 expires Sun, 04 Sep 2022 04:17:13 GMT
GET H2	200	img pix.eu.criteo.net/img/ Frame F1FE	5 KB 5 KB	98ms 58ms	Image image/webp	178.250.0.139 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://pix.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=895&q=80&r=0&u=https%3A%2F%2Fmedia.vertbaudet.fr%2FPictures%2Fvertbaudet%2F189178%2Frobe-a-capuche-en-molleton-fille-details-fantaisie.jpg%3Fwidth%3D285&v=3&w=400&s=yx2kfB-hPsLjqdXYIyHu5TJk&b=400 Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YTLzSAAEYT8Kd5IlAApBBlYXK_yYxlJ8Lj0ZNw&u=%7CQDwUlkxN9asFPpux2IDyTfCdFq8D59wNqeVPPNP9dKc%3D%7C&c1=wLMhjbQtwRcHpX-UI5w-LBeKB38JpSkd1gvLfLnanndVO3sAKKRlsprVJf9vv-kZaZ27L3yB6rLqa5qAqjqpdnkqF9uz6RLp1XHD3BDlvlxZGjkA7ZzzUOM8ZhbitZAPm-bUdx7a1FQX-jWlOEeBRMvHWeFr-Hdq71s6OsjHGriotAsRkZDia6zO7XIOElCt2nuwt_lcoWQhM9DIlVtlUUffZOARuULxwswtY3G3ux06GpRLGb3q8ts3WJI2-m3nn42ns6F4bMj8RxGx6ZxtyKZxFpV1OCFfJEal1GFhcIZd9NWWd5l2FmiMK6A0KyvWG56jThbuEBZDWwfD4DDsjs_ZXxqAhpDmeDDGePBG3_e0WtcuZGJRqCsoKFMFJnVyqLI5v6aWdNo8-KJXf8XypJkVvGQsxhDGlEuGQil5IZKRTuWEeadIjHV5Uaf_IsjQlr5-D5QszmZ5Rwlc6Gkaawh9k_3GVqqWa5D6X0c1nA8Okrcuur5URSk4VGbOVjzmrz98qEZ9bLc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCl11jSPMyYb_CEaWk3gOGgqmoAsme0rFc1Z2R93DAjbcBEAEgAGD7gYCAiAqCARdjYS1wdWItNzAzMTgzMTU1NzgzMDMzNaAB1bbS6gPIAQmpArfO9ogf7rM-4AIAqAMBqgTZAU_QrPE6-qNSYhdzUBvn7U-Y7KrJv-tSzayEY7JzY8pJzB7qnicpzENYOwHWpbqL4KE6LjQ5XWACNaZexNDSdxsfCAIWKCJRPDKPgAN1gGK1nS-3-MYWnO4Ik07hXD2Uh0Q63hDBl8W0J8Ma4nhTHIXPOfCpmCrvPeRKz3o4kOqroDXo-4ixxcUMwrWwcR4vRCiPubpsMqaupeHMlL3hL7OQzluPbgggvUI3sdEfFSJr2yQv-JfiGyXt5K3Pf7uBgn_A7Mp3a4jh7WpYySAjwBLDE1WH6q7Ha9DgBAGABvTj5frsu8nbugGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_04NrZNcOtLvM4rpJI8G4whvQ-NWQ%26client%3Dca-pub-7031831557830335%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS pix.par.vip.prod.criteo.com Software Finatra / Resource Hash e62167b72d1b22e14b029d97eba047894915f58cdc06fc5ce4f6181b9c4227a7 Request headers Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sat, 04 Sep 2021 04:17:12 GMT last-modified Wed, 4 Jun 2008 06:06:06 GMT server Finatra vary Origin content-type image/webp cache-control public, max-age=31104000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 4698 expires Sun, 04 Sep 2022 04:17:13 GMT
GET H2	200	img pix.eu.criteo.net/img/ Frame F1FE	5 KB 5 KB	45ms 44ms	Image image/webp	178.250.0.139 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://pix.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=895&q=80&r=0&u=https%3A%2F%2Fmedia.vertbaudet.fr%2FPictures%2Fvertbaudet%2F84490%2Fbaskets-scratchees-bebe-garcon-esprit-running.jpg%3Fwidth%3D285&v=3&w=400&s=ARmU93kV2E385KGJGGcyUMZE&b=400 Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YTLzSAAEYT8Kd5IlAApBBlYXK_yYxlJ8Lj0ZNw&u=%7CQDwUlkxN9asFPpux2IDyTfCdFq8D59wNqeVPPNP9dKc%3D%7C&c1=wLMhjbQtwRcHpX-UI5w-LBeKB38JpSkd1gvLfLnanndVO3sAKKRlsprVJf9vv-kZaZ27L3yB6rLqa5qAqjqpdnkqF9uz6RLp1XHD3BDlvlxZGjkA7ZzzUOM8ZhbitZAPm-bUdx7a1FQX-jWlOEeBRMvHWeFr-Hdq71s6OsjHGriotAsRkZDia6zO7XIOElCt2nuwt_lcoWQhM9DIlVtlUUffZOARuULxwswtY3G3ux06GpRLGb3q8ts3WJI2-m3nn42ns6F4bMj8RxGx6ZxtyKZxFpV1OCFfJEal1GFhcIZd9NWWd5l2FmiMK6A0KyvWG56jThbuEBZDWwfD4DDsjs_ZXxqAhpDmeDDGePBG3_e0WtcuZGJRqCsoKFMFJnVyqLI5v6aWdNo8-KJXf8XypJkVvGQsxhDGlEuGQil5IZKRTuWEeadIjHV5Uaf_IsjQlr5-D5QszmZ5Rwlc6Gkaawh9k_3GVqqWa5D6X0c1nA8Okrcuur5URSk4VGbOVjzmrz98qEZ9bLc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCl11jSPMyYb_CEaWk3gOGgqmoAsme0rFc1Z2R93DAjbcBEAEgAGD7gYCAiAqCARdjYS1wdWItNzAzMTgzMTU1NzgzMDMzNaAB1bbS6gPIAQmpArfO9ogf7rM-4AIAqAMBqgTZAU_QrPE6-qNSYhdzUBvn7U-Y7KrJv-tSzayEY7JzY8pJzB7qnicpzENYOwHWpbqL4KE6LjQ5XWACNaZexNDSdxsfCAIWKCJRPDKPgAN1gGK1nS-3-MYWnO4Ik07hXD2Uh0Q63hDBl8W0J8Ma4nhTHIXPOfCpmCrvPeRKz3o4kOqroDXo-4ixxcUMwrWwcR4vRCiPubpsMqaupeHMlL3hL7OQzluPbgggvUI3sdEfFSJr2yQv-JfiGyXt5K3Pf7uBgn_A7Mp3a4jh7WpYySAjwBLDE1WH6q7Ha9DgBAGABvTj5frsu8nbugGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_04NrZNcOtLvM4rpJI8G4whvQ-NWQ%26client%3Dca-pub-7031831557830335%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS pix.par.vip.prod.criteo.com Software Finatra / Resource Hash 420b2d691df6ad9bdbf214835aff1c5fe642f0e1131ccbc0a6984e933a46c167 Request headers Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sat, 04 Sep 2021 04:17:12 GMT last-modified Wed, 4 Jun 2008 06:06:06 GMT server Finatra vary Origin content-type image/webp cache-control public, max-age=31104000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 5312 expires Sun, 04 Sep 2022 04:17:13 GMT
GET H2	200	img pix.eu.criteo.net/img/ Frame F1FE	4 KB 4 KB	47ms 46ms	Image image/webp	178.250.0.139 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://pix.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=895&q=80&r=0&u=https%3A%2F%2Fmedia.vertbaudet.fr%2FPictures%2Fvertbaudet%2F169858%2Fchaussons-elastiques-garcon-en-cuir-imprime.jpg%3Fwidth%3D285&v=3&w=400&s=xG1uWyo5l6UMLQQF5KEG4n89&b=400 Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YTLzSAAEYT8Kd5IlAApBBlYXK_yYxlJ8Lj0ZNw&u=%7CQDwUlkxN9asFPpux2IDyTfCdFq8D59wNqeVPPNP9dKc%3D%7C&c1=wLMhjbQtwRcHpX-UI5w-LBeKB38JpSkd1gvLfLnanndVO3sAKKRlsprVJf9vv-kZaZ27L3yB6rLqa5qAqjqpdnkqF9uz6RLp1XHD3BDlvlxZGjkA7ZzzUOM8ZhbitZAPm-bUdx7a1FQX-jWlOEeBRMvHWeFr-Hdq71s6OsjHGriotAsRkZDia6zO7XIOElCt2nuwt_lcoWQhM9DIlVtlUUffZOARuULxwswtY3G3ux06GpRLGb3q8ts3WJI2-m3nn42ns6F4bMj8RxGx6ZxtyKZxFpV1OCFfJEal1GFhcIZd9NWWd5l2FmiMK6A0KyvWG56jThbuEBZDWwfD4DDsjs_ZXxqAhpDmeDDGePBG3_e0WtcuZGJRqCsoKFMFJnVyqLI5v6aWdNo8-KJXf8XypJkVvGQsxhDGlEuGQil5IZKRTuWEeadIjHV5Uaf_IsjQlr5-D5QszmZ5Rwlc6Gkaawh9k_3GVqqWa5D6X0c1nA8Okrcuur5URSk4VGbOVjzmrz98qEZ9bLc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCl11jSPMyYb_CEaWk3gOGgqmoAsme0rFc1Z2R93DAjbcBEAEgAGD7gYCAiAqCARdjYS1wdWItNzAzMTgzMTU1NzgzMDMzNaAB1bbS6gPIAQmpArfO9ogf7rM-4AIAqAMBqgTZAU_QrPE6-qNSYhdzUBvn7U-Y7KrJv-tSzayEY7JzY8pJzB7qnicpzENYOwHWpbqL4KE6LjQ5XWACNaZexNDSdxsfCAIWKCJRPDKPgAN1gGK1nS-3-MYWnO4Ik07hXD2Uh0Q63hDBl8W0J8Ma4nhTHIXPOfCpmCrvPeRKz3o4kOqroDXo-4ixxcUMwrWwcR4vRCiPubpsMqaupeHMlL3hL7OQzluPbgggvUI3sdEfFSJr2yQv-JfiGyXt5K3Pf7uBgn_A7Mp3a4jh7WpYySAjwBLDE1WH6q7Ha9DgBAGABvTj5frsu8nbugGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_04NrZNcOtLvM4rpJI8G4whvQ-NWQ%26client%3Dca-pub-7031831557830335%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS pix.par.vip.prod.criteo.com Software Finatra / Resource Hash e50e912f86e0ebe6dedb2ad1d341c44d26114ab43ddd15e3451d8fb0169718f4 Request headers Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sat, 04 Sep 2021 04:17:13 GMT last-modified Wed, 4 Jun 2008 06:06:06 GMT server Finatra vary Origin content-type image/webp cache-control public, max-age=31104000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 3708 expires Sun, 04 Sep 2022 04:17:13 GMT
POST H2	200	all csm.eu.criteo.net/ Frame F1FE	0 99 B	64ms 19ms	Ping text/plain	178.250.0.162 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://csm.eu.criteo.net/all?cppv=3&cpp=HzPgez7mXyoCQeOJPkX-yWLwp2VY426V-9RsxAwAwKOqdnZ8o_u_oW5bmBxCB7sMcugIUm7y82vZ7eygBa7TveAYClvEnV03cozouCJmdy2sAo4wU0YLfDKYKXvUDKL6UEzXmuVOQyy7_ZFlQzm8qY7P87LdVDsxaIT0S1zncFxsxm8Hd9G2d9qHZawcCxDOyTXiKTpSAajn07q7ulBP4Usp6sm38v4oe1eyLERZdaYelUX3ei93gUqZKoA&sds=2&rev=78706&sendBeacon=true Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YTLzSAAEYT8Kd5IlAApBBlYXK_yYxlJ8Lj0ZNw&u=%7CQDwUlkxN9asFPpux2IDyTfCdFq8D59wNqeVPPNP9dKc%3D%7C&c1=wLMhjbQtwRcHpX-UI5w-LBeKB38JpSkd1gvLfLnanndVO3sAKKRlsprVJf9vv-kZaZ27L3yB6rLqa5qAqjqpdnkqF9uz6RLp1XHD3BDlvlxZGjkA7ZzzUOM8ZhbitZAPm-bUdx7a1FQX-jWlOEeBRMvHWeFr-Hdq71s6OsjHGriotAsRkZDia6zO7XIOElCt2nuwt_lcoWQhM9DIlVtlUUffZOARuULxwswtY3G3ux06GpRLGb3q8ts3WJI2-m3nn42ns6F4bMj8RxGx6ZxtyKZxFpV1OCFfJEal1GFhcIZd9NWWd5l2FmiMK6A0KyvWG56jThbuEBZDWwfD4DDsjs_ZXxqAhpDmeDDGePBG3_e0WtcuZGJRqCsoKFMFJnVyqLI5v6aWdNo8-KJXf8XypJkVvGQsxhDGlEuGQil5IZKRTuWEeadIjHV5Uaf_IsjQlr5-D5QszmZ5Rwlc6Gkaawh9k_3GVqqWa5D6X0c1nA8Okrcuur5URSk4VGbOVjzmrz98qEZ9bLc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCl11jSPMyYb_CEaWk3gOGgqmoAsme0rFc1Z2R93DAjbcBEAEgAGD7gYCAiAqCARdjYS1wdWItNzAzMTgzMTU1NzgzMDMzNaAB1bbS6gPIAQmpArfO9ogf7rM-4AIAqAMBqgTZAU_QrPE6-qNSYhdzUBvn7U-Y7KrJv-tSzayEY7JzY8pJzB7qnicpzENYOwHWpbqL4KE6LjQ5XWACNaZexNDSdxsfCAIWKCJRPDKPgAN1gGK1nS-3-MYWnO4Ik07hXD2Uh0Q63hDBl8W0J8Ma4nhTHIXPOfCpmCrvPeRKz3o4kOqroDXo-4ixxcUMwrWwcR4vRCiPubpsMqaupeHMlL3hL7OQzluPbgggvUI3sdEfFSJr2yQv-JfiGyXt5K3Pf7uBgn_A7Mp3a4jh7WpYySAjwBLDE1WH6q7Ha9DgBAGABvTj5frsu8nbugGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_04NrZNcOtLvM4rpJI8G4whvQ-NWQ%26client%3Dca-pub-7031831557830335%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Finatra / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin * date Sat, 04 Sep 2021 04:17:12 GMT cross-origin-resource-policy cross-origin server Finatra content-length 0
GET H2	200	criteo_logo_2021.svg static.criteo.net/flash/icon/ Frame F1FE	2 KB 1 KB	24ms 23ms	Image image/svg+xml	2a02:2638::3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/criteo_logo_2021.svg Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YTLzSAAEYT8Kd5IlAApBBlYXK_yYxlJ8Lj0ZNw&u=%7CQDwUlkxN9asFPpux2IDyTfCdFq8D59wNqeVPPNP9dKc%3D%7C&c1=wLMhjbQtwRcHpX-UI5w-LBeKB38JpSkd1gvLfLnanndVO3sAKKRlsprVJf9vv-kZaZ27L3yB6rLqa5qAqjqpdnkqF9uz6RLp1XHD3BDlvlxZGjkA7ZzzUOM8ZhbitZAPm-bUdx7a1FQX-jWlOEeBRMvHWeFr-Hdq71s6OsjHGriotAsRkZDia6zO7XIOElCt2nuwt_lcoWQhM9DIlVtlUUffZOARuULxwswtY3G3ux06GpRLGb3q8ts3WJI2-m3nn42ns6F4bMj8RxGx6ZxtyKZxFpV1OCFfJEal1GFhcIZd9NWWd5l2FmiMK6A0KyvWG56jThbuEBZDWwfD4DDsjs_ZXxqAhpDmeDDGePBG3_e0WtcuZGJRqCsoKFMFJnVyqLI5v6aWdNo8-KJXf8XypJkVvGQsxhDGlEuGQil5IZKRTuWEeadIjHV5Uaf_IsjQlr5-D5QszmZ5Rwlc6Gkaawh9k_3GVqqWa5D6X0c1nA8Okrcuur5URSk4VGbOVjzmrz98qEZ9bLc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCl11jSPMyYb_CEaWk3gOGgqmoAsme0rFc1Z2R93DAjbcBEAEgAGD7gYCAiAqCARdjYS1wdWItNzAzMTgzMTU1NzgzMDMzNaAB1bbS6gPIAQmpArfO9ogf7rM-4AIAqAMBqgTZAU_QrPE6-qNSYhdzUBvn7U-Y7KrJv-tSzayEY7JzY8pJzB7qnicpzENYOwHWpbqL4KE6LjQ5XWACNaZexNDSdxsfCAIWKCJRPDKPgAN1gGK1nS-3-MYWnO4Ik07hXD2Uh0Q63hDBl8W0J8Ma4nhTHIXPOfCpmCrvPeRKz3o4kOqroDXo-4ixxcUMwrWwcR4vRCiPubpsMqaupeHMlL3hL7OQzluPbgggvUI3sdEfFSJr2yQv-JfiGyXt5K3Pf7uBgn_A7Mp3a4jh7WpYySAjwBLDE1WH6q7Ha9DgBAGABvTj5frsu8nbugGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_04NrZNcOtLvM4rpJI8G4whvQ-NWQ%26client%3Dca-pub-7031831557830335%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553 Request headers Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sat, 04 Sep 2021 04:17:13 GMT content-encoding gzip last-modified Thu, 27 May 2021 13:21:59 GMT server nginx cross-origin-embedder-policy require-corp etag W/"60af9cf7-891" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Tue, 30 Aug 2022 04:17:13 GMT
GET H2	200	privacy.svg static.criteo.net/flash/icon/ Frame F1FE	2 KB 1 KB	24ms 24ms	Image image/svg+xml	2a02:2638::3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/privacy.svg Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YTLzSAAEYT8Kd5IlAApBBlYXK_yYxlJ8Lj0ZNw&u=%7CQDwUlkxN9asFPpux2IDyTfCdFq8D59wNqeVPPNP9dKc%3D%7C&c1=wLMhjbQtwRcHpX-UI5w-LBeKB38JpSkd1gvLfLnanndVO3sAKKRlsprVJf9vv-kZaZ27L3yB6rLqa5qAqjqpdnkqF9uz6RLp1XHD3BDlvlxZGjkA7ZzzUOM8ZhbitZAPm-bUdx7a1FQX-jWlOEeBRMvHWeFr-Hdq71s6OsjHGriotAsRkZDia6zO7XIOElCt2nuwt_lcoWQhM9DIlVtlUUffZOARuULxwswtY3G3ux06GpRLGb3q8ts3WJI2-m3nn42ns6F4bMj8RxGx6ZxtyKZxFpV1OCFfJEal1GFhcIZd9NWWd5l2FmiMK6A0KyvWG56jThbuEBZDWwfD4DDsjs_ZXxqAhpDmeDDGePBG3_e0WtcuZGJRqCsoKFMFJnVyqLI5v6aWdNo8-KJXf8XypJkVvGQsxhDGlEuGQil5IZKRTuWEeadIjHV5Uaf_IsjQlr5-D5QszmZ5Rwlc6Gkaawh9k_3GVqqWa5D6X0c1nA8Okrcuur5URSk4VGbOVjzmrz98qEZ9bLc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCl11jSPMyYb_CEaWk3gOGgqmoAsme0rFc1Z2R93DAjbcBEAEgAGD7gYCAiAqCARdjYS1wdWItNzAzMTgzMTU1NzgzMDMzNaAB1bbS6gPIAQmpArfO9ogf7rM-4AIAqAMBqgTZAU_QrPE6-qNSYhdzUBvn7U-Y7KrJv-tSzayEY7JzY8pJzB7qnicpzENYOwHWpbqL4KE6LjQ5XWACNaZexNDSdxsfCAIWKCJRPDKPgAN1gGK1nS-3-MYWnO4Ik07hXD2Uh0Q63hDBl8W0J8Ma4nhTHIXPOfCpmCrvPeRKz3o4kOqroDXo-4ixxcUMwrWwcR4vRCiPubpsMqaupeHMlL3hL7OQzluPbgggvUI3sdEfFSJr2yQv-JfiGyXt5K3Pf7uBgn_A7Mp3a4jh7WpYySAjwBLDE1WH6q7Ha9DgBAGABvTj5frsu8nbugGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_04NrZNcOtLvM4rpJI8G4whvQ-NWQ%26client%3Dca-pub-7031831557830335%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash 095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6 Request headers Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sat, 04 Sep 2021 04:17:13 GMT content-encoding gzip last-modified Wed, 19 Feb 2020 10:57:21 GMT server nginx cross-origin-embedder-policy require-corp etag W/"5e4d1491-646" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Tue, 30 Aug 2022 04:17:13 GMT
GET H/1.1	200 OK	request.php Show response hal900026.redintelligence.net/ Frame FE99 Redirect Chain https://hal900026.redintelligence.net/request.php?zone=fhkhqaajy36n&nw=20&renderingType=javascript&namespace=294311e9a6&subid=&uid=bfe374d6726521d4&screenSize=1600x1200&screenSizeAvail=1600x1200&cl... https://hal900026.redintelligence.net/request.php?zone=fhkhqaajy36n&nw=20&renderingType=javascript&namespace=294311e9a6&subid=&uid=bfe374d6726521d4&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...	613 B 934 B	178ms 98ms	Script application/x-javascript	138.201.84.244 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal900026.redintelligence.net/request.php?zone=fhkhqaajy36n&nw=20&renderingType=javascript&namespace=294311e9a6&subid=&uid=bfe374d6726521d4&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D2735294968634420233%26mt_id%3D6686402%26mt_adid%3D216536%26mt_sid%3D4637209%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Db4676132-f348-4c01-b0ae-fde767697d55%26mt_cid%3Db4676132-f348-4c01-b0ae-fde767697d55%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCrB0mSPMyYcDCEaWk3gOGgqmoAs-HjptcwIbZgsYCwI23ARABIABg-4GAgIgKggEXY2EtcHViLTcwMzE4MzE1NTc4MzAzMzXIAQngAgCoAwGqBNMBT9Ah3Dl-7L89hqy3lV55gpOmP7kGfLQ-seBq4ZWjKtOVjeuUDAG4ywnPVlFOBlvl-_oY8KFQICdii8yrn9vmacm0ZBxuPpSUQh-zC5900phFZk2bf2PRbw1oqQWx_uim7sXU_Ww2FdDLfvy5fkjEBb7vhrvjXp_wHkw8Bff5sHMZuuOu-Id5qzi0OszufFepHC3O4Bf3diT0RnZpg_8KqnBZzcwYttoLUzvZfkdFPwqOJdp2EeTRK3VEmSCa7TMnj4CcJlTX7JY3_4qvxbelmiiE9OAEAYAG2ZW0xqaNwvvgAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1HkyZUFKBzFERqzL7pNxKKDSwGSw%2526client%253Dca-pub-7031831557830335%2526adurl%253D%26redirect%3D&documentReferer=http%3A%2F%2Fwww.zdrave.bg%2F&ancestorOrigins=http%3A%2F%2Fwww.zdrave.bg&random=2256187986754&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1 Requested by Host: bb8f1f5ebfaeeba276feb7f8c1cb2658.safeframe.googlesyndication.com URL: https://bb8f1f5ebfaeeba276feb7f8c1cb2658.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 138.201.84.244 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.244.84.201.138.clients.your-server.de Software Apache / Resource Hash 0b775433d7a0aa4cdb27ecdb4be9a8fd199952394e115ddd61d607d0b2dbdce5 Request headers Referer https://bb8f1f5ebfaeeba276feb7f8c1cb2658.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Pragma no-cache Date Sat, 04 Sep 2021 04:17:13 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Cache-Control no-store, no-cache, must-revalidate, max-age=0 X-NEORY-SubId 76102800013783900973108011707026 Connection close Content-Type application/x-javascript; charset=utf-8 Content-Length 328 Expires Sat, 04 Sep 2021 05:17:13 +0200 Redirect headers Pragma no-cache Date Sat, 04 Sep 2021 04:17:13 GMT Server Apache P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Location request.php?zone=fhkhqaajy36n&nw=20&renderingType=javascript&namespace=294311e9a6&subid=&uid=bfe374d6726521d4&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D2735294968634420233%26mt_id%3D6686402%26mt_adid%3D216536%26mt_sid%3D4637209%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Db4676132-f348-4c01-b0ae-fde767697d55%26mt_cid%3Db4676132-f348-4c01-b0ae-fde767697d55%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCrB0mSPMyYcDCEaWk3gOGgqmoAs-HjptcwIbZgsYCwI23ARABIABg-4GAgIgKggEXY2EtcHViLTcwMzE4MzE1NTc4MzAzMzXIAQngAgCoAwGqBNMBT9Ah3Dl-7L89hqy3lV55gpOmP7kGfLQ-seBq4ZWjKtOVjeuUDAG4ywnPVlFOBlvl-_oY8KFQICdii8yrn9vmacm0ZBxuPpSUQh-zC5900phFZk2bf2PRbw1oqQWx_uim7sXU_Ww2FdDLfvy5fkjEBb7vhrvjXp_wHkw8Bff5sHMZuuOu-Id5qzi0OszufFepHC3O4Bf3diT0RnZpg_8KqnBZzcwYttoLUzvZfkdFPwqOJdp2EeTRK3VEmSCa7TMnj4CcJlTX7JY3_4qvxbelmiiE9OAEAYAG2ZW0xqaNwvvgAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1HkyZUFKBzFERqzL7pNxKKDSwGSw%2526client%253Dca-pub-7031831557830335%2526adurl%253D%26redirect%3D&documentReferer=http%3A%2F%2Fwww.zdrave.bg%2F&ancestorOrigins=http%3A%2F%2Fwww.zdrave.bg&random=2256187986754&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1 Cache-Control no-store, no-cache, must-revalidate, max-age=0 Connection close Content-Type text/html; charset=UTF-8 Content-Length 0 Expires Sat, 04 Sep 2021 05:17:13 +0200
GET H2	200	css fonts.googleapis.com/ Frame F1FE	2 KB 543 B	16ms 15ms	Stylesheet text/css	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Muli:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek Requested by Host: cdnjs.cloudflare.com URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash dde6576bba0bad522d319d2b71f2df16ea422150ea04756f5df07c231d6024ae Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Sat, 04 Sep 2021 04:10:32 GMT server ESF date Sat, 04 Sep 2021 04:17:13 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 04 Sep 2021 04:17:13 GMT
GET H2	200	rexdot.js Show response gabg.hit.gemius.pl/__/_sslredir/_1630729033185/ Redirect Chain http://gabg.hit.gemius.pl/_1630729033185/rexdot.js?l=100&id=ous70LtcMDg4hZBoeTML28UFPzHZvwdNi.i4cwExhdr.Y7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=http%3A%2F%2Fwww.zdrave... https://gabg.hit.gemius.pl/_sslredir/_1630729033185/rexdot.js?l=100&id=ous70LtcMDg4hZBoeTML28UFPzHZvwdNi.i4cwExhdr.Y7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=http%3A%2F%2... https://gabg.hit.gemius.pl/__/_sslredir/_1630729033185/rexdot.js?l=100&id=ous70LtcMDg4hZBoeTML28UFPzHZvwdNi.i4cwExhdr.Y7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=http%3A%2...	169 B 430 B	65ms 65ms	Script application/x-javascript	78.128.6.42 TELEPOINT
General Check archive.org Show headers Download Go to Full URL https://gabg.hit.gemius.pl/__/_sslredir/_1630729033185/rexdot.js?l=100&id=ous70LtcMDg4hZBoeTML28UFPzHZvwdNi.i4cwExhdr.Y7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=http%3A%2F%2Fwww.zdrave.bg%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=AoRlFOPjWhX5SBPsFqCoc43AN.BTSu_XiWujrvekNiT.i7&vis=1&fpcap= Requested by Host: www.zdrave.bg URL: http://www.zdrave.bg/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 78.128.6.42 , Bulgaria, ASN31083 (TELEPOINT, BG), Reverse DNS ip-6-42.telehouse.bg Software GHC / Resource Hash 2d1b779a47d9ed5403ede5899bbf63ed28333ce038f9363e695b003fd20b08ff Request headers Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers pragma no-cache date Sat, 04 Sep 2021 04:17:13 GMT server GHC p3p CP="NOI DSP COR NID PSAo OUR IND" cache-control no-store, no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin accept-ranges none content-type application/x-javascript content-length 169 expires Fri, 03 Sep 2021 04:17:13 GMT Redirect headers pragma no-cache date Sat, 04 Sep 2021 04:17:13 GMT server GHC p3p CP="NOI DSP COR NID PSAo OUR IND" location /__/_sslredir/_1630729033185/rexdot.js?l=100&id=ous70LtcMDg4hZBoeTML28UFPzHZvwdNi.i4cwExhdr.Y7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=http%3A%2F%2Fwww.zdrave.bg%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=AoRlFOPjWhX5SBPsFqCoc43AN.BTSu_XiWujrvekNiT.i7&vis=1&fpcap= cache-control no-store, no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin accept-ranges none content-length 0 expires Fri, 03 Sep 2021 04:17:13 GMT
GET H2	200	7Auwp_0qiz-afTLGLQ.woff2 fonts.gstatic.com/s/muli/v22/ Frame F1FE	30 KB 30 KB	7ms 6ms	Font font/woff2	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/muli/v22/7Auwp_0qiz-afTLGLQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Muli:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8f5315ed9f5e070e85a60e405d9aac92286319c20c2fcb39cc2d6c01090c652d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://ads.eu.criteo.com Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Fri, 03 Sep 2021 00:51:19 GMT x-content-type-options nosniff age 98754 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 31120 x-xss-protection 0 last-modified Wed, 15 Jul 2020 20:50:02 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 03 Sep 2022 00:51:19 GMT
GET H/1.1	200 OK	request_content.php Show response hal900026.redintelligence.net/ Frame 7156	7 KB 3 KB	109ms 36ms	Document text/html	138.201.84.244 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal900026.redintelligence.net/request_content.php?s=76102800013783900973108011707026&a=ce0c4e01 Requested by Host: hal900026.redintelligence.net URL: https://hal900026.redintelligence.net/request.php?zone=fhkhqaajy36n&nw=20&renderingType=javascript&namespace=294311e9a6&subid=&uid=bfe374d6726521d4&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D2735294968634420233%26mt_id%3D6686402%26mt_adid%3D216536%26mt_sid%3D4637209%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Db4676132-f348-4c01-b0ae-fde767697d55%26mt_cid%3Db4676132-f348-4c01-b0ae-fde767697d55%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCrB0mSPMyYcDCEaWk3gOGgqmoAs-HjptcwIbZgsYCwI23ARABIABg-4GAgIgKggEXY2EtcHViLTcwMzE4MzE1NTc4MzAzMzXIAQngAgCoAwGqBNMBT9Ah3Dl-7L89hqy3lV55gpOmP7kGfLQ-seBq4ZWjKtOVjeuUDAG4ywnPVlFOBlvl-_oY8KFQICdii8yrn9vmacm0ZBxuPpSUQh-zC5900phFZk2bf2PRbw1oqQWx_uim7sXU_Ww2FdDLfvy5fkjEBb7vhrvjXp_wHkw8Bff5sHMZuuOu-Id5qzi0OszufFepHC3O4Bf3diT0RnZpg_8KqnBZzcwYttoLUzvZfkdFPwqOJdp2EeTRK3VEmSCa7TMnj4CcJlTX7JY3_4qvxbelmiiE9OAEAYAG2ZW0xqaNwvvgAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1HkyZUFKBzFERqzL7pNxKKDSwGSw%2526client%253Dca-pub-7031831557830335%2526adurl%253D%26redirect%3D&documentReferer=http%3A%2F%2Fwww.zdrave.bg%2F&ancestorOrigins=http%3A%2F%2Fwww.zdrave.bg&random=2256187986754&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 138.201.84.244 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.244.84.201.138.clients.your-server.de Software Apache / Resource Hash bd29b87b0698135047fff8a09c5c81fc6a6e4d9bf17760d6d6404f4a480278cf Request headers Host hal900026.redintelligence.net Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://bb8f1f5ebfaeeba276feb7f8c1cb2658.safeframe.googlesyndication.com/ Accept-Encoding gzip, deflate, br Accept-Language en-US Cookie 8lcfmzhxc8d6_uid=9617908d57697e3d Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Referer https://bb8f1f5ebfaeeba276feb7f8c1cb2658.safeframe.googlesyndication.com/ Response headers Date Sat, 04 Sep 2021 04:17:13 GMT Server Apache Cache-Control no-store, no-cache, must-revalidate, max-age=0 Expires Sat, 04 Sep 2021 05:17:13 +0200 Pragma no-cache P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Vary Accept-Encoding Content-Encoding gzip Content-Length 2277 Connection close Content-Type text/html; charset=utf-8
GET DATA	200 OK	truncated / Frame FE99	211 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 0ba33a85aa749a94543c8015abf88ab39346dfd2c257dae91523c97b959e921a Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Content-Type image/png
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/1.6.2/ Frame 7156	89 KB 32 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:812::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js Requested by Host: hal900026.redintelligence.net URL: https://hal900026.redintelligence.net/request_content.php?s=76102800013783900973108011707026&a=ce0c4e01 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://hal900026.redintelligence.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sat, 28 Aug 2021 13:01:18 GMT content-encoding gzip x-content-type-options nosniff age 573355 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 32245 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Sun, 28 Aug 2022 13:01:18 GMT
GET H/1.1	200 OK	S-300x600.gif cdn.contentspread.net/24i/content/soberfb/EN/ Frame 7156	95 KB 96 KB	144ms 48ms	Image image/gif	85.114.131.233 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.contentspread.net/24i/content/soberfb/EN/S-300x600.gif Requested by Host: hal900026.redintelligence.net URL: https://hal900026.redintelligence.net/request_content.php?s=76102800013783900973108011707026&a=ce0c4e01 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 85.114.131.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS srv21037.dus4.fastwebserver.de Software nginx / Resource Hash 15489bb6f46021bebd0fedd4fef40981361ec05da79884da97f998dfe3c4690a Request headers Referer https://hal900026.redintelligence.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Sat, 04 Sep 2021 04:17:13 GMT Last-Modified Mon, 23 Jul 2018 15:20:13 GMT Server nginx ETag "5b55f22d-17dde" Content-Type image/gif Connection close Accept-Ranges bytes Content-Length 97758
GET H/1.1	200 OK	viewability Show response hal900026.redintelligence.net/ Frame 7156	0 150 B	122ms 40ms	Script text/html	138.201.84.244 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal900026.redintelligence.net/viewability?s=76102800013783900973108011707026&a=5b2cda73&vb=m Requested by Host: hal900026.redintelligence.net URL: https://hal900026.redintelligence.net/request_content.php?s=76102800013783900973108011707026&a=ce0c4e01 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 138.201.84.244 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.244.84.201.138.clients.your-server.de Software Apache / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://hal900026.redintelligence.net/request_content.php?s=76102800013783900973108011707026&a=ce0c4e01 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Sat, 04 Sep 2021 04:17:13 GMT Server Apache Connection close Content-Length 0 Content-Type text/html; charset=UTF-8
GET DATA	200 OK	truncated / Frame 7156	43 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Content-Type image/gif
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/	11 KB 8 KB	19ms 18ms	XHR application/json	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021090101&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090101.js?31062471 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 596e2e96234a1fb7a900a5727c735f8f7e38b7e2846eb8b54b1c0dff9f8cebb3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers timing-allow-origin * date Sat, 04 Sep 2021 04:17:13 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8489 x-xss-protection 0
GET H3-29	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 6 KB	73ms 72ms	Script text/javascript	2a00:1450:4001:82f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090101.js?31062471 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sat, 04 Sep 2021 04:17:13 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1624308425655142" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6467 x-xss-protection 0 expires Sat, 04 Sep 2021 04:17:13 GMT
GET H3-29	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame BBB5	42 B 64 B	22ms 22ms	Fetch image/gif	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssS0XIsWEZ_G6NjoAQb1ZlwSs4aQab2wr5uV2bzAEgOLtRLEe0jSIIINh0IR46EfECbN4tYSSlkl5nBdOK4Ys3lpFYn94XO&sig=Cg0ArKJSzNo3IWXpcSzvEAE&id=lidar2&mcvt=1000&p=811,310,1411,470&asp=811,310,1411,470&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20210901&bin=7&avms=nio&bs=0,0&mc=0.65&if=1&app=0&itpl=20&adk=210898386&rs=4&met=ie&la=0&cr=0&osd=1&vs=4&eosm=0&rst=1630729032574&rpt=250&isd=0&lsd=0&r=v Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://bb8f1f5ebfaeeba276feb7f8c1cb2658.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers pragma no-cache date Sat, 04 Sep 2021 04:17:13 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	activeview pagead2.googlesyndication.com/pcs/ Frame 15C0	42 B 64 B	25ms 24ms	Image image/gif	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvi3Areaa2cfzzr_5slBtYyP9tIj0_dafsIT6kVWIkSy6lX6QWBRsTL5PF6sLs5witbOET7S_LV35xoixKf_GmESIzbJ1wrJD3BcblZaDxWQ2EaYCTHRZBaVdTqLg&sai=AMfl-YTznMqQ43R7ZnFdV1PBpITOEA4Q0K2hsGHzroZe-21djciNuid4arOssHONlHJlDLr40fy4QjYCD6ytwL1_elCTucrYDuEdB12rzqN17cLqZknbWQwmR1fm6KJUwZw&sig=Cg0ArKJSzPOfHrHZewn0EAE&id=ampim&o=562,37&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=146&tls=1146&g=100&h=100&tt=1146&r=v&avms=ampa&adk=192288229 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers pragma no-cache date Sat, 04 Sep 2021 04:17:13 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/224/ Frame B0A7	12 KB 5 KB	6ms 5ms	Document text/html	2a00:1450:4001:82f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/sodar2/224/runner.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer http://www.zdrave.bg/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Referer http://www.zdrave.bg/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin content-length 5029 date Fri, 03 Sep 2021 19:11:08 GMT expires Sat, 03 Sep 2022 19:11:08 GMT last-modified Wed, 02 Jun 2021 17:09:45 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 32765 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	aframe Show response www.google.com/recaptcha/api2/ Frame 3876	783 B 536 B	16ms 15ms	Document text/html	2a00:1450:4001:80f::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 75c014dc55253ea7a943bd004e62282746fd933e29becd47f0d0c77eada77e23 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-YG/ONRt5VdePw1nXhN2emA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority www.google.com :scheme https :path /recaptcha/api2/aframe pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer http://www.zdrave.bg/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Referer http://www.zdrave.bg/ Response headers cross-origin-resource-policy cross-origin cross-origin-embedder-policy-report-only require-corp; report-to="recaptcha" report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} expires Sat, 04 Sep 2021 04:17:13 GMT date Sat, 04 Sep 2021 04:17:13 GMT cache-control private, max-age=300 content-type text/html; charset=utf-8 content-security-policy script-src 'report-sample' 'nonce-YG/ONRt5VdePw1nXhN2emA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 513 server GSE alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	4M_hU0z2aGWsE6Fh5g73T3aOvXi4a4lK__VWYOQ1wYI.js Show response pagead2.googlesyndication.com/bg/ Frame B0A7	35 KB 13 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/4M_hU0z2aGWsE6Fh5g73T3aOvXi4a4lK__VWYOQ1wYI.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e0cfe1534cf66865ac13a161e60ef74f768ebd78b86b894afff55660e435c182 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 31 Aug 2021 15:26:31 GMT content-encoding br x-content-type-options nosniff age 305442 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13264 x-xss-protection 0 last-modified Mon, 30 Aug 2021 12:58:00 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 31 Aug 2022 15:26:31 GMT
GET H2	204	sodar pagead2.googlesyndication.com/pagead/	0 0	21ms 21ms	Image text/html	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gpt_2021090101&jk=1810207103986679&bg=!FBelF1PNAAYJpm41CaY7ACkAdvg8WpNdTxQmTVRya3Vt9EflmibGPOQQv9Hlz1SYI65jsh_4FgTNhQIAAABPUgAAAAhoAQcKAOh5lHW6DK-z81lldlXSDgBwtQSD3JLaKLMzmuXWxRwkUGrDxgVL-5pcp14oQ7VtwOzCbe9WgdwpF3zhug9Ll7uQ1mTWPAJxlgWbntP33orv6231Jg6qIopL7Dw_HPhEn9fuTiZRFuyOlBva-_H8zdstFGnyr5sWit_A83ZpYPvkAlgAbDk1u3Qw8IC9WS66-DKxLAgweVNNVkkM6LBC1gYFOAVtAqCv6XOxkC4l_TPwy3DKd65OTiWVT_XdaCPhfWIzZtvtZPM-otBGnv2DQJUcuCudPkJptf11wL1msF-vPJn1whe2Ig-PmQJw6MlrjGTcVdT9HszY3QeIIydv6DbEz4pFL5XTbsbWPkcVHBq0VWZAfQu79KoCS4w3T1hXZ_rK2akDncg6QSBlYoDFg3YLdyrZYmm_3qn0vTmfuO_ZaTzUQTME7G7aFq5RwbKNVLfPYF_x44JLNz3Q4pIyC3jOBUcRCcyoxbAiEKiX24LUO9zLHI1gCqIEgBpzqhViPyO24QnY_kaILa0XUS6_uHZ2tjfCutLhPyXjRMnJxznQVhjgpwTrxm4Wvew7glvwDZbobUoYXdCBlyNC_T4y8LoDScw-bVXjULKBZkwh9xZ_3_Ordjz7XYxIGZ2mUUXHgmsxy9_rclwN9KSI4wzjH4G4RgTNi9TqgQHqIg-qKNnrR4Fryb91XV45g-zkcGj-h_25IzEu8HicKEyKrqqiR6uijk8fNnQU9Uql8iJn6cTO8qjBPgQVJOr1lKxcVmE9L-0GCni4igZBtAnolaE5SMVz5F3gzEZQY2HjmMnp9e9WPT2b-V5opcyso6tomNU6R9fEqloy2-o6z0iMNspifjQHHsHVpOZDj8GCodRVyQLcUyRgIATztgb96jb7lYeGr-0g8memML8iV4w-vwok3T4YVvofbP7KGiAZAk5PJubY1QoYkRmSYYYqq1IGfaK_rLres71E71BW6ysM3CoI0jCr7QEhiPK8KGSsW8u4UM--FQI0ivBaHh9gPWVMVGLRM0b93nFslRErzjI0B7TyDn0VFJskjGajY2Chbt3yBYEu32aJvGq9DkvYb0LFiC85pVTcErfiGRvfaG_03PgJ81woZaW0SXAAbnLXdYyWSmOrj62546dzS6z8O5lN Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://www.zdrave.bg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers
POST H2	200	all csm.eu.criteo.net/ Frame F1FE	0 99 B	19ms 19ms	Ping text/plain	178.250.0.162 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://csm.eu.criteo.net/all?cppv=3&cpp=HzPgez7mXyoCQeOJPkX-yWLwp2VY426V-9RsxAwAwKOqdnZ8o_u_oW5bmBxCB7sMcugIUm7y82vZ7eygBa7TveAYClvEnV03cozouCJmdy2sAo4wU0YLfDKYKXvUDKL6UEzXmuVOQyy7_ZFlQzm8qY7P87LdVDsxaIT0S1zncFxsxm8Hd9G2d9qHZawcCxDOyTXiKTpSAajn07q7ulBP4Usp6sm38v4oe1eyLERZdaYelUX3ei93gUqZKoA&sds=2&rev=78706&sendBeacon=true Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YTLzSAAEYT8Kd5IlAApBBlYXK_yYxlJ8Lj0ZNw&u=%7CQDwUlkxN9asFPpux2IDyTfCdFq8D59wNqeVPPNP9dKc%3D%7C&c1=wLMhjbQtwRcHpX-UI5w-LBeKB38JpSkd1gvLfLnanndVO3sAKKRlsprVJf9vv-kZaZ27L3yB6rLqa5qAqjqpdnkqF9uz6RLp1XHD3BDlvlxZGjkA7ZzzUOM8ZhbitZAPm-bUdx7a1FQX-jWlOEeBRMvHWeFr-Hdq71s6OsjHGriotAsRkZDia6zO7XIOElCt2nuwt_lcoWQhM9DIlVtlUUffZOARuULxwswtY3G3ux06GpRLGb3q8ts3WJI2-m3nn42ns6F4bMj8RxGx6ZxtyKZxFpV1OCFfJEal1GFhcIZd9NWWd5l2FmiMK6A0KyvWG56jThbuEBZDWwfD4DDsjs_ZXxqAhpDmeDDGePBG3_e0WtcuZGJRqCsoKFMFJnVyqLI5v6aWdNo8-KJXf8XypJkVvGQsxhDGlEuGQil5IZKRTuWEeadIjHV5Uaf_IsjQlr5-D5QszmZ5Rwlc6Gkaawh9k_3GVqqWa5D6X0c1nA8Okrcuur5URSk4VGbOVjzmrz98qEZ9bLc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCl11jSPMyYb_CEaWk3gOGgqmoAsme0rFc1Z2R93DAjbcBEAEgAGD7gYCAiAqCARdjYS1wdWItNzAzMTgzMTU1NzgzMDMzNaAB1bbS6gPIAQmpArfO9ogf7rM-4AIAqAMBqgTZAU_QrPE6-qNSYhdzUBvn7U-Y7KrJv-tSzayEY7JzY8pJzB7qnicpzENYOwHWpbqL4KE6LjQ5XWACNaZexNDSdxsfCAIWKCJRPDKPgAN1gGK1nS-3-MYWnO4Ik07hXD2Uh0Q63hDBl8W0J8Ma4nhTHIXPOfCpmCrvPeRKz3o4kOqroDXo-4ixxcUMwrWwcR4vRCiPubpsMqaupeHMlL3hL7OQzluPbgggvUI3sdEfFSJr2yQv-JfiGyXt5K3Pf7uBgn_A7Mp3a4jh7WpYySAjwBLDE1WH6q7Ha9DgBAGABvTj5frsu8nbugGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_04NrZNcOtLvM4rpJI8G4whvQ-NWQ%26client%3Dca-pub-7031831557830335%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Finatra / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin * date Sat, 04 Sep 2021 04:17:13 GMT cross-origin-resource-policy cross-origin server Finatra content-length 0
GET H3-29	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame FE99	42 B 64 B	15ms 14ms	Fetch image/gif	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssHJzTBmRngkQPWu5k8hiwaRoHH8WjODrz29VJ932TB0UfaooHqMF72aIBv6zB8LILuJ6D9qim-d-f4ZsIyhhK9ge28F5MRzQ&sig=Cg0ArKJSzNsUKtSzBLTkEAE&id=lidar2&mcvt=1000&p=283,990,883,1290&asp=283,990,883,1290&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210901&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3271815912&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&eosm=0&rst=1630729032578&rpt=966&isd=0&lsd=0&r=v Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://bb8f1f5ebfaeeba276feb7f8c1cb2658.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers pragma no-cache date Sat, 04 Sep 2021 04:17:14 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	viewability Show response hal900026.redintelligence.net/ Frame 7156	0 150 B	124ms 43ms	Script text/html	138.201.84.244 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal900026.redintelligence.net/viewability?s=76102800013783900973108011707026&a=5b2cda73&vb=v Requested by Host: hal900026.redintelligence.net URL: https://hal900026.redintelligence.net/request_content.php?s=76102800013783900973108011707026&a=ce0c4e01 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 138.201.84.244 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.244.84.201.138.clients.your-server.de Software Apache / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://hal900026.redintelligence.net/request_content.php?s=76102800013783900973108011707026&a=ce0c4e01 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Sat, 04 Sep 2021 04:17:14 GMT Server Apache Connection close Content-Length 0 Content-Type text/html; charset=UTF-8
POST H2	200	all csm.eu.criteo.net/ Frame F1FE	0 99 B	20ms 20ms	Ping text/plain	178.250.0.162 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://csm.eu.criteo.net/all?cppv=3&cpp=HzPgez7mXyoCQeOJPkX-yWLwp2VY426V-9RsxAwAwKOqdnZ8o_u_oW5bmBxCB7sMcugIUm7y82vZ7eygBa7TveAYClvEnV03cozouCJmdy2sAo4wU0YLfDKYKXvUDKL6UEzXmuVOQyy7_ZFlQzm8qY7P87LdVDsxaIT0S1zncFxsxm8Hd9G2d9qHZawcCxDOyTXiKTpSAajn07q7ulBP4Usp6sm38v4oe1eyLERZdaYelUX3ei93gUqZKoA&sds=2&rev=78706&sendBeacon=true Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YTLzSAAEYT8Kd5IlAApBBlYXK_yYxlJ8Lj0ZNw&u=%7CQDwUlkxN9asFPpux2IDyTfCdFq8D59wNqeVPPNP9dKc%3D%7C&c1=wLMhjbQtwRcHpX-UI5w-LBeKB38JpSkd1gvLfLnanndVO3sAKKRlsprVJf9vv-kZaZ27L3yB6rLqa5qAqjqpdnkqF9uz6RLp1XHD3BDlvlxZGjkA7ZzzUOM8ZhbitZAPm-bUdx7a1FQX-jWlOEeBRMvHWeFr-Hdq71s6OsjHGriotAsRkZDia6zO7XIOElCt2nuwt_lcoWQhM9DIlVtlUUffZOARuULxwswtY3G3ux06GpRLGb3q8ts3WJI2-m3nn42ns6F4bMj8RxGx6ZxtyKZxFpV1OCFfJEal1GFhcIZd9NWWd5l2FmiMK6A0KyvWG56jThbuEBZDWwfD4DDsjs_ZXxqAhpDmeDDGePBG3_e0WtcuZGJRqCsoKFMFJnVyqLI5v6aWdNo8-KJXf8XypJkVvGQsxhDGlEuGQil5IZKRTuWEeadIjHV5Uaf_IsjQlr5-D5QszmZ5Rwlc6Gkaawh9k_3GVqqWa5D6X0c1nA8Okrcuur5URSk4VGbOVjzmrz98qEZ9bLc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCl11jSPMyYb_CEaWk3gOGgqmoAsme0rFc1Z2R93DAjbcBEAEgAGD7gYCAiAqCARdjYS1wdWItNzAzMTgzMTU1NzgzMDMzNaAB1bbS6gPIAQmpArfO9ogf7rM-4AIAqAMBqgTZAU_QrPE6-qNSYhdzUBvn7U-Y7KrJv-tSzayEY7JzY8pJzB7qnicpzENYOwHWpbqL4KE6LjQ5XWACNaZexNDSdxsfCAIWKCJRPDKPgAN1gGK1nS-3-MYWnO4Ik07hXD2Uh0Q63hDBl8W0J8Ma4nhTHIXPOfCpmCrvPeRKz3o4kOqroDXo-4ixxcUMwrWwcR4vRCiPubpsMqaupeHMlL3hL7OQzluPbgggvUI3sdEfFSJr2yQv-JfiGyXt5K3Pf7uBgn_A7Mp3a4jh7WpYySAjwBLDE1WH6q7Ha9DgBAGABvTj5frsu8nbugGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_04NrZNcOtLvM4rpJI8G4whvQ-NWQ%26client%3Dca-pub-7031831557830335%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Finatra / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin * date Sat, 04 Sep 2021 04:17:19 GMT cross-origin-resource-policy cross-origin server Finatra content-length 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

vendorlist.consensu.org

URL

https://vendorlist.consensu.org/purposes-bg.json

Domain

vendorlist.consensu.org

URL

https://vendorlist.consensu.org/vendorlist.json